Format String Vulnerability in pam-pgsql by Debian
CVE-2003-0672

Currently unrated

Key Information:

Vendor: Leon J Breedt
Status: Pam-pgsql
Vendor: CVE Published:; 27 August 2003

🔔 Create Leon J Breedt Vulnerability Alert

What is CVE-2003-0672?

The pam-pgsql module for Debian contains a format string vulnerability that could allow remote attackers to execute arbitrary code under certain circumstances. This vulnerability arises when the username provided during authentication is improperly handled while logging the message, potentially leading to unauthorized access and system compromise. Proper validation and sanitization mechanisms should be implemented to mitigate this risk.

References

http://www.debian.org/security/2003/dsa-370

vendor-advisoryx_refsource_DEBIAN

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
Aug 27, 2003

CVE-2003-0672 Data

JSON