7.5 - MDVSA-2009:189-1

Executive Summary

This Alert is flagged as TOP 25 Common Weakness Enumeration from CWE/SANS. For more information, you can read this.

Informations
Name	MDVSA-2009:189-1	First vendor Publication	2009-12-28
Vendor	Mandriva	Last vendor Modification	2009-12-28
Severity (Vendor)	N/A	Revision	N/A

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score	NA
Base Score	NA	Environmental Score	NA
impact SubScore	NA	Temporal Score	NA
Exploitabality Sub Score	NA

Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:P/I:P/A:P)
Cvss Base Score	7.5	Attack Range	Network
Cvss Impact Score	6.4	Attack Complexity	Low
Cvss Expoit Score	10	Authentication	None Required
Calculate full CVSS 2.0 Vectors scores

Detail

A vulnerability has been found and corrected in mod_auth_mysql:

SQL injection vulnerability in mod_auth_mysql.c in the mod-auth-mysql (aka libapache2-mod-auth-mysql) module for the Apache HTTP Server 2.x allows remote attackers to execute arbitrary SQL commands via multibyte character encodings for unspecified input (CVE-2008-2384).

This update provides fixes for this vulnerability.

Update:

Packages for 2008.0 are provided for Corporate Desktop 2008.0 customers.

Original Source

Url : http://www.mandriva.com/security/advisories?name=MDVSA-2009:189-1

CWE : Common Weakness Enumeration

%	Id	Name
100 %	CWE-89	Improper Sanitization of Special Elements used in an SQL Command ('SQL Injection') (CWE/SANS Top 25)

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:10172

Oval ID:	oval:org.mitre.oval:def:10172
Title:	SQL injection vulnerability in mod_auth_mysql.c in the mod-auth-mysql (aka libapache2-mod-auth-mysql) module for the Apache HTTP Server 2.x allows remote attackers to execute arbitrary SQL commands via multibyte character encodings for unspecified input.
Description:	SQL injection vulnerability in mod_auth_mysql.c in the mod-auth-mysql (aka libapache2-mod-auth-mysql) module for the Apache HTTP Server 2.x, when configured to use a multibyte character set that allows a \ (backslash) as part of the character encoding, allows remote attackers to execute arbitrary SQL commands via unspecified inputs in a login request.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2008-2384	Version:	6
Platform(s):	Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5	Product(s):
Definition Synopsis:
RHEL5, CentOS5 or Oracle Linux 5 The operating system installed on the system is Red Hat Enterprise Linux 5 AND CentOS Linux 5.x AND Oracle Linux 5.x AND mod_auth_mysql is earlier than 1:3.0.0-3.2.el5_3

Definition Id: oval:org.mitre.oval:def:21794

Oval ID:	oval:org.mitre.oval:def:21794
Title:	ELSA-2009:0259: mod_auth_mysql security update (Moderate)
Description:	SQL injection vulnerability in mod_auth_mysql.c in the mod-auth-mysql (aka libapache2-mod-auth-mysql) module for the Apache HTTP Server 2.x, when configured to use a multibyte character set that allows a \ (backslash) as part of the character encoding, allows remote attackers to execute arbitrary SQL commands via unspecified inputs in a login request.
Family:	unix	Class:	patch
Reference(s):	ELSA-2009:0259-01 CVE-2008-2384	Version:	6
Platform(s):	Oracle Linux 5	Product(s):	mod_auth_mysql
Definition Synopsis:
Oracle Linux 5.x AND mod_auth_mysql is earlier than 1:3.0.0-3.2.el5_3

Definition Id: oval:org.mitre.oval:def:22105

Oval ID:	oval:org.mitre.oval:def:22105
Title:	RHSA-2010:1002: mod_auth_mysql security update (Moderate)
Description:	SQL injection vulnerability in mod_auth_mysql.c in the mod-auth-mysql (aka libapache2-mod-auth-mysql) module for the Apache HTTP Server 2.x, when configured to use a multibyte character set that allows a \ (backslash) as part of the character encoding, allows remote attackers to execute arbitrary SQL commands via unspecified inputs in a login request.
Family:	unix	Class:	patch
Reference(s):	RHSA-2010:1002-01 CVE-2008-2384	Version:	4
Platform(s):	Red Hat Enterprise Linux 6	Product(s):	mod_auth_mysql
Definition Synopsis:
mod_auth_mysql is earlier than 1:3.0.0-11.el6_0.1 AND The operating system installed on the system is Red Hat Enterprise Linux 6

Definition Id: oval:org.mitre.oval:def:23560

Oval ID:	oval:org.mitre.oval:def:23560
Title:	ELSA-2010:1002: mod_auth_mysql security update (Moderate)
Description:	SQL injection vulnerability in mod_auth_mysql.c in the mod-auth-mysql (aka libapache2-mod-auth-mysql) module for the Apache HTTP Server 2.x, when configured to use a multibyte character set that allows a \ (backslash) as part of the character encoding, allows remote attackers to execute arbitrary SQL commands via unspecified inputs in a login request.
Family:	unix	Class:	patch
Reference(s):	ELSA-2010:1002-01 CVE-2008-2384	Version:	6
Platform(s):	Oracle Linux 6	Product(s):	mod_auth_mysql
Definition Synopsis:
mod_auth_mysql is earlier than 1:3.0.0-11.el6_0.1 AND Oracle Linux 6.x

Definition Id: oval:org.mitre.oval:def:27445

Oval ID:	oval:org.mitre.oval:def:27445
Title:	DEPRECATED: ELSA-2010-1002 -- mod_auth_mysql security update (moderate)
Description:	[1:3.0.0-11.1] - add security fix for CVE-2008-2384 (#663617)
Family:	unix	Class:	patch
Reference(s):	ELSA-2010-1002 CVE-2008-2384	Version:	4
Platform(s):	Oracle Linux 6	Product(s):	mod_auth_mysql
Definition Synopsis:
Oracle Linux 6.x AND mod_auth_mysql is earlier than 0:3.0.0-11.el6_0.1

Definition Id: oval:org.mitre.oval:def:28850

Oval ID:	oval:org.mitre.oval:def:28850
Title:	RHSA-2009:0259 -- mod_auth_mysql security update (Moderate)
Description:	An updated mod_auth_mysql package to correct a security issue is now available for Red Hat Enterprise Linux 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The mod_auth_mysql package includes an extension module for the Apache HTTP Server which can be used to implement web user authentication against a MySQL database.
Family:	unix	Class:	patch
Reference(s):	RHSA-2009:0259 CVE-2008-2384	Version:	3
Platform(s):	Red Hat Enterprise Linux 5	Product(s):	mod_auth_mysql
Definition Synopsis:
The operating system installed on the system is Red Hat Enterprise Linux 5 AND mod_auth_mysql is earlier than 1:3.0.0-3.2.el5_3

CPE : Common Platform Enumeration

Type	Description	Count
Application	Joey Schulze Mod Auth Mysql cpe:2.3:a:joey_schulze:mod_auth_mysql::::::::	1

OpenVAS Exploits

Date	Description
2011-02-11	Name : Fedora Update for mod_auth_mysql FEDORA-2011-0100 File : nvt/gb_fedora_2011_0100_mod_auth_mysql_fc14.nasl
2011-02-11	Name : Fedora Update for mod_auth_mysql FEDORA-2011-0114 File : nvt/gb_fedora_2011_0114_mod_auth_mysql_fc13.nasl
2009-12-30	Name : Mandriva Security Advisory MDVSA-2009:189-1 (apache-mod_auth_mysql) File : nvt/mdksa_2009_189_1.nasl
2009-08-17	Name : Mandrake Security Advisory MDVSA-2009:189 (apache-mod_auth_mysql) File : nvt/mdksa_2009_189.nasl
2009-02-13	Name : RedHat Security Advisory RHSA-2009:0259 File : nvt/RHSA_2009_0259.nasl

Open Source Vulnerability Database (OSVDB)

Id	Description
51923	Apache HTTP Server mod-auth-mysql Module mod_auth_mysql.c Multibyte Character...

Nessus® Vulnerability Scanner

Date	Description
2013-07-12	Name : The remote Oracle Linux host is missing a security update. File : oraclelinux_ELSA-2009-0259.nasl - Type : ACT_GATHER_INFO
2013-07-12	Name : The remote Oracle Linux host is missing a security update. File : oraclelinux_ELSA-2010-1002.nasl - Type : ACT_GATHER_INFO
2012-08-01	Name : The remote Scientific Linux host is missing a security update. File : sl_20090211_mod_auth_mysql_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2012-08-01	Name : The remote Scientific Linux host is missing a security update. File : sl_20101221_mod_auth_mysql_on_SL6_x.nasl - Type : ACT_GATHER_INFO
2011-12-13	Name : The remote SuSE 10 host is missing a security-related patch. File : suse_apache2-mod_auth_mysql-7683.nasl - Type : ACT_GATHER_INFO
2011-08-31	Name : The remote SuSE 10 host is missing a security-related patch. File : suse_apache2-mod_auth_mysql-7682.nasl - Type : ACT_GATHER_INFO
2011-02-22	Name : The remote host is running software that is vulnerable to a SQL injection att... File : mod_auth_mysql_bypass.nasl - Type : ACT_ATTACK
2011-02-11	Name : The remote Fedora host is missing a security update. File : fedora_2011-0100.nasl - Type : ACT_GATHER_INFO
2011-02-11	Name : The remote Fedora host is missing a security update. File : fedora_2011-0114.nasl - Type : ACT_GATHER_INFO
2010-12-22	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2010-1002.nasl - Type : ACT_GATHER_INFO
2009-08-03	Name : The remote Mandriva Linux host is missing a security update. File : mandriva_MDVSA-2009-189.nasl - Type : ACT_GATHER_INFO
2009-02-12	Name : The remote Red Hat host is missing a security update. File : redhat-RHSA-2009-0259.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.

Date	Informations
2014-02-17 11:40:30	Multiple Updates
2013-05-11 00:47:33	Multiple Updates

Global Informations

Type	Count
CWE ID(s)	1
Oval ID(s)	6
CPE ID(s)	1
osvdb(s)	1
Openvas Exploit(s)	5
Nessus® Exploit(s)	12

	Related
7.5	MDVSA-2009:189
7.5	CVE-2008-2384
Info : listing not affected by your CVSS Env Score

Same Subject	Severity
Login to view 2 more Alert(s)