SQL injection vulnerability in authpgsqllib.c in Courier-Authlib before 0.62.0, when a non-Latin locale Postgres database is used, allows remote attackers to execute arbitrary SQL commands via query parameters containing apostrophes.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Debian | 12 | all | courier-authlib | <Β 0.61.0-1+lenny1 | courier-authlib_0.61.0-1+lenny1_all.deb |
Debian | 11 | all | courier-authlib | <Β 0.61.0-1+lenny1 | courier-authlib_0.61.0-1+lenny1_all.deb |
Debian | 10 | all | courier-authlib | <Β 0.61.0-1+lenny1 | courier-authlib_0.61.0-1+lenny1_all.deb |
Debian | 999 | all | courier-authlib | <Β 0.61.0-1+lenny1 | courier-authlib_0.61.0-1+lenny1_all.deb |