SQL injection vulnerability in authpgsqllib.c in Courier-Authlib before 0.62.0, when a non-Latin locale Postgres database is used, allows remote attackers to execute arbitrary SQL commands via query parameters containing apostrophes.
Software | From | Fixed in |
---|---|---|
courier-mta / courtier-authlib | 0.52 | 0.52.x |
courier-mta / courtier-authlib | 0.53 | 0.53.x |
courier-mta / courtier-authlib | 0.54 | 0.54.x |
courier-mta / courtier-authlib | 0.55 | 0.55.x |
courier-mta / courtier-authlib | 0.56 | 0.56.x |
courier-mta / courtier-authlib | 0.57 | 0.57.x |
courier-mta / courtier-authlib | 0.58 | 0.58.x |
courier-mta / courtier-authlib | 0.59 | 0.59.x |
courier-mta / courtier-authlib | 0.59.1 | 0.59.1.x |
courier-mta / courtier-authlib | 0.59.2 | 0.59.2.x |
courier-mta / courtier-authlib | 0.59.3 | 0.59.3.x |
courier-mta / courtier-authlib | 0.60 | 0.60.x |
courier-mta / courtier-authlib | 0.60.1 | 0.60.1.x |
courier-mta / courtier-authlib | 0.60.2 | 0.60.2.x |
courier-mta / courtier-authlib | 0.60.3 | 0.60.3.x |
courier-mta / courtier-authlib | 0.60.4 | 0.60.4.x |
courier-mta / courtier-authlib | 0.60.5 | 0.60.5.x |
courier-mta / courtier-authlib | 0.60.6 | 0.60.6.x |
courier-mta / courtier-authlib | 0.61.0 | 0.61.0.x |
courier-mta / courtier-authlib | 0.61.1 | 0.61.1.x |