Title: Pam-PGSQL Username Logging Remote Format String Vulnerability
Severity: CRITICAL
Description:
Leon J Breedt's 'pam-pgsql' is a PAM authentication module to be used with PostgreSQL.
pam-pgsql has been reported prone to a remote format string vulnerability.
It has been reported that a remote attacker may supply malicious format string specifiers as a username, to a program that is requesting PAM authentication (HTTP, SSH, telnet, etc). The username will be later processed, during logging procedures in pam-pgsql.
When logging the malicious username data, the format specifiers embedded in the username, may be interpreted literally by an erroneous implementation of a format function. This issue may be leveraged by the attacker to corrupt arbitrary memory and potentially execute arbitrary instructions in the context of the program that is requesting PAM authentication.
Affected Products:
- Debian Linux 3.0.0 alpha
- Debian Linux 3.0.0 arm
- Debian Linux 3.0.0 hppa
- Debian Linux 3.0.0 ia-32
- Debian Linux 3.0.0 ia-64
- Debian Linux 3.0.0 m68k
- Debian Linux 3.0.0 mips
- Debian Linux 3.0.0 mipsel
- Debian Linux 3.0.0 ppc
- Debian Linux 3.0.0 s/390
- Debian Linux 3.0.0 sparc
- Leon J Breedt pam-pgsql 0.5.1
- Leon J Breedt pam-pgsql 0.5.2
Juniper Networks provides this content via a wide variety of sources and production methods. If notified of errors or omissions in the content of this page, Juniper Networks, at its discretion, will modify or remove the page or leave the content as is, depending on various factors including but not limited to the reputation and authority of the party providing the notification. Please use the contact information displayed elsewhere on this page to report any errors or omissions regarding the content on this page.
