MidnightBSD

Advisories for mod_authnz_external_project

CVE-2011-2688 HIGH

SQL injection vulnerability in mysql/mysql-auth.pl in the mod_authnz_external module 3.2.5 and earlier for the Apache HTTP Server allows remote attackers to execute arbitrary SQL commands via the user field.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-89,

Products Affected

Vendor Product Version
debian debian_linux 5.0
debian debian_linux 7.0
debian debian_linux 6.0
mod_authnz_external_project mod_authnz_external *