VYPR
← All advisories
Unrated severityNVD Advisory· Published Jul 7, 2008· Updated Apr 23, 2026

CVE-2008-2667

CVE-2008-2667

Description

SQL injection vulnerability in the Courier Authentication Library (aka courier-authlib) before 0.60.6 on SUSE openSUSE 10.3 and 11.0, and other platforms, when MySQL and a non-Latin character set are used, allows remote attackers to execute arbitrary SQL commands via the username and unspecified other vectors.

Affected products

17
  • Courier Mta/Courtier Authlib17 versions
    cpe:2.3:a:courier-mta:courtier-authlib:0.52:*:*:*:*:*:*:*+ 16 more
    • cpe:2.3:a:courier-mta:courtier-authlib:0.52:*:*:*:*:*:*:*
    • cpe:2.3:a:courier-mta:courtier-authlib:0.53:*:*:*:*:*:*:*
    • cpe:2.3:a:courier-mta:courtier-authlib:0.54:*:*:*:*:*:*:*
    • cpe:2.3:a:courier-mta:courtier-authlib:0.55:*:*:*:*:*:*:*
    • cpe:2.3:a:courier-mta:courtier-authlib:0.56:*:*:*:*:*:*:*
    • cpe:2.3:a:courier-mta:courtier-authlib:0.57:*:*:*:*:*:*:*
    • cpe:2.3:a:courier-mta:courtier-authlib:0.58:*:*:*:*:*:*:*
    • cpe:2.3:a:courier-mta:courtier-authlib:0.59:*:*:*:*:*:*:*
    • cpe:2.3:a:courier-mta:courtier-authlib:0.59.1:*:*:*:*:*:*:*
    • cpe:2.3:a:courier-mta:courtier-authlib:0.59.2:*:*:*:*:*:*:*
    • cpe:2.3:a:courier-mta:courtier-authlib:0.59.3:*:*:*:*:*:*:*
    • cpe:2.3:a:courier-mta:courtier-authlib:0.60:*:*:*:*:*:*:*
    • cpe:2.3:a:courier-mta:courtier-authlib:0.60.1:*:*:*:*:*:*:*
    • cpe:2.3:a:courier-mta:courtier-authlib:0.60.2:*:*:*:*:*:*:*
    • cpe:2.3:a:courier-mta:courtier-authlib:0.60.3:*:*:*:*:*:*:*
    • cpe:2.3:a:courier-mta:courtier-authlib:0.60.4:*:*:*:*:*:*:*
    • cpe:2.3:a:courier-mta:courtier-authlib:0.60.5:*:*:*:*:*:*:*

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

9

News mentions

0

No linked articles in our index yet.