CVE-2005-1824

2005-06-02T04:00:00
ID CVE-2005-1824
Type cve
Reporter cve@mitre.org
Modified 2008-09-05T20:50:00

Description

The sql_escape_string function in auth/sql.c for the mailutils SQL authentication module does not properly quote the "\" (backslash) character, which is used as an escape character and makes the module vulnerable to SQL injection attacks.