PublicDate: 2008-07-07 23:41:00 UTC
Candidate: CVE-2008-2667
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2667
Description:
 SQL injection vulnerability in the Courier Authentication Library (aka
 courier-authlib) before 0.60.6 on SUSE openSUSE 10.3 and 11.0, and other
 platforms, when MySQL and a non-Latin character set are used, allows remote
 attackers to execute arbitrary SQL commands via the username and
 unspecified other vectors.
Ubuntu-Description:
Notes:
Bugs:
Priority: medium
Discovered-by:
Assigned-to:
CVSS: 

Patches_courier-authlib:
upstream_courier-authlib: released (0.60.1-2.1)
dapper_courier-authlib: DNE
feisty_courier-authlib: needed (reached end-of-life)
gutsy_courier-authlib: needed (reached end-of-life)
hardy_courier-authlib: ignored (reached end-of-life)
intrepid_courier-authlib: not-affected (0.61.0-1ubuntu1)
jaunty_courier-authlib: not-affected (0.61.0-1ubuntu1)
karmic_courier-authlib: not-affected (0.61.0-1ubuntu1)
lucid_courier-authlib: not-affected (0.61.0-1ubuntu1)
maverick_courier-authlib: not-affected (0.61.0-1ubuntu1)
natty_courier-authlib: not-affected (0.61.0-1ubuntu1)
oneiric_courier-authlib: not-affected (0.61.0-1ubuntu1)
devel_courier-authlib: not-affected (0.61.0-1ubuntu1)