exploitDog

CVE-2003-0500

Опубликовано: 07 авг. 2003

Источник: nvd

CVSS2: 10

EPSS Низкий

Описание

SQL injection vulnerability in the PostgreSQL authentication module (mod_sql_postgres) for ProFTPD before 1.2.9rc1 allows remote attackers to execute arbitrary SQL and gain privileges by bypassing authentication or stealing passwords via the USER name.

Ссылки

http://lists.grok.org.uk/pipermail/full-disclosure/2003-June/005826.html
http://www.debian.org/security/2003/dsa-338
Patch
Vendor Advisory
http://lists.grok.org.uk/pipermail/full-disclosure/2003-June/005826.html
http://www.debian.org/security/2003/dsa-338
Patch
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:proftpd_project:proftpd:1.2.9_rc1:*:*:*:*:*:*:*

EPSS

Процентиль: 81%

0.01558

Низкий

10 Critical

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

CVE-2003-0500

debian

около 22 лет назад

SQL injection vulnerability in the PostgreSQL authentication module (m ...

GHSA-wggx-8v47-w9m4

github

больше 3 лет назад

SQL injection vulnerability in the PostgreSQL authentication module (mod_sql_postgres) for ProFTPD before 1.2.9rc1 allows remote attackers to execute arbitrary SQL and gain privileges by bypassing authentication or stealing passwords via the USER name.

EPSS

Процентиль: 81%

0.01558

Низкий

10 Critical

CVSS2

Дефекты

NVD-CWE-Other