CVE-2010-3076 - OpenCVE

The filter function in php/src/include.php in Simple Management for BIND (aka smbind) before 0.4.8 does not anchor a certain regular expression, which allows remote attackers to conduct SQL injection attacks and execute arbitrary SQL commands via the username parameter to the admin login page.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

AV:N/AC:L/Au:N/C:P/I:P/A:P

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Blentz	Smbind

Configuration 1 [-]

OR	cpe:2.3:a:blentz:smbind::::::::
	cpe:2.3:a:blentz:smbind:0.2:::::::*
	cpe:2.3:a:blentz:smbind:0.2.1:::::::*
	cpe:2.3:a:blentz:smbind:0.3.1:::::::*
	cpe:2.3:a:blentz:smbind:0.4:::::::*
	cpe:2.3:a:blentz:smbind:0.4.1:::::::*
	cpe:2.3:a:blentz:smbind:0.4.2:::::::*
	cpe:2.3:a:blentz:smbind:0.4.3:::::::*
	cpe:2.3:a:blentz:smbind:0.4.4:::::::*
	cpe:2.3:a:blentz:smbind:0.4.5:::::::*
	cpe:2.3:a:blentz:smbind:0.4.6:::::::*

No data.

References

Link	Providers
http://packetstormsecurity.org/1009-exploits/smbind-sql.txt
http://sourceforge.net/projects/smbind/files/smbind/0.4.8/smbind-0.4.8.tar.bz2/download
http://www.debian.org/security/2010/dsa-2103
http://www.openwall.com/lists/oss-security/2010/09/05/5
http://www.openwall.com/lists/oss-security/2010/09/07/10

History

No history.

MITRE

Status: PUBLISHED

Assigner: redhat

Published: 2010-10-12T21:00:00

Updated: 2024-08-07T02:55:46.558Z

Reserved: 2010-08-20T00:00:00

Link: CVE-2010-3076

Vulnrichment

No data.

NVD

Status : Modified

Published: 2010-10-14T05:57:58.317

Modified: 2011-01-19T06:59:48.663

Link: CVE-2010-3076

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2010-09-05T00:00:00", "descriptions": [{"lang": "en", "value": "The filter function in php/src/include.php in Simple Management for BIND (aka smbind) before 0.4.8 does not anchor a certain regular expression, which allows remote attackers to conduct SQL injection attacks and execute arbitrary SQL commands via the username parameter to the admin login page."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2011-01-19T10:00:00", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat"}, "references": [{"name": "[oss-security] 20100905 CVE request: smbind Sql Injection", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://www.openwall.com/lists/oss-security/2010/09/05/5"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://sourceforge.net/projects/smbind/files/smbind/0.4.8/smbind-0.4.8.tar.bz2/download"}, {"name": "DSA-2103", "tags": ["vendor-advisory", "x_refsource_DEBIAN"], "url": "http://www.debian.org/security/2010/dsa-2103"}, {"tags": ["x_refsource_MISC"], "url": "http://packetstormsecurity.org/1009-exploits/smbind-sql.txt"}, {"name": "[oss-security] 20100907 Re: CVE request: smbind Sql Injection", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://www.openwall.com/lists/oss-security/2010/09/07/10"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "secalert@redhat.com", "ID": "CVE-2010-3076", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The filter function in php/src/include.php in Simple Management for BIND (aka smbind) before 0.4.8 does not anchor a certain regular expression, which allows remote attackers to conduct SQL injection attacks and execute arbitrary SQL commands via the username parameter to the admin login page."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "[oss-security] 20100905 CVE request: smbind Sql Injection", "refsource": "MLIST", "url": "http://www.openwall.com/lists/oss-security/2010/09/05/5"}, {"name": "http://sourceforge.net/projects/smbind/files/smbind/0.4.8/smbind-0.4.8.tar.bz2/download", "refsource": "CONFIRM", "url": "http://sourceforge.net/projects/smbind/files/smbind/0.4.8/smbind-0.4.8.tar.bz2/download"}, {"name": "DSA-2103", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2010/dsa-2103"}, {"name": "http://packetstormsecurity.org/1009-exploits/smbind-sql.txt", "refsource": "MISC", "url": "http://packetstormsecurity.org/1009-exploits/smbind-sql.txt"}, {"name": "[oss-security] 20100907 Re: CVE request: smbind Sql Injection", "refsource": "MLIST", "url": "http://www.openwall.com/lists/oss-security/2010/09/07/10"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T02:55:46.558Z"}, "title": "CVE Program Container", "references": [{"name": "[oss-security] 20100905 CVE request: smbind Sql Injection", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://www.openwall.com/lists/oss-security/2010/09/05/5"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://sourceforge.net/projects/smbind/files/smbind/0.4.8/smbind-0.4.8.tar.bz2/download"}, {"name": "DSA-2103", "tags": ["vendor-advisory", "x_refsource_DEBIAN", "x_transferred"], "url": "http://www.debian.org/security/2010/dsa-2103"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://packetstormsecurity.org/1009-exploits/smbind-sql.txt"}, {"name": "[oss-security] 20100907 Re: CVE request: smbind Sql Injection", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://www.openwall.com/lists/oss-security/2010/09/07/10"}]}]}, "cveMetadata": {"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2010-3076", "datePublished": "2010-10-12T21:00:00", "dateReserved": "2010-08-20T00:00:00", "dateUpdated": "2024-08-07T02:55:46.558Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:blentz:smbind:*:*:*:*:*:*:*:*", "matchCriteriaId": "1E1538A6-E1B5-4CF2-AEEB-E001A8FCB325", "versionEndIncluding": "0.4.7", "vulnerable": true}, {"criteria": "cpe:2.3:a:blentz:smbind:0.2:*:*:*:*:*:*:*", "matchCriteriaId": "CB211A75-8BB8-4363-8882-DD42788375EB", "vulnerable": true}, {"criteria": "cpe:2.3:a:blentz:smbind:0.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "A787D9D3-5101-4E90-956A-5E4DE59822AF", "vulnerable": true}, {"criteria": "cpe:2.3:a:blentz:smbind:0.3.1:*:*:*:*:*:*:*", "matchCriteriaId": "67546FFC-CFA8-4C10-BCED-899DAC54E722", "vulnerable": true}, {"criteria": "cpe:2.3:a:blentz:smbind:0.4:*:*:*:*:*:*:*", "matchCriteriaId": "20F4DAAB-E3DC-4C30-9BE1-A48A115235B4", "vulnerable": true}, {"criteria": "cpe:2.3:a:blentz:smbind:0.4.1:*:*:*:*:*:*:*", "matchCriteriaId": "5F7E9DF7-48C5-4360-8456-8A286149847E", "vulnerable": true}, {"criteria": "cpe:2.3:a:blentz:smbind:0.4.2:*:*:*:*:*:*:*", "matchCriteriaId": "AFC9603F-1631-48A8-BD09-3BD64E4A032D", "vulnerable": true}, {"criteria": "cpe:2.3:a:blentz:smbind:0.4.3:*:*:*:*:*:*:*", "matchCriteriaId": "76D6C4AD-95EF-40C0-A94E-1090E5B9697A", "vulnerable": true}, {"criteria": "cpe:2.3:a:blentz:smbind:0.4.4:*:*:*:*:*:*:*", "matchCriteriaId": "B7E5DA14-B008-4437-BC61-3ACBD5671425", "vulnerable": true}, {"criteria": "cpe:2.3:a:blentz:smbind:0.4.5:*:*:*:*:*:*:*", "matchCriteriaId": "364C8859-84D5-44F9-801E-4A2B2CFA7BA7", "vulnerable": true}, {"criteria": "cpe:2.3:a:blentz:smbind:0.4.6:*:*:*:*:*:*:*", "matchCriteriaId": "C52D91EA-2602-4D39-936F-552D76F5D443", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "The filter function in php/src/include.php in Simple Management for BIND (aka smbind) before 0.4.8 does not anchor a certain regular expression, which allows remote attackers to conduct SQL injection attacks and execute arbitrary SQL commands via the username parameter to the admin login page."}, {"lang": "es", "value": "La funci\u00f3n filtro en php/src/include.php en Simple Management para BIND (tambi\u00e9n conocido como smbind) anterior a v0.4.8 no identifica cierta expresi\u00f3n regular, que permite a atacantes remotos llevar a cabo ataques de inyecci\u00f3n SQL y ejecutar comandos SQL de su elecci\u00f3n a trav\u00e9s del par\u00e1metro 'username' en la p\u00e1gina de inicio del administrador."}], "id": "CVE-2010-3076", "lastModified": "2011-01-19T06:59:48.663", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2010-10-14T05:57:58.317", "references": [{"source": "secalert@redhat.com", "tags": ["Exploit"], "url": "http://packetstormsecurity.org/1009-exploits/smbind-sql.txt"}, {"source": "secalert@redhat.com", "url": "http://sourceforge.net/projects/smbind/files/smbind/0.4.8/smbind-0.4.8.tar.bz2/download"}, {"source": "secalert@redhat.com", "url": "http://www.debian.org/security/2010/dsa-2103"}, {"source": "secalert@redhat.com", "url": "http://www.openwall.com/lists/oss-security/2010/09/05/5"}, {"source": "secalert@redhat.com", "url": "http://www.openwall.com/lists/oss-security/2010/09/07/10"}], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-89"}], "source": "nvd@nist.gov", "type": "Primary"}]}