mod_auth_mysql-3.0.0-3.2AXS3
エラータID: AXSA:2009-20:01
Release date:
Friday, February 27, 2009 - 21:14
Subject:
mod_auth_mysql-3.0.0-3.2AXS3
Affected Channels:
Asianux Server 3 for x86
Asianux Server 3 for x86_64
Severity:
High
Description:
mod_auth_mysql can be used to limit access to documents served by a web server by checking data in a MySQL database.
Fixed bugs:
CVE-2008-2384
SQL injection vulnerability in mod_auth_mysql.c in the mod-auth-mysql (aka libapache2-mod-auth-mysql) module for the Apache HTTP Server 2.x allows remote attackers to execute arbitrary SQL commands via multibyte character encodings for unspecified input.
Solution:
Update packages.
CVEs:
CVE-2008-2384
SQL injection vulnerability in mod_auth_mysql.c in the mod-auth-mysql (aka libapache2-mod-auth-mysql) module for the Apache HTTP Server 2.x, when configured to use a multibyte character set that allows a \ (backslash) as part of the character encoding, allows remote attackers to execute arbitrary SQL commands via unspecified inputs in a login request.
SQL injection vulnerability in mod_auth_mysql.c in the mod-auth-mysql (aka libapache2-mod-auth-mysql) module for the Apache HTTP Server 2.x, when configured to use a multibyte character set that allows a \ (backslash) as part of the character encoding, allows remote attackers to execute arbitrary SQL commands via unspecified inputs in a login request.
Additional Info:
N/A
Download:
SRPMS
- mod_auth_mysql-3.0.0-3.2AXS3.src.rpm
MD5: 0097b2036077675fea7e9293c0dee4b5
SHA-256: aca74b18c8e3da0fad6afe2525ae05fe9a414f66fb2de3b80a0b06493d12a15d
Size: 28.96 kB
Asianux Server 3 for x86
- mod_auth_mysql-3.0.0-3.2AXS3.i386.rpm
MD5: 91e4b1b201fa59d8d7d96febdc1c5f10
SHA-256: 98f0b723398474210100a00cc605291aee6bb4b56aeabe2ba835eed21105c5c6
Size: 22.19 kB
Asianux Server 3 for x86_64
- mod_auth_mysql-3.0.0-3.2AXS3.x86_64.rpm
MD5: 985c3068d3b1cccf37a0253a61401a28
SHA-256: 8986c50a84802663828c9615d5867f22a4645e1f9af9f96b363c3cfa6a9907ff
Size: 22.04 kB
日本語