Security Advisory

CVE-2000-0957

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2001-01-22 05:00:00

Last updated 2024-08-08 05:37:31

Assigner mitre

State PUBLISHED

Description

The pluggable authentication module for mysql (pam_mysql) before 0.4.7 does not properly cleanse user input when constructing SQL statements, which allows attackers to obtain plaintext passwords or hashes.

← Browse all CVEs View on cve.org ↗