The PostgreSQL authentication modules (1) mod_auth_pgsql 0.9.5, and (2) mod_auth_pgsql_sys 0.9.4, allow remote malicious users to bypass authentication and execute arbitrary SQL via a SQL injection attack on the user name.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
guiseppe tanzilli and matthias eckermann mod auth pgsql 0.9.5 |
||
guiseppe tanzilli and matthias eckermann mod auth pgsql 0.9.6 |