Candidate: CVE-2011-2688
PublicDate: 2011-07-28 18:55:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2688
Description:
 SQL injection vulnerability in mysql/mysql-auth.pl in the
 mod_authnz_external module 3.2.5 and earlier for the Apache HTTP Server
 allows remote attackers to execute arbitrary SQL commands via the user
 field.
Ubuntu-Description:
Notes:
Bugs:
Priority: medium
Discovered-by:
Assigned-to:
CVSS: 

Patches_libapache2-mod-authnz-external:
 vendor: http://www.debian.org/security/2011/dsa-2279
upstream_libapache2-mod-authnz-external: released (3.2.4-2.1)
hardy_libapache2-mod-authnz-external: ignored (reached end-of-life)
lucid_libapache2-mod-authnz-external: released (3.2.4-2+squeeze1build0.10.04.1)
maverick_libapache2-mod-authnz-external: released (3.2.4-2+squeeze1build0.10.10.1)
natty_libapache2-mod-authnz-external: released (3.2.4-2+squeeze1build0.11.04.1)
devel_libapache2-mod-authnz-external: not-affected (3.2.4-2.1)