This script is Copyright (C) 2011-2014 Tenable Network Security, Inc.
The remote Gentoo host is missing one or more security-related
The remote host is affected by the vulnerability described in GLSA-201110-23
(Apache mod_authnz_external: SQL injection)
mysql/mysql-auth.pl in mod_authnz_external does not properly sanitize
input before using it in an SQL query.
A remote attacker could exploit this vulnerability to inject arbitrary
SQL statements by using a specially crafted username for HTTP
authentication on a site using mod_authnz_external.
There is no known workaround at this time.
See also :
All Apache mod_authnz_external users should upgrade to the latest
# emerge --sync
# emerge --ask --oneshot --verbose
Risk factor :
High / CVSS Base Score : 7.5
CVSS Temporal Score : 6.2
Public Exploit Available : true