Primoz Bratanic

**Name of the Vulnerable Software and Affected Versions** mailutils SQL authentication module (affected versions not specified) **Description** The issue concerns the sql escape string function in auth/sql.c, which fails to properly quote the "" (backslash) character. This character is used as an escape character, making the module susceptible to SQL injection attacks. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: FreeRADIUS versions 1.0.2 and earlier Description: The issue allows remote authenticated users to execute arbitrary SQL commands via specific configuration entries, including `group membership query`, `simul count query`, or `simul verify query`. This is due to a SQL injection vulnerability in the `radius xlat` function within the SQL module. Recommendations: For FreeRADIUS versions 1.0.2 and earlier, consider restricting access to the SQL module or disabling the `radius xlat` function as a temporary workaround until a patch is available. Avoid using the `group membership query`, `simul count query`, or `simul verify query` configuration entries in the affected API endpoints until the issue is resolved.

Name of the Vulnerable Software and Affected Versions: FreeRADIUS versions 1.0.2 and earlier Description: A buffer overflow issue in the `sql escape func` function within the SQL module can be exploited by remote attackers to cause a denial of service, resulting in a crash. Recommendations: For FreeRADIUS versions 1.0.2 and earlier, at the moment, there is no information about a newer version that contains a fix for this vulnerability.