FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The last vuln.xml file processed by FreshPorts is:

Revision:  374826
Date:      2014-12-16
Time:      22:06:31Z
Committer: cs

List all Vulnerabilities, by package

List all Vulnerabilities, by date

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
e050119b-3856-11df-b2b2-002170daae37postgresql -- bitsubstr overflow

BugTraq reports:

PostgreSQL is prone to a buffer-overflow vulnerability because the application fails to perform adequate boundary checks on user-supplied data.

Attackers can exploit this issue to execute arbitrary code with elevated privileges or crash the affected application.


Discovery 2010-01-27
Entry 2010-03-25
postgresql-server
ge 7.4 lt 7.4.28

ge 8.0 lt 8.0.24

ge 8.1 lt 8.1.20

ge 8.2 lt 8.2.16

ge 8.3 lt 8.3.10

ge 8.4 lt 8.4.3

37973
CVE-2010-0442
51436b4c-1250-11dd-bab7-0016179b2dd5postgresql -- multiple vulnerabilities

The PostgreSQL developers report:

PostgreSQL allows users to create indexes on the results of user-defined functions, known as "expression indexes". This provided two vulnerabilities to privilege escalation: (1) index functions were executed as the superuser and not the table owner during VACUUM and ANALYZE, and (2) that SET ROLE and SET SESSION AUTHORIZATION were permitted within index functions. Both of these holes have now been closed.

PostgreSQL allowed malicious users to initiate a denial-of-service by passing certain regular expressions in SQL queries. First, users could create infinite loops using some specific regular expressions. Second, certain complex regular expressions could consume excessive amounts of memory. Third, out-of-range backref numbers could be used to crash the backend.

DBLink functions combined with local trust or ident authentication could be used by a malicious user to gain superuser privileges. This issue has been fixed, and does not affect users who have not installed DBLink (an optional module), or who are using password authentication for local access. This same problem was addressed in the previous release cycle, but that patch failed to close all forms of the loophole.


Discovery 2008-01-06
Entry 2008-04-24
postgresql
postgresql-server
ge 7.3 lt 7.3.21

ge 7.4 lt 7.4.19

ge 8.0 lt 8.0.15

ge 8.1 lt 8.1.11

ge 8.2 lt 8.2.6

CVE-2007-6600
CVE-2007-4772
CVE-2007-6067
CVE-2007-4769
CVE-2007-6601
27163
http://www.postgresql.org/about/news.905
e050119b-3856-11df-b2b2-002170daae37postgresql -- bitsubstr overflow

BugTraq reports:

PostgreSQL is prone to a buffer-overflow vulnerability because the application fails to perform adequate boundary checks on user-supplied data.

Attackers can exploit this issue to execute arbitrary code with elevated privileges or crash the affected application.


Discovery 2010-01-27
Entry 2010-03-25
postgresql-server
ge 7.4 lt 7.4.28

ge 8.0 lt 8.0.24

ge 8.1 lt 8.1.20

ge 8.2 lt 8.2.16

ge 8.3 lt 8.3.10

ge 8.4 lt 8.4.3

37973
CVE-2010-0442
e7bc5600-eaa0-11de-bd9c-00215c6a37bbpostgresql -- multiple vulnerabilities

PostgreSQL project reports:

PostgreSQL 7.4.x before 7.4.27, 8.0.x before 8.0.23, 8.1.x before 8.1.19, 8.2.x before 8.2.15, 8.3.x before 8.3.9, and 8.4.x before 8.4.2 does not properly handle a '\0' character in a domain name in the subject's Common Name (CN) field of an X.509 certificate, which (1) allows man-in-the-middle attackers to spoof arbitrary SSL-based PostgreSQL servers via a crafted server certificate issued by a legitimate Certification Authority, and (2) allows remote attackers to bypass intended client-hostname restrictions via a crafted client certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408.

PostgreSQL 7.4.x before 7.4.27, 8.0.x before 8.0.23, 8.1.x before 8.1.19, 8.2.x before 8.2.15, 8.3.x before 8.3.9, and 8.4.x before 8.4.2 does not properly manage session-local state during execution of an index function by a database superuser, which allows remote authenticated users to gain privileges via a table with crafted index functions, as demonstrated by functions that modify (1) search_path or (2) a prepared statement, a related issue to CVE-2007-6600 and CVE-2009-3230.


Discovery 2009-11-20
Entry 2009-12-17
postgresql-client
postgresql-server
ge 7.4 lt 7.4.27

ge 8.0 lt 8.0.23

ge 8.1 lt 8.1.19

ge 8.2 lt 8.2.15

ge 8.3 lt 8.3.9

ge 8.4 lt 8.4.2

CVE-2009-4034
CVE-2009-4136
51436b4c-1250-11dd-bab7-0016179b2dd5postgresql -- multiple vulnerabilities

The PostgreSQL developers report:

PostgreSQL allows users to create indexes on the results of user-defined functions, known as "expression indexes". This provided two vulnerabilities to privilege escalation: (1) index functions were executed as the superuser and not the table owner during VACUUM and ANALYZE, and (2) that SET ROLE and SET SESSION AUTHORIZATION were permitted within index functions. Both of these holes have now been closed.

PostgreSQL allowed malicious users to initiate a denial-of-service by passing certain regular expressions in SQL queries. First, users could create infinite loops using some specific regular expressions. Second, certain complex regular expressions could consume excessive amounts of memory. Third, out-of-range backref numbers could be used to crash the backend.

DBLink functions combined with local trust or ident authentication could be used by a malicious user to gain superuser privileges. This issue has been fixed, and does not affect users who have not installed DBLink (an optional module), or who are using password authentication for local access. This same problem was addressed in the previous release cycle, but that patch failed to close all forms of the loophole.


Discovery 2008-01-06
Entry 2008-04-24
postgresql
postgresql-server
ge 7.3 lt 7.3.21

ge 7.4 lt 7.4.19

ge 8.0 lt 8.0.15

ge 8.1 lt 8.1.11

ge 8.2 lt 8.2.6

CVE-2007-6600
CVE-2007-4772
CVE-2007-6067
CVE-2007-4769
CVE-2007-6601
27163
http://www.postgresql.org/about/news.905
e7bc5600-eaa0-11de-bd9c-00215c6a37bbpostgresql -- multiple vulnerabilities

PostgreSQL project reports:

PostgreSQL 7.4.x before 7.4.27, 8.0.x before 8.0.23, 8.1.x before 8.1.19, 8.2.x before 8.2.15, 8.3.x before 8.3.9, and 8.4.x before 8.4.2 does not properly handle a '\0' character in a domain name in the subject's Common Name (CN) field of an X.509 certificate, which (1) allows man-in-the-middle attackers to spoof arbitrary SSL-based PostgreSQL servers via a crafted server certificate issued by a legitimate Certification Authority, and (2) allows remote attackers to bypass intended client-hostname restrictions via a crafted client certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408.

PostgreSQL 7.4.x before 7.4.27, 8.0.x before 8.0.23, 8.1.x before 8.1.19, 8.2.x before 8.2.15, 8.3.x before 8.3.9, and 8.4.x before 8.4.2 does not properly manage session-local state during execution of an index function by a database superuser, which allows remote authenticated users to gain privileges via a table with crafted index functions, as demonstrated by functions that modify (1) search_path or (2) a prepared statement, a related issue to CVE-2007-6600 and CVE-2009-3230.


Discovery 2009-11-20
Entry 2009-12-17
postgresql-client
postgresql-server
ge 7.4 lt 7.4.27

ge 8.0 lt 8.0.23

ge 8.1 lt 8.1.19

ge 8.2 lt 8.2.15

ge 8.3 lt 8.3.9

ge 8.4 lt 8.4.2

CVE-2009-4034
CVE-2009-4136