September 11, 2001

SuSE Linux apache-contrib problems

Author: JT Smith

Posted at Help Net Security: "he Apache module mod_auth_mysql 1.4,which is shipped since SuSE Linux 7.1,
was found vulnerable to possible bypass authentication by MySQL command
injection.
An adversary could insert MySQL commands along with a password and these
commands will be interpreted by MySQL while mod_auth_mysql is doing the
password lookup in the database. A positive authentication could be returned."

Category:

  • Linux
Click Here!