Re: [Ntsug-users] Base 1.2 Vuln

[Justin Heath <justin.heath () gmail com>]

With the way BASE is constantly plugged on this list it's a good idea to
point this out. Im sure there are people that weren't aware of this issue
that are running BASE. Just because you or someone else is aware of an issue
whether its "been brought up many times before" or not doesn't change
anything.

On 10/28/05, Patrick Harper <patrick () internetsecurityguru com> wrote:
> This has been a known issue for a while. To quote Kevin (the lead
> developer
> of base)
>
> This issue has been brought up many times before, not by this guy) and is
> CLEARLY documented in the README file since ACID was created. To fix this
> issue we need to completely rewrite the application and we are doing this
> for 2.x. Currently we are looking for a database expert to help with the
> application. Do you know anyone?<g>)
>
>
> -----Original Message-----
> From: ntsug-users-bounces () ntsug org [mailto:ntsug-users-bounces () ntsug org]
> On Behalf Of Justin Heath
> Sent: Friday, October 28, 2005 8:30 AM
> To: Snort; General snort discussions
> Subject: [Ntsug-users] Base 1.2 Vuln
>
> I haven't seen any mention of this on the list, so I thought I would pass
> it
> along.
>
> Basic Analysis And Security Engine Base_qry_main.PHP SQL Injection
> Vulnerability
> http://www.securityfocus.com/bid/15199/info
>
>
>
> _______________________________________________
> Ntsug-users mailing list
> Ntsug-users () ntsug org
> http://www.ntsug.org/mailman/listinfo/ntsug-users