CVE Vulnerabilities

CVE-2005-4713

Published: Dec 31, 2005 | Modified: Mar 08, 2011
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
5 MEDIUM
AV:N/AC:L/Au:N/C:N/I:N/A:P
RedHat/V2
RedHat/V3
Ubuntu

Unspecified vulnerability in the SQL logging facility in PAM-MySQL 0.6.x before 0.6.2 and 0.7.x before 0.7pre3 allows remote attackers to cause a denial of service (segmentation fault) via unspecified vectors, probably involving the pam_mysql_sql_log function when being used in vsftpd, which does not include the IP address argument to an sprintf call.

Affected Software

Name Vendor Start Version End Version
Pam_mysql Pam_mysql 0.7_pre1 0.7_pre1
Pam_mysql Pam_mysql 0.5 0.5
Pam_mysql Pam_mysql 0.4.7 0.4.7
Pam_mysql Pam_mysql 0.1 0.1
Pam_mysql Pam_mysql 0.6 0.6
Pam_mysql Pam_mysql 0.7_pre2 0.7_pre2
Pam_mysql Pam_mysql 0.4 0.4
Pam_mysql Pam_mysql 0.3 0.3
Pam_mysql Pam_mysql 0.2 0.2

References