The pluggable authentication module for mysql (pam_mysql) prior to 0.4.7 does not properly cleanse user input when constructing SQL statements, which allows malicious users to obtain plaintext passwords or hashes.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
pam mysql pam mysql 0.3 |
||
pam mysql pam mysql 0.4 |
||
pam mysql pam mysql 0.1 |
||
pam mysql pam mysql 0.2 |