SNS Vulnerability

WEC Discussion Extension for TYPO3 Remote SQL Injection Vulnerability

Description

A vulnerability has been identified in WEC Discussion Forum (wec_discussion) extension for TYPO3, which could be exploited by attackers to manipulate and inject SQL queries. This issue is caused by an input validation error when processing user-supplied data, which could be exploited by malicious people to conduct SQL injection attacks.

Vulnerable Products

Vulnerable Software:
WEC Discussion Forum (wec_discussion) extension for TYPO3 version 2.1.0 and prior

Solution

Upgrade to WEC Discussion Forum version 2.1.1 : http://typo3.org/extensions/repository/view/wec_discussion/2.1.1/

CVE

CVE-2011-1722

References

http://typo3.org/teams/security/security-bulletins/typo3-sa-2011-003/

Vulnerability Manager Detection

IPS Protection

ASQ Engine alarm	Available Since
SQL injection Prevention - POST : suspicious SELECT statement in data	3.2.0
SQL injection Prevention - POST : possible version probing in data	3.2.0
SQL injection Prevention - GET : suspicious CAST statement in URL	3.2.0
SQL injection Prevention - GET : suspicious DECLARE statement in URL	3.2.0
SQL injection Prevention - POST : suspicious OPENQUERY statement in data	3.2.0
SQL injection Prevention - POST : suspicious CREATE statement in data	3.2.0
SQL injection Prevention - POST : suspicious UPDATE statement in data	3.2.0
SQL injection Prevention - POST : suspicious UNION statement in data	3.2.0
SQL injection Prevention - POST : suspicious DROP statement in data	3.2.0
SQL injection Prevention - POST : suspicious INSERT statement in data	3.2.0
SQL injection Prevention - POST : suspicious OR statement in data	3.2.0
SQL injection Prevention - POST : suspicious EXEC statement in data	3.2.0
SQL injection Prevention - POST : suspicious OPENROWSET statement in data	3.2.0
SQL injection Prevention - POST : suspicious DECLARE statement in data	3.2.0
SQL injection Prevention - POST : suspicious HAVING statement in data	3.2.0
SQL injection Prevention - POST : suspicious CAST statement in data	3.2.0

Risk level

Moderate

Vulnerability First Public Report Date

2011-04-07

Target Type

Server

Possible exploit

Local & Remote