CVE-2013-5697

Name of the Vulnerable Software and Affected Versions Apache mod accounting module version 0.5 and earlier

Description The issue allows remote attackers to execute arbitrary SQL commands. This is achieved by exploiting a SQL injection vulnerability in the mod accounting.c file within the mod accounting module for Apache. The vulnerability can be triggered via a Host header.

Recommendations For Apache mod accounting module version 0.5 and earlier, consider updating to a version later than 0.5 to resolve the issue. As a temporary workaround, restrict access to the mod accounting module to minimize the risk of exploitation. Avoid using the Host header in a way that could trigger the SQL injection until the issue is resolved.