VuXML ID | Description |
e050119b-3856-11df-b2b2-002170daae37 | postgresql -- bitsubstr overflow
BugTraq reports:
PostgreSQL is prone to a buffer-overflow
vulnerability because the application fails to
perform adequate boundary checks on user-supplied
data.
Attackers can exploit this issue to execute
arbitrary code with elevated privileges or
crash the affected application.
Discovery 2010-01-27 Entry 2010-03-25 postgresql-server
ge 7.4 lt 7.4.28
ge 8.0 lt 8.0.24
ge 8.1 lt 8.1.20
ge 8.2 lt 8.2.16
ge 8.3 lt 8.3.10
ge 8.4 lt 8.4.3
37973
CVE-2010-0442
|
e7bc5600-eaa0-11de-bd9c-00215c6a37bb | postgresql -- multiple vulnerabilities
PostgreSQL project reports:
PostgreSQL 7.4.x before 7.4.27, 8.0.x before 8.0.23,
8.1.x before 8.1.19, 8.2.x before 8.2.15, 8.3.x before 8.3.9,
and 8.4.x before 8.4.2 does not properly handle a '\0' character
in a domain name in the subject's Common Name (CN) field of an
X.509 certificate, which (1) allows man-in-the-middle attackers
to spoof arbitrary SSL-based PostgreSQL servers via a crafted
server certificate issued by a legitimate Certification Authority,
and (2) allows remote attackers to bypass intended client-hostname
restrictions via a crafted client certificate issued by a legitimate
Certification Authority, a related issue to CVE-2009-2408.
PostgreSQL 7.4.x before 7.4.27, 8.0.x before 8.0.23,
8.1.x before 8.1.19, 8.2.x before 8.2.15, 8.3.x before 8.3.9,
and 8.4.x before 8.4.2 does not properly manage session-local
state during execution of an index function by a database
superuser, which allows remote authenticated users to gain
privileges via a table with crafted index functions, as
demonstrated by functions that modify (1) search_path or
(2) a prepared statement, a related issue to CVE-2007-6600
and CVE-2009-3230.
Discovery 2009-11-20 Entry 2009-12-17 postgresql-client
postgresql-server
ge 7.4 lt 7.4.27
ge 8.0 lt 8.0.23
ge 8.1 lt 8.1.19
ge 8.2 lt 8.2.15
ge 8.3 lt 8.3.9
ge 8.4 lt 8.4.2
CVE-2009-4034
CVE-2009-4136
|
51436b4c-1250-11dd-bab7-0016179b2dd5 | postgresql -- multiple vulnerabilities
The PostgreSQL developers report:
PostgreSQL allows users to create indexes on the results of
user-defined functions, known as "expression indexes". This provided
two vulnerabilities to privilege escalation: (1) index functions
were executed as the superuser and not the table owner during VACUUM
and ANALYZE, and (2) that SET ROLE and SET SESSION AUTHORIZATION
were permitted within index functions. Both of these holes have now
been closed.
PostgreSQL allowed malicious users to initiate a denial-of-service
by passing certain regular expressions in SQL queries. First, users
could create infinite loops using some specific regular expressions.
Second, certain complex regular expressions could consume excessive
amounts of memory. Third, out-of-range backref numbers could be used
to crash the backend.
DBLink functions combined with local trust or ident authentication
could be used by a malicious user to gain superuser privileges. This
issue has been fixed, and does not affect users who have not
installed DBLink (an optional module), or who are using password
authentication for local access. This same problem was addressed in
the previous release cycle, but that patch failed to close all forms
of the loophole.
Discovery 2008-01-06 Entry 2008-04-24 postgresql
postgresql-server
ge 7.3 lt 7.3.21
ge 7.4 lt 7.4.19
ge 8.0 lt 8.0.15
ge 8.1 lt 8.1.11
ge 8.2 lt 8.2.6
CVE-2007-6600
CVE-2007-4772
CVE-2007-6067
CVE-2007-4769
CVE-2007-6601
27163
http://www.postgresql.org/about/news.905
|
42d42090-9a4d-11e3-b029-08002798f6ff | PostgreSQL -- multiple privilege issues
PostgreSQL Project reports:
This update fixes CVE-2014-0060, in which PostgreSQL did not
properly enforce the WITH ADMIN OPTION permission for ROLE management.
Before this fix, any member of a ROLE was able to grant others access
to the same ROLE regardless if the member was given the WITH ADMIN
OPTION permission. It also fixes multiple privilege escalation issues,
including: CVE-2014-0061, CVE-2014-0062, CVE-2014-0063, CVE-2014-0064,
CVE-2014-0065, and CVE-2014-0066. More information on these issues can
be found on our security page and the security issue detail wiki page.
With this release, we are also alerting users to a known security hole
that allows other users on the same machine to gain access to an
operating system account while it is doing "make check":
CVE-2014-0067. "Make check" is normally part of building PostgreSQL
from source code. As it is not possible to fix this issue without
causing significant issues to our testing infrastructure, a patch will
be released separately and publicly. Until then, users are strongly
advised not to run "make check" on machines where untrusted users have
accounts.
Discovery 2014-02-20 Entry 2014-02-20 postgresql-server
< 8.4.20
ge 9.0.0 lt 9.0.16
ge 9.1.0 lt 9.1.12
ge 9.2.0 lt 9.2.7
ge 9.3.0 lt 9.3.3
CVE-2014-0060
CVE-2014-0061
CVE-2014-0062
CVE-2014-0063
CVE-2014-0064
CVE-2014-0065
CVE-2014-0066
CVE-2014-0067
|