Описание
SQL injection vulnerability in the Courier Authentication Library (aka courier-authlib) before 0.60.6 on SUSE openSUSE 10.3 and 11.0, and other platforms, when MySQL and a non-Latin character set are used, allows remote attackers to execute arbitrary SQL commands via the username and unspecified other vectors.
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | DNE | |
| devel | not-affected | 0.61.0-1ubuntu1 |
| feisty | ignored | end of life, was needed |
| gutsy | ignored | end of life, was needed |
| hardy | ignored | end of life |
| intrepid | not-affected | 0.61.0-1ubuntu1 |
| jaunty | not-affected | 0.61.0-1ubuntu1 |
| karmic | not-affected | 0.61.0-1ubuntu1 |
| lucid | not-affected | 0.61.0-1ubuntu1 |
| maverick | not-affected | 0.61.0-1ubuntu1 |
Показывать по
Ссылки на источники
EPSS
5.1 Medium
CVSS2
Связанные уязвимости
SQL injection vulnerability in the Courier Authentication Library (aka courier-authlib) before 0.60.6 on SUSE openSUSE 10.3 and 11.0, and other platforms, when MySQL and a non-Latin character set are used, allows remote attackers to execute arbitrary SQL commands via the username and unspecified other vectors.
SQL injection vulnerability in the Courier Authentication Library (aka ...
SQL injection vulnerability in the Courier Authentication Library (aka courier-authlib) before 0.60.6 on SUSE openSUSE 10.3 and 11.0, and other platforms, when MySQL and a non-Latin character set are used, allows remote attackers to execute arbitrary SQL commands via the username and unspecified other vectors.
EPSS
5.1 Medium
CVSS2