← Advisories

CableTEL's Triple Play v1.0 (login.php) Remote Login Bypass SQL Injection Vuln

Medium

Advisory ID

ZSL-2010-4925

Release Date

22 February 2010

Vendor

CableTEL DOOEL - http://www.cabletel.com.mk

Affected Version

1.0

CVE

N/A

Tested On

Microsoft Windows XP Professional SP3 (English)

Summary

Triple Play is a PHP script that CableTEL offers its clients to check their internet traffic status.

Description

Triple Play suffers from a security bypass vulnerability (login.php) with sql injection attack. The login page can be accessed only by CableTEL's users. The script fails to sanitize user/pass login page allowing the attacker to bypass the security mechanism and view sensitive information that can be further used in a social engineering attack and such.

Proof of Concept

cabletel-login.txtTXT

Disclosure Timeline

23.12.2009Vendor has some knowledge of the vulnerability.

Credits

Vulnerability discovered by Gjoko Krstic

References

[1]http://www.packetstormsecurity.org/filedesc/cabletel-sql.txt.html

Changelog

22.02.2010Initial release

23.02.2010Added reference [1]