CVE-2009-3229

Executive Summary

Informations
Name	CVE-2009-3229	First vendor Publication	2009-09-17
Vendor	Cve	Last vendor Modification	2010-03-26

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:S/C:N/I:N/A:P)
Cvss Base Score	4	Attack Range	Network
Cvss Impact Score	2.9	Attack Complexity	Low
Cvss Expoit Score	8	Authentification	Requires single instance
Calculate full CVSS 2.0 Vectors scores

Detail

The core server component in PostgreSQL 8.4 before 8.4.1, 8.3 before 8.3.8, and 8.2 before 8.2.14 allows remote authenticated users to cause a denial of service (backend shutdown) by "re-LOAD-ing" libraries from a certain plugins directory.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3229

CPE : Common Platform Enumeration

Type	Description	Count
Application	Postgresql Postgresql cpe:/a:postgresql:postgresql:8.4 cpe:/a:postgresql:postgresql:8.3.7 cpe:/a:postgresql:postgresql:8.3.6 cpe:/a:postgresql:postgresql:8.3.5 cpe:/a:postgresql:postgresql:8.3.4 cpe:/a:postgresql:postgresql:8.3.3 cpe:/a:postgresql:postgresql:8.3.2 cpe:/a:postgresql:postgresql:8.3.1 cpe:/a:postgresql:postgresql:8.3 cpe:/a:postgresql:postgresql:8.2.9 cpe:/a:postgresql:postgresql:8.2.8 cpe:/a:postgresql:postgresql:8.2.7 cpe:/a:postgresql:postgresql:8.2.6 cpe:/a:postgresql:postgresql:8.2.5 cpe:/a:postgresql:postgresql:8.2.4 cpe:/a:postgresql:postgresql:8.2.3 cpe:/a:postgresql:postgresql:8.2.2 cpe:/a:postgresql:postgresql:8.2.13 cpe:/a:postgresql:postgresql:8.2.12 cpe:/a:postgresql:postgresql:8.2.11 cpe:/a:postgresql:postgresql:8.2.10 cpe:/a:postgresql:postgresql:8.2.1 cpe:/a:postgresql:postgresql:8.2	23

Open Source Vulnerability Database (OSVDB)

id	Description
57918	PostgreSQL $libdir/plugins Library Reload Backend Server Shutdown DoS

Internal Sources (Detail)

Source	Url
BID	http://www.securityfocus.com/bid/36314
BUGTRAQ	http://www.securityfocus.com/archive/1/archive/1/509917/100/0/threaded
CONFIRM	http://wiki.rpath.com/wiki/Advisories:rPSA-2010-0012 http://www.postgresql.org/docs/8.3/static/release-8-3-8.html http://www.postgresql.org/support/security.html https://bugzilla.redhat.com/show_bug.cgi?id=522092
DEBIAN	http://www.us.debian.org/security/2009/dsa-1900
FEDORA	https://www.redhat.com/archives/fedora-package-announce/2009-September/msg003... https://www.redhat.com/archives/fedora-package-announce/2009-September/msg003...
SECUNIA	http://secunia.com/advisories/36660 http://secunia.com/advisories/36727 http://secunia.com/advisories/36800 http://secunia.com/advisories/36837
SUNALERT	http://sunsolve.sun.com/search/document.do?assetkey=1-66-270408-1
SUSE	http://lists.opensuse.org/opensuse-security-announce/2009-10/msg00001.html http://lists.opensuse.org/opensuse-security-announce/2009-10/msg00004.html
UBUNTU	http://www.ubuntu.com/usn/usn-834-1

Alert History

If you want to see full details history, please login or register.

Date	Informations
2013-05-10 23:57:25	Multiple Updates

Type	Count
CPE ID(s)	23
osvdb(s)	1

Related	Severity
RHSA-2009:1461	(High)
HPSBMU02781 SSR...	(High)
GLSA-201110-22	(High)
USN-834-1	(Medium)
SUN-270408	(Medium)
MDVSA-2009:251-1	(Medium)
MDVSA-2009:177	(Medium)
DSA-1900	(Medium)