PostgreSQL SET ROLE Validation Error Lets Remote Authenticated Users Obtain Elevated Privileges
|
SecurityTracker Alert ID: 1015636 |
SecurityTracker URL: http://securitytracker.com/id/1015636
|
CVE Reference:
CVE-2006-0553
(Links to External Site)
|
Date: Feb 15 2006
|
Impact:
Denial of service via network, User access via network
|
Fix Available: Yes Vendor Confirmed: Yes
|
Version(s): 8.1.0 - 8.1.2
|
Description:
A vulnerability was reported in PostgreSQL. A remote authenticated user can gain elevated privileges.
The software does not properly validate the SET ROLE command. A remote authenticated user can gain set their ROLE privileges to that of any other database user id (such as the superuser id).
If the server has been compiled with Asserts enabled (not the default setting), a user can invoke the SET SESSION AUTHORIZATION command to cause the server to crash. Version 7.3 and later versions are affected. Akio Ishida reported this vulnerability.
|
Impact:
A remote authenticated user can gain elevated privileges.
A user can cause the server to crash.
|
Solution:
The vendor has issued a fixed version (8.1.3), available at:
http://www.postgresql.org/download
|
Vendor URL: archives.postgresql.org/pgsql-announce/2006-02/msg00008.php (Links to External Site)
|
Cause:
Access control error, Exception handling error
|
Underlying OS: Linux (Any), UNIX (Any), Windows (Any)
|
|
Message History:
None.
|
Source Message Contents
|
|
[Original Message Not Available for Viewing]
|
|