Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-2523

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2008-2523
Last Modified 08 Apr 2009 01:26:23
Published 03 Jun 2008 11:32:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2008-2523

Summary

SQL injection vulnerability in the Autopatcher server plugin in RakNet before 3.23 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.

Vulnerable Systems

Application

  • Raknet Autopatcher Server 3.001

  • Raknet Autopatcher Server 3.004

  • Raknet Autopatcher Server 3.005

  • Raknet Autopatcher Server 3.007

  • Raknet Autopatcher Server 3.009

  • Raknet Autopatcher Server 3.01

  • Raknet Autopatcher Server 3.02

  • Raknet Autopatcher Server 3.03

  • Raknet Autopatcher Server 3.05

  • Raknet Autopatcher Server 3.06

  • Raknet Autopatcher Server 3.08

  • Raknet Autopatcher Server 3.1

  • Raknet Autopatcher Server 3.11

  • Raknet Autopatcher Server 3.2

  • Raknet Autopatcher Server 3.21

  • Raknet Autopatcher Server 3.22


References

XF - raknet-autopatcher-sql-injection(42352)

BID - 29178

CONFIRM - http://www.jenkinssoftware.com/raknet/forum/index.php?topic=1787.0

SECUNIA - 30200


Last Updated: 27 May 2016 10:47:54