Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2001-1379

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2001-1379
Last Modified 10 Sep 2008 03:10:24
Published 29 Aug 2001 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2001-1379

Summary

The PostgreSQL authentication modules (1) mod_auth_pgsql 0.9.5, and (2) mod_auth_pgsql_sys 0.9.4, allow remote attackers to bypass authentication and execute arbitrary SQL via a SQL injection attack on the user name.

Vulnerable Systems

Application

  • Guiseppe Tanzilli And Matthias Eckermann Mod Auth Pgsql 0.9.5

  • Guiseppe Tanzilli And Matthias Eckermann Mod Auth Pgsql 0.9.6


References

XF - apache-postgresql-authentication-module(7054)

BUGTRAQ - 20010829 RUS-CERT Advisory 2001-08:01

REDHAT - RHSA-2001:124

VULNWATCH - 20010829 [VulnWatch] RUS-CERT Advisory 2001-08:01

FREEBSD - FreeBSD-SA-02:03

BID - 3251

CONECTIVA - CLA-2001:427


Last Updated: 27 May 2016 10:36:38