Published: 09/08/2006 Updated: 20/07/2017

CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10

VMScore: 668

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

SQL injection vulnerability in Pike prior to 7.6.86, when using a Postgres database server, allows remote malicious users to execute arbitrary SQL commands via unspecified attack vectors.

Vulnerable Product	Search on Vulmon	Subscribe to Product
pike pike 0.5
pike pike 0.6
pike pike
pike pike 7.4
pike pike 7.4.327
pike pike 0.4_pl8
pike pike 7.4.328
pike pike 7.6
pike pike 7.6.36
pike pike 7.0
pike pike 7.2

An SQL injection was discovered in Pike’s PostgreSQL module Applications using a PostgreSQL database and uncommon character encodings could be fooled into running arbitrary SQL commands, which could result in privilege escalation within the application, application data exposure, or denial of service ...

NVD-CWE-Other http://pike.ida.liu.se/download/notes/7.6.86.xml http://security.gentoo.org/glsa/glsa-200608-10.xml http://www.securityfocus.com/bid/19367 http://secunia.com/advisories/20494 http://secunia.com/advisories/21362 http://www.ubuntu.com/usn/usn-367-1 http://secunia.com/advisories/22481 http://www.vupen.com/english/advisories/2006/2209 https://exchange.xforce.ibmcloud.com/vulnerabilities/26992 https://usn.ubuntu.com/367-1/https://nvd.nist.gov

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2006-4041

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect