Debian: Security Advisory (DSA-469)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Update Protection against A Format String Vulnerability in mod_auth_pgsql for Apache

A vulnerability exists in multiple versions of an authentication module modauthpgsql for Apache httpd. To exploit this vulnerability, a user can supply specially crafted information to trigger a flaw in certain logging functions of the module. Successful exploitation could result in the execution...

CVE-2006-0410

SQL injection vulnerability in ADOdb before 4.71, when using PostgreSQL, allows remote attackers to execute arbitrary SQL commands via unspecified attack vectors involving binary strings...

Fedora Core 3 : mod_auth_pgsql-2.0.1-6.2 (2006-014)

Several format string flaws were found in the way modauthpgsql logs information. It may be possible for a remote attacker to execute arbitrary code as the 'apache' user if modauthpgsql is used for user authentication. The Common Vulnerabilities and Exposures project assigned the name CVE-2005-365...

mod_auth_pgsql security update

CentOS Errata and Security Advisory CESA-2006:0164 Updated modauthpgsql packages that fix format string security issues are now available for Red Hat Enterprise Linux 3 and 4. This update has been rated as having critical security impact by the Red Hat Security Response Team. The modauthpgsql...

CVE-2005-3656

Multiple format string vulnerabilities in logging functions in modauthpgsql before 2.0.3, when used for user authentication against a PostgreSQL database, allows remote unauthenticated attackers to execute arbitrary code, as demonstrated via the username...

PostgreSQL database multiple vulnerabilities

DoS, buffer overflow in charset conversion functions...

PostgreSQL Database Server privilege escalation

By using LOAD command it's possible to load dynamic library with server process privileges. Buffer overflow on large cursor's arguments number. Protection bypass on functions execution...

RHEL 3 : rh-postgresql (RHSA-2004:489)

Updated rh-postgresql packages that fix various bugs are now available. PostgreSQL is an advanced Object-Relational database management system DBMS that supports almost all SQL constructs including transactions, subselects, and user-defined types and functions. Trustix has identified improper...

[SECURITY] [DSA 229-1] New IMP packages fix SQL injection

-------------------------------------------------------------------------- Debian Security Advisory DSA 229-1 [email protected] http://www.debian.org/security/ Martin Schulze January 15th, 2003 http://www.debian.org/security/faq -...

DSA-229 imp - SQL injection

Bulletin has no description...

RUS-CERT Advisory 2001-09:01

Vulnerabilities in PAM and NSS modules using a PostgreSQL database During investigating the problem described in RUS-CERT Advisory 2001-08:01, it became evident that a few PAM and NSS modules which use PostgreSQL as database backend are vulnerable to SQL code injections attacks, too. Systems...

PostgreSQL Default Unpassworded Account

It is possible to connect to the remote PostgreSQL database server using an unpassworded account. This may allow an attacker to launch further attacks against the database. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if description...