lighttpd 'mod_mysql_vhost.c' SQL Injection Vulnerability

Bugtraq ID: 66153
Class: Input Validation Error
CVE: CVE-2014-2323
Remote: Yes
Local: No
Published: Mar 12 2014 12:00AM
Updated: Apr 13 2015 09:21PM
Credit: Jann Horn
Vulnerable: S.u.S.E. openSUSE 13.1
S.u.S.E. openSUSE 12.3
S.u.S.E. openSUSE 11.4
lighttpd lighttpd 1.4.32
lighttpd lighttpd 1.4.31
lighttpd lighttpd 1.4.30
lighttpd lighttpd 1.4.26
lighttpd lighttpd 1.4.25
lighttpd lighttpd 1.4.24
lighttpd lighttpd 1.4.23
lighttpd lighttpd 1.4.20
lighttpd lighttpd 1.4.19
lighttpd lighttpd 1.4.18
lighttpd lighttpd 1.4.17
lighttpd lighttpd 1.4.16
lighttpd lighttpd 1.4.15
lighttpd lighttpd 1.4.14
lighttpd lighttpd 1.4.13
lighttpd lighttpd 1.4.12
lighttpd lighttpd 1.4.11
lighttpd lighttpd 1.4.10
lighttpd lighttpd 1.4.9
lighttpd lighttpd 1.4.8
lighttpd lighttpd 1.4.7
lighttpd lighttpd 1.4.6
lighttpd lighttpd 1.4.5
lighttpd lighttpd 1.4.4
lighttpd lighttpd 1.4.1
lighttpd lighttpd 1.4
lighttpd lighttpd 1.3.10
lighttpd lighttpd 1.3.8
lighttpd lighttpd 1.3.7
lighttpd lighttpd 1.4.34
lighttpd lighttpd 1.4.33
IBM OS/400 V1R5M0
IBM OS/400 V1R4M0
HP vCAS 14.06 (RDA 8.1)
HP vCAS 0
Gentoo Linux
Debian Linux 6.0 sparc
Debian Linux 6.0 s/390
Debian Linux 6.0 powerpc
Debian Linux 6.0 mips
Debian Linux 6.0 ia-64
Debian Linux 6.0 ia-32
Debian Linux 6.0 arm
Debian Linux 6.0 amd64
Not Vulnerable: lighttpd lighttpd 1.4.35
HP vCAS 14.10-38402


 

Privacy Statement
Copyright 2010, SecurityFocus