| Revision Date: | 2017-09-27 | Version: | 1 |
| Title: | CVE-2008-2384 |
| Description: |
SQL injection vulnerability in mod_auth_mysql.c in the mod-auth-mysql (aka libapache2-mod-auth-mysql) module for the Apache HTTP Server 2.x, when configured to use a multibyte character set that allows a \ (backslash) as part of the character encoding, allows remote attackers to execute arbitrary SQL commands via unspecified inputs in a login request.
|
| Family: | unix | Class: | vulnerability |
| Status: | | Reference(s): | CVE-2008-2384
|
| Platform(s): | SLE SDK 10 SP4 for IBM iSeries and IBM pSeries
SLE SDK 10 SP4 for IBM zSeries
SLE SDK 10 SP4 for IPF
SLE SDK 10 SP4 for x86
SLE SDK 10 SP4 for X86-64
SUSE Linux Enterprise SDK 10 SP3
SUSE Linux Enterprise Server 10 SP3
SUSE Linux Enterprise Server 10 SP4 for AMD64 and Intel EM64T
SUSE Linux Enterprise Server 10 SP4 for IBM POWER
SUSE Linux Enterprise Server 10 SP4 for IBM zSeries 64bit
SUSE Linux Enterprise Server 10 SP4 for IPF
SUSE Linux Enterprise Server 10 SP4 for x86
SUSE Linux Enterprise Server for SAP 10 SP3
SUSE Linux Enterprise Teradata 10 SP3 for AMD64 and Intel EM64T
| Product(s): | |
| Definition Synopsis |
| Release Information sles10-sp4 is installed
AND apache2-mod_auth_mysql less than 3.0.0-14.9.1
OR Package Information
sles10-sp3 is installed
OR sles10-sp3-sap is installed
OR sles10-sp3-sdk is installed
AND apache2-mod_auth_mysql less than 3.0.0-14.9.1
|