VYPR

Libpam Pgsql

by Libpam Pgsql

CVEs (3)

  • CVE-2013-0191Jun 3, 2014
    risk 0.00cvss epss 0.02

    libpam-pgsql (aka pam_pgsql) 0.7 does not properly handle a NULL value returned by the password search query, which allows remote attackers to bypass authentication via a crafted password.

  • CVE-2008-2516Jun 3, 2008
    risk 0.00cvss epss 0.00

    pam_sm_authenticate in pam_pgsql.c in libpam-pgsql 0.6.3 does not properly consider operator precedence when evaluating the success of a pam_get_pass function call, which allows local users to gain privileges via a SIGINT signal when this function is executing, as demonstrated…

  • CVE-2004-0366May 4, 2004
    risk 0.00cvss epss 0.01

    SQL injection vulnerability in the libpam-pgsql library before 0.5.2 allows attackers to execute arbitrary SQL statements.