SNS Vulnerability

Debian Security Update Fixes Doctrine Remote SQL Injection Vulnerability

Description

A vulnerability has been identified in Debian, which could be exploited by attackers to manipulate and inject SQL queries. This issue is caused by an input validation error in the "Doctrine/DBAL/Platforms/AbstractPlatform::modifyLimitQuery()" function when processing user-supplied data, which could be exploited by malicious people to conduct SQL injection attacks.

Vulnerable Products

Vulnerable Software:
Debian GNU/Linux squeeze

Solution

Debian GNU/Linux squeeze - Upgrade to doctrine version 1.2.2-2+squeeze1

CVE

CVE-2011-1522

References

http://www.doctrine-project.org/blog/doctrine-security-fix

Vulnerability Manager Detection

IPS Protection

ASQ Engine alarm	Available Since
SQL injection Prevention - GET : suspicious OR statement in URL	3.2.0
SQL injection Prevention - POST : suspicious SELECT statement in data	3.2.0
SQL injection Prevention - GET : suspicious combination of 'OR' or 'AND' statements in URL	3.2.0
SQL injection Prevention - POST : possible version probing in data	3.2.0
SQL injection Prevention - GET : suspicious CREATE statement in URL	3.2.0
SQL injection Prevention - GET : suspicious CAST statement in URL	3.2.0
SQL injection Prevention - GET : suspicious OPENROWSET statement in URL	3.2.0
SQL injection Prevention - GET : suspicious DECLARE statement in URL	3.2.0
SQL injection Prevention - POST : suspicious OPENQUERY statement in data	3.2.0
SQL injection Prevention - POST : suspicious CREATE statement in data	3.2.0
SQL injection Prevention - POST : suspicious UPDATE statement in data	3.2.0
SQL injection Prevention - POST : suspicious UNION statement in data	3.2.0
SQL injection Prevention - GET : suspicious OPENQUERY statement in URL	3.2.0
SQL injection Prevention - GET : suspicious shutdown statement in URL	3.2.0
SQL injection Prevention - GET : suspicious UNION SELECT statement in URL	3.2.0
SQL injection Prevention - POST : suspicious DROP statement in data	3.2.0
SQL injection Prevention - GET : possible database version probing	3.2.0
SQL injection Prevention - POST : suspicious INSERT statement in data	3.2.0
SQL injection Prevention - POST : suspicious OR statement in data	3.2.0
SQL injection Prevention - GET : suspicious UPDATE SET statement in URL	3.2.0
SQL injection Prevention - POST : suspicious EXEC statement in data	3.2.0
SQL injection Prevention - GET : suspicious SELECT statement in URL	3.2.0
SQL injection Prevention - GET : suspicious INSERT statement in URL	3.2.0
SQL injection Prevention - GET : suspicious DROP statement in URL	3.2.0
SQL injection Prevention - POST : suspicious OPENROWSET statement in data	3.2.0
SQL injection Prevention - GET : suspicious EXEC statement in URL	3.2.0
SQL injection Prevention - GET : block comment delimiters in URL	3.2.0
SQL injection Prevention - POST : suspicious DECLARE statement in data	3.2.0
SQL injection Prevention - POST : suspicious HAVING statement in data	3.2.0
SQL injection Prevention - POST : suspicious CAST statement in data	3.2.0
SQL injection Prevention - Cookie : suspicious DROP statement in Cookie	3.5.0
SQL injection Prevention - Cookie : suspicious CREATE statement in Cookie	3.5.0
SQL injection Prevention - Cookie : suspicious OPENQUERY statement in Cookie	3.5.0
SQL injection Prevention - Cookie : suspicious DECLARE statement in Cookie	3.5.0
SQL injection Prevention - Cookie : possible version probing in Cookie	3.5.0
SQL injection Prevention - Cookie : suspicious INSERT statement in Cookie	3.5.0
SQL injection Prevention - Cookie : suspicious OPENROWSET statement in Cookie	3.5.0
SQL injection Prevention - Cookie : suspicious EXEC statement in Cookie	3.5.0
SQL injection Prevention - Cookie : suspicious UNION statement in Cookie	3.5.0
SQL injection Prevention - Cookie : suspicious HAVING statement in Cookie	3.5.0
SQL injection Prevention - Cookie : suspicious SELECT statement in Cookie	3.5.0
SQL injection Prevention - Cookie : suspicious CAST statement in Cookie	3.5.0
SQL injection Prevention - Cookie : suspicious UPDATE statement in Cookie	3.5.0
SQL injection Prevention - Cookie : suspicious OR statement in Cookie	3.5.0
SQL injection Prevention - GET : suspicious SQL statement in header	4.0.0
SQL injection Prevention - Cookie : suspicious DROP statement in Cookie	4.1.2
SQL injection Prevention - Cookie : suspicious EXEC statement in Cookie	4.1.2
SQL injection Prevention - Cookie : possible version probing in Cookie	4.1.2
SQL injection Prevention - Cookie : suspicious CAST statement in Cookie	4.1.2
SQL injection Prevention - Cookie : suspicious SELECT statement in Cookie	4.1.2
SQL injection Prevention - Cookie : suspicious CREATE statement in Cookie	4.1.2
SQL injection Prevention - Cookie : suspicious HAVING statement in Cookie	4.1.2
SQL injection Prevention - Cookie : suspicious OPENQUERY statement in Cookie	4.1.2
SQL injection Prevention - Cookie : suspicious OR statement in Cookie	4.1.2
SQL injection Prevention - Cookie : suspicious DECLARE statement in Cookie	4.1.2
SQL injection Prevention - Cookie : suspicious INSERT statement in Cookie	4.1.2
SQL injection Prevention - Cookie : suspicious UPDATE statement in Cookie	4.1.2
SQL injection Prevention - Cookie : suspicious OPENROWSET statement in Cookie	4.1.2
SQL injection Prevention - Cookie : suspicious UNION statement in Cookie	4.1.2
SQL injection Prevention - POST : suspicious UPDATE statement in data	5.0.0
SQL injection Prevention - POST : suspicious SELECT statement in data	5.0.0
SQL injection Prevention - POST : suspicious DECLARE statement in data	5.0.0
SQL injection Prevention - POST : suspicious OPENROWSET statement in data	5.0.0
SQL injection Prevention - POST : suspicious OPENQUERY statement in data	5.0.0
SQL injection Prevention - POST : suspicious CAST statement in data	5.0.0
SQL injection Prevention - POST : suspicious EXEC statement in data	5.0.0
SQL injection Prevention - POST : suspicious CREATE statement in data	5.0.0
SQL injection Prevention - POST : suspicious INSERT statement in data	5.0.0
SQL injection Prevention - POST : suspicious DROP statement in data	5.0.0
SQL injection Prevention - POST : suspicious HAVING statement in data	5.0.0
SQL injection Prevention - POST : suspicious UNION statement in data	5.0.0
SQL injection Prevention - POST : suspicious OR statement in data	5.0.0
SQL injection Prevention - POST : possible version probing in data	5.0.0

Risk level

Moderate

Vulnerability First Public Report Date

2011-04-22

Target Type

Server

Possible exploit

Local & Remote