LDAP and MySQL Authentication Patch for Cyrus SASL 1.5.24 and 1.5.27 SQL Injection Vulnerability
CVE-2002-2043 · HIGH Severity
AV:N/AC:L/AU:N/C:P/I:P/A:P
SQL injection vulnerability in the LDAP and MySQL authentication patch for Cyrus SASL 1.5.24 and 1.5.27 allows remote attackers to execute arbitrary SQL commands and log in as arbitrary POP mail users via the password.
Learn more about our Cis Benchmark Audit For Oracle Mysql.