SQL Injection and BASE (Basic Analysis And Security Engine)

OtagoHarbour · 09-29-2013, 04:09 PM

I am using Debian 7.0 and am thinking of installing BASE (Basic Analysis And Security Engine) in order to handle the horrendously long Alert files generated by Snort.

One thing that makes hesitant is that I saw this article about SQL injection vulnerability with BASE. It seems that the problem may be fixed.

Does anyone know anything about this?

Thanks,
OH.

unSpawn · 09-29-2013, 06:38 PM

Quote:

Originally Posted by OtagoHarbour

It seems that the problem may be fixed. Does anyone know anything about this?

What's unclear about the message? It clearly reads "The vendor has released Basic Analysis and Security Engine version 1.2.1 to address this issue.".

*Apart from that BASE is a log reporting tool and IMNSHO any management interfaces should have secure and restricted access only.

OtagoHarbour · 09-29-2013, 09:55 PM

Quote:

Originally Posted by unSpawn

*Apart from that BASE is a log reporting tool and IMNSHO any management interfaces should have secure and restricted access only.

It says it's web based and uses PHP. Does that mean it sends the data to a remote site? It does seem to use a local database. I thought the PHP could be used for local display.

unSpawn · 09-30-2013, 01:36 AM

Quote:

Originally Posted by OtagoHarbour

It says it's web based and uses PHP. Does that mean it sends the data to a remote site?

No, it means it's a web-based log analysis front end. Which average users should not be able to access.