Описание
ELSA-2010-1002: mod_auth_mysql security update (MODERATE)
[1:3.0.0-11.1]
- add security fix for CVE-2008-2384 (#663617)
Обновленные пакеты
Oracle Linux 6
Oracle Linux x86_64
mod_auth_mysql
3.0.0-11.el6_0.1
Oracle Linux i686
mod_auth_mysql
3.0.0-11.el6_0.1
Oracle Linux sparc64
mod_auth_mysql
3.0.0-11.el6_0.1
Связанные CVE
Связанные уязвимости
SQL injection vulnerability in mod_auth_mysql.c in the mod-auth-mysql (aka libapache2-mod-auth-mysql) module for the Apache HTTP Server 2.x, when configured to use a multibyte character set that allows a \ (backslash) as part of the character encoding, allows remote attackers to execute arbitrary SQL commands via unspecified inputs in a login request.
SQL injection vulnerability in mod_auth_mysql.c in the mod-auth-mysql (aka libapache2-mod-auth-mysql) module for the Apache HTTP Server 2.x, when configured to use a multibyte character set that allows a \ (backslash) as part of the character encoding, allows remote attackers to execute arbitrary SQL commands via unspecified inputs in a login request.
SQL injection vulnerability in mod_auth_mysql.c in the mod-auth-mysql (aka libapache2-mod-auth-mysql) module for the Apache HTTP Server 2.x, when configured to use a multibyte character set that allows a \ (backslash) as part of the character encoding, allows remote attackers to execute arbitrary SQL commands via unspecified inputs in a login request.
SQL injection vulnerability in mod_auth_mysql.c in the mod-auth-mysql ...
SQL injection vulnerability in mod_auth_mysql.c in the mod-auth-mysql (aka libapache2-mod-auth-mysql) module for the Apache HTTP Server 2.x, when configured to use a multibyte character set that allows a \ (backslash) as part of the character encoding, allows remote attackers to execute arbitrary SQL commands via unspecified inputs in a login request.