GreenSQL Firewall 0.9.x - WHERE Clause Security Bypass
| EKU-ID: 38065 | CVE: CVE-2008-6992;OSVDB-48910 | OSVDB-ID: |
| Author: Johannes Dahse | Published: 2009-09-02 | Verified:
 |
| Download: | ||
Rating☆☆☆☆☆ |
| EKU-ID: 38065 | CVE: CVE-2008-6992;OSVDB-48910 | OSVDB-ID: |
| Author: Johannes Dahse | Published: 2009-09-02 | Verified:
|
| Download: | ||
Rating☆☆☆☆☆ |
source: https://www.securityfocus.com/bid/36209/info GreenSQL Firewall is prone to a security-bypass vulnerability. An attacker can exploit this issue to bypass certain security restrictions. Successfully exploiting this issue may aid in SQL attacks on the underlying application. The following sample SQL expression is available: x=y=z