Synopsis
The remote web server contains a PHP script that is vulnerable to SQL injection attacks.
Description
The remote host is running ulog-php, a firewall log analysis interface written in PHP.
There is a SQL injection vulnerability in the remote interface, in the 'port.php' script that may allow an attacker to insert arbitrary SQL statements into the remote database. An attacker may exploit this flaw to add bogus statements to the remote log database or to remove arbitrary log entries from the database, thus clearing his tracks.
Solution
Upgrade to ulog-php 0.8.2 or later.
Plugin Details
File Name: ulog_php_sql_injection.nasl
Supported Sensors: Nessus
Risk Information
Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P
Vulnerability Information
Required KB Items: www/PHP
Excluded KB Items: Settings/disable_cgi_scanning
Exploit Ease: No exploit is required
Reference Information
BID: 11018