MidnightBSD

Advisories for leon_j_breedt

CVE-2001-1369 HIGH

Leon J Breedt pam-pgsql before 0.5.2 allows remote attackers to execute arbitrary SQL code and bypass authentication or modify user account records by injecting SQL statements into user or password fields.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
leon_j_breedt pam-pgsql 0.5.1
leon_j_breedt pam-pgsql 0.5.2
CVE-2003-0672 HIGH

Format string vulnerability in pam-pgsql 0.5.2 and earlier allows remote attackers to execute arbitrary code via the username that isp rovided during authentication, which is not properly handled when recording a log message.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
leon_j_breedt pam-pgsql 0.5.1
leon_j_breedt pam-pgsql 0.5.2