Description

PostgreSQL stores usernames and passwords in plaintext in (1) pg_shadow and (2) pg_pwd, which allows attackers with sufficient privileges to gain access to databases.

Remediation

References

CVE-2000-1199

Related Vulnerabilities

WordPress Plugin Contact Form 7 Redirect & Thank You Page Cross-Site Request Forgery (1.0.3)

Oracle JRE CVE-2013-0446 Vulnerability (CVE-2013-0446)

WordPress Plugin FileBird-WordPress Media Library Folders & File Manager SQL Injection (4.7.3)

WordPress Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2009-3890)

Lighttpd Resource Management Errors Vulnerability (CVE-2012-5533)

Severity

Medium

Classification

CVE-2000-1199

Tags

Missing Update Known Vulnerabilities