Description

The core server component in PostgreSQL 8.3 before 8.3.8 and 8.2 before 8.2.14, when using LDAP authentication with anonymous binds, allows remote attackers to bypass authentication via an empty password.

Remediation

References

CVE-2009-3231

Related Vulnerabilities

WordPress Plugin MStore API-Create Native Android & iOS Apps On The Cloud Security Bypass (3.9.2)

WordPress Plugin Qyrr-simply and modern QR-Code creation Cross-Site Scripting (0.6)

Drupal Core 9.3.x Cross-Site Scripting (9.3.0 - 9.3.18)

WordPress Plugin Simple add pages or posts Cross-Site Request Forgery (1.6)

Joomla Improper Authentication Vulnerability (CVE-2014-6632)

Severity

Medium

Classification

CVE-2009-3231 CWE-287

Tags

Missing Update Known Vulnerabilities