26 matches found
EUVD-2018-1804
Malware in sbrugna...
EUVD-2018-1805
Malware in sbrugna...
EUVD-2018-1803
Malware in sbrugna...
Security Onion - Linux Distro For IDS, NSM, And Log Management
Security Onion is a free and open source Linux distribution for intrusion detection, enterprise security monitoring, and log management. It includes Elasticsearch, Logstash, Kibana, Snort, Suricata, Bro, OSSEC, Sguil, Squert, NetworkMiner, and many other security tools. The easy-to-use Setup wiza...
Security Onion Solutions Squert Command Execution Vulnerability
Security Onion Solutions Squert is a web application for querying and viewing event data stored in the Shuil database. A security vulnerability exists in the .inc/callback.php file in Security Onion Solutions Squert versions 1.3.0 through 1.6.7. An attacker can exploit the vulnerability by sendin...
Security Onion Solutions Squert Command Execution Vulnerability (CNVD-2018-05761)
Security Onion Solutions Squert is a web application for querying and viewing event data stored in the Shuil database. A security vulnerability exists in the .inc/callback.php file in Security Onion Solutions Squert versions 1.0.1 through 1.6.7. The vulnerability can be exploited to execute...
CVE-2018-1000044
Security Onion Solutions Squert version 1.1.1 through 1.6.7 contains a SQL Injection vulnerability in .inc/callback.php that can result in execution of SQL commands. This attack appear to be exploitable via Web request to .inc/callback.php with the payload in the sensors parameter, used in ec. Th...
CVE-2018-1000043
Security Onion Solutions Squert version 1.0.1 through 1.6.7 contains a CWE-78: Improper Neutralization of Special Elements used in an OS Command OS Command Injection vulnerability in .inc/callback.php that can result in execution of OS Commands. This attack appear to be exploitable via Web reques...
CVE-2018-1000042
Security Onion Solutions Squert version 1.3.0 through 1.6.7 contains a CWE-78: Improper Neutralization of Special Elements used in an OS Command OS Command Injection vulnerability in .inc/callback.php that can result in execution of OS Commands. This attack appear to be exploitable via Web reques...
CVE-2018-1000042
Security Onion Solutions Squert version 1.3.0 through 1.6.7 contains a CWE-78: Improper Neutralization of Special Elements used in an OS Command OS Command Injection vulnerability in .inc/callback.php that can result in execution of OS Commands. This attack appear to be exploitable via Web reques...
CVE-2018-1000044
Security Onion Solutions Squert version 1.1.1 through 1.6.7 contains a SQL Injection vulnerability in .inc/callback.php that can result in execution of SQL commands. This attack appear to be exploitable via Web request to .inc/callback.php with the payload in the sensors parameter, used in ec. Th...
CVE-2018-1000043
Security Onion Solutions Squert version 1.0.1 through 1.6.7 contains a CWE-78: Improper Neutralization of Special Elements used in an OS Command OS Command Injection vulnerability in .inc/callback.php that can result in execution of OS Commands. This attack appear to be exploitable via Web reques...
Command injection
Security Onion Solutions Squert version 1.0.1 through 1.6.7 contains a CWE-78: Improper Neutralization of Special Elements used in an OS Command OS Command Injection vulnerability in .inc/callback.php that can result in execution of OS Commands. This attack appear to be exploitable via Web reques...
Sql injection
Security Onion Solutions Squert version 1.1.1 through 1.6.7 contains a SQL Injection vulnerability in .inc/callback.php that can result in execution of SQL commands. This attack appear to be exploitable via Web request to .inc/callback.php with the payload in the sensors parameter, used in ec. Th...
Command injection
Security Onion Solutions Squert version 1.3.0 through 1.6.7 contains a CWE-78: Improper Neutralization of Special Elements used in an OS Command OS Command Injection vulnerability in .inc/callback.php that can result in execution of OS Commands. This attack appear to be exploitable via Web reques...
CVE-2018-1000042
Security Onion Solutions Squert version 1.3.0 through 1.6.7 contains a CWE-78: Improper Neutralization of Special Elements used in an OS Command OS Command Injection vulnerability in .inc/callback.php that can result in execution of OS Commands. This attack appear to be exploitable via Web reques...
CVE-2018-1000044
Security Onion Solutions Squert version 1.1.1 through 1.6.7 contains a SQL Injection vulnerability in .inc/callback.php that can result in execution of SQL commands. This attack appear to be exploitable via Web request to .inc/callback.php with the payload in the sensors parameter, used in ec. Th...
CVE-2018-1000042
CVE-2018-1000042 affects Security Onion Solutions Squert versions 1.3.0 through 1.6.7. The vulnerability is CWE-78 (OS Command Injection) in the .inc/callback.php file, allowing execution of OS commands when a web request with payloads in the data or obj parameters is processed by autocat(). The ...
CVE-2018-1000043
Security Onion Solutions Squert versions 1.0.1–1.6.7 are affected by CVE-2018-1000043, a CWE-78 OS Command Injection in .inc/callback.php. An attacker can exploit this via an HTTP request containing a payload in the txdata parameter (used in tx()/transcript()) or the catdata parameter (used in ca...
CVE-2018-1000044
Security Onion Solutions Squert versions 1.1.1–1.6.7 contain a SQL injection in .inc/callback.php that can lead to execution of SQL commands via a web request with the payload in the sensors parameter (via ec()). The issue is fixed in version 1.7.0. Affected product: Squert; vulnerable component:...