Описание
SQL injection vulnerability in the David Castro AuthCAS module (AuthCAS.pm) 0.4 for the Apache HTTP Server allows remote attackers to execute arbitrary SQL commands via the SESSION_COOKIE_NAME (session ID) in a cookie.
SQL injection vulnerability in the David Castro AuthCAS module (AuthCAS.pm) 0.4 for the Apache HTTP Server allows remote attackers to execute arbitrary SQL commands via the SESSION_COOKIE_NAME (session ID) in a cookie.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2007-6342
- http://search.cpan.org/src/DCASTRO/Apache-AuthCAS-0.5/Changes
- http://secunia.com/advisories/29492
- http://securityreason.com/securityalert/3439
- http://www.securityfocus.com/archive/1/484711/100/0/threaded
- http://www.securityfocus.com/archive/1/489993/100/0/threaded
- http://www.securityfocus.com/bid/26762
Связанные уязвимости
nvd
около 18 лет назад
SQL injection vulnerability in the David Castro AuthCAS module (AuthCAS.pm) 0.4 for the Apache HTTP Server allows remote attackers to execute arbitrary SQL commands via the SESSION_COOKIE_NAME (session ID) in a cookie.