Lucene search
HistoryAug 07, 2003 - 4:00 a.m.
CVE-2003-0500
CVSS2
10
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
AI Score
8.4
Confidence
Low
EPSS
0.002
Percentile
59.3%
SQL injection vulnerability in the PostgreSQL authentication module (mod_sql_postgres) for ProFTPD before 1.2.9rc1 allows remote attackers to execute arbitrary SQL and gain privileges by bypassing authentication or stealing passwords via the USER name.
Affected configurations
Node
proftpd_projectproftpdMatch1.2.9_rc1
| Vendor | Product | Version | CPE |
|---|---|---|---|
| proftpd_project | proftpd | 1.2.9_rc1 | cpe:2.3:a:proftpd_project:proftpd:1.2.9_rc1:*:*:*:*:*:*:* |
Related
osv
osv
proftpd - SQL injection
2003-06-29 00:00:00
nessus
nessus
Debian DSA-338-1 : proftpd - SQL injection
2004-09-29 00:00:00
cvelist
cvelist
CVE-2003-0500
2003-07-04 04:00:00
openvas
openvas
Debian: Security Advisory (DSA-338)
2008-01-17 00:00:00
Debian Security Advisory DSA 338-1 (x-face-el)
2008-01-17 00:00:00
cve
cve
CVE-2003-0500
2003-08-07 04:00:00
exploitdb
exploitdb
ProFTPd 1.2.9 RC1 - 'mod_sql' SQL Injection
2003-06-19 00:00:00
CVSS2
10
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
AI Score
8.4
Confidence
Low
EPSS
0.002
Percentile
59.3%
Related for NVD:CVE-2003-0500