Family: Debian Local Security Checks --> Category: infos
[DSA469] DSA-469-1 pam-pgsql Vulnerability Scan
Vulnerability Scan Summary
Detailed Explanation for this Vulnerability Test
Primoz Bratanic discovered a bug in libpam-pgsql, a PAM module to
authenticate using a PostgreSQL database. The library does not escape
all user-supplied data that are sent to the database. A possible hacker
could exploit this bug to insert SQL statements.
For the stable distribution (woody) this problem has been fixed in
For the unstable distribution (sid) this problem has been fixed in
We recommend that you upgrade your libpam-pgsql package.
Solution : http://www.debian.org/security/2004/dsa-469
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.