S-189: SQL Injectionin Cisco Unified Communications Manager

02-15-2008

Registered User

26,240, 27

Join Date: Sep 2000

Last Activity: 1 August 2008, 3:09 PM EDT

Posts: 26,240

Thanks Given: 0

Thanked 27 Times in 26 Posts

S-189: SQL Injectionin Cisco Unified Communications Manager

Cisco Unified Communications Manager is vulnerable to a SQL Injection attack in the parameter key of the admin and user interface pages. A successful attack could allow an authenticated attacker to access information such as usernames and password hashes that are stored in the database. The risk is LOW. An authenticated attacker may be able to exploit this vulnerability to extract records from the Cisco Unified Communications Manager database. A successful attack might retrieve sensitive data such as user names, passwords hashes, and information from call records. An attacker cannot use this vulnerability to alter or delete call record information from the database.

More...

Linux Bot

View Public Profile for Linux Bot

Find all posts by Linux Bot

SQL::Translator::Schema::View(3pm) User Contributed Perl Documentation SQL::Translator::Schema::View(3pm) NAME
SQL::Translator::Schema::View - SQL::Translator view object SYNOPSIS
use SQL::Translator::Schema::View; my $view = SQL::Translator::Schema::View->new( name => 'foo', # name, required sql => 'select id, name from foo', # SQL for view fields => 'id, name', # field names in view ); DESCRIPTION
"SQL::Translator::Schema::View" is the view object. METHODS
new Object constructor. my $view = SQL::Translator::Schema::View->new; fields Gets and set the fields the constraint is on. Accepts a string, list or arrayref; returns an array or array reference. Will unique the field names and keep them in order by the first occurrence of a field name. $view->fields('id'); $view->fields('id', 'name'); $view->fields( 'id, name' ); $view->fields( [ 'id', 'name' ] ); $view->fields( qw[ id name ] ); my @fields = $view->fields; tables Gets and set the tables the SELECT mentions. Accepts a string, list or arrayref; returns an array or array reference. Will unique the table names and keep them in order by the first occurrence of a field name. $view->tables('foo'); $view->tables('foo', 'bar'); $view->tables( 'foo, bar' ); $view->tables( [ 'foo', 'bar' ] ); $view->tables( qw[ foo bar ] ); my @tables = $view->tables; options Gets and sets a list of options on the view. $view->options('ALGORITHM=UNDEFINED'); my @options = $view->options; is_valid Determine whether the view is valid or not. my $ok = $view->is_valid; name Get or set the view's name. my $name = $view->name('foo'); order Get or set the view's order. my $order = $view->order(3); sql Get or set the view's SQL. my $sql = $view->sql('select * from foo'); schema Get or set the view's schema object. $view->schema( $schema ); my $schema = $view->schema; equals Determines if this view is the same as another my $isIdentical = $view1->equals( $view2 ); AUTHOR
Ken Youens-Clark <kclark@cpan.org>. perl v5.14.2 2012-05-01 SQL::Translator::Schema::View(3pm)

Security Advisories (RSS)

S-189: SQL Injectionin Cisco Unified Communications Manager

LEARN ABOUT DEBIAN

sql::translator::schema::view