PostgreSQL Procedural Language Hijacking Flaw Lets Remote Authenticated Users Gain Elevated Privileges
|
|
SecurityTracker Alert ID: 1024514 |
|
SecurityTracker URL: http://securitytracker.com/id/1024514
|
|
CVE Reference:
CVE-2010-3433
(Links to External Site)
|
Date: Oct 6 2010
|
Impact:
User access via network
|
Fix Available: Yes Vendor Confirmed: Yes
|
|
Description:
A vulnerability was reported in PostgreSQL. A remote authenticated user can gain elevated privileges on the target database.
A remote authenticated user with "trusted" procedural language usage rights can send specially crafted data to modify the contents of procedural language functions (e.g., a SECURITY DEFINER function) to gain elevated privileges of the target database.
Systems using PL/perl and PL/tcl procedural languages and SECURITY DEFINER are affected. Other PLs may be affected.
Tim Bunce reported this vulnerability.
|
Impact:
A remote authenticated user can gain elevated privileges on the target database.
|
Solution:
The vendor has issued a fix.
The fix patches PL/Perl and PL/tcl. A patch for PL/PHP is pending.
The vendor's advisories are available at:
http://www.postgresql.org/about/news.1244
http://wiki.postgresql.org/wiki/20101005securityrelease
|
Vendor URL: www.postgresql.org/about/news.1244 (Links to External Site)
|
Cause:
Access control error
|
Underlying OS:
Linux (Any), UNIX (Any), Windows (Any)
|
|
Message History:
This archive entry has one or more follow-up message(s) listed below.
|
Source Message Contents
|
Date: Wed, 06 Oct 2010 17:18:13 +0000
Subject: PostgreSQL
|
http://wiki.postgresql.org/wiki/20101005securityrelease
CVE-2010-3433
|
|
