CVE-2005-4713

Name of the Vulnerable Software and Affected Versions PAM-MySQL versions 0.6.x through 0.6.1 PAM-MySQL versions 0.7.x through 0.7pre2

Description The issue allows remote attackers to cause a denial of service, resulting in a segmentation fault. This is likely related to the pam mysql sql log function, possibly when used in conjunction with vsftpd, due to the absence of the IP address argument in an sprintf call.

Recommendations For PAM-MySQL versions 0.6.x through 0.6.1, update to version 0.6.2 or later. For PAM-MySQL versions 0.7.x through 0.7pre2, update to version 0.7pre3 or later.