Lucene search

K

MitreCVELIST:CVE-2008-2384

HistoryJan 22, 2009 - 6:00 p.m.

CVE-2008-2384

2009-01-2218:00:00

mitre

www.cve.org

8 High

AI Score

Confidence

Low

0.004 Low

EPSS

Percentile

74.9%

SQL injection vulnerability in mod_auth_mysql.c in the mod-auth-mysql (aka libapache2-mod-auth-mysql) module for the Apache HTTP Server 2.x, when configured to use a multibyte character set that allows a \ (backslash) as part of the character encoding, allows remote attackers to execute arbitrary SQL commands via unspecified inputs in a login request.

References

klecker.debian.org/~white/mod-auth-mysql/CVE-2008-2384_mod-auth-mysql.patch

lists.fedoraproject.org/pipermail/package-announce/2011-February/053899.html

lists.fedoraproject.org/pipermail/package-announce/2011-February/053903.html

openwall.com/lists/oss-security/2009/01/21/10

secunia.com/advisories/33627

secunia.com/advisories/43302

www.redhat.com/support/errata/RHSA-2009-0259.html

www.redhat.com/support/errata/RHSA-2010-1002.html

www.securityfocus.com/bid/33392

www.vupen.com/english/advisories/2009/0226

www.vupen.com/english/advisories/2011/0367

bugzilla.redhat.com/show_bug.cgi?id=480238

exchange.xforce.ibmcloud.com/vulnerabilities/48163

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10172

8 High

AI Score

Confidence

Low

0.004 Low

EPSS

Percentile

74.9%

Related for CVELIST:CVE-2008-2384

nessus12 openvas12 prion1 redhat2 cve1 nvd1 oraclelinux2 seebug1 fedora2 ubuntucve1