First published: Fri Mar 14 2014(Updated: )
SQL injection vulnerability in mod_mysql_vhost.c in lighttpd before 1.4.35 allows remote attackers to execute arbitrary SQL commands via the host name, related to request_check_hostname.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Lighttpd Lighttpd | <1.4.35 | |
Debian Debian Linux | =6.0 | |
Debian Debian Linux | =7.0 | |
Debian Debian Linux | =8.0 | |
openSUSE openSUSE | =11.4 | |
openSUSE openSUSE | =12.3 | |
openSUSE openSUSE | =13.1 | |
Suse Linux Enterprise High Availability Extension | =11-sp3 | |
SUSE Linux Enterprise Software Development Kit | =11-sp3 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.