返回 CVE 瀏覽器

CVE-2005-3656

CRITICAL

10.0

CVSS Severity Score

EPSS Score0.0510%

EPSS Percentile17.47th

Published2005年12月31日

Last Modified2026年4月16日

Vulnerability Description

Multiple format string vulnerabilities in logging functions in mod_auth_pgsql before 2.0.3, when used for user authentication against a PostgreSQL database, allows remote unauthenticated attackers to execute arbitrary code, as demonstrated via the username.

Affected Platforms (CPE)

📦

Guiseppe Tanzilli And Matthias Eckermann

Mod Auth Pgsql

<= 2.0.3

📦

Guiseppe Tanzilli And Matthias Eckermann

Mod Auth Pgsql

= 0.9.5

📦

Guiseppe Tanzilli And Matthias Eckermann

Mod Auth Pgsql

= 0.9.6

References & Advisories

🔗 ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U

🔗 http://secunia.com/advisories/18304

🔗 http://secunia.com/advisories/18321

🔗 http://secunia.com/advisories/18347

🔗 http://secunia.com/advisories/18348

🔗 http://secunia.com/advisories/18350

🔗 http://secunia.com/advisories/18397

🔗 http://secunia.com/advisories/18403

相關漏洞威脅

CVE-2001-13797.5

The PostgreSQL authentication modules (1) mod_auth_pgsql 0.9.5, and (2) mod_auth_pgsql_sys 0.9.4, allow remote attackers to bypass...

CVE-2026-121917.8

A vulnerability was found in Comma AI Openpilot 0.11. This issue affects the function pickle.load/pickle.loads of the file selfdri...

CVE-2026-121905.3

A vulnerability has been found in Genspark AI Workspace App 2.8.4 on Android. This vulnerability affects unknown code of the compo...

CVE-2026-121895.3

A flaw has been found in Moovit Bus & Public Transit App 1.18 on Android. This affects an unknown part of the component com.tranzm...