PT-2000-1868 · Mysql Server · Pam-Mysql

Published

2000-12-19

Updated

2017-10-10

CVE-2000-0957

CVSS v2.0

7.5

High

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions pam mysql versions prior to 0.4.7

Description The issue concerns the pluggable authentication module for mysql (pam mysql) and its failure to properly cleanse user input when constructing SQL statements. This allows attackers to obtain plaintext passwords or hashes.

Recommendations For versions prior to 0.4.7, update to version 0.4.7 or later to resolve the issue.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2000-0957

Affected Products

Pam-Mysql

PT-2000-1868 · Mysql Server · Pam-Mysql

CVE-2000-0957

Related Identifiers

Affected Products

References · 3