Search Results (Refine Search)
- Results Type: Overview
- Keyword (text search): cpe:2.3:a:postgresql:postgresql:7.3.19:*:*:*:*:*:*:*
- CPE Name Search: true
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2007-3278 |
PostgreSQL 8.1 and probably later versions, when local trust authentication is enabled and the Database Link library (dblink) is installed, allows remote attackers to access arbitrary accounts and execute arbitrary SQL queries via a dblink host parameter that proxies the connection from 127.0.0.1. Published: June 19, 2007; 5:30:00 PM -0400 |
V3.x:(not available) V2.0: 6.9 MEDIUM |
CVE-2002-1657 |
PostgreSQL uses the username for a salt when generating passwords, which makes it easier for remote attackers to guess passwords via a brute force attack. Published: December 31, 2002; 12:00:00 AM -0500 |
V3.1: 7.5 HIGH V2.0: 5.0 MEDIUM |