oval:org.mitre.oval:def:8347

Definition Id: oval:org.mitre.oval:def:8347

Oval ID:	oval:org.mitre.oval:def:8347
Title:	DSA-1688 courier-authlib -- SQL injection
Description:	Two SQL injection vulnerabilities have been found in courier-authlib, the courier authentification library. The MySQL database interface used insufficient escaping mechanisms when constructing SQL statements, leading to SQL injection vulnerabilities if certain charsets are used (CVE-2008-2380). A similar issue affects the PostgreSQL database interface (CVE-2008-2667).
Family:	unix	Class:	patch
Reference(s):	DSA-1688 CVE-2008-2380 CVE-2008-2667	Version:	3
Platform(s):	Debian GNU/Linux 4.0	Product(s):	courier-authlib
Definition Synopsis:
Debian GNU/Linux 4.0 is installed. Packages section courier-authlib-userdb is earlier than 0.58-4+etch2 AND courier-authdaemon is earlier than 0.58-4+etch2 AND courier-authlib-mysql is earlier than 0.58-4+etch2 AND courier-authlib-pipe is earlier than 0.58-4+etch2 AND courier-authlib-postgresql is earlier than 0.58-4+etch2 AND courier-authlib-ldap is earlier than 0.58-4+etch2 AND courier-authlib is earlier than 0.58-4+etch2 AND courier-authlib-dev is earlier than 0.58-4+etch2

Definition Id: oval:org.mitre.oval:def:6461

Oval ID:	oval:org.mitre.oval:def:6461
Title:	Debian GNU/Linux 4.0 is installed.
Description:	Debian GNU/Linux 4.0 (etch) is installed
Family:	unix	Class:	inventory
Reference(s):	cpe:/o:debian:debian_gnu/linux:4.0	Version:	9
Platform(s):	Debian GNU/Linux 4.0	Product(s):
Definition Synopsis:
Debian GNU/Linux 4.0 is installed
Referenced By:
oval:org.mitre.oval:def:8347