Описание
SQL injection vulnerability in mysql/mysql-auth.pl in the mod_authnz_external module 3.2.5 and earlier for the Apache HTTP Server allows remote attackers to execute arbitrary SQL commands via the user field.
Ссылки
- Third Party Advisory
- Issue TrackingPatchThird Party Advisory
- Third Party Advisory
- Third Party Advisory
- Third Party Advisory
- Mailing ListPatchThird Party Advisory
- Mailing ListPatchThird Party Advisory
- Third Party AdvisoryVDB Entry
- Third Party AdvisoryVDB Entry
- Third Party Advisory
- Issue TrackingPatchThird Party Advisory
- Third Party Advisory
- Third Party Advisory
- Third Party Advisory
- Mailing ListPatchThird Party Advisory
- Mailing ListPatchThird Party Advisory
- Third Party AdvisoryVDB Entry
- Third Party AdvisoryVDB Entry
Уязвимые конфигурации
Конфигурация 1Версия до 3.2.5 (включая)
Одновременно
cpe:2.3:a:mod_authnz_external_project:mod_authnz_external:*:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*
Конфигурация 2
Одно из
cpe:2.3:o:debian:debian_linux:5.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:6.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
EPSS
Процентиль: 84%
0.02343
Низкий
7.5 High
CVSS2
Дефекты
CWE-89
Связанные уязвимости
ubuntu
больше 14 лет назад
SQL injection vulnerability in mysql/mysql-auth.pl in the mod_authnz_external module 3.2.5 and earlier for the Apache HTTP Server allows remote attackers to execute arbitrary SQL commands via the user field.
debian
больше 14 лет назад
SQL injection vulnerability in mysql/mysql-auth.pl in the mod_authnz_e ...
github
больше 3 лет назад
SQL injection vulnerability in mysql/mysql-auth.pl in the mod_authnz_external module 3.2.5 and earlier for the Apache HTTP Server allows remote attackers to execute arbitrary SQL commands via the user field.
EPSS
Процентиль: 84%
0.02343
Низкий
7.5 High
CVSS2
Дефекты
CWE-89