MDVSA-2009:189
- Package name
- apache-mod_auth_mysql
- Date
- 2009-08-01
- Advisory ID
- MDVSA-2009:189
- Affected versions
- 2009.0 x86_64 , 2009.0 i586 , CS4.0 i586 , CS4.0 x86_64 , 2008.1 x86_64 , 2008.1 i586
Problem description
A vulnerability has been found and corrected in mod_auth_mysql:
SQL injection vulnerability in mod_auth_mysql.c in the mod-auth-mysql
(aka libapache2-mod-auth-mysql) module for the Apache HTTP Server
2.x allows remote attackers to execute arbitrary SQL commands via
multibyte character encodings for unspecified input (CVE-2008-2384).
This update provides fixes for this vulnerability.
Updated packages
2009.0 x86_64
3095cb9c81915e594ec4109ca79cc6b7 2009.0/x86_64/apache-mod_auth_mysql-3.0.0-17.1mdv2009.0.x86_64.rpm 5e32f9eceb68760512a08343b680d87f 2009.0/SRPMS/apache-mod_auth_mysql-3.0.0-17.1mdv2009.0.src.rpm
2009.0 i586
2449a104b728fa046695fc275f8e12a6 2009.0/i586/apache-mod_auth_mysql-3.0.0-17.1mdv2009.0.i586.rpm 5e32f9eceb68760512a08343b680d87f 2009.0/SRPMS/apache-mod_auth_mysql-3.0.0-17.1mdv2009.0.src.rpm
CS4.0 i586
0a81210d2ed08e9687635f38f23b67f3 corporate/4.0/i586/apache-mod_auth_mysql-3.0.0-5.1.20060mlcs4.i586.rpm 65550cc56b4e9f808119c0de2ebaec47 corporate/4.0/SRPMS/apache-mod_auth_mysql-3.0.0-5.1.20060mlcs4.src.rpm
CS4.0 x86_64
86e8313568d27765f1968f5e29cff658 corporate/4.0/x86_64/apache-mod_auth_mysql-3.0.0-5.1.20060mlcs4.x86_64.rpm 65550cc56b4e9f808119c0de2ebaec47 corporate/4.0/SRPMS/apache-mod_auth_mysql-3.0.0-5.1.20060mlcs4.src.rpm
2008.1 x86_64
e0ef6a82166a4c51c73df1a123cadc55 2008.1/x86_64/apache-mod_auth_mysql-3.0.0-15.1mdv2008.1.x86_64.rpm c593e9a6de76eb26171d0a1a761be234 2008.1/SRPMS/apache-mod_auth_mysql-3.0.0-15.1mdv2008.1.src.rpm
2008.1 i586
8fad04a01d1c8f81341281d22cb15631 2008.1/i586/apache-mod_auth_mysql-3.0.0-15.1mdv2008.1.i586.rpm c593e9a6de76eb26171d0a1a761be234 2008.1/SRPMS/apache-mod_auth_mysql-3.0.0-15.1mdv2008.1.src.rpm