Libpam Pgsql
by Libpam Pgsql
CVEs (3)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2013-0191 | 0.00 | — | 0.02 | Jun 3, 2014 | libpam-pgsql (aka pam_pgsql) 0.7 does not properly handle a NULL value returned by the password search query, which allows remote attackers to bypass authentication via a crafted password. | |||
| CVE-2008-2516 | 0.00 | — | 0.00 | Jun 3, 2008 | pam_sm_authenticate in pam_pgsql.c in libpam-pgsql 0.6.3 does not properly consider operator precedence when evaluating the success of a pam_get_pass function call, which allows local users to gain privileges via a SIGINT signal when this function is executing, as demonstrated… | |||
| CVE-2004-0366 | 0.00 | — | 0.01 | May 4, 2004 | SQL injection vulnerability in the libpam-pgsql library before 0.5.2 allows attackers to execute arbitrary SQL statements. |
- CVE-2013-0191Jun 3, 2014risk 0.00cvss —epss 0.02
libpam-pgsql (aka pam_pgsql) 0.7 does not properly handle a NULL value returned by the password search query, which allows remote attackers to bypass authentication via a crafted password.
- CVE-2008-2516Jun 3, 2008risk 0.00cvss —epss 0.00
pam_sm_authenticate in pam_pgsql.c in libpam-pgsql 0.6.3 does not properly consider operator precedence when evaluating the success of a pam_get_pass function call, which allows local users to gain privileges via a SIGINT signal when this function is executing, as demonstrated…
- CVE-2004-0366May 4, 2004risk 0.00cvss —epss 0.01
SQL injection vulnerability in the libpam-pgsql library before 0.5.2 allows attackers to execute arbitrary SQL statements.