Описание
ELSA-2009-0259: mod_auth_mysql security update (MODERATE)
[3.0.0-3.2]
- add security fix for CVE-2008-2384 (#480613)
Обновленные пакеты
Oracle Linux 5
Oracle Linux ia64
mod_auth_mysql
3.0.0-3.2.el5_3
Oracle Linux x86_64
mod_auth_mysql
3.0.0-3.2.el5_3
Oracle Linux i386
mod_auth_mysql
3.0.0-3.2.el5_3
Связанные CVE
Связанные уязвимости
SQL injection vulnerability in mod_auth_mysql.c in the mod-auth-mysql (aka libapache2-mod-auth-mysql) module for the Apache HTTP Server 2.x, when configured to use a multibyte character set that allows a \ (backslash) as part of the character encoding, allows remote attackers to execute arbitrary SQL commands via unspecified inputs in a login request.
SQL injection vulnerability in mod_auth_mysql.c in the mod-auth-mysql (aka libapache2-mod-auth-mysql) module for the Apache HTTP Server 2.x, when configured to use a multibyte character set that allows a \ (backslash) as part of the character encoding, allows remote attackers to execute arbitrary SQL commands via unspecified inputs in a login request.
SQL injection vulnerability in mod_auth_mysql.c in the mod-auth-mysql (aka libapache2-mod-auth-mysql) module for the Apache HTTP Server 2.x, when configured to use a multibyte character set that allows a \ (backslash) as part of the character encoding, allows remote attackers to execute arbitrary SQL commands via unspecified inputs in a login request.
SQL injection vulnerability in mod_auth_mysql.c in the mod-auth-mysql ...
SQL injection vulnerability in mod_auth_mysql.c in the mod-auth-mysql (aka libapache2-mod-auth-mysql) module for the Apache HTTP Server 2.x, when configured to use a multibyte character set that allows a \ (backslash) as part of the character encoding, allows remote attackers to execute arbitrary SQL commands via unspecified inputs in a login request.