CVE-2006-6354
published 2006-12-07CVE-2006-6354: Multiple SQL injection vulnerabilities in detail.asp in DuWare DuNews allow remote attackers to execute arbitrary SQL commands via the (1) iNews, (2) iType, or…
PriorityP337high7.5CVSS 2.0
AVNACLAuNCPIPAP
EPSS
1.62%
73.1th percentile
Multiple SQL injection vulnerabilities in detail.asp in DuWare DuNews allow remote attackers to execute arbitrary SQL commands via the (1) iNews, (2) iType, or (3) Action parameter. NOTE: the iType parameter in type.asp is covered by CVE-2005-3976.
Affected
25 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| duware | duamazon | — | — |
| duware | duamazon | — | — |
| duware | duarticle | — | — |
| duware | duarticle | — | — |
| duware | duclassified | — | — |
| duware | duclassified | — | — |
| duware | duclassified | — | — |
| duware | dudirectory | — | — |
| duware | dudirectory | — | — |
| duware | dudirectory_pro | — | — |
| duware | dudirectory_pro | — | — |
| duware | dudirectory_pro_sql | — | — |
| duware | dudirectory_pro_sql | — | — |
| duware | dudownload | — | — |
| duware | dudownload | — | — |
| duware | dugallery | — | — |
| duware | dugallery | — | — |
| duware | dugallery | — | — |
| duware | dugallery | — | — |
| duware | dunews | — | — |
| duware | dunews | — | — |
| duware | dupaypal | — | — |
| duware | dupaypal | — | — |
| duware | dupaypal_pro | — | — |
| duware | dupaypal_pro | — | — |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Suricata
ET WEB_SPECIFIC_APPS DuWare DuNews SQL Injection Attempt -- detail.asp iNews ASCII
suricata·2010-07-30·CVSS 7.5
CVE-2006-6354 [HIGH] ET WEB_SPECIFIC_APPS DuWare DuNews SQL Injection Attempt -- detail.asp iNews ASCII
ET WEB_SPECIFIC_APPS DuWare DuNews SQL Injection Attempt -- detail.asp iNews ASCII
Rule: alert http $EXTERNAL_NET any -> $HTTP_SERVERS any (msg:"ET WEB_SPECIFIC_APPS DuWare DuNews SQL Injection Attempt -- detail.asp iNews ASCII"; flow:established,to_server; http.uri; content:"/detail.asp?"; nocase; content:"iNews="; nocase; content:"ASCII("; nocase; content:"SELECT"; nocase; distance:0; reference:cve,CVE-2006-6354; reference:url,www.securityfocus.com/bid/15681; classtype:web-application-attack; sid:2006716; rev:10; metadata:affected_product Web_Server_Applications, attack_target Web_Server, created_at 2010_07_30, deployment Datacenter, confidence Medium, signature_severity Major, tag SQL_Injection, updated_at 2020_09_11, mitre_tactic_id TA0001, mitre_tactic_name Initial_Access, mitre_tech
Suricata
ET WEB_SPECIFIC_APPS DuWare DuNews SQL Injection Attempt -- detail.asp iNews DELETE
suricata·2010-07-30·CVSS 7.5
CVE-2006-6354 [HIGH] ET WEB_SPECIFIC_APPS DuWare DuNews SQL Injection Attempt -- detail.asp iNews DELETE
ET WEB_SPECIFIC_APPS DuWare DuNews SQL Injection Attempt -- detail.asp iNews DELETE
Rule: alert http $EXTERNAL_NET any -> $HTTP_SERVERS any (msg:"ET WEB_SPECIFIC_APPS DuWare DuNews SQL Injection Attempt -- detail.asp iNews DELETE"; flow:established,to_server; http.uri; content:"/detail.asp?"; nocase; content:"iNews="; nocase; content:"DELETE"; nocase; content:"FROM"; nocase; distance:0; reference:cve,CVE-2006-6354; reference:url,www.securityfocus.com/bid/15681; classtype:web-application-attack; sid:2006715; rev:10; metadata:affected_product Web_Server_Applications, attack_target Web_Server, created_at 2010_07_30, deployment Datacenter, confidence Medium, signature_severity Major, tag SQL_Injection, updated_at 2020_09_11, mitre_tactic_id TA0001, mitre_tactic_name Initial_Access, mitre_tech
Suricata
ET WEB_SPECIFIC_APPS DuWare DuNews SQL Injection Attempt -- detail.asp iNews UNION SELECT
suricata·2010-07-30·CVSS 7.5
CVE-2006-6354 [HIGH] ET WEB_SPECIFIC_APPS DuWare DuNews SQL Injection Attempt -- detail.asp iNews UNION SELECT
ET WEB_SPECIFIC_APPS DuWare DuNews SQL Injection Attempt -- detail.asp iNews UNION SELECT
Rule: alert http $EXTERNAL_NET any -> $HTTP_SERVERS any (msg:"ET WEB_SPECIFIC_APPS DuWare DuNews SQL Injection Attempt -- detail.asp iNews UNION SELECT"; flow:established,to_server; http.uri; content:"/detail.asp?"; nocase; content:"iNews="; nocase; content:"UNION"; nocase; content:"SELECT"; nocase; distance:0; reference:cve,CVE-2006-6354; reference:url,www.securityfocus.com/bid/15681; classtype:web-application-attack; sid:2006713; rev:10; metadata:affected_product Web_Server_Applications, attack_target Web_Server, created_at 2010_07_30, deployment Datacenter, confidence Medium, signature_severity Major, tag SQL_Injection, updated_at 2020_09_11, mitre_tactic_id TA0001, mitre_tactic_name Initial_Acces
Suricata
ET WEB_SPECIFIC_APPS DuWare DuNews SQL Injection Attempt -- detail.asp iNews SELECT
suricata·2010-07-30·CVSS 7.5
CVE-2006-6354 [HIGH] ET WEB_SPECIFIC_APPS DuWare DuNews SQL Injection Attempt -- detail.asp iNews SELECT
ET WEB_SPECIFIC_APPS DuWare DuNews SQL Injection Attempt -- detail.asp iNews SELECT
Rule: alert http $EXTERNAL_NET any -> $HTTP_SERVERS any (msg:"ET WEB_SPECIFIC_APPS DuWare DuNews SQL Injection Attempt -- detail.asp iNews SELECT"; flow:established,to_server; http.uri; content:"/detail.asp?"; nocase; content:"iNews="; nocase; content:"SELECT"; nocase; content:"FROM"; nocase; distance:0; reference:cve,CVE-2006-6354; reference:url,www.securityfocus.com/bid/15681; classtype:web-application-attack; sid:2006712; rev:9; metadata:affected_product Web_Server_Applications, attack_target Web_Server, created_at 2010_07_30, deployment Datacenter, confidence Medium, signature_severity Major, tag SQL_Injection, updated_at 2020_09_11, mitre_tactic_id TA0001, mitre_tactic_name Initial_Access, mitre_techn
Suricata
ET WEB_SPECIFIC_APPS DuWare DuNews SQL Injection Attempt -- detail.asp iNews INSERT
suricata·2010-07-30·CVSS 7.5
CVE-2006-6354 [HIGH] ET WEB_SPECIFIC_APPS DuWare DuNews SQL Injection Attempt -- detail.asp iNews INSERT
ET WEB_SPECIFIC_APPS DuWare DuNews SQL Injection Attempt -- detail.asp iNews INSERT
Rule: alert http $EXTERNAL_NET any -> $HTTP_SERVERS any (msg:"ET WEB_SPECIFIC_APPS DuWare DuNews SQL Injection Attempt -- detail.asp iNews INSERT"; flow:established,to_server; http.uri; content:"/detail.asp?"; nocase; content:"iNews="; nocase; content:"INSERT"; nocase; content:"INTO"; nocase; distance:0; reference:cve,CVE-2006-6354; reference:url,www.securityfocus.com/bid/15681; classtype:web-application-attack; sid:2006714; rev:10; metadata:affected_product Web_Server_Applications, attack_target Web_Server, created_at 2010_07_30, deployment Datacenter, confidence Medium, signature_severity Major, tag SQL_Injection, updated_at 2020_09_11, mitre_tactic_id TA0001, mitre_tactic_name Initial_Access, mitre_tech
Suricata
ET WEB_SPECIFIC_APPS DuWare DuNews SQL Injection Attempt -- detail.asp iNews UPDATE
suricata·2010-07-30·CVSS 7.5
CVE-2006-6354 [HIGH] ET WEB_SPECIFIC_APPS DuWare DuNews SQL Injection Attempt -- detail.asp iNews UPDATE
ET WEB_SPECIFIC_APPS DuWare DuNews SQL Injection Attempt -- detail.asp iNews UPDATE
Rule: alert http $EXTERNAL_NET any -> $HTTP_SERVERS any (msg:"ET WEB_SPECIFIC_APPS DuWare DuNews SQL Injection Attempt -- detail.asp iNews UPDATE"; flow:established,to_server; http.uri; content:"/detail.asp?"; nocase; content:"iNews="; nocase; content:"UPDATE"; nocase; content:"SET"; nocase; distance:0; reference:cve,CVE-2006-6354; reference:url,www.securityfocus.com/bid/15681; classtype:web-application-attack; sid:2006717; rev:10; metadata:affected_product Web_Server_Applications, attack_target Web_Server, created_at 2010_07_30, deployment Datacenter, confidence Medium, signature_severity Major, tag SQL_Injection, updated_at 2020_09_11, mitre_tactic_id TA0001, mitre_tactic_name Initial_Access, mitre_techn
No public exploits indexed.
No writeups or analysis indexed.
http://secunia.com/advisories/23228http://securityreason.com/securityalert/1996http://www.aria-security.com/forum/showthread.php?t=61http://www.securityfocus.com/archive/1/453317/100/0/threadedhttp://www.securityfocus.com/bid/15681http://www.vupen.com/english/advisories/2006/4834https://exchange.xforce.ibmcloud.com/vulnerabilities/30673http://secunia.com/advisories/23228http://securityreason.com/securityalert/1996http://www.aria-security.com/forum/showthread.php?t=61http://www.securityfocus.com/archive/1/453317/100/0/threadedhttp://www.securityfocus.com/bid/15681http://www.vupen.com/english/advisories/2006/4834https://exchange.xforce.ibmcloud.com/vulnerabilities/30673
2006-12-07
Published