CVE-2006-0522 Information

Description

SQL injection vulnerability in the Authentication Servlet in Symantec Sygate Management Server (SMS) version 4.1 build 1417 and earlier allows remote attackers to execute arbitrary SQL commands and bypass authentication via unknown attack vectors related to a URL.

Reference

http://secunia.com/advisories/18689 http://securityresponse.symantec.com/avcenter/security/Content/2006.02.01.html http://securitytracker.com/id?1015561 http://www.osvdb.org/22883 http://www.securityfocus.com/bid/16452 http://www.vupen.com/english/advisories/2006/0402 https://exchange.xforce.ibmcloud.com/vulnerabilities/24413