6.5 - RHSA-2011:0198

Executive Summary

This Alert is flagged as TOP 25 Common Weakness Enumeration from CWE/SANS. For more information, you can read this.

Summary
Title	postgresql84 security update

Informations
Name	RHSA-2011:0198	First vendor Publication	2011-02-03
Vendor	RedHat	Last vendor Modification	2011-02-03
Severity (Vendor)	Moderate	Revision	01

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score	NA
Base Score	NA	Environmental Score	NA
impact SubScore	NA	Temporal Score	NA
Exploitabality Sub Score	NA

Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:S/C:P/I:P/A:P)
Cvss Base Score	6.5	Attack Range	Network
Cvss Impact Score	6.4	Attack Complexity	Low
Cvss Expoit Score	8	Authentication	Requires single instance
Calculate full CVSS 2.0 Vectors scores

Detail

Problem Description:

Updated postgresql84 packages that fix one security issue are now available for Red Hat Enterprise Linux 5.

The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section.

2. Relevant releases/architectures:

RHEL Desktop Workstation (v. 5 client) - i386, x86_64 Red Hat Enterprise Linux (v. 5 server) - i386, ia64, ppc, s390x, x86_64 Red Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64

3. Description:

PostgreSQL is an advanced object-relational database management system (DBMS).

A stack-based buffer overflow flaw was found in the way PostgreSQL processed certain tokens from an SQL query when the intarray module was enabled on a particular database. An authenticated database user running a specially-crafted SQL query could use this flaw to cause a temporary denial of service (postgres daemon crash) or, potentially, execute arbitrary code with the privileges of the database server. (CVE-2010-4015)

Red Hat would like to thank Geoff Keating of the Apple Product Security team for reporting this issue.

These updated postgresql84 packages upgrade PostgreSQL to version 8.4.7. Refer to the PostgreSQL Release Notes for a full list of changes:

http://www.postgresql.org/docs/8.4/static/release.html

All PostgreSQL users are advised to upgrade to these updated packages, which correct this issue. If the postgresql service is running, it will be automatically restarted after installing this update.

4. Solution:

Before applying this update, make sure all previously-released errata relevant to your system have been applied.

This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at http://kbase.redhat.com/faq/docs/DOC-11259

5. Bugs fixed (http://bugzilla.redhat.com/):

664402 - CVE-2010-4015 PostgreSQL: Stack-based buffer overflow by processing certain tokens from SQL query string when intarray module enabled

Original Source

Url : https://rhn.redhat.com/errata/RHSA-2011-0198.html

CWE : Common Weakness Enumeration

%	Id	Name
100 %	CWE-189	Numeric Errors (CWE/SANS Top 25)

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:12782

Oval ID:	oval:org.mitre.oval:def:12782
Title:	DSA-2157-1 postgresql-8.3, postgresql-8.4, postgresql-9.0 -- buffer overflow
Description:	It was discovered that PostgreSQL's intarray contrib module does not properly handle integers with a large number of digits, leading to a server crash and potentially arbitrary code execution.
Family:	unix	Class:	patch
Reference(s):	DSA-2157-1 CVE-2010-4015	Version:	5
Platform(s):	Debian GNU/Linux 5.0	Product(s):	postgresql-8.3, postgresql-8.4, postgresql-9.0
Definition Synopsis:
Debian GNU/Linux 5.0 is installed AND Installed architecture is all AND postgresql-8.3, postgresql-8.4, postgresql-9.0 DPKG is earlier than 8.3.14-0lenny1 of the postgresql-8.3 package

Definition Id: oval:org.mitre.oval:def:13707

Oval ID:	oval:org.mitre.oval:def:13707
Title:	USN-1058-1 -- postgresql-8.1, postgresql-8.3, postgresql-8.4 vulnerability
Description:	Geoff Keating reported that a buffer overflow exists in the intarray module�s input function for the query_int type. This could allow an attacker to cause a denial of service or possibly execute arbitrary code as the postgres user.
Family:	unix	Class:	patch
Reference(s):	USN-1058-1 CVE-2010-4015	Version:	5
Platform(s):	Ubuntu 8.04 Ubuntu 10.10 Ubuntu 10.04 Ubuntu 9.10 Ubuntu 6.06	Product(s):	postgresql-8.1 postgresql-8.3 postgresql-8.4
Definition Synopsis:
Release section Ubuntu 8.04 is installed AND Architecture section Architecture independent section Installed architecture is all AND Packages section postgresql-doc-8.3 DPKG is earlier than 8.3.14-0ubuntu8.04 AND postgresql-doc DPKG is earlier than 8.3.14-0ubuntu8.04 AND postgresql-client DPKG is earlier than 8.3.14-0ubuntu8.04 AND postgresql-contrib DPKG is earlier than 8.3.14-0ubuntu8.04 AND postgresql DPKG is earlier than 8.3.14-0ubuntu8.04 OR Architecture depended section Supported architectures section Installed architecture is amd64 AND Installed architecture is i386 AND Installed architecture is powerpc AND Installed architecture is sparc AND Installed architecture is lpia AND Packages section postgresql-client-8.3 DPKG is earlier than 8.3.14-0ubuntu8.04 AND postgresql-8.3 DPKG is earlier than 8.3.14-0ubuntu8.04 AND libecpg6 DPKG is earlier than 8.3.14-0ubuntu8.04 AND libpq-dev DPKG is earlier than 8.3.14-0ubuntu8.04 AND postgresql-plpython-8.3 DPKG is earlier than 8.3.14-0ubuntu8.04 AND postgresql-contrib-8.3 DPKG is earlier than 8.3.14-0ubuntu8.04 AND postgresql-server-dev-8.3 DPKG is earlier than 8.3.14-0ubuntu8.04 AND libpgtypes3 DPKG is earlier than 8.3.14-0ubuntu8.04 AND libecpg-dev DPKG is earlier than 8.3.14-0ubuntu8.04 AND postgresql-pltcl-8.3 DPKG is earlier than 8.3.14-0ubuntu8.04 AND libpq5 DPKG is earlier than 8.3.14-0ubuntu8.04 AND postgresql-plperl-8.3 DPKG is earlier than 8.3.14-0ubuntu8.04 AND libecpg-compat3 DPKG is earlier than 8.3.14-0ubuntu8.04 OR Release section Ubuntu 10.10 is installed AND Architecture section Architecture independent section Installed architecture is all AND Packages section postgresql-doc-8.4 DPKG is earlier than 8.4.7-0ubuntu0.10.10 AND postgresql-client DPKG is earlier than 8.4.7-0ubuntu0.10.10 AND postgresql-contrib DPKG is earlier than 8.4.7-0ubuntu0.10.10 AND postgresql DPKG is earlier than 8.4.7-0ubuntu0.10.10 AND postgresql-doc DPKG is earlier than 8.4.7-0ubuntu0.10.10 OR Architecture depended section Supported architectures section Installed architecture is powerpc AND Installed architecture is armel AND Installed architecture is amd64 AND Installed architecture is i386 AND Packages section postgresql-8.4 DPKG is earlier than 8.4.7-0ubuntu0.10.10 AND postgresql-client-8.4 DPKG is earlier than 8.4.7-0ubuntu0.10.10 AND libecpg6 DPKG is earlier than 8.4.7-0ubuntu0.10.10 AND postgresql-pltcl-8.4 DPKG is earlier than 8.4.7-0ubuntu0.10.10 AND postgresql-plpython-8.4 DPKG is earlier than 8.4.7-0ubuntu0.10.10 AND libpq5 DPKG is earlier than 8.4.7-0ubuntu0.10.10 AND libpq-dev DPKG is earlier than 8.4.7-0ubuntu0.10.10 AND postgresql-server-dev-8.4 DPKG is earlier than 8.4.7-0ubuntu0.10.10 AND libecpg-dev DPKG is earlier than 8.4.7-0ubuntu0.10.10 AND postgresql-contrib-8.4 DPKG is earlier than 8.4.7-0ubuntu0.10.10 AND libpgtypes3 DPKG is earlier than 8.4.7-0ubuntu0.10.10 AND postgresql-plperl-8.4 DPKG is earlier than 8.4.7-0ubuntu0.10.10 AND libecpg-compat3 DPKG is earlier than 8.4.7-0ubuntu0.10.10 OR Release section Ubuntu 10.04 is installed AND Architecture section Architecture independent section Installed architecture is all AND Packages section postgresql-doc-8.4 DPKG is earlier than 8.4.7-0ubuntu0.10.04 AND postgresql-client DPKG is earlier than 8.4.7-0ubuntu0.10.04 AND postgresql-contrib DPKG is earlier than 8.4.7-0ubuntu0.10.04 AND postgresql DPKG is earlier than 8.4.7-0ubuntu0.10.04 AND postgresql-doc DPKG is earlier than 8.4.7-0ubuntu0.10.04 OR Architecture depended section Supported architectures section Installed architecture is amd64 AND Installed architecture is i386 AND Installed architecture is powerpc AND Installed architecture is sparc AND Installed architecture is armel AND Packages section postgresql-8.4 DPKG is earlier than 8.4.7-0ubuntu0.10.04 AND postgresql-contrib-8.4 DPKG is earlier than 8.4.7-0ubuntu0.10.04 AND postgresql-client-8.4 DPKG is earlier than 8.4.7-0ubuntu0.10.04 AND libecpg6 DPKG is earlier than 8.4.7-0ubuntu0.10.04 AND postgresql-pltcl-8.4 DPKG is earlier than 8.4.7-0ubuntu0.10.04 AND postgresql-plpython-8.4 DPKG is earlier than 8.4.7-0ubuntu0.10.04 AND libpq-dev DPKG is earlier than 8.4.7-0ubuntu0.10.04 AND postgresql-server-dev-8.4 DPKG is earlier than 8.4.7-0ubuntu0.10.04 AND libecpg-dev DPKG is earlier than 8.4.7-0ubuntu0.10.04 AND libpq5 DPKG is earlier than 8.4.7-0ubuntu0.10.04 AND libpgtypes3 DPKG is earlier than 8.4.7-0ubuntu0.10.04 AND postgresql-plperl-8.4 DPKG is earlier than 8.4.7-0ubuntu0.10.04 AND libecpg-compat3 DPKG is earlier than 8.4.7-0ubuntu0.10.04 OR Release section Ubuntu 9.10 is installed AND Architecture section Architecture independent section Installed architecture is all AND Packages section postgresql-doc-8.4 DPKG is earlier than 8.4.7-0ubuntu0.9.10 AND postgresql-client DPKG is earlier than 8.4.7-0ubuntu0.9.10 AND postgresql-contrib DPKG is earlier than 8.4.7-0ubuntu0.9.10 AND postgresql DPKG is earlier than 8.4.7-0ubuntu0.9.10 AND postgresql-doc DPKG is earlier than 8.4.7-0ubuntu0.9.10 OR Architecture depended section Supported architectures section Installed architecture is amd64 AND Installed architecture is sparc AND Installed architecture is powerpc AND Installed architecture is i386 AND Installed architecture is armel AND Installed architecture is lpia AND Packages section postgresql-8.4 DPKG is earlier than 8.4.7-0ubuntu0.9.10 AND postgresql-client-8.4 DPKG is earlier than 8.4.7-0ubuntu0.9.10 AND libecpg6 DPKG is earlier than 8.4.7-0ubuntu0.9.10 AND postgresql-pltcl-8.4 DPKG is earlier than 8.4.7-0ubuntu0.9.10 AND postgresql-plpython-8.4 DPKG is earlier than 8.4.7-0ubuntu0.9.10 AND libpq5 DPKG is earlier than 8.4.7-0ubuntu0.9.10 AND libpq-dev DPKG is earlier than 8.4.7-0ubuntu0.9.10 AND postgresql-server-dev-8.4 DPKG is earlier than 8.4.7-0ubuntu0.9.10 AND libecpg-dev DPKG is earlier than 8.4.7-0ubuntu0.9.10 AND postgresql-contrib-8.4 DPKG is earlier than 8.4.7-0ubuntu0.9.10 AND libpgtypes3 DPKG is earlier than 8.4.7-0ubuntu0.9.10 AND postgresql-plperl-8.4 DPKG is earlier than 8.4.7-0ubuntu0.9.10 AND libecpg-compat3 DPKG is earlier than 8.4.7-0ubuntu0.9.10 OR Release section Ubuntu 6.06 is installed AND Architecture section Architecture independent section Installed architecture is all AND postgresql-doc-8.1 DPKG is earlier than 8.1.23-0ubuntu0.6.06.1 OR Architecture depended section Supported architectures section Installed architecture is sparc AND Installed architecture is powerpc AND Installed architecture is amd64 AND Installed architecture is i386 AND Packages section postgresql-client-8.1 DPKG is earlier than 8.1.23-0ubuntu0.6.06.1 AND postgresql-8.1 DPKG is earlier than 8.1.23-0ubuntu0.6.06.1 AND postgresql-contrib-8.1 DPKG is earlier than 8.1.23-0ubuntu0.6.06.1 AND libecpg5 DPKG is earlier than 8.1.23-0ubuntu0.6.06.1 AND postgresql-pltcl-8.1 DPKG is earlier than 8.1.23-0ubuntu0.6.06.1 AND postgresql-server-dev-8.1 DPKG is earlier than 8.1.23-0ubuntu0.6.06.1 AND libpgtypes2 DPKG is earlier than 8.1.23-0ubuntu0.6.06.1 AND libecpg-dev DPKG is earlier than 8.1.23-0ubuntu0.6.06.1 AND postgresql-plpython-8.1 DPKG is earlier than 8.1.23-0ubuntu0.6.06.1 AND libpq4 DPKG is earlier than 8.1.23-0ubuntu0.6.06.1 AND libpq-dev DPKG is earlier than 8.1.23-0ubuntu0.6.06.1 AND postgresql-plperl-8.1 DPKG is earlier than 8.1.23-0ubuntu0.6.06.1 AND libecpg-compat2 DPKG is earlier than 8.1.23-0ubuntu0.6.06.1

Definition Id: oval:org.mitre.oval:def:21138

Oval ID:	oval:org.mitre.oval:def:21138
Title:	RHSA-2011:0197: postgresql security update (Moderate)
Description:	Buffer overflow in the gettoken function in contrib/intarray/_int_bool.c in the intarray array module in PostgreSQL 9.0.x before 9.0.3, 8.4.x before 8.4.7, 8.3.x before 8.3.14, and 8.2.x before 8.2.20 allows remote authenticated users to cause a denial of service (crash) and possibly execute arbitrary code via integers with a large number of digits to unspecified functions.
Family:	unix	Class:	patch
Reference(s):	RHSA-2011:0197-01 CVE-2010-4015 CESA-2011:0197-CentOS 5	Version:	6
Platform(s):	Red Hat Enterprise Linux 6 Red Hat Enterprise Linux 5 CentOS Linux 5	Product(s):	postgresql
Definition Synopsis:
Red Hat Enterprise Linux 5 and CentOS Linux 5 release section Operation system section The operating system installed on the system is Red Hat Enterprise Linux 5 AND The operating system installed on the system is CentOS Linux 5.x Packages match section postgresql-devel is earlier than 0:8.1.23-1.el5_6.1 AND postgresql-pl is earlier than 0:8.1.23-1.el5_6.1 AND postgresql-server is earlier than 0:8.1.23-1.el5_6.1 AND postgresql-test is earlier than 0:8.1.23-1.el5_6.1 AND postgresql is earlier than 0:8.1.23-1.el5_6.1 AND postgresql-contrib is earlier than 0:8.1.23-1.el5_6.1 AND postgresql-docs is earlier than 0:8.1.23-1.el5_6.1 AND postgresql-libs is earlier than 0:8.1.23-1.el5_6.1 AND postgresql-python is earlier than 0:8.1.23-1.el5_6.1 AND postgresql-tcl is earlier than 0:8.1.23-1.el5_6.1 AND Red Hat Enterprise Linux 6 release section The operating system installed on the system is Red Hat Enterprise Linux 6 Packages match section postgresql is earlier than 0:8.4.7-1.el6_0.1 AND postgresql-contrib is earlier than 0:8.4.7-1.el6_0.1 AND postgresql-debuginfo is earlier than 0:8.4.7-1.el6_0.1 AND postgresql-devel is earlier than 0:8.4.7-1.el6_0.1 AND postgresql-docs is earlier than 0:8.4.7-1.el6_0.1 AND postgresql-libs is earlier than 0:8.4.7-1.el6_0.1 AND postgresql-plperl is earlier than 0:8.4.7-1.el6_0.1 AND postgresql-plpython is earlier than 0:8.4.7-1.el6_0.1 AND postgresql-pltcl is earlier than 0:8.4.7-1.el6_0.1 AND postgresql-server is earlier than 0:8.4.7-1.el6_0.1 AND postgresql-test is earlier than 0:8.4.7-1.el6_0.1

Definition Id: oval:org.mitre.oval:def:21827

Oval ID:	oval:org.mitre.oval:def:21827
Title:	RHSA-2011:0198: postgresql84 security update (Moderate)
Description:	Buffer overflow in the gettoken function in contrib/intarray/_int_bool.c in the intarray array module in PostgreSQL 9.0.x before 9.0.3, 8.4.x before 8.4.7, 8.3.x before 8.3.14, and 8.2.x before 8.2.20 allows remote authenticated users to cause a denial of service (crash) and possibly execute arbitrary code via integers with a large number of digits to unspecified functions.
Family:	unix	Class:	patch
Reference(s):	RHSA-2011:0198-01 CESA-2011:0198 CVE-2010-4015	Version:	4
Platform(s):	Red Hat Enterprise Linux 5 CentOS Linux 5	Product(s):	postgresql84
Definition Synopsis:
Redhat 5 or Centos 5 release The operating system installed on the system is Red Hat Enterprise Linux 5 AND The operating system installed on the system is CentOS Linux 5.x Packages section postgresql84-tcl is earlier than 0:8.4.7-1.el5_6.1 AND postgresql84-docs is earlier than 0:8.4.7-1.el5_6.1 AND postgresql84-python is earlier than 0:8.4.7-1.el5_6.1 AND postgresql84-plpython is earlier than 0:8.4.7-1.el5_6.1 AND postgresql84-libs is earlier than 0:8.4.7-1.el5_6.1 AND postgresql84-test is earlier than 0:8.4.7-1.el5_6.1 AND postgresql84-server is earlier than 0:8.4.7-1.el5_6.1 AND postgresql84-plperl is earlier than 0:8.4.7-1.el5_6.1 AND postgresql84-pltcl is earlier than 0:8.4.7-1.el5_6.1 AND postgresql84-devel is earlier than 0:8.4.7-1.el5_6.1 AND postgresql84 is earlier than 0:8.4.7-1.el5_6.1 AND postgresql84-contrib is earlier than 0:8.4.7-1.el5_6.1

Definition Id: oval:org.mitre.oval:def:23125

Oval ID:	oval:org.mitre.oval:def:23125
Title:	ELSA-2011:0198: postgresql84 security update (Moderate)
Description:	Buffer overflow in the gettoken function in contrib/intarray/_int_bool.c in the intarray array module in PostgreSQL 9.0.x before 9.0.3, 8.4.x before 8.4.7, 8.3.x before 8.3.14, and 8.2.x before 8.2.20 allows remote authenticated users to cause a denial of service (crash) and possibly execute arbitrary code via integers with a large number of digits to unspecified functions.
Family:	unix	Class:	patch
Reference(s):	ELSA-2011:0198-01 CVE-2010-4015	Version:	6
Platform(s):	Oracle Linux 5	Product(s):	postgresql84
Definition Synopsis:
Oracle Linux 5.x rpm test postgresql84-tcl is earlier than 0:8.4.7-1.el5_6.1 AND postgresql84-docs is earlier than 0:8.4.7-1.el5_6.1 AND postgresql84-python is earlier than 0:8.4.7-1.el5_6.1 AND postgresql84-plpython is earlier than 0:8.4.7-1.el5_6.1 AND postgresql84-libs is earlier than 0:8.4.7-1.el5_6.1 AND postgresql84-test is earlier than 0:8.4.7-1.el5_6.1 AND postgresql84-server is earlier than 0:8.4.7-1.el5_6.1 AND postgresql84-plperl is earlier than 0:8.4.7-1.el5_6.1 AND postgresql84-pltcl is earlier than 0:8.4.7-1.el5_6.1 AND postgresql84-devel is earlier than 0:8.4.7-1.el5_6.1 AND postgresql84 is earlier than 0:8.4.7-1.el5_6.1 AND postgresql84-contrib is earlier than 0:8.4.7-1.el5_6.1

Definition Id: oval:org.mitre.oval:def:23539

Oval ID:	oval:org.mitre.oval:def:23539
Title:	ELSA-2011:0197: postgresql security update (Moderate)
Description:	Buffer overflow in the gettoken function in contrib/intarray/_int_bool.c in the intarray array module in PostgreSQL 9.0.x before 9.0.3, 8.4.x before 8.4.7, 8.3.x before 8.3.14, and 8.2.x before 8.2.20 allows remote authenticated users to cause a denial of service (crash) and possibly execute arbitrary code via integers with a large number of digits to unspecified functions.
Family:	unix	Class:	patch
Reference(s):	ELSA-2011:0197-01 CVE-2010-4015	Version:	6
Platform(s):	Oracle Linux 6	Product(s):	postgresql
Definition Synopsis:
Oracle Linux 6.x rpm test postgresql is earlier than 0:8.4.7-1.el6_0.1 AND postgresql-server is earlier than 0:8.4.7-1.el6_0.1 AND postgresql-libs is earlier than 0:8.4.7-1.el6_0.1 AND postgresql-devel is earlier than 0:8.4.7-1.el6_0.1 AND postgresql-pltcl is earlier than 0:8.4.7-1.el6_0.1 AND postgresql-plpython is earlier than 0:8.4.7-1.el6_0.1 AND postgresql-docs is earlier than 0:8.4.7-1.el6_0.1 AND postgresql-plperl is earlier than 0:8.4.7-1.el6_0.1 AND postgresql-test is earlier than 0:8.4.7-1.el6_0.1 AND postgresql-contrib is earlier than 0:8.4.7-1.el6_0.1

Definition Id: oval:org.mitre.oval:def:27731

Oval ID:	oval:org.mitre.oval:def:27731
Title:	DEPRECATED: ELSA-2011-0198 -- postgresql84 security update (moderate)
Description:	[8.4.7-1.el5_6.1] - Update to PostgreSQL 8.4.7, for various fixes described at http://www.postgresql.org/docs/8.4/static/release-8-4-7.html http://www.postgresql.org/docs/8.4/static/release-8-4-6.html including the fix for CVE-2010-4015 Resolves: #672636 - Ensure we don't package any .gitignore files from the source tarball
Family:	unix	Class:	patch
Reference(s):	ELSA-2011-0198 CVE-2010-4015	Version:	4
Platform(s):	Oracle Linux 5	Product(s):	postgresql84
Definition Synopsis:
Oracle Linux 5.x Packages match section postgresql84 is earlier than 0:8.4.7-1.el5_6.1 AND postgresql84-contrib is earlier than 0:8.4.7-1.el5_6.1 AND postgresql84-devel is earlier than 0:8.4.7-1.el5_6.1 AND postgresql84-docs is earlier than 0:8.4.7-1.el5_6.1 AND postgresql84-libs is earlier than 0:8.4.7-1.el5_6.1 AND postgresql84-plperl is earlier than 0:8.4.7-1.el5_6.1 AND postgresql84-plpython is earlier than 0:8.4.7-1.el5_6.1 AND postgresql84-pltcl is earlier than 0:8.4.7-1.el5_6.1 AND postgresql84-python is earlier than 0:8.4.7-1.el5_6.1 AND postgresql84-server is earlier than 0:8.4.7-1.el5_6.1 AND postgresql84-tcl is earlier than 0:8.4.7-1.el5_6.1 AND postgresql84-test is earlier than 0:8.4.7-1.el5_6.1

CPE : Common Platform Enumeration

Type	Description	Count
Application	Postgresql cpe:2.3:a:postgresql:postgresql:9.0.2:::::::* cpe:2.3:a:postgresql:postgresql:9.0.1:::::::* cpe:2.3:a:postgresql:postgresql:9.0:::::::* cpe:2.3:a:postgresql:postgresql:8.4.6:::::::* cpe:2.3:a:postgresql:postgresql:8.4.5:::::::* cpe:2.3:a:postgresql:postgresql:8.4.4:::::::* cpe:2.3:a:postgresql:postgresql:8.4.3:::::::* cpe:2.3:a:postgresql:postgresql:8.4.2:::::::* cpe:2.3:a:postgresql:postgresql:8.4.1:::::::* cpe:2.3:a:postgresql:postgresql:8.4:::::::* cpe:2.3:a:postgresql:postgresql:8.3.9:::::::* cpe:2.3:a:postgresql:postgresql:8.3.8:::::::* cpe:2.3:a:postgresql:postgresql:8.3.7:::::::* cpe:2.3:a:postgresql:postgresql:8.3.6:::::::* cpe:2.3:a:postgresql:postgresql:8.3.5:::::::* cpe:2.3:a:postgresql:postgresql:8.3.4:::::::* cpe:2.3:a:postgresql:postgresql:8.3.3:::::::* cpe:2.3:a:postgresql:postgresql:8.3.2:::::::* cpe:2.3:a:postgresql:postgresql:8.3.13:::::::* cpe:2.3:a:postgresql:postgresql:8.3.12:::::::* cpe:2.3:a:postgresql:postgresql:8.3.11:::::::* cpe:2.3:a:postgresql:postgresql:8.3.10:::::::* cpe:2.3:a:postgresql:postgresql:8.3.1:::::::* cpe:2.3:a:postgresql:postgresql:8.3:::::::* cpe:2.3:a:postgresql:postgresql:8.2.9:::::::* cpe:2.3:a:postgresql:postgresql:8.2.8:::::::* cpe:2.3:a:postgresql:postgresql:8.2.7:::::::* cpe:2.3:a:postgresql:postgresql:8.2.6:::::::* cpe:2.3:a:postgresql:postgresql:8.2.5:::::::* cpe:2.3:a:postgresql:postgresql:8.2.4:::::::* cpe:2.3:a:postgresql:postgresql:8.2.3:::::::* cpe:2.3:a:postgresql:postgresql:8.2.2:::::::* cpe:2.3:a:postgresql:postgresql:8.2.19:::::::* cpe:2.3:a:postgresql:postgresql:8.2.18:::::::* cpe:2.3:a:postgresql:postgresql:8.2.17:::::::* cpe:2.3:a:postgresql:postgresql:8.2.16:::::::* cpe:2.3:a:postgresql:postgresql:8.2.15:::::::* cpe:2.3:a:postgresql:postgresql:8.2.14:::::::* cpe:2.3:a:postgresql:postgresql:8.2.13:::::::* cpe:2.3:a:postgresql:postgresql:8.2.12:::::::* cpe:2.3:a:postgresql:postgresql:8.2.11:::::::* cpe:2.3:a:postgresql:postgresql:8.2.10:::::::* cpe:2.3:a:postgresql:postgresql:8.2.1:::::::* cpe:2.3:a:postgresql:postgresql:8.2:::::::*	44

OpenVAS Exploits

Date	Description
2012-07-30	Name : CentOS Update for postgresql CESA-2011:0197 centos4 x86_64 File : nvt/gb_CESA-2011_0197_postgresql_centos4_x86_64.nasl
2012-07-30	Name : CentOS Update for postgresql CESA-2011:0197 centos5 x86_64 File : nvt/gb_CESA-2011_0197_postgresql_centos5_x86_64.nasl
2012-07-30	Name : CentOS Update for postgresql84 CESA-2011:0198 centos5 x86_64 File : nvt/gb_CESA-2011_0198_postgresql84_centos5_x86_64.nasl
2012-02-12	Name : Gentoo Security Advisory GLSA 201110-22 (postgresql-server postgresql-base) File : nvt/glsa_201110_22.nasl
2011-08-09	Name : CentOS Update for postgresql CESA-2011:0197 centos5 i386 File : nvt/gb_CESA-2011_0197_postgresql_centos5_i386.nasl
2011-08-09	Name : CentOS Update for postgresql84 CESA-2011:0198 centos5 i386 File : nvt/gb_CESA-2011_0198_postgresql84_centos5_i386.nasl
2011-02-11	Name : CentOS Update for postgresql CESA-2011:0197 centos4 i386 File : nvt/gb_CESA-2011_0197_postgresql_centos4_i386.nasl
2011-02-11	Name : Fedora Update for postgresql FEDORA-2011-0963 File : nvt/gb_fedora_2011_0963_postgresql_fc13.nasl
2011-02-11	Name : Fedora Update for postgresql FEDORA-2011-0990 File : nvt/gb_fedora_2011_0990_postgresql_fc14.nasl
2011-02-11	Name : Mandriva Update for postgresql MDVSA-2011:021 (postgresql) File : nvt/gb_mandriva_MDVSA_2011_021.nasl
2011-02-04	Name : RedHat Update for postgresql RHSA-2011:0197-01 File : nvt/gb_RHSA-2011_0197-01_postgresql.nasl
2011-02-04	Name : RedHat Update for postgresql84 RHSA-2011:0198-01 File : nvt/gb_RHSA-2011_0198-01_postgresql84.nasl
2011-02-04	Name : Ubuntu Update for PostgreSQL vulnerability USN-1058-1 File : nvt/gb_ubuntu_USN_1058_1.nasl
2011-02-02	Name : PostgreSQL 'intarray' Module 'gettoken()' Buffer Overflow Vulnerability File : nvt/gb_postgresql_46084.nasl

Open Source Vulnerability Database (OSVDB)

Id	Description
70740	PostgreSQL intarray Module contrib/intarray/_int_bool.c gettoken() Function O... PostgreSQL is prone to an overflow condition. The 'gettoken' function in 'contrib/intarray/_int_bool.c' in the intarray array module fails to properly sanitize user-supplied input resulting in a buffer overflow. With specially crafted integers with large numbers of digits to unspecified functions, a remote authenticated attacker can potentially execute arbitrary code.

Description

70740

PostgreSQL intarray Module contrib/intarray/_int_bool.c gettoken() Function O...

PostgreSQL is prone to an overflow condition. The 'gettoken' function in 'contrib/intarray/_int_bool.c' in the intarray array module fails to properly sanitize user-supplied input resulting in a buffer overflow. With specially crafted integers with large numbers of digits to unspecified functions, a remote authenticated attacker can potentially execute arbitrary code.

Information Assurance Vulnerability Management (IAVM)

Date	Description
2012-08-16	IAVM : 2012-A-0136 - Multiple Vulnerabilities in Juniper Network Management Products Severity : Category I - VMSKEY : V0033662

Nessus® Vulnerability Scanner

Date	Description
2014-06-13	Name : The remote openSUSE host is missing a security update. File : suse_11_3_postgresql-110217.nasl - Type : ACT_GATHER_INFO
2013-09-13	Name : The remote host is affected by multiple vulnerabilities. File : juniper_nsm_2012_1.nasl - Type : ACT_GATHER_INFO
2013-07-12	Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2011-0197.nasl - Type : ACT_GATHER_INFO
2013-07-12	Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2011-0198.nasl - Type : ACT_GATHER_INFO
2012-12-28	Name : The remote database server is affected by a buffer overflow vulnerability. File : postgresql_20110201.nasl - Type : ACT_GATHER_INFO
2012-08-01	Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20110203_postgresql_on_SL4_x.nasl - Type : ACT_GATHER_INFO
2012-08-01	Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20110203_postgresql84_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2011-12-13	Name : The remote SuSE 10 host is missing a security-related patch. File : suse_postgresql-7404.nasl - Type : ACT_GATHER_INFO
2011-10-25	Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201110-22.nasl - Type : ACT_GATHER_INFO
2011-05-05	Name : The remote openSUSE host is missing a security update. File : suse_11_2_postgresql-110217.nasl - Type : ACT_GATHER_INFO
2011-04-15	Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2011-0198.nasl - Type : ACT_GATHER_INFO
2011-03-31	Name : The remote SuSE 10 host is missing a security-related patch. File : suse_postgresql-7341.nasl - Type : ACT_GATHER_INFO
2011-03-31	Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_postgresql-110217.nasl - Type : ACT_GATHER_INFO
2011-02-10	Name : The remote Fedora host is missing a security update. File : fedora_2011-0963.nasl - Type : ACT_GATHER_INFO
2011-02-08	Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2011-021.nasl - Type : ACT_GATHER_INFO
2011-02-08	Name : The remote Fedora host is missing a security update. File : fedora_2011-0990.nasl - Type : ACT_GATHER_INFO
2011-02-06	Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2011-0197.nasl - Type : ACT_GATHER_INFO
2011-02-04	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2011-0198.nasl - Type : ACT_GATHER_INFO
2011-02-04	Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1058-1.nasl - Type : ACT_GATHER_INFO
2011-02-04	Name : The remote Debian host is missing a security-related update. File : debian_DSA-2157.nasl - Type : ACT_GATHER_INFO
2011-02-04	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2011-0197.nasl - Type : ACT_GATHER_INFO
2009-06-28	Name : The remote host is missing Sun Security Patch number 138826-12 File : solaris10_138826.nasl - Type : ACT_GATHER_INFO
2009-06-28	Name : The remote host is missing Sun Security Patch number 138823-12 File : solaris10_x86_138823.nasl - Type : ACT_GATHER_INFO
2009-06-28	Name : The remote host is missing Sun Security Patch number 138825-12 File : solaris10_x86_138825.nasl - Type : ACT_GATHER_INFO
2009-06-28	Name : The remote host is missing Sun Security Patch number 138827-12 File : solaris10_x86_138827.nasl - Type : ACT_GATHER_INFO
2009-06-28	Name : The remote host is missing Sun Security Patch number 138824-12 File : solaris10_138824.nasl - Type : ACT_GATHER_INFO
2009-06-28	Name : The remote host is missing Sun Security Patch number 138822-12 File : solaris10_138822.nasl - Type : ACT_GATHER_INFO
2008-03-04	Name : The remote host is missing Sun Security Patch number 137001-08 File : solaris10_x86_137001.nasl - Type : ACT_GATHER_INFO
2008-03-04	Name : The remote host is missing Sun Security Patch number 137005-09 File : solaris10_x86_137005.nasl - Type : ACT_GATHER_INFO
2008-03-04	Name : The remote host is missing Sun Security Patch number 137004-09 File : solaris10_137004.nasl - Type : ACT_GATHER_INFO
2008-03-04	Name : The remote host is missing Sun Security Patch number 137000-08 File : solaris10_137000.nasl - Type : ACT_GATHER_INFO
2008-02-05	Name : The remote host is missing Sun Security Patch number 136999-10 File : solaris10_x86_136999.nasl - Type : ACT_GATHER_INFO
2008-02-05	Name : The remote host is missing Sun Security Patch number 136998-10 File : solaris10_136998.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.

Date	Informations
2014-02-17 11:54:19	Multiple Updates

Global Informations

Type	Count
CWE ID(s)	1
Oval ID(s)	7
CPE ID(s)	44
osvdb(s)	1
Openvas Exploit(s)	14
IAVM(s)	1
Nessus® Exploit(s)	33

	Related
6.5	CVE-2010-4015
Info : listing not affected by your CVSS Env Score

Same Subject	Severity
Login to view 1 more Alert(s)