SQL Injection Vulnerability in pam_mysql Plugin for MySQL Authentication

SQL Injection Vulnerability in pam_mysql Plugin for MySQL Authentication

CVE-2000-0957 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

The pluggable authentication module for mysql (pam_mysql) before 0.4.7 does not properly cleanse user input when constructing SQL statements, which allows attackers to obtain plaintext passwords or hashes.

Learn more about our Cis Benchmark Audit For Microsoft Sql Server.