---------------------------------------------------------------------- Secunia is pleased to announce the release of the annual Secunia report for 2008. Highlights from the 2008 report: * Vulnerability Research * Software Inspection Results * Secunia Research Highlights * Secunia Advisory Statistics Request the full 2008 Report here: http://secunia.com/advisories/try_vi/request_2008_report/ Stay Secure, Secunia ---------------------------------------------------------------------- TITLE: Debian update for auth2db SECUNIA ADVISORY ID: SA34488 VERIFY ADVISORY: http://secunia.com/advisories/34488/ DESCRIPTION: Debian has issued an update for auth2db. This fixes a vulnerability, which can be exploited by malicious people to conduct SQL injection attacks. Certain input is not properly sanitised before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting specially crafted multibyte character encoded data. SOLUTION: Apply updated packages. -- Debian GNU/Linux 5.0 alias lenny -- Source archives: http://security.debian.org/pool/updates/main/a/auth2db/auth2db_0.2.5-2+dfsg-1+lenny1.dsc Size/MD5 checksum: 1124 6a583f694b1d8925e134c09aa093bbe2 http://security.debian.org/pool/updates/main/a/auth2db/auth2db_0.2.5-2+dfsg.orig.tar.gz Size/MD5 checksum: 1648457 30187f48d223c6eb43a4c4a050a210bf http://security.debian.org/pool/updates/main/a/auth2db/auth2db_0.2.5-2+dfsg-1+lenny1.diff.gz Size/MD5 checksum: 660051 22884e0a64958362dd10fb9d95cc605c Architecture independent packages: http://security.debian.org/pool/updates/main/a/auth2db/auth2db_0.2.5-2+dfsg-1+lenny1_all.deb Size/MD5 checksum: 29286 92513e873ad82b08553b96185d3619ea http://security.debian.org/pool/updates/main/a/auth2db/auth2db-filters_0.2.5-2+dfsg-1+lenny1_all.deb Size/MD5 checksum: 13970 897b87dfe350e656c05a944e7d2b1fc9 http://security.debian.org/pool/updates/main/a/auth2db/auth2db-common_0.2.5-2+dfsg-1+lenny1_all.deb Size/MD5 checksum: 648700 7421594af2889badd95f52fc11e600aa http://security.debian.org/pool/updates/main/a/auth2db/auth2db-frontend_0.2.5-2+dfsg-1+lenny1_all.deb Size/MD5 checksum: 566262 7753eb86bcb06358042702547008110e -- Debian GNU/Linux unstable alias sid -- Fixed in version 0.2.5-2+dfsg-1.1. ORIGINAL ADVISORY: DSA-1757-1: http://lists.debian.org/debian-security-announce/2009/msg00067.html ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------