Moole Vulnerability Database

Find real vulnerabilities before they ship

Unknown

CVE-2001-1369

Leon J Breedt pam-pgsql before 0.5.2 allows remote attackers to execute arbitrary SQL code and bypass authentication or modify user account records by injecting SQL statements into user or password fields.

PublishedSep 10, 2001, 04:00

Published Bycve@mitre.org

Affected Versions

No affected versions found.

References

ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:14.pam-pgsql.asc
http://www.iss.net/security_center/static/7110.php
http://www.securityfocus.com/bid/3319

Weakness Type

NVD-CWE-Other

CVSS Metrics

Base Score

7.5

Vector String

AV:N/AC:L/Au:N/C:P/I:P/A:P

Base SeverityUnknown

Version

2.0

Attack Vector (AV)