VYPR

Mod Auth Pgsql

by Guiseppe Tanzilli And Matthias Eckermann

CVEs (2)

  • CVE-2005-3656Dec 31, 2005
    risk 0.01cvss epss 0.09

    Multiple format string vulnerabilities in logging functions in mod_auth_pgsql before 2.0.3, when used for user authentication against a PostgreSQL database, allows remote unauthenticated attackers to execute arbitrary code, as demonstrated via the username.

  • CVE-2001-1379Aug 29, 2001
    risk 0.00cvss epss 0.02

    The PostgreSQL authentication modules (1) mod_auth_pgsql 0.9.5, and (2) mod_auth_pgsql_sys 0.9.4, allow remote attackers to bypass authentication and execute arbitrary SQL via a SQL injection attack on the user name.