The core server component in PostgreSQL 8.3 before 8.3.8 and 8.2 before 8.2.14, when using LDAP authentication with anonymous binds, allows remote attackers to bypass authentication via an empty password.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2009-09-17T10:00:00

Updated: 2024-08-07T06:22:23.182Z

Reserved: 2009-09-16T00:00:00

Link: CVE-2009-3231

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Analyzed

Published: 2009-09-17T10:30:01.233

Modified: 2024-02-13T17:41:48.773

Link: CVE-2009-3231

cve-icon Redhat

Severity : Important

Publid Date: 2009-09-09T00:00:00Z

Links: CVE-2009-3231 - Bugzilla