Paketname
apache-mod_auth_mysql
Datum
2009-12-28
Advisory ID
MDVSA-2009:189-1
Betroffene Versionen
2008.0 i586 , 2008.0 x86_64

Problembeschreibung

A vulnerability has been found and corrected in mod_auth_mysql:

SQL injection vulnerability in mod_auth_mysql.c in the mod-auth-mysql
(aka libapache2-mod-auth-mysql) module for the Apache HTTP Server
2.x allows remote attackers to execute arbitrary SQL commands via
multibyte character encodings for unspecified input (CVE-2008-2384).

This update provides fixes for this vulnerability.

Update:

Packages for 2008.0 are provided for Corporate Desktop 2008.0
customers.

Aktualisierte Pakete

2008.0 i586

 44a2b5042c52770dd7c4e39364ca8dd8  2008.0/i586/apache-mod_auth_mysql-3.0.0-13.1mdv2008.0.i586.rpm 
 c5e4769d47f9ce3bd52b0e4f257a0b13  2008.0/SRPMS/apache-mod_auth_mysql-3.0.0-13.1mdv2008.0.src.rpm

2008.0 x86_64

 57c24a76715bf8e94b014403a73e2412  2008.0/x86_64/apache-mod_auth_mysql-3.0.0-13.1mdv2008.0.x86_64.rpm 
 c5e4769d47f9ce3bd52b0e4f257a0b13  2008.0/SRPMS/apache-mod_auth_mysql-3.0.0-13.1mdv2008.0.src.rpm

Referenzen