Description

PostgreSQL stores usernames and passwords in plaintext in (1) pg_shadow and (2) pg_pwd, which allows attackers with sufficient privileges to gain access to databases.

Remediation

References

CVE-2000-1199

Related Vulnerabilities

Oracle Database Server CVE-2007-2118 Vulnerability (CVE-2007-2118)

Apache Traffic Server Improper Input Validation Vulnerability (CVE-2010-2952)

WordPress Plugin TeraWallet-For WooCommerce Insecure Direct Object Reference (1.4.3)

Cherokee Out-of-bounds Write Vulnerability (CVE-2019-20800)

TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2010-3674)

Severity

Medium

Classification

CVE-2000-1199

Tags

Missing Update Known Vulnerabilities