CVE-2006-0522: SQL Injection
First published: Thu Feb 02 2006(Updated: )
SQL injection vulnerability in the Authentication Servlet in Symantec Sygate Management Server (SMS) version 4.1 build 1417 and earlier allows remote attackers to execute arbitrary SQL commands and bypass authentication via unknown attack vectors related to a URL.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Symantec Sygate Management Server | =4.0_mr_1_build_1104_english | |
| Symantec Sygate Management Server | =3.5_mr_3_build_894_english | |
| Symantec Sygate Management Server | =4.1_ga_build_1258_japanese | |
| Symantec Sygate Management Server | <=4.1_mr_2_build_1417_english | |
| Symantec Sygate Management Server | =4.1_mr1_build_1351_chinese |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://securityresponse.symantec.com/avcenter/security/Content/2006.02.01.html
- http://securitytracker.com/id?1015561
- http://secunia.com/advisories/18689
- http://www.securityfocus.com/bid/16452
- http://www.osvdb.org/22883
- http://www.vupen.com/english/advisories/2006/0402
- https://exchange.xforce.ibmcloud.com/vulnerabilities/24413
- collector/nvd-historical
- collector/nvd-index
- agent/severity
- agent/weakness
- agent/references
- agent/author
- agent/event
- agent/description
- agent/type
- agent/softwarecombine
- agent/first-publish-date
- agent/last-modified-date
- agent/remedy
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/symantec
- canonical/symantec sygate management server
- version/symantec sygate management server/4.0_mr_1_build_1104_english
- version/symantec sygate management server/3.5_mr_3_build_894_english
- version/symantec sygate management server/4.1_ga_build_1258_japanese
- version/symantec sygate management server/4.1_mr_2_build_1417_english
- version/symantec sygate management server/4.1_mr1_build_1351_chinese