Pgbouncer 1.6 Invalid User Authentication Bypass
High Nessus Plugin ID 93006
SynopsisThe remote database connection pooler is affected by an authentication bypass vulnerability.
DescriptionThe version of Pgbouncer running on the remote host is affected by an authentication bypass vulnerability due to a flaw in the start_auth_request() function within file client.c when handling requests for invalid users. A remote attacker can exploit this issue to bypass authentication and log into PostgreSQL via Pgbouncer using a random user name.
SolutionUpgrade to Pgbouncer version 1.6.1 or later. Alternatively, disable 'auth_user' in the Pgbouncer configuration.