The pluggable authentication module for mysql (pam_mysql) before 0.4.7 does not properly cleanse user input when constructing SQL statements, which allows attackers to obtain plaintext passwords or hashes.
References
Link | Resource |
---|---|
http://archives.neohapsis.com/archives/bugtraq/2000-10/0374.html | Patch Vendor Advisory |
https://exchange.xforce.ibmcloud.com/vulnerabilities/5447 |
Configurations
Configuration 1 (hide)
|
History
No history.
Information
Published : 2000-12-19 05:00
Updated : 2024-02-04 16:31
NVD link : CVE-2000-0957
Mitre link : CVE-2000-0957
CVE.ORG link : CVE-2000-0957
JSON object : View
Products Affected
pam_mysql
- pam_mysql
CWE