{"id":"CVE-2005-1824","details":"The sql_escape_string function in auth/sql.c for the mailutils SQL authentication module does not properly quote the \"\\\" (backslash) character, which is used as an escape character and makes the module vulnerable to SQL injection attacks.","modified":"2026-04-10T03:37:06.808897Z","published":"2005-06-02T04:00:00Z","references":[{"type":"ADVISORY","url":"http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=308031"},{"type":"FIX","url":"http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=308031"},{"type":"WEB","url":"http://www.gentoo.org/security/en/glsa/glsa-200506-02.xml"}],"schema_version":"1.7.5"}