logo
DATABASE RESOURCES PRICING ABOUT US

GLSA-201110-23 : Apache mod_authnz_external: SQL injection

Description

The remote host is affected by the vulnerability described in GLSA-201110-23 (Apache mod_authnz_external: SQL injection) mysql/mysql-auth.pl in mod_authnz_external does not properly sanitize input before using it in a SQL query. Impact : A remote attacker could exploit this vulnerability to inject arbitrary SQL statements by using a specially crafted username for HTTP authentication on a site using mod_authnz_external. Workaround : There is no known workaround at this time.


Related