The add_database function in objects.c in the pgbouncer pooler 1.5.2 for PostgreSQL allows remote attackers to cause a denial of service (daemon outage) via a long database name in a request.

...

PT-2012-5484 · Pgbouncer · Pgbouncer

Name of the Vulnerable Software and Affected Versions: pgbouncer version 1.5.2 Description: The issue allows remote attackers to cause a denial of service, resulting in a daemon outage. This is achieved by sending a request with a long database name to the add database function in objects.c...