Modules: Netquery 3.11 - Vulnerability Bugfix

Posted by: RVirtueOn 2005/8/2 17:46:37 7020 reads
A scripting vulnerability has been reported due to inadequate "sanitizing" of user input for certain Netquery v3.1 local execution operations. Additional details are provided in Secunia Product Note 5439 and in Secunia Advisory 16216

This issue has been addressed in ALL editions of Netquery v3.11 currently available from http://virtech.org/tools/ and users are strongly encouraged to update their installations to this latest version.

The Netquery v3.11 bugfix is especially important for those sites where Netquery's local ping and/or local traceroute operations are enabled. For those who may prefer manual application of their own patch, user input for both of those operations is now fully "sanitized" the by using the following function:

function sanitizeSysString($string$min ''$max '')
{
  
$pattern '/(;|||`|>|<|&|^|"|'."n|r|'".'|{|}|[|]|)|()/i';
  
$string preg_replace($pattern''$string);
  
$string '"'.preg_replace('/$/''\$'$string).'"';
  
$len strlen($string);
  if(((
$min != '') && ($len $min)) || (($max != '') && ($len $max)))
    return 
FALSE;
  return 
$string;
}

Netquery links: Downloads | Manual | Live Demo | Forums