7.5
CVE-2001-1369
- EPSS 1.65%
- Veröffentlicht 10.09.2001 04:00:00
- Zuletzt bearbeitet 16.06.2026 21:56:08
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
LoginLeon J Breedt pam-pgsql before 0.5.2 allows remote attackers to execute arbitrary SQL code and bypass authentication or modify user account records by injecting SQL statements into user or password fields.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Leon J Breedt ≫ Pam-pgsql Version0.5.1
Leon J Breedt ≫ Pam-pgsql Version0.5.2
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 1.65% | 0.734 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.5 | 10 | 6.4 |
AV:N/AC:L/Au:N/C:P/I:P/A:P
|
ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:14.pam-pgsql.asc
http://www.iss.net/security_center/static/7110.php
http://www.securityfocus.com/bid/3319