Processing commands for [EMAIL PROTECTED]:
severity 307796 normal
Bug#307796: xtradius: sql injection in authmysql
Severity set to `normal'.
thanks
Stopping processing here.
Please contact me if you need assistance.
Debian bug tracking system administrator
(administrator, Debian Bugs
severity 307796 normal
thanks
Package: xtradius
Severity: grave
Tags: security
Justification: user security hole
There is no user input verification whatsoever. In
/contrib/authmysql/authmysql.c username supplied by user is fed directly
to database.
Er, unless I'm missing something,
Package: xtradius
Severity: grave
Tags: security
Justification: user security hole
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
There is no user input verification whatsoever. In
/contrib/authmysql/authmysql.c username
supplied by user is fed directly to database.
Primoz Bratanic
- --
3 matches
Mail list logo