← voltar
CVE-2009-3231

CVE-2009-3231

EPSS 7.6%
The core server component in PostgreSQL 8.3 before 8.3.8 and 8.2 before 8.2.14, when using LDAP authentication with anonymous binds, allows remote attackers to bypass authentication via an empty password.
Produtos afetados
n/a · n/a

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
http://lists.opensuse.org/opensuse-security-announce/2009-10/msg00001.htmlhttp://lists.opensuse.org/opensuse-security-announce/2009-10/msg00004.htmlhttp://marc.info/?l=bugtraq&m=134124585221119&w=2https://bugzilla.redhat.com/show_bug.cgi?id=522084http://secunia.com/advisories/36660http://secunia.com/advisories/36727http://secunia.com/advisories/36800http://secunia.com/advisories/36837https://www.redhat.com/archives/fedora-package-announce/2009-September/msg00305.htmlhttps://www.redhat.com/archives/fedora-package-announce/2009-September/msg00307.htmlhttp://wiki.rpath.com/wiki/Advisories:rPSA-2010-0012http://www.postgresql.org/docs/8.3/static/release-8-3-8.html