Vulnerability Description
Leon J Breedt pam-pgsql before 0.5.2 allows remote attackers to execute arbitrary SQL code and bypass authentication or modify user account records by injecting SQL statements into user or password fields.
CVSS Score
7.5
HIGH
AV:N/AC:L/Au:N/C:P/I:P/A:P
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Leon J Breedt | Pam-Pgsql | 0.5.1 |
References
- ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:14.pam-pgsql.asc
- http://www.iss.net/security_center/static/7110.phpPatchVendor Advisory
- http://www.securityfocus.com/bid/3319
- ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:14.pam-pgsql.asc
- http://www.iss.net/security_center/static/7110.phpPatchVendor Advisory
- http://www.securityfocus.com/bid/3319
FAQ
What is CVE-2001-1369?
CVE-2001-1369 is a vulnerability with a CVSS score of 7.5 (HIGH). Leon J Breedt pam-pgsql before 0.5.2 allows remote attackers to execute arbitrary SQL code and bypass authentication or modify user account records by injecting SQL statements into user or password fi...
How severe is CVE-2001-1369?
CVE-2001-1369 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2001-1369?
Check the references section above for vendor advisories and patch information. Affected products include: Leon J Breedt Pam-Pgsql.