Two Greek researchers managed to find a security loophole on a NASA website (subdomain), which allowed them to do SQL injection and access the organization's database.
According to Greek researchers, the US space agency was promptly alerted to the security gap, but to date it has not made any correction.
Researchers Dimitris Chatzidimitris and Anastasis Vasileiadhs report in Secnews.gr via email:
“On August 29, we discovered a vulnerability while navigating a Nasa page (https://www.jpl.nasα.gov/which relates to various promotion systems….
Vulnerability is a type SQL injection and the link to this weakness is:
Note Secnews.gr: We do not list the link for obvious reasons but we list some of the items we received by email:
Parameter: catId (GET)
Type: boolean-based blind
Database version: 5.1.61-community-lo
“This specific vulnerability gave us access to fundamentals data of the specific website"
Researchers report:
"After that we did not proceed to any possible access to the server beyond the bases as we had already confirmed that the page was not secure.
Immediately on August 27 we contacted the contact form on their page and we briefed them in detail to correct their security.
Until today 8 September we did not get any answer on this.
Security researchers:
Dimitris Chatzidimitris
Anastasis Vasileiadhs ”
We quote a screenshoot from the database tables. We notice that the tables also contain the user data of the web page (usernames and passwords).
See it below picture (wp-users, contacts, Member, authors)
_____________________________________
The information remains available to interested parties, both by the researchers themselves and by Secnews.gr.
Η information for vulnerabilities discovered in organizations, it is considered highly necessary (especially when they exist on high-traffic websites), and for us at Secnews.gr they are an immediate priority.
We hope that in this way, i.e. the direct exposure of each vulnerability and not with its "hood", we contribute to a more safe Internet.
Of course we have met many Companies and organizations, locally as well as globally, that instead of working together to solve a vulnerability, initiate legal means to prosecute researchers, covering the security gap very carefully with the rug, trying to avoid negative impressions.
