pam-pgsql format string bug

Format string bug in username...

[SECURITY] [DSA-370-1] New pam-pgsql packages fix format string vulnerability

-------------------------------------------------------------------------- Debian Security Advisory DSA 370-1 [email protected] http://www.debian.org/security/ Matt Zimmerman August 8th, 2003 http://www.debian.org/security/faq -...

DSA-370 pam-pgsql - format string

Bulletin has no description...

CVE-2001-1369

The CVE-2001-1369 issue affects pam-pgsql prior to 0.5.2. It allows remote attackers to bypass authentication or modify user records by injecting SQL into the user or password fields, thereby executing arbitrary SQL. Root cause is SQL injection in authentication-related input. The provided docume...

CVE-2001-1089

libnss-pgsql in nss-pgsql 0.9.0 and earlier allows remote attackers to execute arbitrary SQL queries by inserting SQL code into an HTTP request...

CVE-2001-1089

Summary of CVE-2001-1089: The vulnerable component is libnss-pgsql in the nss-pgsql package (version 0.9.0 and earlier). The issue allows remote attackers to execute arbitrary SQL queries by injecting SQL code into an HTTP request, indicating a server-side input handling flaw that can affect conf...

FreeBSD-SA-02:14.pam-pgsql

-----BEGIN PGP SIGNED MESSAGE----- ============================================================================= FreeBSD-SA-02:14 Security Advisory FreeBSD, Inc. Topic: pam-pgsql port authentication bypass Category: ports Module: pam-pgsql Announced: 2002-03-12 Credits: Jacques A. Vidrine Affects...

CVE-2001-1369

Leon J Breedt pam-pgsql before 0.5.2 allows remote attackers to execute arbitrary SQL code and bypass authentication or modify user account records by injecting SQL statements into user or password fields...

CVE-2001-1089

libnss-pgsql in nss-pgsql 0.9.0 and earlier allows remote attackers to execute arbitrary SQL queries by inserting SQL code into an HTTP request...