CVE-2009-3040
published 2009-09-01CVE-2009-3040: Multiple SQL injection vulnerabilities in Open Computer and Software (OCS) Inventory NG 1.02 for Unix allow remote attackers to execute arbitrary SQL commands…
PriorityP344high7.5CVSS 2.0
AVNACLAuNCPIPAP
EXPLOIT
EPSS
1.42%
69.5th percentile
Multiple SQL injection vulnerabilities in Open Computer and Software (OCS) Inventory NG 1.02 for Unix allow remote attackers to execute arbitrary SQL commands via the (1) N, (2) DL, (3) O and (4) V parameters to download.php and the (5) SYSTEMID parameter to group_show.php.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | ocsinventory-server | < ocsinventory-server 1.02.1-2 (bookworm) | ocsinventory-server 1.02.1-2 (bookworm) |
| ocsinventory-ng | ocs_inventory_ng | — | — |
| ocsinventory-ng | ocs_inventory_ng | — | — |
CVSS provenance
nvdv2.07.5HIGHAV:N/AC:L/Au:N/C:P/I:P/A:P
osv7.5HIGH
vendor_debian7.5LOW
vendor_redhat7.5HIGH
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-4fhc-2vjg-rx26: Multiple SQL injection vulnerabilities in Open Computer and Software (OCS) Inventory NG 1
ghsa_unreviewed·2022-05-02
CVE-2009-3040 [HIGH] CWE-89 GHSA-4fhc-2vjg-rx26: Multiple SQL injection vulnerabilities in Open Computer and Software (OCS) Inventory NG 1
Multiple SQL injection vulnerabilities in Open Computer and Software (OCS) Inventory NG 1.02 for Unix allow remote attackers to execute arbitrary SQL commands via the (1) N, (2) DL, (3) O and (4) V parameters to download.php and the (5) SYSTEMID parameter to group_show.php.
GHSA
GHSA-9qj6-5wm9-wp55: SQL injection vulnerability in machine
ghsa_unreviewed·2022-05-02·CVSS 7.5
CVE-2009-3042 [HIGH] CWE-89 GHSA-9qj6-5wm9-wp55: SQL injection vulnerability in machine
SQL injection vulnerability in machine.php in Open Computer and Software (OCS) Inventory NG 1.02.1 allows remote attackers to execute arbitrary SQL commands via the systemid parameter, a different vector than CVE-2009-3040.
OSV
CVE-2009-3042: SQL injection vulnerability in machine
osv·2009-09-01·CVSS 7.5
CVE-2009-3042 [HIGH] CVE-2009-3042: SQL injection vulnerability in machine
SQL injection vulnerability in machine.php in Open Computer and Software (OCS) Inventory NG 1.02.1 allows remote attackers to execute arbitrary SQL commands via the systemid parameter, a different vector than CVE-2009-3040.
OSV
CVE-2009-3040: Multiple SQL injection vulnerabilities in Open Computer and Software (OCS) Inventory NG 1
osv·2009-09-01·CVSS 7.5
CVE-2009-3040 [HIGH] CVE-2009-3040: Multiple SQL injection vulnerabilities in Open Computer and Software (OCS) Inventory NG 1
Multiple SQL injection vulnerabilities in Open Computer and Software (OCS) Inventory NG 1.02 for Unix allow remote attackers to execute arbitrary SQL commands via the (1) N, (2) DL, (3) O and (4) V parameters to download.php and the (5) SYSTEMID parameter to group_show.php.
Red Hat
NG: SQL injection in machine blacklisting
vendor_redhat·2009-08-11·CVSS 7.5
CVE-2009-3042 [HIGH] NG: SQL injection in machine blacklisting
NG: SQL injection in machine blacklisting
SQL injection vulnerability in machine.php in Open Computer and Software (OCS) Inventory NG 1.02.1 allows remote attackers to execute arbitrary SQL commands via the systemid parameter, a different vector than CVE-2009-3040.
Red Hat
ocsinventory: multiple SQL injection vulnerabilities
vendor_redhat·2009-05-30·CVSS 7.5
CVE-2009-3040 [HIGH] ocsinventory: multiple SQL injection vulnerabilities
ocsinventory: multiple SQL injection vulnerabilities
Multiple SQL injection vulnerabilities in Open Computer and Software (OCS) Inventory NG 1.02 for Unix allow remote attackers to execute arbitrary SQL commands via the (1) N, (2) DL, (3) O and (4) V parameters to download.php and the (5) SYSTEMID parameter to group_show.php.
Debian
CVE-2009-3042: ocsinventory-server - SQL injection vulnerability in machine.php in Open Computer and Software (OCS) I...
vendor_debian·2009·CVSS 7.5
CVE-2009-3042 [HIGH] CVE-2009-3042: ocsinventory-server - SQL injection vulnerability in machine.php in Open Computer and Software (OCS) I...
SQL injection vulnerability in machine.php in Open Computer and Software (OCS) Inventory NG 1.02.1 allows remote attackers to execute arbitrary SQL commands via the systemid parameter, a different vector than CVE-2009-3040.
Scope: local
bookworm: resolved (fixed in 1.02.1-2)
bullseye: resolved (fixed in 1.02.1-2)
sid: resolved (fixed in 1.02.1-2)
Debian
CVE-2009-3040: ocsinventory-server - Multiple SQL injection vulnerabilities in Open Computer and Software (OCS) Inven...
vendor_debian·2009·CVSS 7.5
CVE-2009-3040 [HIGH] CVE-2009-3040: ocsinventory-server - Multiple SQL injection vulnerabilities in Open Computer and Software (OCS) Inven...
Multiple SQL injection vulnerabilities in Open Computer and Software (OCS) Inventory NG 1.02 for Unix allow remote attackers to execute arbitrary SQL commands via the (1) N, (2) DL, (3) O and (4) V parameters to download.php and the (5) SYSTEMID parameter to group_show.php.
Scope: local
bookworm: resolved (fixed in 1.02.1-2)
bullseye: resolved (fixed in 1.02.1-2)
sid: resolved (fixed in 1.02.1-2)
No detection rules found.
Bugzilla
CVE-2009-3040 ocsinventory: multiple SQL injection vulnerabilities
bugzilla·2009-09-01·CVSS 7.5
CVE-2009-3040 [HIGH] CVE-2009-3040 ocsinventory: multiple SQL injection vulnerabilities
CVE-2009-3040 ocsinventory: multiple SQL injection vulnerabilities
Common Vulnerabilities and Exposures assigned an identifier CVE-2009-3040 to
the following vulnerability:
Name: CVE-2009-3040
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3040
Assigned: 20090901
Reference: BUGTRAQ:20090530 OCS Inventory NG 1.02 - Multiple SQL Injections
Reference: URL: http://www.securityfocus.com/archive/1/archive/1/503936/100/0/threaded
Reference: MISC: http://www.leidecker.info/advisories/2009-05-30-ocs_inventory_ng_sql_injection.shtml
Reference: CONFIRM: http://www.ocsinventory-ng.org/index.php?mact=News,cntnt01,detail,0&cntnt01articleid=140&cntnt01returnid=72
Multiple SQL injection vulnerabilities in Open Computer and Software
(OCS) Inventory NG 1.02 for Unix allow remote attackers to
Bugzilla
OCS Inventory NG: SQL injection in machine blacklisting
bugzilla·2009-08-17
[MEDIUM] OCS Inventory NG: SQL injection in machine blacklisting
OCS Inventory NG: SQL injection in machine blacklisting
A SQL injection flaw was found in the way OCS Inventory NG used to process
machine blacklisting based on MAC addresses. A remote attacker(valid OCS NG
user) could issue a specially-crafted HTTP request, leading to sensitive
information disclosure or, potentially, to arbitrary SQL code execution.
References:
http://seclists.org/fulldisclosure/2009/Aug/0143.html
http://www.ocsinventory-ng.org/index.php?mact=News,cntnt01,detail,0&cntnt01articleid=147&cntnt01returnid=15
PoC:
----
http://localhost/ocsreports/machine.php?systemid=1)%20union%20select%201,2,user( ),3,5,6,7,8,9,10,11,12,passwd,14,15,16,17,18,id,20,21,22,23,24,25,26,27,27,version()%20from%20operators%20--
Upstream patch:
http://ocsinventory.svn.sourceforge.net/viewvc/ocsinv
http://www.leidecker.info/advisories/2009-05-30-ocs_inventory_ng_sql_injection.shtmlhttp://www.ocsinventory-ng.org/index.php?mact=News%2Ccntnt01%2Cdetail%2C0&cntnt01articleid=140&cntnt01returnid=72http://www.securityfocus.com/archive/1/503936/100/0/threadedhttp://www.leidecker.info/advisories/2009-05-30-ocs_inventory_ng_sql_injection.shtmlhttp://www.ocsinventory-ng.org/index.php?mact=News%2Ccntnt01%2Cdetail%2C0&cntnt01articleid=140&cntnt01returnid=72http://www.securityfocus.com/archive/1/503936/100/0/threaded
2009-09-01
Published