Read this post for details. NukeSentinel™ is named for not stopping this attack when it absolutely does, 100% of the time, if you have the Union blocker on. I have replied to the thread as follows:
[snip]Of course, mysql version 4.x must be used with enabled union functionality. And if there are Sentinel or similar protection systems installed, additional measures must be used to evade them.[/snip]
You are mistaken. If NukeSentinel is installed and active, it blocks them 100% of the time. This exploit is nothing more than a variation on a theme. It's another in a long line of UNION exploits which NukeSentinel has been blocking since day one.Note:
There are actually 2 more "new" exploits listed - All pertaining to nuke 7.6:
http://www.securityfocus.com/bid/13061
http://www.securityfocus.com/bid/13055
If you have Chatserv's patches installed and NukeSentinel(tm) - Sleep well tonight!
Related
Re: PHP-Nuke Bug - SQL Injection (Score: 1) |  | Sentinel (2.13) does indeed stop this one: Date & Time: 2005-04-08 17:48:20 Blocked IP: 145.53.202.40 User ID: Anonymous (1) Reason: Abuse-Union -------------------- User Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; nl-NL; rv:1.7.6) Gecko/20050318 Firefox/1.0.2 Query String: ipbnuke.net/modules.php?name=Top&querylang=%20WHERE%201=2%20UNION%20ALL%20SELECT%201,pwd,1,1%20FROM%20nuke_authors/* Forwarded For: none Client IP: none Remote Address: 145.53.202.40 Remote Port: 30000 Request Method: GET |
Re: PHP-Nuke Bug - SQL Injection (Score: 1) | | lol The man knows not whereof he speaks, Raven does. While I was down this past week NukeSentinel™ blocked a U nion attack on my site. NS and chatserv's patches are necessities for nuke sites. Now if only Microsofthead made better OSs... |
![[Valid RSS]](https://www.ravenphpscripts.com/images/valid-rss.png "Validate my RSS feed"){kind=small}
