Vulnerabilities > CVE-2004-0374 - Remote Information Disclosure vulnerability in Interchange

CVSS 6.4 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

NONE

network

low complexity

interchange-development-group

nessus

exploit available

NVD

Published: 2004-05-04

Updated: 2017-07-11

Summary

Interchange before 5.0.1 allows remote attackers to "expose the content of arbitrary variables" and read or modify sensitive SQL information via an HTTP request ending with the "__SQLUSER__" string.

Vulnerable Configurations

Part	Description	Count
Application	Interchange_Development_Group Interchange Development Group Interchange 4.8.1 Interchange Development Group Interchange 4.8.2 Interchange Development Group Interchange 4.8.3 Interchange Development Group Interchange 4.8.4 Interchange Development Group Interchange 4.8.5 Interchange Development Group Interchange 4.8.6 Interchange Development Group Interchange 4.8.7 Interchange Development Group Interchange 4.8.8 Interchange Development Group Interchange 4.8.9 Interchange Development Group Interchange 5.0	10

Exploit-Db

description	Interchange 4.8.x/5.0 Remote Information Disclosure Vulnerability. CVE-2004-0374. Webapps exploit for asp platform
id	EDB-ID:23895
last seen	2016-02-02
modified	2004-03-30
published	2004-03-30
reporter	anonymous
source	https://www.exploit-db.com/download/23895/
title	Interchange 4.8.x/5.0 - Remote Information Disclosure Vulnerability

Nessus

NASL family	Debian Local Security Checks
NASL id	DEBIAN_DSA-471.NASL
description	A vulnerability was discovered recently in Interchange, an e-commerce and general HTTP database display system. This vulnerability can be exploited by an attacker to expose the content of arbitrary variables. An attacker may learn SQL access information for your Interchange application and use this information to read and manipulate sensitive data.
last seen	2020-06-01
modified	2020-06-02
plugin id	15308
published	2004-09-29
reporter	This script is Copyright (C) 2004-2019 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/15308
title	Debian DSA-471-1 : interchange - missing input sanitising
code	#%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Debian Security Advisory DSA-471. The text # itself is copyright (C) Software in the Public Interest, Inc. # include("compat.inc"); if (description) { script_id(15308); script_version("1.22"); script_cvs_date("Date: 2019/08/02 13:32:17"); script_cve_id("CVE-2004-0374"); script_bugtraq_id(10005); script_xref(name:"DSA", value:"471"); script_name(english:"Debian DSA-471-1 : interchange - missing input sanitising"); script_summary(english:"Checks dpkg output for the updated package"); script_set_attribute( attribute:"synopsis", value:"The remote Debian host is missing a security-related update." ); script_set_attribute( attribute:"description", value: "A vulnerability was discovered recently in Interchange, an e-commerce and general HTTP database display system. This vulnerability can be exploited by an attacker to expose the content of arbitrary variables. An attacker may learn SQL access information for your Interchange application and use this information to read and manipulate sensitive data." ); script_set_attribute( attribute:"see_also", value:"http://www.debian.org/security/2004/dsa-471" ); script_set_attribute( attribute:"solution", value: "Upgrade the interchange package. For the stable distribution (woody) this problem has been fixed in version 4.8.3.20020306-1.woody.2." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:N"); script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available"); script_set_attribute(attribute:"exploit_available", value:"true"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:interchange"); script_set_attribute(attribute:"cpe", value:"cpe:/o:debian:debian_linux:3.0"); script_set_attribute(attribute:"patch_publication_date", value:"2004/04/02"); script_set_attribute(attribute:"plugin_publication_date", value:"2004/09/29"); script_set_attribute(attribute:"vuln_publication_date", value:"2004/03/29"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2004-2019 Tenable Network Security, Inc."); script_family(english:"Debian Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/Debian/release", "Host/Debian/dpkg-l"); exit(0); } include("audit.inc"); include("debian_package.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); if (!get_kb_item("Host/Debian/release")) audit(AUDIT_OS_NOT, "Debian"); if (!get_kb_item("Host/Debian/dpkg-l")) audit(AUDIT_PACKAGE_LIST_MISSING); flag = 0; if (deb_check(release:"3.0", prefix:"interchange", reference:"4.8.3.20020306-1.woody.2")) flag++; if (deb_check(release:"3.0", prefix:"interchange-cat-foundation", reference:"4.8.3.20020306-1.woody.2")) flag++; if (deb_check(release:"3.0", prefix:"interchange-ui", reference:"4.8.3.20020306-1.woody.2")) flag++; if (deb_check(release:"3.0", prefix:"libapache-mod-interchange", reference:"4.8.3.20020306-1.woody.2")) flag++; if (flag) { if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get()); else security_warning(0); exit(0); } else audit(AUDIT_HOST_NOT, "affected");

Summary

Vulnerable Configurations

Exploit-Db

Nessus

References