Vulnerabilities > CVE-2000-1199 - Unspecified vulnerability in Postgresql 6.3.2/6.5.3
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN postgresql
exploit available
Summary
PostgreSQL stores usernames and passwords in plaintext in (1) pg_shadow and (2) pg_pwd, which allows attackers with sufficient privileges to gain access to databases.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 2 |
Exploit-Db
description | PostgreSQL 6.3.2/6.5.3 Cleartext Passwords Vulnerability. CVE-2000-1199. Local exploit for immunix platform |
id | EDB-ID:19875 |
last seen | 2016-02-02 |
modified | 2000-04-23 |
published | 2000-04-23 |
reporter | Robert van der Meulen |
source | https://www.exploit-db.com/download/19875/ |
title | PostgreSQL 6.3.2/6.5.3 Cleartext Passwords Vulnerability |
Statements
contributor | Mark J Cox |
lastmodified | 2007-03-14 |
organization | Red Hat |
statement | Red Hat Enterprise Linux 5 is not vulnerable to this issue as it contains a backported patch. |