Lucene search
MitreCVE-2003-0500HistoryAug 07, 2003 - 4:00 a.m.
CVE-2003-0500
2003-08-0704:00:00
mitre
web.nvd.nist.gov
33
cve-2003-0500
sql injection
postgresql
proftpd
authentication
remote attackers
arbitrary sql
privilege escalation
nvd
CVSS2
10
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
AI Score
8.4
Confidence
Low
EPSS
0.002
Percentile
59.3%
SQL injection vulnerability in the PostgreSQL authentication module (mod_sql_postgres) for ProFTPD before 1.2.9rc1 allows remote attackers to execute arbitrary SQL and gain privileges by bypassing authentication or stealing passwords via the USER name.
Affected configurations
Node
proftpd_projectproftpdMatch1.2.9_rc1
| Vendor | Product | Version | CPE |
|---|---|---|---|
| proftpd_project | proftpd | 1.2.9_rc1 | cpe:2.3:a:proftpd_project:proftpd:1.2.9_rc1:*:*:*:*:*:*:* |
Related
osv
osv
proftpd - SQL injection
2003-06-29 00:00:00
nessus
nessus
Debian DSA-338-1 : proftpd - SQL injection
2004-09-29 00:00:00
cvelist
cvelist
CVE-2003-0500
2003-07-04 04:00:00
openvas
openvas
Debian: Security Advisory (DSA-338)
2008-01-17 00:00:00
Debian Security Advisory DSA 338-1 (x-face-el)
2008-01-17 00:00:00
nvd
nvd
CVE-2003-0500
2003-08-07 04:00:00
exploitdb
exploitdb
ProFTPd 1.2.9 RC1 - 'mod_sql' SQL Injection
2003-06-19 00:00:00
CVSS2
10
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
AI Score
8.4
Confidence
Low
EPSS
0.002
Percentile
59.3%
Related for CVE-2003-0500