oss-sec mailing list archives

Previous By Date Next
Previous By Thread Next

CVE id request: auth2db

From: Steffen Joeris <steffen.joeris () skolelinux de>
Date: Mon, 30 Mar 2009 21:11:33 +1100
Hi

auth2db uses addslashes() to protect against SQL injections. This should be 
mysql_real_escape_string(), so it also works, if multibyte character 
encodings are used.

Debian Bug report:
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=521823

Could I please get a CVE id for this?

Cheers
Steffen

Attachment: signature.asc
Description: This is a digitally signed message part.

Previous By Date Next
Previous By Thread Next

Current thread: