CVE-2000-0957 Information

Description

The pluggable authentication module for mysql (pam_mysql) before 0.4.7 does not properly cleanse user input when constructing SQL statements which allows attackers to obtain plaintext passwords or hashes.

Reference

http://archives.neohapsis.com/archives/bugtraq/2000-10/0374.html https://exchange.xforce.ibmcloud.com/vulnerabilities/5447