PDA

Archiv verlassen und diese Seite im Standarddesign anzeigen : Debian Security Advisory 2449-1



newsbot
12.04.2012, 16:50
Debian Linux Security Advisory 2449-1 - It was discovered that sqlalchemy, an SQL toolkit and object relational mapper for python, is not sanitizing input passed to the limit/offset keywords to select() as well as the value passed to select.limit()/offset(). This allows an attacker to perform SQL injection attacks against applications using sqlalchemy that do not implement their own filtering.

Weiterlesen... (http://packetstormsecurity.org/files/111798/dsa-2449-1.txt)