Exploit GreenSQL Firewall 0.9.x - WHERE Clause Security Bypass

[Exploiter]

EDB-ID

33203

Проверка EDB

1. Пройдено

Автор

JOHANNES DAHSE

Тип уязвимости

REMOTE

Платформа

MULTIPLE

CVE

cve-2008-6992

Дата публикации

2009-09-02

source: https://www.securityfocus.com/bid/36209/info

GreenSQL Firewall is prone to a security-bypass vulnerability.

An attacker can exploit this issue to bypass certain security restrictions. Successfully exploiting this issue may aid in SQL attacks on the underlying application.

The following sample SQL expression is available:

x=y=z