Pre-authorization SQL Injection Vulnerability

yehster wrote on Friday, November 22, 2013:

https://sourceforge.net/p/openemr/bugs/374/
There is a potentially serious SQL Injection issue that might be exploitable “pre-authorization” (e.g. without first needing valid login credentials.)

Details are in the bug report. Thanks to Patrick Smith for reporting.

I’m recommending that people download this new version of library/translation.inc.php

https://raw.github.com/yehster/openemr/44d7cd4fda3e11bc6d6f16a757ca1233342352a6/library/translation.inc.php

and overwrite the existing version.

This file should work for 4.1.3, 4.1.2, 4.1.1 and 4.1.0. I have to admit I’ve only tested with 4.1.3 and 4.1.2 though.

I’m not going to be available for the rest of the day to field questions, but I’ll follow up as needed in the future.

kevin.y@integralemr.com

bradymiller wrote on Saturday, November 23, 2013:

Hi,

Although it may not clearly be a pre-authentication vulnerability, I think it does get used in some scripts that bypass authentication.

Just released the fix in a 4.1.2 patch.

-brady
OpenEMR