{"vuid":"VU#372797","idnumber":"372797","name":"WebEOC contains multiple SQL injection vulnerabilities","keywords":["WebEOC SQL Injection","Database","arbitrary code"],"overview":"WebEOC contains multiple SQL injection vulnerabilities that may allow attackers to execute sql queries, potentially viewing or modifying data, or executing database commands.","clean_desc":"WebEOC is a web-based crisis information management application that provides functions to gather, coordinate, and disseminate information between emergency personnel and Emergency Operations Centers (EOC). WebEOC does not properly filter user input, allowing a remote attacker to supply SQL commands that may be executed by the underlying database.","impact":"A remote attacker may be able to execute SQL queries on a server, possibly with elevated privileges. As a result, attackers may be able to view or modify the contents of a WebEOC database, including authentication and sensitive medical information.","resolution":"Upgrade \nVersion 6.0.2 corrects this vulnerability. According to ESi: Specific validation checks have been added to all input fields that appeared to be susceptible to SQL injection or cross-site scripting attacks to protect input fields against SQL injection or XSS attempts. In addition, all function parameters are validated in the application business logic. The validation process replaces ' with '' for String parameters, and for numeric parameters it verifies that the parameter is numeric. Such checks are a good first line of defense against SQL injection attacks. To obtain WebEOC upgrades, contact ESi Technical Support.","workarounds":"","sysaffected":"","thanks":"This document is based on technical analysis by IOActive and additional information from ESi. Thanks also to the City of Seattle for bringing this to our attention.","author":"This document was written by Jeff Gennari.","public":["http://www.esi911.com/esi/products/webeoc.shtml","http://www.esi911.com/esi/support/support.htm","http://secunia.com/advisories/16075/"],"cveids":["CVE-2005-2284"],"certadvisory":"","uscerttechnicalalert":null,"datecreated":"2005-03-09T21:39:43Z","publicdate":"2005-07-13T00:00:00Z","datefirstpublished":"2005-07-13T14:59:44Z","dateupdated":"2005-07-20T02:40:06Z","revision":34,"vrda_d1_directreport":"","vrda_d1_population":"","vrda_d1_impact":"","cam_widelyknown":"5","cam_exploitation":"0","cam_internetinfrastructure":"3","cam_population":"15","cam_impact":"12","cam_easeofexploitation":"13","cam_attackeraccessrequired":"15","cam_scorecurrent":"5.265","cam_scorecurrentwidelyknown":"15.136875","cam_scorecurrentwidelyknownexploited":"28.299375","ipprotocol":"","cvss_accessvector":"","cvss_accesscomplexity":"","cvss_authentication":null,"cvss_confidentialityimpact":"","cvss_integrityimpact":"","cvss_availabilityimpact":"","cvss_exploitablity":null,"cvss_remediationlevel":"","cvss_reportconfidence":"","cvss_collateraldamagepotential":"","cvss_targetdistribution":"","cvss_securityrequirementscr":"","cvss_securityrequirementsir":"","cvss_securityrequirementsar":"","cvss_basescore":"","cvss_basevector":"","cvss_temporalscore":"","cvss_environmentalscore":"","cvss_environmentalvector":"","metric":5.265,"vulnote":null}