Sense of Security – Security Advisory – SOS-12-004
| Release Date. | 12-Mar-2012 |
| Last Update. | – |
| Vendor Notification Date. | 24-Nov-2011 |
| Product. | Aurora WebOPAC |
| Platform. | Independent |
| Affected versions. | 3.5.0e, 3.4.6a, 3.5.3, 3.5.0i, 3.4.7b, 3.5.2.2, 3.4.7b, possibly others |
| Severity Rating. | High |
| Impact. | Exposure of sensitive information |
| Attack Vector. | From remote without authentication |
| Solution Status. | Vendor patch |
| CVE reference. | CVE- Not yet assigned |
Details.
Aurora WebOPAC is an online library system which allows users to perform tasks, such as reservations, renewal of books, search the catalogue, etc.
During an application penetration test Sense of Security identified that Aurora WebOPAC suffers from SQL injection vulnerabilities in MemberDetailsRecovery.aspx, as it fails to validate data supplied in the ‘txtEmailAliasBarcodeÂ’ variable before being used in a SQL query.
Solution.
The vendor has advised that Patch R.3.5.3 is available, and should be applied to fix the issue.
Discovered by.
Niket Khosla from Sense of Security Labs.