CVE-2003-0040

EPSS 0.49%

courier-ssl - missing input sanitizing

發布日:2003/2/19修改日:2026/4/28

描述

SQL injection vulnerability in the PostgreSQL auth module for courier 0.40 and earlier allows remote attackers to execute SQL code via the user name.

受影響套件(2)

Debian/courierfrom 0, < 0.40.2-3
Debian/courierfrom 0, < 0.37.3-3.3

參考連結(1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2003-0040