FreeBSD Security Advisory FreeBSD-SA-02:03 - The mod_auth_pgsql port, versions prior to mod_auth_pgsql-0.9.9, contain a vulnerability that may allow a remote user to cause arbitrary SQL code to be execute. mod_auth_pgsql constructs a SQL statement to be executed by the PostgreSQL server in order to lookup user information. The username given by the remote user is inserted into the SQL statement without any quoting or other safety checks.
5f769d230b41592e415fa574769fd87226cc6e898a2af4b5608b7a041bbdb895