oss-sec mailing list archives
CVE id request: auth2db
From: Steffen Joeris <steffen.joeris () skolelinux de>
Date: Mon, 30 Mar 2009 21:11:33 +1100
Hi auth2db uses addslashes() to protect against SQL injections. This should be mysql_real_escape_string(), so it also works, if multibyte character encodings are used. Debian Bug report: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=521823 Could I please get a CVE id for this? Cheers Steffen
Attachment:
signature.asc
Description: This is a digitally signed message part.
Current thread:
- CVE id request: auth2db Steffen Joeris (Mar 30)