19 matches found
EUVD-2008-2662
Malware in sbrugna...
SUSE CVE-2008-2667
SQL injection vulnerability in the Courier Authentication Library aka courier-authlib before 0.60.6 on SUSE openSUSE 10.3 and 11.0, and other platforms, when MySQL and a non-Latin character set are used, allows remote attackers to execute arbitrary SQL commands via the username and unspecified...
SUSE CVE-2021-28374
The Debian courier-authlib package before 0.71.1-2 for Courier Authentication Library creates a /run/courier/authdaemon directory with weak permissions, allowing an attacker to read user information. This may include a cleartext password in some configurations. In general, it includes the user's...
DEBIAN-CVE-2021-28374
The Debian courier-authlib package before 0.71.1-2 for Courier Authentication Library creates a /run/courier/authdaemon directory with weak permissions, allowing an attacker to read user information. This may include a cleartext password in some configurations. In general, it includes the user's...
Debian courier-authlib 配置错误漏洞
Debian courier-authlib is a Debian open source application. It provides authentication services for other Courier applications. A misconfiguration vulnerability exists in the Debian courier-authlib package before 0.71.1-2, which stems from the possibility of including plaintext passwords in certa...
Gentoo Security Advisory GLSA 200903-25 (courier-authlib)
The remote host is missing updates announced in advisory GLSA 200903-25. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...
Gentoo Security Advisory GLSA 200809-05 (courier-authlib)
The remote host is missing updates announced in advisory GLSA 200809-05. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
GLSA-200809-05 : Courier Authentication Library: SQL injection vulnerability
The remote host is affected by the vulnerability described in GLSA-200809-05 Courier Authentication Library: SQL injection vulnerability It has been discovered that some input e.g. the username passed to the library are not properly sanitised before being used in SQL queries. Impact : A remote...
[ GLSA 200809-05 ] Courier Authentication Library: SQL injection vulnerability
Gentoo Linux Security Advisory GLSA 200809-05 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity:...
Sql injection
SQL injection vulnerability in the Courier Authentication Library aka courier-authlib before 0.60.6 on SUSE openSUSE 10.3 and 11.0, and other platforms, when MySQL and a non-Latin character set are used, allows remote attackers to execute arbitrary SQL commands via the username and unspecified...
CVE-2008-2667
SQL injection vulnerability in the Courier Authentication Library aka courier-authlib before 0.60.6 on SUSE openSUSE 10.3 and 11.0, and other platforms, when MySQL and a non-Latin character set are used, allows remote attackers to execute arbitrary SQL commands via the username and unspecified...
CVE-2008-2667
SQL injection vulnerability in the Courier Authentication Library aka courier-authlib before 0.60.6 on SUSE openSUSE 10.3 and 11.0, and other platforms, when MySQL and a non-Latin character set are used, allows remote attackers to execute arbitrary SQL commands via the username and unspecified...
CVE-2008-2667
SQL injection vulnerability in the Courier Authentication Library aka courier-authlib before 0.60.6 on SUSE openSUSE 10.3 and 11.0, and other platforms, when MySQL and a non-Latin character set are used, allows remote attackers to execute arbitrary SQL commands via the username and unspecified...
DEBIAN-CVE-2008-2667
SQL injection vulnerability in the Courier Authentication Library aka courier-authlib before 0.60.6 on SUSE openSUSE 10.3 and 11.0, and other platforms, when MySQL and a non-Latin character set are used, allows remote attackers to execute arbitrary SQL commands via the username and unspecified...
CVE-2008-2667
SQL injection vulnerability in the Courier Authentication Library aka courier-authlib before 0.60.6 on SUSE openSUSE 10.3 and 11.0, and other platforms, when MySQL and a non-Latin character set are used, allows remote attackers to execute arbitrary SQL commands via the username and unspecified...
CVE-2008-2667
SQL injection vulnerability in the Courier Authentication Library aka courier-authlib before 0.60.6 on SUSE openSUSE 10.3 and 11.0, and other platforms, when MySQL and a non-Latin character set are used, allows remote attackers to execute arbitrary SQL commands via the username and unspecified...
CVE-2008-2667
CVE-2008-2667 is a SQL injection vulnerability in courier-authlib (courier-authlib) affecting MySQL interface when certain charsets are used, enabling an attacker to inject SQL via the username and related vectors. Multiple advisories (Debian DSA-1688-1/1688-2, openSUSE/Tenable/Nessus listings) c...
FreeBSD : Courier Authentication Library -- SQL Injection (022baf71-38e6-11dd-8d34-00e0815b8da8)
Secunia reports : A vulnerability has been reported in the Courier Authentication Library, which can be exploited by malicious people to conduct SQL injection attacks. Input passed via e.g. the username to the library is not properly sanitised before being used in SQL queries. This can be exploit...
Courier Authentication Library -- SQL Injection
Secunia reports: A vulnerability has been reported in the Courier Authentication Library, which can be exploited by malicious people to conduct SQL injection attacks. Input passed via e.g. the username to the library is not properly sanitised before being used in SQL queries. This can be exploite...