Executive Summary
Summary | |
---|---|
Title | postgresql84 security update |
Informations | |||
---|---|---|---|
Name | RHSA-2011:0198 | First vendor Publication | 2011-02-03 |
Vendor | RedHat | Last vendor Modification | 2011-02-03 |
Severity (Vendor) | Moderate | Revision | 01 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:S/C:P/I:P/A:P) | |||
---|---|---|---|
Cvss Base Score | 6.5 | Attack Range | Network |
Cvss Impact Score | 6.4 | Attack Complexity | Low |
Cvss Expoit Score | 8 | Authentication | Requires single instance |
Calculate full CVSS 2.0 Vectors scores |
Detail
Problem Description: Updated postgresql84 packages that fix one security issue are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. 2. Relevant releases/architectures: RHEL Desktop Workstation (v. 5 client) - i386, x86_64 Red Hat Enterprise Linux (v. 5 server) - i386, ia64, ppc, s390x, x86_64 Red Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64 3. Description: PostgreSQL is an advanced object-relational database management system (DBMS). A stack-based buffer overflow flaw was found in the way PostgreSQL processed certain tokens from an SQL query when the intarray module was enabled on a particular database. An authenticated database user running a specially-crafted SQL query could use this flaw to cause a temporary denial of service (postgres daemon crash) or, potentially, execute arbitrary code with the privileges of the database server. (CVE-2010-4015) Red Hat would like to thank Geoff Keating of the Apple Product Security team for reporting this issue. These updated postgresql84 packages upgrade PostgreSQL to version 8.4.7. Refer to the PostgreSQL Release Notes for a full list of changes: http://www.postgresql.org/docs/8.4/static/release.html All PostgreSQL users are advised to upgrade to these updated packages, which correct this issue. If the postgresql service is running, it will be automatically restarted after installing this update. 4. Solution: Before applying this update, make sure all previously-released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at http://kbase.redhat.com/faq/docs/DOC-11259 5. Bugs fixed (http://bugzilla.redhat.com/): 664402 - CVE-2010-4015 PostgreSQL: Stack-based buffer overflow by processing certain tokens from SQL query string when intarray module enabled |
Original Source
Url : https://rhn.redhat.com/errata/RHSA-2011-0198.html |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
100 % | CWE-189 | Numeric Errors (CWE/SANS Top 25) |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:12782 | |||
Oval ID: | oval:org.mitre.oval:def:12782 | ||
Title: | DSA-2157-1 postgresql-8.3, postgresql-8.4, postgresql-9.0 -- buffer overflow | ||
Description: | It was discovered that PostgreSQL's intarray contrib module does not properly handle integers with a large number of digits, leading to a server crash and potentially arbitrary code execution. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-2157-1 CVE-2010-4015 | Version: | 5 |
Platform(s): | Debian GNU/Linux 5.0 | Product(s): | postgresql-8.3, postgresql-8.4, postgresql-9.0 |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:21827 | |||
Oval ID: | oval:org.mitre.oval:def:21827 | ||
Title: | RHSA-2011:0198: postgresql84 security update (Moderate) | ||
Description: | Buffer overflow in the gettoken function in contrib/intarray/_int_bool.c in the intarray array module in PostgreSQL 9.0.x before 9.0.3, 8.4.x before 8.4.7, 8.3.x before 8.3.14, and 8.2.x before 8.2.20 allows remote authenticated users to cause a denial of service (crash) and possibly execute arbitrary code via integers with a large number of digits to unspecified functions. | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2011:0198-01 CESA-2011:0198 CVE-2010-4015 | Version: | 4 |
Platform(s): | Red Hat Enterprise Linux 5 CentOS Linux 5 | Product(s): | postgresql84 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:23539 | |||
Oval ID: | oval:org.mitre.oval:def:23539 | ||
Title: | ELSA-2011:0197: postgresql security update (Moderate) | ||
Description: | Buffer overflow in the gettoken function in contrib/intarray/_int_bool.c in the intarray array module in PostgreSQL 9.0.x before 9.0.3, 8.4.x before 8.4.7, 8.3.x before 8.3.14, and 8.2.x before 8.2.20 allows remote authenticated users to cause a denial of service (crash) and possibly execute arbitrary code via integers with a large number of digits to unspecified functions. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2011:0197-01 CVE-2010-4015 | Version: | 6 |
Platform(s): | Oracle Linux 6 | Product(s): | postgresql |
Definition Synopsis: | |||
|
CPE : Common Platform Enumeration
OpenVAS Exploits
Date | Description |
---|---|
2012-07-30 | Name : CentOS Update for postgresql CESA-2011:0197 centos4 x86_64 File : nvt/gb_CESA-2011_0197_postgresql_centos4_x86_64.nasl |
2012-07-30 | Name : CentOS Update for postgresql CESA-2011:0197 centos5 x86_64 File : nvt/gb_CESA-2011_0197_postgresql_centos5_x86_64.nasl |
2012-07-30 | Name : CentOS Update for postgresql84 CESA-2011:0198 centos5 x86_64 File : nvt/gb_CESA-2011_0198_postgresql84_centos5_x86_64.nasl |
2012-02-12 | Name : Gentoo Security Advisory GLSA 201110-22 (postgresql-server postgresql-base) File : nvt/glsa_201110_22.nasl |
2011-08-09 | Name : CentOS Update for postgresql CESA-2011:0197 centos5 i386 File : nvt/gb_CESA-2011_0197_postgresql_centos5_i386.nasl |
2011-08-09 | Name : CentOS Update for postgresql84 CESA-2011:0198 centos5 i386 File : nvt/gb_CESA-2011_0198_postgresql84_centos5_i386.nasl |
2011-02-11 | Name : CentOS Update for postgresql CESA-2011:0197 centos4 i386 File : nvt/gb_CESA-2011_0197_postgresql_centos4_i386.nasl |
2011-02-11 | Name : Fedora Update for postgresql FEDORA-2011-0963 File : nvt/gb_fedora_2011_0963_postgresql_fc13.nasl |
2011-02-11 | Name : Fedora Update for postgresql FEDORA-2011-0990 File : nvt/gb_fedora_2011_0990_postgresql_fc14.nasl |
2011-02-11 | Name : Mandriva Update for postgresql MDVSA-2011:021 (postgresql) File : nvt/gb_mandriva_MDVSA_2011_021.nasl |
2011-02-04 | Name : RedHat Update for postgresql RHSA-2011:0197-01 File : nvt/gb_RHSA-2011_0197-01_postgresql.nasl |
2011-02-04 | Name : RedHat Update for postgresql84 RHSA-2011:0198-01 File : nvt/gb_RHSA-2011_0198-01_postgresql84.nasl |
2011-02-04 | Name : Ubuntu Update for PostgreSQL vulnerability USN-1058-1 File : nvt/gb_ubuntu_USN_1058_1.nasl |
2011-02-02 | Name : PostgreSQL 'intarray' Module 'gettoken()' Buffer Overflow Vulnerability File : nvt/gb_postgresql_46084.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
70740 | PostgreSQL intarray Module contrib/intarray/_int_bool.c gettoken() Function O... PostgreSQL is prone to an overflow condition. The 'gettoken' function in 'contrib/intarray/_int_bool.c' in the intarray array module fails to properly sanitize user-supplied input resulting in a buffer overflow. With specially crafted integers with large numbers of digits to unspecified functions, a remote authenticated attacker can potentially execute arbitrary code. |
Information Assurance Vulnerability Management (IAVM)
Date | Description |
---|---|
2012-08-16 | IAVM : 2012-A-0136 - Multiple Vulnerabilities in Juniper Network Management Products Severity : Category I - VMSKEY : V0033662 |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_3_postgresql-110217.nasl - Type : ACT_GATHER_INFO |
2013-09-13 | Name : The remote host is affected by multiple vulnerabilities. File : juniper_nsm_2012_1.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2011-0197.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2011-0198.nasl - Type : ACT_GATHER_INFO |
2012-12-28 | Name : The remote database server is affected by a buffer overflow vulnerability. File : postgresql_20110201.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20110203_postgresql_on_SL4_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20110203_postgresql84_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
2011-12-13 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_postgresql-7404.nasl - Type : ACT_GATHER_INFO |
2011-10-25 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201110-22.nasl - Type : ACT_GATHER_INFO |
2011-05-05 | Name : The remote openSUSE host is missing a security update. File : suse_11_2_postgresql-110217.nasl - Type : ACT_GATHER_INFO |
2011-04-15 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2011-0198.nasl - Type : ACT_GATHER_INFO |
2011-03-31 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_postgresql-7341.nasl - Type : ACT_GATHER_INFO |
2011-03-31 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_postgresql-110217.nasl - Type : ACT_GATHER_INFO |
2011-02-10 | Name : The remote Fedora host is missing a security update. File : fedora_2011-0963.nasl - Type : ACT_GATHER_INFO |
2011-02-08 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2011-021.nasl - Type : ACT_GATHER_INFO |
2011-02-08 | Name : The remote Fedora host is missing a security update. File : fedora_2011-0990.nasl - Type : ACT_GATHER_INFO |
2011-02-06 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2011-0197.nasl - Type : ACT_GATHER_INFO |
2011-02-04 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2011-0198.nasl - Type : ACT_GATHER_INFO |
2011-02-04 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1058-1.nasl - Type : ACT_GATHER_INFO |
2011-02-04 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2157.nasl - Type : ACT_GATHER_INFO |
2011-02-04 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2011-0197.nasl - Type : ACT_GATHER_INFO |
2009-06-28 | Name : The remote host is missing Sun Security Patch number 138826-12 File : solaris10_138826.nasl - Type : ACT_GATHER_INFO |
2009-06-28 | Name : The remote host is missing Sun Security Patch number 138823-12 File : solaris10_x86_138823.nasl - Type : ACT_GATHER_INFO |
2009-06-28 | Name : The remote host is missing Sun Security Patch number 138825-12 File : solaris10_x86_138825.nasl - Type : ACT_GATHER_INFO |
2009-06-28 | Name : The remote host is missing Sun Security Patch number 138827-12 File : solaris10_x86_138827.nasl - Type : ACT_GATHER_INFO |
2009-06-28 | Name : The remote host is missing Sun Security Patch number 138824-12 File : solaris10_138824.nasl - Type : ACT_GATHER_INFO |
2009-06-28 | Name : The remote host is missing Sun Security Patch number 138822-12 File : solaris10_138822.nasl - Type : ACT_GATHER_INFO |
2008-03-04 | Name : The remote host is missing Sun Security Patch number 137001-08 File : solaris10_x86_137001.nasl - Type : ACT_GATHER_INFO |
2008-03-04 | Name : The remote host is missing Sun Security Patch number 137005-09 File : solaris10_x86_137005.nasl - Type : ACT_GATHER_INFO |
2008-03-04 | Name : The remote host is missing Sun Security Patch number 137004-09 File : solaris10_137004.nasl - Type : ACT_GATHER_INFO |
2008-03-04 | Name : The remote host is missing Sun Security Patch number 137000-08 File : solaris10_137000.nasl - Type : ACT_GATHER_INFO |
2008-02-05 | Name : The remote host is missing Sun Security Patch number 136999-10 File : solaris10_x86_136999.nasl - Type : ACT_GATHER_INFO |
2008-02-05 | Name : The remote host is missing Sun Security Patch number 136998-10 File : solaris10_136998.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2014-02-17 11:54:19 |
|