https://www.exploit-db.com/exploits/21384
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200207-019

DemarcPureSecure是一款商业的Snort图型前端程序，可以对网络进行集中监视。Snort是开放源代码网络入侵检测系统(NIDS);DemarcPureSecure可以运行在Linux和Unix操作系统下，也可以运行在MicrosoftWindowsNT/2000/XP操作系统下。DemarcPureSecure对用于验证的用户输入数据内容没有充分的检查，可导致攻击者插入SQL查询无需验证访问管理接口。攻击者可以把SQL查询插入到cookies中的s_key变量中绕过验证并对管理员接口进行访问。

source: http://www.securityfocus.com/bid/4520/info

Demarc PureSecure is a commercially available graphical front-end for Snort, in addition to being a generalized network monitoring solution. Snort is an open-source NIDS (Network Intrusion Detection System). Demarc PureSecure will run on most Linux and Unix variants, as well as Microsoft Windows NT/2000/XP operating systems.

A vulnerability has been reported in some versions of PureSecure. User supplied input is used to construct a SQL statement, allowing SQL injection attacks. Administrative access may be gained through exploitation of this flaw.

curl -b s_key='%20OR%20current_session_id%20like%20'%'%23 https://<lame host>/dm/demarc

来源:BID
名称:4520
链接:http://www.securityfocus.com/bid/4520
来源:XF
名称:puresecure-sql-injection(8854)
链接:http://www.iss.net/security_center/static/8854.php
来源:BUGTRAQ
名称:20020417DemarcSecurityUpdateAdvisory
链接:http://online.securityfocus.com/archive/1/267941
来源:BUGTRAQ
名称:20020415DemarcPureSecure1.05maybeother(usercanbypasslogin)
链接:http://archives.neohapsis.com/archives/bugtraq/2002-04/0168.html
来源:OSVDB
名称:5239
链接:http://www.osvdb.org/5239