Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Sat,  5 Sep 2015 12:39:39 -0400 (EDT)
From: cve-assign@...re.org
To: carnil@...ian.org
Cc: cve-assign@...re.org, oss-security@...ts.openwall.com
Subject: Re: CVE Request: PgBouncer: failed auth_query lookup leads to connection as auth_user

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

> https://pgbouncer.github.io/2015/09/pgbouncer-1-6-1/
> https://github.com/pgbouncer/pgbouncer/issues/69
> https://github.com/pgbouncer/pgbouncer/commit/7ca3e5279d05fceb1e8a043c6f5b6f58dea3ed38

> http://comments.gmane.org/gmane.comp.db.postgresql.pgbouncer.general/1251
> 
> auth_user is already set (to the config 
> auth_user value). Thus, getting no rows back from the auth_query lets one 
> log in as the powerful auth_user user

> The real bug was assigning db->auth_user to client->auth_user in the
> first place.

Use CVE-2015-6817.

- -- 
CVE assignment team, MITRE CVE Numbering Authority
M/S M300
202 Burlington Road, Bedford, MA 01730 USA
[ PGP key available through http://cve.mitre.org/cve/request_id.html ]
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCAAGBQJV6xpiAAoJEL54rhJi8gl5xggP/ifKkzMNnMHj6gpM3wvGfgNk
7cp/i+FaEz/q6o+f7ZGY7uTRnPaaD51QXWQpg4FZZpEN5MuXCEYzx9zwXZVJxEte
Pbim83MHo0ubnMABwkP/9rKDo5l+e3mFHB5DM+mKsWwdwudK1wUCoTxWo19VISPn
nZH6sEwPmj2OFIRD01sq7J/WPaE1Yc7UGDLX2nwO6+sGQfkTLcOl6DXSXQWry0xO
PJiUKynWfSnEr8fyGtw1/8Y0X7JcBTSxOJ/fcPxSpTfatmtePnMYRf9a8+AlS7fV
K8tuecXItQo8hyQEKxzayMy0tilFOww3xWoxdLTeziQZeIvywjvL9Keij+PhHTXH
+Fcb4sMb7O1wdpIx4mlvTvleF1PHTccUB41tqRvWz+V+i9ag49ER+qpEpJkhpZ5V
tNJkEf4O71lDFgzWnSXfJeNYUDasMkK/JqJyZ8jrUDlIkrKfqjrsgnji1ytuD+wh
5rMWNjDeFMUtzEWR8fDTDCVzcYPmnvI1yaW+U9EjHzXzFqKLaueP9NTQGtBTBCnq
cRhI435z59m7ILXTbVGxo4IGmhVtLWqZMSfHI/7ImQBuNYfMw6thRA9hHHOUEP6m
iSsRrrahj3aYOJCmt76c1cyk0wy/MoW2oE6Ijt9+dKenFC11sn0rx4YLW5gbkbs3
DxI5O04+S3maL6o50vuE
=7MYo
-----END PGP SIGNATURE-----

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ