← volver
CVE-2009-3231

CVE-2009-3231

EPSS 7.6%
The core server component in PostgreSQL 8.3 before 8.3.8 and 8.2 before 8.2.14, when using LDAP authentication with anonymous binds, allows remote attackers to bypass authentication via an empty password.
Productos afectados
n/a · n/a

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
http://lists.opensuse.org/opensuse-security-announce/2009-10/msg00001.htmlhttp://lists.opensuse.org/opensuse-security-announce/2009-10/msg00004.htmlhttp://marc.info/?l=bugtraq&m=134124585221119&w=2https://bugzilla.redhat.com/show_bug.cgi?id=522084http://secunia.com/advisories/36660http://secunia.com/advisories/36727http://secunia.com/advisories/36800http://secunia.com/advisories/36837https://www.redhat.com/archives/fedora-package-announce/2009-September/msg00305.htmlhttps://www.redhat.com/archives/fedora-package-announce/2009-September/msg00307.htmlhttp://wiki.rpath.com/wiki/Advisories:rPSA-2010-0012http://www.postgresql.org/docs/8.3/static/release-8-3-8.html