SecurityTracker.com
Keep Track of the Latest Vulnerabilities
with SecurityTracker!
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 
Sign Up
Sign Up for Your FREE Weekly SecurityTracker E-mail Alert Summary
Instant Alerts
Buy our Premium Vulnerability Notification Service to receive customized, instant alerts
Affiliates
Put SecurityTracker Vulnerability Alerts on Your Web Site -- It's Free!
Partners
Become a Partner and License Our Database or Notification Service
Report a Bug
Report a vulnerability that you have found to SecurityTracker
bugs
@
securitytracker.com






Category:   Application (Database)  >   PostgreSQL Vendors:   postgresql.org
(Sun Issues Advisory) PostgreSQL Bugs Let Remote Authenticated Users Deny Service and Obtain Elevated Privileges
SecurityTracker Alert ID:  1019179
SecurityTracker URL:  http://securitytracker.com/id/1019179
CVE Reference:   CVE-2007-3278, CVE-2007-4769, CVE-2007-4772, CVE-2007-6067, CVE-2007-6600, CVE-2007-6601   (Links to External Site)
Date:  Jan 11 2008
Impact:   Denial of service via network, Execution of arbitrary code via network, User access via network
Vendor Confirmed:  Yes  
Version(s): prior to 7.3.21, 7.4.19, 8.0.15, 8.1.11, and 8.2.6
Description:   Several vulnerabilities were reported in PostgreSQL. A remote authenticated user can gain elevated privileges on the target database. A remote authenticated user can cause denial of service conditions.

A remote authenticated user can invoke certain index functions to gain elevated privileges [CVE-2007-6600]. The VACUUM and ANALYZE functions can be executed with superuser privileges. The SET ROLE and SET SESSION AUTHORIZATION functions can be accessed within index functions.

A remote authenticated user can submit SQL queries containing specially crafted regular expressions to cause the database to enter an infinite loop, consume excessive memory, or crash [CVE-2007-4772, CVE-2007-6067, CVE-2007-4769].

A remote authenticated user can invoke DBLink functions (combined with local trust or ident authentication) to gain superuser privileges [CVE-2007-3278, CVE-2007-6601].

Impact:   A remote authenticated user can gain elevated privileges on the target database.

A remote authenticated user can cause denial of service conditions on the target system.

Solution:   Sun is working on a fix.

The Sun advisory is available at:

http://sunsolve.sun.com/search/document.do?assetkey=1-26-103197-1

Vendor URL:  www.postgresql.org/about/news.905 (Links to External Site)
Cause:   Access control error, State error
Underlying OS:   UNIX (Solaris - SunOS)

Message History:   This archive entry is a follow-up to the message listed below.
Jan 7 2008 PostgreSQL Bugs Let Remote Authenticated Users Deny Service and Obtain Elevated Privileges



 Source Message Contents

Date:  Fri, 11 Jan 2008 00:09:03 -0500
Subject:  Multiple Security Vulnerabilities in PostgreSQL Shipped with Solaris 10 May Allow Elevation of Privileges or Denial of Service (DoS)



http://sunsolve.sun.com/search/document.do?assetkey=1-26-103197-1

CVE-2007-3278

CVE-2007-4769

CVE-2007-4772

CVE-2007-6067

CVE-2007-6600

CVE-2007-6601


 
 


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

Copyright 2014, SecurityGlobal.net LLC