Detections
Analytics
PatchLink Update Server checkprofile.asp checkid Parameter SQL Injection
high Nessus Plugin ID 22115
Language:
Synopsis
The remote web server contains an ASP script that is prone to a SQL injection attack.Description
The remote host is running PatchLink Update Server, a patch and vulnerability management solution.The version of PatchLink Update Server installed on the remote host fails to sanitize user-supplied input to the 'agentid' parameter of the '/dagent/checkprofile.php' script before using it to construct database queries. An unauthenticated attacker can exploit this flaw to manipulate database queries, which might lead to disclosure of sensitive information, modification of data, or attacks against the underlying database.
Note that Novell ZENworks Patch Management is based on PatchLink Update Server and is affected as well.
Solution
Apply patch 6.1 P1 / 6.2 SR1 P1 if using PatchLink Update Server or 6.2 SR1 P1 if using Novell ZENworks Patch Management.See Also
https://www.securityfocus.com/archive/1/438710/30/0/threaded
http://support.novell.com/cgi-bin/search/searchtid.cgi?10100709.htm
Plugin Details
Severity: High
ID: 22115
File Name: plus_agentid_sql_injection.nasl
Version: 1.17
Type: remote
Family: CGI abuses
Published: 7/28/2006
Updated: 1/19/2021
Supported Sensors: Nessus
Risk Information
VPR
Risk Factor: Medium
Score: 5.8
CVSS v2
Risk Factor: High
Base Score: 7.5
Temporal Score: 6.5
Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P
Vulnerability Information
CPE: cpe:/a:lumension:patchlink_update_server
Required KB Items: www/ASP
Exploit Ease: No exploit is required
Vulnerability Publication Date: 6/28/2006
Reference Information
CVE: CVE-2006-3430
BID: 18715