You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@impala.apache.org by "Jim Apple (JIRA)" <ji...@apache.org> on 2018/11/19 21:31:00 UTC
[jira] [Deleted] (IMPALA-7859) Nessus Scan find CGI Generic SQL
Injection.
[ https://issues.apache.org/jira/browse/IMPALA-7859?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Jim Apple deleted IMPALA-7859:
------------------------------
> Nessus Scan find CGI Generic SQL Injection.
> -------------------------------------------
>
> Key: IMPALA-7859
> URL: https://issues.apache.org/jira/browse/IMPALA-7859
> Project: IMPALA
> Issue Type: Bug
> Reporter: Donghui Xu
> Priority: Major
>
> The nessus scan report shows that the 25000 port and the 25020 port contain the risk of SQL injection, as follows:
> + The following resources may be vulnerable to blind SQL injection :
> + The 'object_type' parameter of the /catalog_object CGI :
> /catalog_object?object_name=_impala_builtins&object_type=DATABASEzz_impa
> la_builtins&object_type=DATABASEyy
> How can I solve this problem? Thanks.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)