CVE-2003-0672

Format string vulnerability in pam-pgsql 0.5.2 and earlier allows remote attackers to execute arbitrary code via the username that isp rovided during authentication, which is not properly handled when recording a log message...

Debian Security Advisory DSA 370-1 (pam-pgsql)

The remote host is missing an update to pam-pgsql announced via advisory DSA 370-1. OpenVAS Vulnerability Test $Id: deb3701.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 370-1 Authors: Thomas Reinke Copyright: Copyright c 2007 E-Soft Inc...

CVE-2003-0672

Format string vulnerability in pam-pgsql 0.5.2 and earlier allows remote attackers to execute arbitrary code via the username that isp rovided during authentication, which is not properly handled when recording a log message...

CVE-2003-0672

CVE-2003-0672 describes a format-string vulnerability in pam-pgsql 0.5.2 and earlier, where the username supplied during authentication is treated as a format string when writing logs. This can allow remote attackers to execute arbitrary code with the privileges of the PAM-authenticating process....

CVE-2003-0672

Removed by vendor...