Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
4.6
CVSSv2

CVE-2000-1199

Published: 31/08/2001 Updated: 19/12/2017
CVSS v2 Base Score: 4.6 | Impact Score: 6.4 | Exploitability Score: 3.9
VMScore: 465
Vector: AV:L/AC:L/Au:N/C:P/I:P/A:P
Subscribe to Postgresql

Vulnerability Summary

PostgreSQL stores usernames and passwords in plaintext in (1) pg_shadow and (2) pg_pwd, which allows attackers with sufficient privileges to gain access to databases.

Vulnerable Product Search on Vulmon Subscribe to Product

postgresql postgresql 6.3.2

postgresql postgresql 6.5.3

Exploits

Exploit DB: PostgreSQL 6.3.2/6.5.3 - Cleartext Passwords
source: wwwsecurityfocuscom/bid/1139/info PostgreSQL is a free RDBMS that is released under a Berkeley style license PostgreSQL stores passwords for database users in a binary file called pg_shadow This file is readable by root and the postgres user Unfortunately, these passwords are stored in cleartext form and can be obtained if a us ...

References

NVD-CWE-Otherhttp://www.securityfocus.com/bid/1139http://marc.info/?l=bugtraq&m=95659987018649&w=2https://exchange.xforce.ibmcloud.com/vulnerabilities/4364https://nvd.nist.govhttps://www.exploit-db.com/exploits/19875/
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypassCVE-2024-30051remoteCVE-2024-27954CVE-2023-51483CVE-2023-47782SSRFCVE-2024-24715CVE-2023-52424
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook