CVE-2005-3325

2005-10-2700:00:00

ubuntu.com

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

EPSS

0.007

Percentile

79.9%

JSON

Multiple SQL injection vulnerabilities in (1) acid_qry_main.php in Analysis
Console for Intrusion Databases (ACID) 0.9.6b20 and (2) base_qry_main.php
in Basic Analysis and Security Engine (BASE) 1.2, and unspecified other
console scripts in these products, allow remote attackers to execute
arbitrary SQL commands via the sig[1] parameter and possibly other
parameters.

OSVersionArchitecturePackageVersionFilename
ubuntu6.06noarchacidbase< 1.2.1-4UNKNOWN
ubuntu6.10noarchacidbase< 1.2.1-4UNKNOWN
ubuntu7.04noarchacidbase< 1.2.1-4UNKNOWN
ubuntu7.10noarchacidbase< 1.2.1-4UNKNOWN
ubuntu8.04noarchacidbase< 1.2.1-4UNKNOWN
ubuntu6.06noarchacidlab< 0.9.6b20-13ubuntu1UNKNOWN
ubuntu6.10noarchacidlab< 0.9.6b20-13ubuntu1UNKNOWN
ubuntu7.10noarchacidlab< 0.9.6b20-13ubuntu1UNKNOWN
ubuntu8.04noarchacidlab< 0.9.6b20-13ubuntu1UNKNOWN
ubuntu7.10noarchphp-xajax< 0.2.5-2UNKNOWN

OS	Version	Architecture	Package	Version	Filename
ubuntu	6.06	noarch	acidbase	< 1.2.1-4	UNKNOWN
ubuntu	6.10	noarch	acidbase	< 1.2.1-4	UNKNOWN
ubuntu	7.04	noarch	acidbase	< 1.2.1-4	UNKNOWN
ubuntu	7.10	noarch	acidbase	< 1.2.1-4	UNKNOWN
ubuntu	8.04	noarch	acidbase	< 1.2.1-4	UNKNOWN
ubuntu	6.06	noarch	acidlab	< 0.9.6b20-13ubuntu1	UNKNOWN
ubuntu	6.10	noarch	acidlab	< 0.9.6b20-13ubuntu1	UNKNOWN
ubuntu	7.10	noarch	acidlab	< 0.9.6b20-13ubuntu1	UNKNOWN
ubuntu	8.04	noarch	acidlab	< 0.9.6b20-13ubuntu1	UNKNOWN
ubuntu	7.10	noarch	php-xajax	< 0.2.5-2	UNKNOWN