Snort mailing list archives
Re: Base 1.2 Vuln
From: Kevin Johnson <kjohnson () secureideas net>
Date: Fri, 28 Oct 2005 18:50:51 -0400
On Fri, 2005-10-28 at 09:40 -0400, Joel Esler wrote:
I got an email last night from Kevin (Project lead of BASE), said that he has fixed it. Look for a new BASE release soon.
We are trying to test the fix out as much as possible. If you would like, you can either retrieve it from CVS or add the following as line 202 of includes/base_db.inc.php $sql = eregi_replace(";", " [Possible SQL Injection Attack] ", $sql); The release will happen as soon as testing is done. This patch will work on any version of BASE, but we recommend upgrading.<g>
On another note, I couldn't replicate the bug.
I also am not able to replicate the actual SQL injection, but I can see where it could happen.
Joel Esler
On Oct 28, 2005, at 9:29 AM, Justin Heath wrote:I haven't seen any mention of this on the list, so I thought I would pass it along. Basic Analysis And Security Engine Base_qry_main.PHP SQL Injection Vulnerability http://www.securityfocus.com/bid/15199/info
Attachment:
signature.asc
Description: This is a digitally signed message part
Current thread:
- Base 1.2 Vuln Justin Heath (Oct 28)
- RE: [Ntsug-users] Base 1.2 Vuln Patrick Harper (Oct 28)
- Re: [Ntsug-users] Base 1.2 Vuln Justin Heath (Oct 28)
- Re: [Ntsug-users] Base 1.2 Vuln Johnny Hernandez (Nov 01)
- Re: [Ntsug-users] Base 1.2 Vuln Justin Heath (Oct 28)
- Re: Base 1.2 Vuln Joel Esler (Oct 28)
- Re: Base 1.2 Vuln Kevin Johnson (Oct 28)
- RE: Base 1.2 Vuln Patrick Harper (Oct 28)
- RE: [Ntsug-users] Base 1.2 Vuln Patrick Harper (Oct 28)