CVE-2009-3231
Published: 17 September 2009
The core server component in PostgreSQL 8.3 before 8.3.8 and 8.2 before 8.2.14, when using LDAP authentication with anonymous binds, allows remote attackers to bypass authentication via an empty password.
Priority
Status
Package | Release | Status |
---|---|---|
postgresql-8.3 Launchpad, Ubuntu, Debian |
upstream |
Released
(8.3.8)
|
dapper |
Does not exist
|
|
hardy |
Released
(8.3.8-0ubuntu8.04)
|
|
intrepid |
Released
(8.3.8-0ubuntu8.10)
|
|
jaunty |
Released
(8.3.8-0ubuntu9.04)
|