Pgbouncer 1.6 Invalid User Authentication Bypass

High Nessus Plugin ID 93006


The remote database connection pooler is affected by an authentication bypass vulnerability.


The version of Pgbouncer running on the remote host is affected by an authentication bypass vulnerability due to a flaw in the start_auth_request() function within file client.c when handling requests for invalid users. A remote attacker can exploit this issue to bypass authentication and log into PostgreSQL via Pgbouncer using a random user name.


Upgrade to Pgbouncer version 1.6.1 or later. Alternatively, disable 'auth_user' in the Pgbouncer configuration.

See Also

Plugin Details

Severity: High

ID: 93006

File Name: pgbouncer_1_6_auth_bypass.nasl

Version: $Revision: 1.2 $

Type: remote

Family: Misc.

Published: 2016/08/17

Modified: 2016/08/18

Dependencies: 93007

Risk Information

Risk Factor: High


Base Score: 7.5

Temporal Score: 6.2

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Temporal Vector: CVSS2#E:F/RL:OF/RC:ND

Vulnerability Information

CPE: x-cpe:/a:pgbouncer:pgbouncer

Excluded KB Items: global_settings/supplied_logins_only

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 2015/09/03

Vulnerability Publication Date: 2015/08/27

Reference Information

CVE: CVE-2015-6817

OSVDB: 127284