CVE-2015-6817

Опубликовано: 23 мая 2017

Источник: debian

EPSS Низкий

Описание

PgBouncer 1.6.x before 1.6.1, when configured with auth_user, allows remote attackers to gain login access as auth_user via an unknown username.

Пакет	Статус	Версия исправления	Релиз	Тип
pgbouncer	fixed	1.6.1-1		package
pgbouncer	not-affected		jessie	package
pgbouncer	not-affected		wheezy	package
pgbouncer	not-affected		squeeze	package

http://web.archive.org/web/20150905195759/http://pgbouncer.github.io/2015/09/pgbouncer-1-6-1/
https://github.com/pgbouncer/pgbouncer/issues/69
https://www.openwall.com/lists/oss-security/2015/09/04/3

EPSS

Процентиль: 80%

0.01367

Низкий

CVE-2015-6817

CVSS3: 8.1

ubuntu

больше 8 лет назад

PgBouncer 1.6.x before 1.6.1, when configured with auth_user, allows remote attackers to gain login access as auth_user via an unknown username.

CVE-2015-6817

CVSS3: 8.1

nvd

больше 8 лет назад

PgBouncer 1.6.x before 1.6.1, when configured with auth_user, allows remote attackers to gain login access as auth_user via an unknown username.

GHSA-hrw5-48mv-4v6h

CVSS3: 8.1

github

больше 3 лет назад

PgBouncer 1.6.x before 1.6.1, when configured with auth_user, allows remote attackers to gain login access as auth_user via an unknown username.

EPSS

Процентиль: 80%

0.01367

Низкий