Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2003-0040

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2003-0040
Last Modified 05 Sep 2008 04:33:18
Published 19 Feb 2003 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2003-0040

Summary

SQL injection vulnerability in the PostgreSQL auth module for courier 0.40 and earlier allows remote attackers to execute SQL code via the user name.

Vulnerable Systems

Application

  • Double Precision Incorporated Courier Mta 0.37.3

  • Inter7 Courier-imap 1.6


References

BID - 6738

DEBIAN - DSA-247

XF - courierimap-authmysqllib-sql-injection(11213)


Last Updated: 27 May 2016 10:37:45