Lucene search
K

9 matches found

Tenable Nessus
Tenable Nessus
added 2009/07/21 12:0 a.m.19 views

openSUSE Security Update : courier-authlib (courier-authlib-42)

This update of courier-authlib fixes a bug that allowed SQL injections. CVE-2008-2667 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update courier-authlib-42. The text description of this plugin is...

5.1CVSS5.3AI score0.01529EPSS
Exploits0References2
Debian
Debian
added 2008/12/22 11:18 p.m.21 views

[SECURITY] [DSA 1688-2] New courier-authlib packages fix regression

------------------------------------------------------------------------ Debian Security Advisory DSA-1688-2 [email protected] http://www.debian.org/security/ Steffen Joeris December 22, 2008 http://www.debian.org/security/faq -...

5.1CVSS7.5AI score0.01816EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2008/12/21 12:0 a.m.19 views

Debian DSA-1688-1 : courier-authlib - SQL injection

Two SQL injection vulnerabilities have been found in courier-authlib, the courier authentification library. The MySQL database interface used insufficient escaping mechanisms when constructing SQL statements, leading to SQL injection vulnerabilities if certain charsets are used CVE-2008-2380 . A...

5.1CVSS5.6AI score0.01816EPSS
Exploits1References5
Debian
Debian
added 2008/12/20 3:21 p.m.15 views

[SECURITY] [DSA 1688-1] New courier-authlib packages fix SQL injection

------------------------------------------------------------------------ Debian Security Advisory DSA-1688 [email protected] http://www.debian.org/security/ Steffen Joeris December 20, 2008 http://www.debian.org/security/faq -...

5.1CVSS7.6AI score0.01816EPSS
Exploits1
OSV
OSV
added 2008/12/20 12:0 a.m.16 views

DSA-1688-1 courier-authlib - SQL injection

Bulletin has no description...

5.1CVSS5.9AI score0.01816EPSS
Exploits1
securityvulns
securityvulns
added 2008/09/07 12:0 a.m.35 views

[ GLSA 200809-05 ] Courier Authentication Library: SQL injection vulnerability

Gentoo Linux Security Advisory GLSA 200809-05 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity:...

5.1CVSS7.2AI score0.01529EPSS
Exploits0
OSV
OSV
added 2008/07/07 11:41 p.m.4 views

CVE-2008-2667

SQL injection vulnerability in the Courier Authentication Library aka courier-authlib before 0.60.6 on SUSE openSUSE 10.3 and 11.0, and other platforms, when MySQL and a non-Latin character set are used, allows remote attackers to execute arbitrary SQL commands via the username and unspecified...

8.1AI score
Exploits0References9
CVE
CVE
added 2008/07/07 11:0 p.m.58 views

CVE-2008-2667

CVE-2008-2667 is a SQL injection vulnerability in courier-authlib (courier-authlib) affecting MySQL interface when certain charsets are used, enabling an attacker to inject SQL via the username and related vectors. Multiple advisories (Debian DSA-1688-1/1688-2, openSUSE/Tenable/Nessus listings) c...

5.1CVSS8AI score0.01529EPSS
Exploits0References9Affected Software1
Tenable Nessus
Tenable Nessus
added 2008/06/19 12:0 a.m.25 views

openSUSE 10 Security Update : courier-authlib (courier-authlib-5352)

This update of courier-authlib fixes a bug that allowed SQL injections. CVE-2008-2667 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update courier-authlib-5352. The text description of this plugin ...

5.1CVSS5.3AI score0.01529EPSS
Exploits0References1
Rows per page
Query Builder