CVE-2005-3656
Published: 31 December 2005
Multiple format string vulnerabilities in logging functions in mod_auth_pgsql before 2.0.3, when used for user authentication against a PostgreSQL database, allows remote unauthenticated attackers to execute arbitrary code, as demonstrated via the username.
Priority
Status
Package | Release | Status |
---|---|---|
libapache2-mod-auth-pgsql Launchpad, Ubuntu, Debian |
dapper |
Released
(2.0.3-2)
|
edgy |
Released
(2.0.3-2)
|
|
feisty |
Released
(2.0.3-2)
|
|
upstream |
Needs triage
|