Vulnerabilities > CVE-2000-1199 - Unspecified vulnerability in Postgresql 6.3.2/6.5.3

047910
CVSS 0.0 - NONE
Attack vector
UNKNOWN
Attack complexity
UNKNOWN
Privileges required
UNKNOWN
Confidentiality impact
UNKNOWN
Integrity impact
UNKNOWN
Availability impact
UNKNOWN
postgresql
exploit available
NVD
Published: 2001-08-31
Updated: 2017-12-19

Summary

PostgreSQL stores usernames and passwords in plaintext in (1) pg_shadow and (2) pg_pwd, which allows attackers with sufficient privileges to gain access to databases.

Vulnerable Configurations

Part Description Count
Application
Postgresql
2

Exploit-Db

descriptionPostgreSQL 6.3.2/6.5.3 Cleartext Passwords Vulnerability. CVE-2000-1199. Local exploit for immunix platform
idEDB-ID:19875
last seen2016-02-02
modified2000-04-23
published2000-04-23
reporterRobert van der Meulen
sourcehttps://www.exploit-db.com/download/19875/
titlePostgreSQL 6.3.2/6.5.3 Cleartext Passwords Vulnerability

Statements

contributorMark J Cox
lastmodified2007-03-14
organizationRed Hat
statementRed Hat Enterprise Linux 5 is not vulnerable to this issue as it contains a backported patch.

References