Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-3596

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2005-3596
Last Modified 07 Mar 2011 09:26:49
Published 16 Nov 2005 02:42:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2005-3596

Summary

SQL injection vulnerability in ASPKnowledgebase allows remote attackers to execute arbitrary SQL commands and bypass authentication via the (1) username and (2) password fields in adminlogin.asp.

Vulnerable Systems

Application

  • Iisworks Aspknowledgebase


References

XF - aspknowledgebase-admin-bypass-security(23038)

VUPEN - ADV-2005-2375

BID - 15364

SECUNIA - 17517

BUGTRAQ - 20051108 ASPKnowledgebase vulnerable to SQL-inject

OSVDB - 20712


Last Updated: 27 May 2016 10:40:59