Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2008-2380HistoryDec 22, 2008 - 3:30 p.m.
CVE-2008-2380
2008-12-2215:30:00
Debian Security Bug Tracker
security-tracker.debian.org
9
0.004 Low
EPSS
Percentile
75.0%
SQL injection vulnerability in authpgsqllib.c in Courier-Authlib before 0.62.0, when a non-Latin locale Postgres database is used, allows remote attackers to execute arbitrary SQL commands via query parameters containing apostrophes.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | courier-authlib | <Β 0.61.0-1+lenny1 | courier-authlib_0.61.0-1+lenny1_all.deb |
| Debian | 11 | all | courier-authlib | <Β 0.61.0-1+lenny1 | courier-authlib_0.61.0-1+lenny1_all.deb |
| Debian | 10 | all | courier-authlib | <Β 0.61.0-1+lenny1 | courier-authlib_0.61.0-1+lenny1_all.deb |
| Debian | 999 | all | courier-authlib | <Β 0.61.0-1+lenny1 | courier-authlib_0.61.0-1+lenny1_all.deb |
Related
seebug
seebug
Courier-AuthlibιζδΈε符ε€ηpostgres SQL注ε
₯ζΌζ΄
2008-12-22 00:00:00
cvelist
cvelist
CVE-2008-2380
2008-12-22 15:00:00
nessus
nessus
openSUSE 10 Security Update : courier-authlib (courier-authlib-5871)
2008-12-21 00:00:00
GLSA-200903-25 : Courier Authentication Library: SQL Injection vulnerability
2009-03-12 00:00:00
openSUSE Security Update : courier-authlib (courier-authlib-370)
2009-07-21 00:00:00
prion
prion
Sql injection
2008-12-22 15:30:00
openvas
openvas
Gentoo Security Advisory GLSA 200903-25 (courier-authlib)
2009-03-13 00:00:00
Gentoo Security Advisory GLSA 200903-25 (courier-authlib)
2009-03-13 00:00:00
Debian Security Advisory DSA 1688-1 (courier-authlib)
2008-12-23 00:00:00
ubuntucve
ubuntucve
CVE-2008-2380
2008-12-22 00:00:00
gentoo
gentoo
Courier Authentication Library: SQL Injection vulnerability
2009-03-11 00:00:00
cve
cve
CVE-2008-2380
2008-12-22 15:30:00
debian
debian
[SECURITY] [DSA 1688-2] New courier-authlib packages fix regression
2008-12-22 23:22:09
[SECURITY] [DSA 1688-1] New courier-authlib packages fix SQL injection
2008-12-20 15:37:06
osv
osv
courier-authlib - SQL injection
2008-12-20 00:00:00
securityvulns
securityvulns
courier-autlib authentication library SQL injection
2008-09-07 00:00:00