Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2008-2384

Опубликовано: 22 янв. 2009
Источник: ubuntu
Приоритет: medium
EPSS Низкий
CVSS2: 7.5

Описание

SQL injection vulnerability in mod_auth_mysql.c in the mod-auth-mysql (aka libapache2-mod-auth-mysql) module for the Apache HTTP Server 2.x, when configured to use a multibyte character set that allows a \ (backslash) as part of the character encoding, allows remote attackers to execute arbitrary SQL commands via unspecified inputs in a login request.

РелизСтатусПримечание
dapper

not-affected

no encoding support
devel

DNE

gutsy

not-affected

no encoding support
hardy

not-affected

no encoding support
intrepid

DNE

upstream

released

4.3.9-11

Показывать по

РелизСтатусПримечание
dapper

DNE

devel

not-affected

4.3.9-11
gutsy

DNE

hardy

DNE

intrepid

not-affected

no encoding support
upstream

released

4.3.9-11

Показывать по

Ссылки на источники

EPSS

Процентиль: 89%
0.04987
Низкий

7.5 High

CVSS2

Связанные уязвимости

redhat логотип

CVE-2008-2384

redhat
больше 16 лет назад

SQL injection vulnerability in mod_auth_mysql.c in the mod-auth-mysql (aka libapache2-mod-auth-mysql) module for the Apache HTTP Server 2.x, when configured to use a multibyte character set that allows a \ (backslash) as part of the character encoding, allows remote attackers to execute arbitrary SQL commands via unspecified inputs in a login request.

nvd логотип

CVE-2008-2384

nvd
больше 16 лет назад

SQL injection vulnerability in mod_auth_mysql.c in the mod-auth-mysql (aka libapache2-mod-auth-mysql) module for the Apache HTTP Server 2.x, when configured to use a multibyte character set that allows a \ (backslash) as part of the character encoding, allows remote attackers to execute arbitrary SQL commands via unspecified inputs in a login request.

debian логотип

CVE-2008-2384

debian
больше 16 лет назад

SQL injection vulnerability in mod_auth_mysql.c in the mod-auth-mysql ...

github логотип

GHSA-vm9x-63j8-h9j9

github
около 3 лет назад

SQL injection vulnerability in mod_auth_mysql.c in the mod-auth-mysql (aka libapache2-mod-auth-mysql) module for the Apache HTTP Server 2.x, when configured to use a multibyte character set that allows a \ (backslash) as part of the character encoding, allows remote attackers to execute arbitrary SQL commands via unspecified inputs in a login request.

oracle-oval логотип

ELSA-2010-1002

oracle-oval
больше 14 лет назад

ELSA-2010-1002: mod_auth_mysql security update (MODERATE)

EPSS

Процентиль: 89%
0.04987
Низкий

7.5 High

CVSS2