CVE-2009-3231
published 2009-09-17CVE-2009-3231: The core server component in PostgreSQL 8.3 before 8.3.8 and 8.2 before 8.2.14, when using LDAP authentication with anonymous binds, allows remote attackers to…
medium6.8CVSS 3.1
AVNACMAuNCPIPAP
The core server component in PostgreSQL 8.3 before 8.3.8 and 8.2 before 8.2.14, when using LDAP authentication with anonymous binds, allows remote attackers to bypass authentication via an empty password.
Affected
12 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| canonical | ubuntu_linux | — | — |
| canonical | ubuntu_linux | — | — |
| canonical | ubuntu_linux | — | — |
| canonical | ubuntu_linux | — | — |
| fedoraproject | fedora | — | — |
| fedoraproject | fedora | — | — |
| opensuse | opensuse | 10.3 – 11.1 | — |
| postgresql | postgresql | >= 8.2 < 8.2.14 | 8.2.14 |
| postgresql | postgresql | >= 8.3 < 8.3.8 | 8.3.8 |
| suse | linux_enterprise | — | — |
| suse | linux_enterprise | — | — |
| suse | linux_enterprise_server | — | — |