Back to search
CVE-2015-6817
Published: May 23, 2017
Modified: Aug 6, 2024
PUBLISHED
Description
PgBouncer 1.6.x before 1.6.1, when configured with auth_user, allows remote attackers to gain login access as auth_user via an unknown username.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
GLSA-201701-24
vendor-advisory
x_refsource_GENTOO
https://pgbouncer.github.io/2015/09/pgbouncer-1-6-1
x_refsource_CONFIRM
[oss-security] 20150905 Re: CVE Request: PgBouncer: failed auth_query lookup leads to connection as auth_user
mailing-list
x_refsource_MLIST
https://github.com/pgbouncer/pgbouncer/issues/69
x_refsource_CONFIRM
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now