CVE-2007-3567 | Vulnerability Database | Aqua Security

MySQLDumper 1.21b through 1.23 REV227 uses a Limit GET statement in the .htaccess authentication mechanism, which allows remote attackers to bypass authentication requirements via HTTP POST requests.

Affected Software

Name	Vendor	Start Version	End Version
Mysqldumper	Mysqldumper	1.21 (including)	1.21 (including)
Mysqldumper	Mysqldumper	1.22 (including)	1.22 (including)
Mysqldumper	Mysqldumper	1.23 (including)	1.23 (including)
Mysqldumper	Mysqldumper	typo3-extension_0.0.5 (including)	typo3-extension_0.0.5 (including)

References

http://archives.neohapsis.com/archives/bugtraq/2007-08/0052.html
http://osvdb.org/42460
http://securityreason.com/securityalert/2859
http://www.securityfocus.com/archive/1/472756/100/0/threaded
http://www.securityfocus.com/bid/24759
https://exchange.xforce.ibmcloud.com/vulnerabilities/35291
http://archives.neohapsis.com/archives/bugtraq/2007-08/0052.html
http://osvdb.org/42460
http://securityreason.com/securityalert/2859
http://www.securityfocus.com/archive/1/472756/100/0/threaded
http://www.securityfocus.com/bid/24759
https://exchange.xforce.ibmcloud.com/vulnerabilities/35291

NVD	https://nvd.nist.gov/vuln/detail/CVE-2007-3567
CWE	https://cwe.mitre.org/data/definitions/NVD-Other.html