[Dshield] BASE 1.2.1 (kris) released (Security Fix included!)
kjohnson at secureideas.net
Mon Oct 31 00:52:08 GMT 2005
The BASE project team is happy to announce the immediate availability of
the 1.2.1 (kris) release of BASE. This release has a fix for the SQL
injection problem that has haunted ACID and BASE since their inception.
This fix does not address every type of attack vector that exists but
does remove the bulk of the problem. We are currently working on the
next major version of BASE. The 2.0 code base is being completely
rewritten and as such, should not have the issues that plague the
The BASE team would like to remind everyone that this project is a
security tool and as such, remember to use some form of authentication
before allowing people into the system. Either the built in
authentication or a .htaccess file are recommended. Allowing people to
browse your security alerts with out authentication is asking for
If you have any questions or comments please feel free to write us,
Thanks for all of your support!
Kevin Johnson and the BASE project team
BASE Project Lead
The next step in IDS analysis!
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://www.dshield.org/pipermail/list/attachments/20051030/95489058/attachment.bin
More information about the list