CVE-2005-3656
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2005-3656
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
Multiple format string vulnerabilities in logging functions in mod_auth_pgsql before 2.0.3, when used for user authentication against a PostgreSQL database, allows remote unauthenticated attackers to execute arbitrary code, as demonstrated via the username.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
多家厂商mod_auth_pgsql格式串处理漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
mod_auth_pgsql apache模块允许对PostgreSQL数据库中存储的数据执行用户认证。 mod_auth_pgsql apache模块在处理日志记录时存在漏洞,远程攻击者可能利用此漏洞在主机上执行任意指令。 由于一个设计错误,mod_auth_pgsql模块中的多个日志函数将用户提供的值用作了格式指示符的输入,例如: ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, pg_errstr); 如果这部分错误消息中包含有格式串指示符,就会对其进行处理。例如
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| - | n/a | n/a | - |
II. Public POCs for CVE-2005-3656
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2005-3656
Please Login to view more intelligence information
- http://www.giuseppetanzilli.it/mod_auth_pgsql2/x_refsource_CONFIRM
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10600vdb-entrysignaturex_refsource_OVAL
- http://www.idefense.com/intelligence/vulnerabilities/display.php?id=367third-party-advisoryx_refsource_IDEFENSE
- https://nvd.nist.gov/vuln/detail/CVE-2005-3656
Same Patch Batch · n/a · 2006-01-06 · 29 CVEs total
| CVE-2005-4625 | 某些显示适配器的驱动拒绝服务攻击漏洞 | |
| CVE-2005-3654 | Blue Coat Systems WinProxy Telnet远程拒绝服务攻击漏洞 | |
| CVE-2006-0104 | TinyPHPForum多个目录遍历漏洞 | |
| CVE-2006-0103 | TinyPHPForum 信息泄露漏洞 | |
| CVE-2006-0102 | TinyPHPForum 跨站脚本攻击漏洞 | |
| CVE-2006-0101 | sBLOG 0.7.1 多个跨站脚本攻击漏洞 | |
| CVE-2006-0100 | NicoFTP 缓冲区溢出漏洞 | |
| CVE-2006-0099 | Valdersoft Shopping Cart远程文件包含漏洞 | |
| CVE-2006-0098 | OpenBSD DEV/FD任意文件访问漏洞 | |
| CVE-2006-0097 | PHP MySQL_Connect远程溢出漏洞 | |
| CVE-2006-0096 | Linux Kernel SDLA IOCTL未经授权的本地固件访问漏洞 | |
| CVE-2006-0095 | Linux Kernel DM-Crypt本地信息泄露漏洞 | |
| CVE-2005-4627 | GMailSite跨站脚本攻击漏洞 | |
| CVE-2005-4626 | Recruitment Software 访问控制漏洞 | |
| CVE-2005-3357 | Apache Mod_SSL可定制错误文档拒绝服务漏洞 | |
| CVE-2005-4624 | PTnet IRCD远程拒绝服务漏洞 | |
| CVE-2005-4623 | EFileGo多个输入验证漏洞 | |
| CVE-2005-4622 | EFileGo目录遍历漏洞 | |
| CVE-2005-4621 | VBulletin Profile.PHP跨站脚本攻击漏洞 | |
| CVE-2005-4620 | RARLAB WinRAR命令行处理溢出漏洞 |
Showing top 20 of 29 CVEs. View all on vendor page → →
IV. Related Vulnerabilities
Same vendor: n/a
- CVE-2026-8226
Open5GS types.c ogs_pcc_rule_install_flow_from_media denial - CVE-2026-8225
Open5GS delete Endpoint sm-sm.c pcf_npcf_smpolicycontrol_han - CVE-2026-8224
Open5GS PCF context.c pcf_sess_set_ipv6prefix denial of serv - CVE-2026-8223
Open5GS sm-policies Endpoint pcf_sess_sbi_discover_and_send - CVE-2026-8222
Open5GS sm-policies Endpoint nbsf-handler.c pcf_nbsf_managem
V. Comments for CVE-2005-3656
No comments yet