1
Candidate: CVE-2013-5321
4
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5321
5
http://www.exploit-db.com/exploits/26406
7
Multiple SQL injection vulnerabilities in AlienVault Open Source Security
8
Information Management (OSSIM) 4.1 allow remote attackers to execute
9
arbitrary SQL commands via the (1) sensor parameter in a Query action to
10
forensics/base_qry_main.php; the (2) tcp_flags[] or (3) tcp_port[0][4]
11
parameter to forensics/base_stat_alerts.php; the (4) ip_addr[1][8] or (5)
12
port_type parameter to forensics/base_stat_ports.php; or the (6) sortby or
13
(7) rvalue parameter in a search action to vulnmeter/index.php.
18
Discovered-by: Glafkos Charalambous
22
upstream_ossim: needed
23
lucid_ossim: ignored (reached end-of-life)
24
precise_ossim: ignored (reached end-of-life)
25
precise/esm_ossim: DNE (precise was needed)
26
quantal_ossim: ignored (reached end-of-life)
27
raring_ossim: ignored (reached end-of-life)
28
saucy_ossim: ignored (reached end-of-life)
30
utopic_ossim: ignored (reached end-of-life)
31
vivid_ossim: ignored (reached end-of-life)
32
vivid/stable-phone-overlay_ossim: DNE
33
vivid/ubuntu-core_ossim: DNE
34
wily_ossim: ignored (reached end-of-life)
36
yakkety_ossim: ignored (reached end-of-life)
37
zesty_ossim: ignored (reached end-of-life)