Vulnerability Description
The filter function in php/src/include.php in Simple Management for BIND (aka smbind) before 0.4.8 does not anchor a certain regular expression, which allows remote attackers to conduct SQL injection attacks and execute arbitrary SQL commands via the username parameter to the admin login page.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Blentz | Smbind | <= 0.4.7 |
Related Weaknesses (CWE)
References
- http://packetstormsecurity.org/1009-exploits/smbind-sql.txtExploit
- http://sourceforge.net/projects/smbind/files/smbind/0.4.8/smbind-0.4.8.tar.bz2/d
- http://www.debian.org/security/2010/dsa-2103
- http://www.openwall.com/lists/oss-security/2010/09/05/5
- http://www.openwall.com/lists/oss-security/2010/09/07/10
- http://packetstormsecurity.org/1009-exploits/smbind-sql.txtExploit
- http://sourceforge.net/projects/smbind/files/smbind/0.4.8/smbind-0.4.8.tar.bz2/d
- http://www.debian.org/security/2010/dsa-2103
- http://www.openwall.com/lists/oss-security/2010/09/05/5
- http://www.openwall.com/lists/oss-security/2010/09/07/10
FAQ
What is CVE-2010-3076?
CVE-2010-3076 is a vulnerability with a CVSS score of 7.5 (HIGH). The filter function in php/src/include.php in Simple Management for BIND (aka smbind) before 0.4.8 does not anchor a certain regular expression, which allows remote attackers to conduct SQL injection ...
How severe is CVE-2010-3076?
CVE-2010-3076 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2010-3076?
Check the references section above for vendor advisories and patch information. Affected products include: Blentz Smbind.