22 matches found
EUVD-2008-2662
Malware in sbrugna...
SUSE CVE-2005-3532
authpam.c in courier-authdaemon for Courier Mail Server 0.37.3 through 0.52.1, when using pamtally, does not call the pamacctmgmt function to verify that access should be granted, which allows attackers to authenticate to the server using accounts that have been disabled...
SUSE CVE-2008-2667
SQL injection vulnerability in the Courier Authentication Library aka courier-authlib before 0.60.6 on SUSE openSUSE 10.3 and 11.0, and other platforms, when MySQL and a non-Latin character set are used, allows remote attackers to execute arbitrary SQL commands via the username and unspecified...
SUSE CVE-2021-28374
The Debian courier-authlib package before 0.71.1-2 for Courier Authentication Library creates a /run/courier/authdaemon directory with weak permissions, allowing an attacker to read user information. This may include a cleartext password in some configurations. In general, it includes the user's...
DEBIAN-CVE-2021-28374
The Debian courier-authlib package before 0.71.1-2 for Courier Authentication Library creates a /run/courier/authdaemon directory with weak permissions, allowing an attacker to read user information. This may include a cleartext password in some configurations. In general, it includes the user's...
UBUNTU-CVE-2021-28374
The Debian courier-authlib package before 0.71.1-2 for Courier Authentication Library creates a /run/courier/authdaemon directory with weak permissions, allowing an attacker to read user information. This may include a cleartext password in some configurations. In general, it includes the user's...
Debian courier-authlib 配置错误漏洞
Debian courier-authlib is a Debian open source application. It provides authentication services for other Courier applications. A misconfiguration vulnerability exists in the Debian courier-authlib package before 0.71.1-2, which stems from the possibility of including plaintext passwords in certa...
Gentoo Security Advisory GLSA 200903-25 (courier-authlib)
The remote host is missing updates announced in advisory GLSA 200903-25. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...
Courier Authentication Library: SQL Injection vulnerability
Background The Courier Authentication Library is a generic authentication API that encapsulates the process of validating account passwords. Description It has been reported that some parameters used in SQL queries are not properly sanitized before being processed when using a non-Latin locale...
Gentoo Security Advisory GLSA 200809-05 (courier-authlib)
The remote host is missing updates announced in advisory GLSA 200809-05. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
GLSA-200809-05 : Courier Authentication Library: SQL injection vulnerability
The remote host is affected by the vulnerability described in GLSA-200809-05 Courier Authentication Library: SQL injection vulnerability It has been discovered that some input e.g. the username passed to the library are not properly sanitised before being used in SQL queries. Impact : A remote...
[ GLSA 200809-05 ] Courier Authentication Library: SQL injection vulnerability
Gentoo Linux Security Advisory GLSA 200809-05 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity:...
CVE-2008-2667
SQL injection vulnerability in the Courier Authentication Library aka courier-authlib before 0.60.6 on SUSE openSUSE 10.3 and 11.0, and other platforms, when MySQL and a non-Latin character set are used, allows remote attackers to execute arbitrary SQL commands via the username and unspecified...
Sql injection
SQL injection vulnerability in the Courier Authentication Library aka courier-authlib before 0.60.6 on SUSE openSUSE 10.3 and 11.0, and other platforms, when MySQL and a non-Latin character set are used, allows remote attackers to execute arbitrary SQL commands via the username and unspecified...
CVE-2008-2667
SQL injection vulnerability in the Courier Authentication Library aka courier-authlib before 0.60.6 on SUSE openSUSE 10.3 and 11.0, and other platforms, when MySQL and a non-Latin character set are used, allows remote attackers to execute arbitrary SQL commands via the username and unspecified...
DEBIAN-CVE-2008-2667
SQL injection vulnerability in the Courier Authentication Library aka courier-authlib before 0.60.6 on SUSE openSUSE 10.3 and 11.0, and other platforms, when MySQL and a non-Latin character set are used, allows remote attackers to execute arbitrary SQL commands via the username and unspecified...
CVE-2008-2667
SQL injection vulnerability in the Courier Authentication Library aka courier-authlib before 0.60.6 on SUSE openSUSE 10.3 and 11.0, and other platforms, when MySQL and a non-Latin character set are used, allows remote attackers to execute arbitrary SQL commands via the username and unspecified...
CVE-2008-2667
SQL injection vulnerability in the Courier Authentication Library aka courier-authlib before 0.60.6 on SUSE openSUSE 10.3 and 11.0, and other platforms, when MySQL and a non-Latin character set are used, allows remote attackers to execute arbitrary SQL commands via the username and unspecified...
CVE-2008-2667
SQL injection vulnerability in the Courier Authentication Library aka courier-authlib before 0.60.6 on SUSE openSUSE 10.3 and 11.0, and other platforms, when MySQL and a non-Latin character set are used, allows remote attackers to execute arbitrary SQL commands via the username and unspecified...
CVE-2008-2667
CVE-2008-2667 is a SQL injection vulnerability in courier-authlib (courier-authlib) affecting MySQL interface when certain charsets are used, enabling an attacker to inject SQL via the username and related vectors. Multiple advisories (Debian DSA-1688-1/1688-2, openSUSE/Tenable/Nessus listings) c...