Candidate: CVE-2009-3231
PublicDate: 2009-09-17 10:30:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3231
 https://ubuntu.com/security/notices/USN-834-1
Description:
 The core server component in PostgreSQL 8.3 before 8.3.8 and 8.2 before
 8.2.14, when using LDAP authentication with anonymous binds, allows remote
 attackers to bypass authentication via an empty password.
Ubuntu-Description:
Notes:
Bugs:
Priority: low
Discovered-by:
Assigned-to: pitti
CVSS: 

Patches_postgresql-8.3:
upstream_postgresql-8.3: released (8.3.8)
dapper_postgresql-8.3: DNE
hardy_postgresql-8.3: released (8.3.8-0ubuntu8.04)
intrepid_postgresql-8.3: released (8.3.8-0ubuntu8.10)
jaunty_postgresql-8.3: released (8.3.8-0ubuntu9.04)
devel_postgresql-8.3: not-affected (8.3.8-1)