CVE-2011-2688
Published: 28 July 2011
SQL injection vulnerability in mysql/mysql-auth.pl in the mod_authnz_external module 3.2.5 and earlier for the Apache HTTP Server allows remote attackers to execute arbitrary SQL commands via the user field.
Priority
Status
Package | Release | Status |
---|---|---|
libapache2-mod-authnz-external Launchpad, Ubuntu, Debian |
hardy |
Ignored
(end of life)
|
lucid |
Released
(3.2.4-2+squeeze1build0.10.04.1)
|
|
maverick |
Released
(3.2.4-2+squeeze1build0.10.10.1)
|
|
natty |
Released
(3.2.4-2+squeeze1build0.11.04.1)
|
|
upstream |
Released
(3.2.4-2.1)
|
|
Patches: vendor: http://www.debian.org/security/2011/dsa-2279 |