2078.txt

snort入侵检测规则文件2.4 Snort是众所周知的网络入侵检测工具

Rule:

--
Sid:
2078

--
Summary:
HTTP.

--
Impact:
Data loss and disclosure of information.

--
Detailed Information:
A vulnerability exists such that a carefully crafted SQL query can be 
used by a malicious user that will delete all private messages for users
on the system.

The scripts do not perform detailed checking of SQL queries in some 
instances. This leaves the system vulnerable to SQL injection 
techniques.

--
Affected Systems:
	phpBB Group phpBB 2.0.3

--
Attack Scenarios:
The attacker can craft his own SQL query to be executed or use a known 
exploit for this vulnerability.

--
Ease of Attack:
Simple

--
False Positives:
None Known

--
False Negatives:
None Known

--
Corrective Action:
Upgrade to the latest non vulnerable version of phpBB.

--
Contributors:
Sourcefire Research Team
Brian Caswell <bmc@sourcefire.com>
Nigel Houghton <nigel.houghton@sourcefire.com>

--
Additional References:

Bugtraq:
http://www.securityfocus.com/bid/6634

--