← Back to CVEs
CVE-2005-1824
N/ADescription
The sql_escape_string function in auth/sql.c for the mailutils SQL authentication module does not properly quote the "\" (backslash) character, which is used as an escape character and makes the module vulnerable to SQL injection attacks.
CVE Details
CVSS v3.1 ScoreN/A
Published6/2/2005
Last Modified4/16/2026
Sourcenvd
Honeypot Sightings0
Affected Products
gnu:mailutils
References
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=308031(cve@mitre.org)
http://www.gentoo.org/security/en/glsa/glsa-200506-02.xml(cve@mitre.org)
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=308031(af854a3a-2127-422b-91ae-364da2661108)
http://www.gentoo.org/security/en/glsa/glsa-200506-02.xml(af854a3a-2127-422b-91ae-364da2661108)
IOC Correlations
No correlations recorded
This product uses data from the NVD API but is not endorsed or certified by the NVD.