BugTraq
Back to list
|
Post reply
Re: Aenovo Multiple Vulnerabilities (Patch)
Oct 16 2005 05:17PM
ali202 fastermail com
Patch :
[1]
In "user/control.asp"
Find this :
---------------------------------
pword = Trim(request("password"))
---------------------------------
Replace with this:
---------------------------------
pword = replace(Trim(request("password")),"'","''")
---------------------------------
[2]
In "incs\searchdisplay.asp"
Find this:
---------------------------------
strSQL = request("strSQL")
---------------------------------
Replace with this:
---------------------------------
strSQL = ""
---------------------------------
<ali202>
[ reply ]
Privacy Statement
Copyright 2010, SecurityFocus
[1]
In "user/control.asp"
Find this :
---------------------------------
pword = Trim(request("password"))
---------------------------------
Replace with this:
---------------------------------
pword = replace(Trim(request("password")),"'","''")
---------------------------------
[2]
In "incs\searchdisplay.asp"
Find this:
---------------------------------
strSQL = request("strSQL")
---------------------------------
Replace with this:
---------------------------------
strSQL = ""
---------------------------------
<ali202>
[ reply ]