1152 matches found
DEBIAN-CVE-2008-2380
SQL injection vulnerability in authpgsqllib.c in Courier-Authlib before 0.62.0, when a non-Latin locale Postgres database is used, allows remote attackers to execute arbitrary SQL commands via query parameters containing apostrophes...
CVE-2008-2380
SQL injection vulnerability in authpgsqllib.c in Courier-Authlib before 0.62.0, when a non-Latin locale Postgres database is used, allows remote attackers to execute arbitrary SQL commands via query parameters containing apostrophes...
CVE-2008-2380
SQL injection vulnerability in authpgsqllib.c in Courier-Authlib before 0.62.0, when a non-Latin locale Postgres database is used, allows remote attackers to execute arbitrary SQL commands via query parameters containing apostrophes...
CVE-2008-2380
SQL injection vulnerability in authpgsqllib.c in Courier-Authlib before 0.62.0, when a non-Latin locale Postgres database is used, allows remote attackers to execute arbitrary SQL commands via query parameters containing apostrophes...
CVE-2008-2380
CVE-2008-2380 affects Courier Authentication Library (courier-authlib). The CVE describes an SQL injection in authpgsqllib.c when using a non-Latin locale Postgres database, allowing exploitation via query parameters containing apostrophes. Public advisories (Gentoo GLSA-200903-25, SUSE/openSUSE ...
Courier-Authlib非拉丁字符处理postgres SQL注入漏洞
BUGTRAQ ID: 32926 CVE ID:CVE-2008-2380 CNCVE ID:CNCVE-20082380 Courier-Authlib是一款Courier验证库。 authpgsqllib.c存在漏洞,如果Postgres数据库使用非拉丁字集,可导致SQL注入攻击。 目前没有详细漏洞细节提供。 Courier Mail Server Courier-Authlib 0.61 Courier Mail Server Courier-Authlib 0.60.6 Courier Mail Server Courier-Authlib 0.60.5 升级程序: Couri...
Debian Security Advisory DSA 126-1 (imp)
The remote host is missing an update to imp announced via advisory DSA 126-1. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2007-6171
SQL injection vulnerability in the Postgres Realtime Engine resconfigpgsql in Asterisk 1.4.x before 1.4.15 and C.x before C.1.0-beta6 allows remote attackers to execute arbitrary SQL commands via unknown vectors...
Sql injection
SQL injection vulnerability in the Postgres Realtime Engine resconfigpgsql in Asterisk 1.4.x before 1.4.15 and C.x before C.1.0-beta6 allows remote attackers to execute arbitrary SQL commands via unknown vectors...
Sql injection
SQL injection vulnerability in the Call Detail Record Postgres logging engine cdrpgsql in Asterisk 1.4.x before 1.4.15, 1.2.x before 1.2.25, B.x before B.2.3.4, and C.x before C.1.0-beta6 allows remote authenticated users to execute arbitrary SQL commands via 1 ANI and 2 DNIS arguments...
CVE-2007-6171
SQL injection vulnerability in the Postgres Realtime Engine resconfigpgsql in Asterisk 1.4.x before 1.4.15 and C.x before C.1.0-beta6 allows remote attackers to execute arbitrary SQL commands via unknown vectors...
DEBIAN-CVE-2007-6171
SQL injection vulnerability in the Postgres Realtime Engine resconfigpgsql in Asterisk 1.4.x before 1.4.15 and C.x before C.1.0-beta6 allows remote attackers to execute arbitrary SQL commands via unknown vectors...
CVE-2007-6170
SQL injection vulnerability in the Call Detail Record Postgres logging engine cdrpgsql in Asterisk 1.4.x before 1.4.15, 1.2.x before 1.2.25, B.x before B.2.3.4, and C.x before C.1.0-beta6 allows remote authenticated users to execute arbitrary SQL commands via 1 ANI and 2 DNIS arguments...
CVE-2007-6171
SQL injection vulnerability in the Postgres Realtime Engine resconfigpgsql in Asterisk 1.4.x before 1.4.15 and C.x before C.1.0-beta6 allows remote attackers to execute arbitrary SQL commands via unknown vectors...
CVE-2007-6170
SQL injection vulnerability in the Call Detail Record Postgres logging engine cdrpgsql in Asterisk 1.4.x before 1.4.15, 1.2.x before 1.2.25, B.x before B.2.3.4, and C.x before C.1.0-beta6 allows remote authenticated users to execute arbitrary SQL commands via 1 ANI and 2 DNIS arguments...
CVE-2007-6171
SQL injection vulnerability in the Postgres Realtime Engine resconfigpgsql in Asterisk 1.4.x before 1.4.15 and C.x before C.1.0-beta6 allows remote attackers to execute arbitrary SQL commands via unknown vectors...
CVE-2007-6171
SQL injection vulnerability in the Postgres Realtime Engine resconfigpgsql in Asterisk 1.4.x before 1.4.15 and C.x before C.1.0-beta6 allows remote attackers to execute arbitrary SQL commands via unknown vectors...
CVE-2007-6171
Vulnerability: CVE-2007-6171 describes an SQL injection in the Postgres Realtime Engine (res_config_pgsql) of Asterisk 1.4.x (before 1.4.15) and Asterisk C.x (before C.1.0-beta6) . Affected component: Postgres Realtime Engine, res_config_pgsql. Root cause / impact: Remote attackers can exploit un...
AST-2007-026 - SQL Injection issue in cdr_pgsql
Asterisk Project Security Advisory - AST-2007-026 +------------------------------------------------------------------------+ | Product | Asterisk | |----------------------+-------------------------------------------------| | Summary | SQL Injection issue in cdrpgsql |...
AST-2007-025 - SQL Injection issue in res_config_pgsql
Asterisk Project Security Advisory - AST-2007-025 +------------------------------------------------------------------------+ | Product | Asterisk | |----------------------+-------------------------------------------------| | Summary | SQL Injection issue in resconfigpgsql |...