Secunia Logo  


Secunia PSI WorldMap
 
CVE Reference: CVE-2005-1824
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE:
CVE-2005-1824

Description:
The sql_escape_string function in auth/sql.c for the mailutils SQL authentication module does not properly quote the "\" (backslash) character, which is used as an escape character and makes the module vulnerable to SQL injection attacks.

CVE Status:
Candidate

References:

GENTOO
  http://www.gentoo.org/security/en/glsa/glsa-200506-02.xml

CONFIRM
  http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=308031


Return to the previous page.