CVE-2014-2655
Publication date 2 April 2014
Last updated 24 July 2024
Ubuntu priority
SQL injection vulnerability in the gen_show_status function in functions.inc.php in Postfix Admin (aka postfixadmin) before 2.3.7 allows remote authenticated users to execute arbitrary SQL commands via a new alias.
Status
Package | Ubuntu Release | Status |
---|---|---|
postfixadmin | 13.10 saucy |
Fixed 2.3.5-2+deb7u1build0.13.10.1
|
12.10 quantal |
Fixed 2.3.5-2+deb7u1build0.12.10.1
|
|
12.04 LTS precise | Not in release | |
10.04 LTS lucid | Not in release |