CGI Generic SQL Injection (HTTP Headers)

high Nessus Plugin ID 42427

Synopsis

A CGI application hosted on the remote web server is potentially prone to SQL injection attack.

Description

By sending specially crafted HTTP headers to one or more CGI scripts hosted on the remote web server, Nessus was able to cause an error in the underlying database. This error suggests that the CGI script(s) are prone to SQL injection attack.

An attacker may be able to exploit this issue to bypass authentication, read confidential data, modify the remote database, or even take control of the remote operating system.

Solution

Modify the affected CGI scripts so that they properly escape arguments.

See Also

https://en.wikipedia.org/wiki/SQL_injection

http://www.securiteam.com/securityreviews/5DP0N1P76E.html

http://www.nessus.org/u?ed792cf5

http://projects.webappsec.org/w/page/13246963/SQL%20Injection

Plugin Details

Severity: High

ID: 42427

File Name: torture_cgi_sql_injection_headers.nasl

Version: 1.35

Type: remote

Family: CGI abuses

Published: 11/6/2009

Updated: 4/11/2022

Configuration: Enable thorough checks

Supported Sensors: Nessus

Vulnerability Information

Required KB Items: Settings/enable_web_app_tests

Reference Information

CWE: 20, 713, 722, 727, 751, 77, 801, 810, 89, 928, 929