Leon J Breedt: >> Pam-Pgsql Security Vulnerabilities
Format string vulnerability in pam-pgsql 0.5.2 and earlier allows remote attackers to execute arbitrary code via the username that isp rovided during authentication, which is not properly handled when recording a log message.
CVSS Score
7.5
EPSS Score
0.019
Published
2003-08-27
Leon J Breedt pam-pgsql before 0.5.2 allows remote attackers to execute arbitrary SQL code and bypass authentication or modify user account records by injecting SQL statements into user or password fields.
CVSS Score
7.5
EPSS Score
0.005
Published
2001-09-10