CVE-2011-2688

Name of the Vulnerable Software and Affected Versions mod authnz external module versions 3.2.5 and earlier

Description The issue allows remote attackers to execute arbitrary SQL commands via the user field. This is related to a SQL injection vulnerability in the mysql/mysql-auth.pl script. The vulnerability affects the Apache HTTP Server. There are reports of threats including FinStealer and Rewardsteal, with victims in the education and financial industries, particularly in India.

Recommendations For mod authnz external module versions 3.2.5 and earlier, consider disabling the vulnerable mysql/mysql-auth.pl script until a patch is available. Restrict access to the user field in the affected module to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.