Candidate: CVE-2009-3042 PublicDate: 2009-09-01 18:30:00 UTC References: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3042 Description: SQL injection vulnerability in machine.php in Open Computer and Software (OCS) Inventory NG 1.02.1 allows remote attackers to execute arbitrary SQL commands via the systemid parameter, a different vector than CVE-2009-3040. Ubuntu-Description: Notes: Bugs: Priority: medium Discovered-by: Assigned-to: CVSS: Patches_ocsinventory-server: upstream_ocsinventory-server: released (1.02.1-2) dapper_ocsinventory-server: DNE hardy_ocsinventory-server: ignored (reached end-of-life) intrepid_ocsinventory-server: ignored (reached end-of-life) jaunty_ocsinventory-server: ignored (reached end-of-life) karmic_ocsinventory-server: ignored (reached end-of-life) lucid_ocsinventory-server: ignored (reached end-of-life) maverick_ocsinventory-server: ignored (reached end-of-life) natty_ocsinventory-server: ignored (reached end-of-life) oneiric_ocsinventory-server: ignored (reached end-of-life) precise_ocsinventory-server: ignored (reached end-of-life) precise/esm_ocsinventory-server: DNE (precise was needed) quantal_ocsinventory-server: ignored (reached end-of-life) raring_ocsinventory-server: ignored (reached end-of-life) saucy_ocsinventory-server: ignored (reached end-of-life) trusty_ocsinventory-server: not-affected (2.0.5-1.1) trusty/esm_ocsinventory-server: DNE (trusty was not-affected [2.0.5-1.1]) utopic_ocsinventory-server: ignored (reached end-of-life) vivid_ocsinventory-server: ignored (reached end-of-life) vivid/stable-phone-overlay_ocsinventory-server: DNE vivid/ubuntu-core_ocsinventory-server: DNE wily_ocsinventory-server: ignored (reached end-of-life) xenial_ocsinventory-server: not-affected (2.0.5-1.1) yakkety_ocsinventory-server: ignored (reached end-of-life) zesty_ocsinventory-server: ignored (reached end-of-life) artful_ocsinventory-server: ignored (reached end-of-life) bionic_ocsinventory-server: not-affected (2.0.5-1.1) cosmic_ocsinventory-server: not-affected (2.0.5-1.1) devel_ocsinventory-server: not-affected (2.0.5-1.1)