|Title:||INL ulog-php SQL injection|
The remote host is running ulog-php, a firewall log analysis interface
written in PHP.
There is a SQL injection vulnerability in the remote interface, in the
file port.php, which may allow an attacker to insert arbitrary SQL statements
in the remote database. An attacker may exploit this flaw to add bogus
statements in the remote log database, or to remove arbitrary log entries
from the database, thus cleaning his tracks.
Solution : Upgrade to ulog-php 0.8.2 or newer
Risk factor: High
BugTraq ID: 11018|
|Copyright||This script is Copyright (C) 2004 Tenable Network Security|
|This is only one of 87302 vulnerability tests in our test suite. Find out more about running a complete security audit.|
To run a free test of this vulnerability against your system, register below.