6 - CVE-2010-1170

Executive Summary

Informations
Name	CVE-2010-1170	First vendor Publication	2010-05-19
Vendor	Cve	Last vendor Modification	2024-11-21

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score	NA
Base Score	NA	Environmental Score	NA
impact SubScore	NA	Temporal Score	NA
Exploitabality Sub Score	NA

Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:M/Au:S/C:P/I:P/A:P)
Cvss Base Score	6	Attack Range	Network
Cvss Impact Score	6.4	Attack Complexity	Medium
Cvss Expoit Score	6.8	Authentication	Requires single instance
Calculate full CVSS 2.0 Vectors scores

Detail

The PL/Tcl implementation in PostgreSQL 7.4 before 7.4.29, 8.0 before 8.0.25, 8.1 before 8.1.21, 8.2 before 8.2.17, 8.3 before 8.3.11, 8.4 before 8.4.4, and 9.0 Beta before 9.0 Beta 2 loads Tcl code from the pltcl_modules table regardless of the table's ownership and permissions, which allows remote authenticated users, with database-creation privileges, to execute arbitrary Tcl code by creating this table and inserting a crafted Tcl script.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1170

CWE : Common Weakness Enumeration

%	Id	Name
100 %	CWE-264	Permissions, Privileges, and Access Controls

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:10510

Oval ID:	oval:org.mitre.oval:def:10510
Title:	The PL/Tcl implementation in PostgreSQL 7.4 before 7.4.29, 8.0 before 8.0.25, 8.1 before 8.1.21, 8.2 before 8.2.17, 8.3 before 8.3.11, 8.4 before 8.4.4, and 9.0 Beta before 9.0 Beta 2 loads Tcl code from the pltcl_modules table regardless of the table's ownership and permissions, which allows remote authenticated users, with database-creation privileges, to execute arbitrary Tcl code by creating this table and inserting a crafted Tcl script.
Description:	The PL/Tcl implementation in PostgreSQL 7.4 before 7.4.29, 8.0 before 8.0.25, 8.1 before 8.1.21, 8.2 before 8.2.17, 8.3 before 8.3.11, 8.4 before 8.4.4, and 9.0 Beta before 9.0 Beta 2 loads Tcl code from the pltcl_modules table regardless of the table's ownership and permissions, which allows remote authenticated users, with database-creation privileges, to execute arbitrary Tcl code by creating this table and inserting a crafted Tcl script.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2010-1170	Version:	5
Platform(s):	Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5	Product(s):
Definition Synopsis:
OS Section: RHEL3, CentOS3 RHEL3 or CentOS3 The operating system installed on the system is Red Hat Enterprise Linux 3 AND CentOS Linux 3.x AND Configuration section rh-postgresql-devel is earlier than 0:7.3.21-3 AND rh-postgresql-server is earlier than 0:7.3.21-3 AND rh-postgresql-python is earlier than 0:7.3.21-3 AND rh-postgresql-libs is earlier than 0:7.3.21-3 AND rh-postgresql-docs is earlier than 0:7.3.21-3 AND rh-postgresql-test is earlier than 0:7.3.21-3 AND rh-postgresql-pl is earlier than 0:7.3.21-3 AND rh-postgresql-tcl is earlier than 0:7.3.21-3 AND rh-postgresql is earlier than 0:7.3.21-3 AND rh-postgresql-contrib is earlier than 0:7.3.21-3 AND rh-postgresql-jdbc is earlier than 0:7.3.21-3 OR OS Section: RHEL4, CentOS4, Oracle Linux 4 RHEL4, CentOS4 or Oracle Linux 4 The operating system installed on the system is Red Hat Enterprise Linux 4 AND CentOS Linux 4.x AND Oracle Linux 4.x AND Configuration section postgresql is earlier than 0:7.4.29-1.el4_8.1 AND postgresql-docs is earlier than 0:7.4.29-1.el4_8.1 AND postgresql-pl is earlier than 0:7.4.29-1.el4_8.1 AND postgresql-tcl is earlier than 0:7.4.29-1.el4_8.1 AND postgresql-libs is earlier than 0:7.4.29-1.el4_8.1 AND postgresql-contrib is earlier than 0:7.4.29-1.el4_8.1 AND postgresql-python is earlier than 0:7.4.29-1.el4_8.1 AND postgresql-test is earlier than 0:7.4.29-1.el4_8.1 AND postgresql-jdbc is earlier than 0:7.4.29-1.el4_8.1 AND postgresql-server is earlier than 0:7.4.29-1.el4_8.1 AND postgresql-devel is earlier than 0:7.4.29-1.el4_8.1 OR OS Section: RHEL5, CentOS5, Oracle Linux 5 RHEL5, CentOS5 or Oracle Linux 5 The operating system installed on the system is Red Hat Enterprise Linux 5 AND CentOS Linux 5.x AND Oracle Linux 5.x AND Configuration section postgresql84-server is earlier than 0:8.4.4-1.el5_5.1 AND postgresql84-plpython is earlier than 0:8.4.4-1.el5_5.1 AND postgresql84-libs is earlier than 0:8.4.4-1.el5_5.1 AND postgresql84-devel is earlier than 0:8.4.4-1.el5_5.1 AND postgresql84-python is earlier than 0:8.4.4-1.el5_5.1 AND postgresql84-plperl is earlier than 0:8.4.4-1.el5_5.1 AND postgresql-server is earlier than 0:8.1.21-1.el5_5.1 AND postgresql84-test is earlier than 0:8.4.4-1.el5_5.1 AND postgresql-devel is earlier than 0:8.1.21-1.el5_5.1 AND postgresql is earlier than 0:8.1.21-1.el5_5.1 AND postgresql84-tcl is earlier than 0:8.4.4-1.el5_5.1 AND postgresql-docs is earlier than 0:8.1.21-1.el5_5.1 AND postgresql-pl is earlier than 0:8.1.21-1.el5_5.1 AND postgresql-libs is earlier than 0:8.1.21-1.el5_5.1 AND postgresql-tcl is earlier than 0:8.1.21-1.el5_5.1 AND postgresql84-pltcl is earlier than 0:8.4.4-1.el5_5.1 AND postgresql-contrib is earlier than 0:8.1.21-1.el5_5.1 AND postgresql-python is earlier than 0:8.1.21-1.el5_5.1 AND postgresql84-contrib is earlier than 0:8.4.4-1.el5_5.1 AND postgresql-test is earlier than 0:8.1.21-1.el5_5.1 AND postgresql84-docs is earlier than 0:8.4.4-1.el5_5.1 AND postgresql84 is earlier than 0:8.4.4-1.el5_5.1

CPE : Common Platform Enumeration

Type	Description	Count
Application	Postgresql cpe:2.3:a:postgresql:postgresql:9.0.0:beta1:::::: cpe:2.3:a:postgresql:postgresql:8.4.3:::::::* cpe:2.3:a:postgresql:postgresql:8.4.2:::::::* cpe:2.3:a:postgresql:postgresql:8.4.1:::::::* cpe:2.3:a:postgresql:postgresql:8.4:::::::* cpe:2.3:a:postgresql:postgresql:8.3.9:::::::* cpe:2.3:a:postgresql:postgresql:8.3.8:::::::* cpe:2.3:a:postgresql:postgresql:8.3.7:::::::* cpe:2.3:a:postgresql:postgresql:8.3.6:::::::* cpe:2.3:a:postgresql:postgresql:8.3.5:::::::* cpe:2.3:a:postgresql:postgresql:8.3.4:::::::* cpe:2.3:a:postgresql:postgresql:8.3.3:::::::* cpe:2.3:a:postgresql:postgresql:8.3.2:::::::* cpe:2.3:a:postgresql:postgresql:8.3.10:::::::* cpe:2.3:a:postgresql:postgresql:8.3.1:::::::* cpe:2.3:a:postgresql:postgresql:8.3:::::::* cpe:2.3:a:postgresql:postgresql:8.2.9:::::::* cpe:2.3:a:postgresql:postgresql:8.2.8:::::::* cpe:2.3:a:postgresql:postgresql:8.2.7:::::::* cpe:2.3:a:postgresql:postgresql:8.2.6:::::::* cpe:2.3:a:postgresql:postgresql:8.2.5:::::::* cpe:2.3:a:postgresql:postgresql:8.2.4:::::::* cpe:2.3:a:postgresql:postgresql:8.2.3:::::::* cpe:2.3:a:postgresql:postgresql:8.2.2:::::::* cpe:2.3:a:postgresql:postgresql:8.2.16:::::::* cpe:2.3:a:postgresql:postgresql:8.2.15:::::::* cpe:2.3:a:postgresql:postgresql:8.2.14:::::::* cpe:2.3:a:postgresql:postgresql:8.2.13:::::::* cpe:2.3:a:postgresql:postgresql:8.2.12:::::::* cpe:2.3:a:postgresql:postgresql:8.2.11:::::::* cpe:2.3:a:postgresql:postgresql:8.2.10:::::::* cpe:2.3:a:postgresql:postgresql:8.2.1:::::::* cpe:2.3:a:postgresql:postgresql:8.2:::::::* cpe:2.3:a:postgresql:postgresql:8.1.9:::::::* cpe:2.3:a:postgresql:postgresql:8.1.8:::::::* cpe:2.3:a:postgresql:postgresql:8.1.7:::::::* cpe:2.3:a:postgresql:postgresql:8.1.6:::::::* cpe:2.3:a:postgresql:postgresql:8.1.5:::::::* cpe:2.3:a:postgresql:postgresql:8.1.4:::::::* cpe:2.3:a:postgresql:postgresql:8.1.3:::::::* cpe:2.3:a:postgresql:postgresql:8.1.20:::::::* cpe:2.3:a:postgresql:postgresql:8.1.2:::::::* cpe:2.3:a:postgresql:postgresql:8.1.19:::::::* cpe:2.3:a:postgresql:postgresql:8.1.18:::::::* cpe:2.3:a:postgresql:postgresql:8.1.17:::::::* cpe:2.3:a:postgresql:postgresql:8.1.16:::::::* cpe:2.3:a:postgresql:postgresql:8.1.15:::::::* cpe:2.3:a:postgresql:postgresql:8.1.14:::::::* cpe:2.3:a:postgresql:postgresql:8.1.13:::::::* cpe:2.3:a:postgresql:postgresql:8.1.12:::::::* cpe:2.3:a:postgresql:postgresql:8.1.11:::::::* cpe:2.3:a:postgresql:postgresql:8.1.10:::::::* cpe:2.3:a:postgresql:postgresql:8.1.1:::::::* cpe:2.3:a:postgresql:postgresql:8.1.0:::::::* cpe:2.3:a:postgresql:postgresql:8.1:::::::* cpe:2.3:a:postgresql:postgresql:8.0.9:::::::* cpe:2.3:a:postgresql:postgresql:8.0.8:::::::* cpe:2.3:a:postgresql:postgresql:8.0.7:::::::* cpe:2.3:a:postgresql:postgresql:8.0.6:::::::* cpe:2.3:a:postgresql:postgresql:8.0.5:::::::* cpe:2.3:a:postgresql:postgresql:8.0.4:::::::* cpe:2.3:a:postgresql:postgresql:8.0.3:::::::* cpe:2.3:a:postgresql:postgresql:8.0.24:::::::* cpe:2.3:a:postgresql:postgresql:8.0.23:::::::* cpe:2.3:a:postgresql:postgresql:8.0.22:::::::* cpe:2.3:a:postgresql:postgresql:8.0.21:::::::* cpe:2.3:a:postgresql:postgresql:8.0.20:::::::* cpe:2.3:a:postgresql:postgresql:8.0.2:::::::* cpe:2.3:a:postgresql:postgresql:8.0.19:::::::* cpe:2.3:a:postgresql:postgresql:8.0.18:::::::* cpe:2.3:a:postgresql:postgresql:8.0.17:::::::* cpe:2.3:a:postgresql:postgresql:8.0.16:::::::* cpe:2.3:a:postgresql:postgresql:8.0.15:::::::* cpe:2.3:a:postgresql:postgresql:8.0.14:::::::* cpe:2.3:a:postgresql:postgresql:8.0.13:::::::* cpe:2.3:a:postgresql:postgresql:8.0.12:::::::* cpe:2.3:a:postgresql:postgresql:8.0.11:::::::* cpe:2.3:a:postgresql:postgresql:8.0.10:::::::* cpe:2.3:a:postgresql:postgresql:8.0.1:::::::* cpe:2.3:a:postgresql:postgresql:8.0.0:::::::* cpe:2.3:a:postgresql:postgresql:8.0:::::::* cpe:2.3:a:postgresql:postgresql:7.4.9:::::::* cpe:2.3:a:postgresql:postgresql:7.4.8:::::::* cpe:2.3:a:postgresql:postgresql:7.4.7:::::::* cpe:2.3:a:postgresql:postgresql:7.4.6:::::::* cpe:2.3:a:postgresql:postgresql:7.4.5:::::::* cpe:2.3:a:postgresql:postgresql:7.4.4:::::::* cpe:2.3:a:postgresql:postgresql:7.4.3:::::::* cpe:2.3:a:postgresql:postgresql:7.4.28:::::::* cpe:2.3:a:postgresql:postgresql:7.4.27:::::::* cpe:2.3:a:postgresql:postgresql:7.4.26:::::::* cpe:2.3:a:postgresql:postgresql:7.4.25:::::::* cpe:2.3:a:postgresql:postgresql:7.4.24:::::::* cpe:2.3:a:postgresql:postgresql:7.4.23:::::::* cpe:2.3:a:postgresql:postgresql:7.4.22:::::::* cpe:2.3:a:postgresql:postgresql:7.4.21:::::::* cpe:2.3:a:postgresql:postgresql:7.4.20:::::::* cpe:2.3:a:postgresql:postgresql:7.4.2:::::::* cpe:2.3:a:postgresql:postgresql:7.4.19:::::::* cpe:2.3:a:postgresql:postgresql:7.4.18:::::::* cpe:2.3:a:postgresql:postgresql:7.4.17:::::::* cpe:2.3:a:postgresql:postgresql:7.4.16:::::::* cpe:2.3:a:postgresql:postgresql:7.4.15:::::::* cpe:2.3:a:postgresql:postgresql:7.4.14:::::::* cpe:2.3:a:postgresql:postgresql:7.4.13:::::::* cpe:2.3:a:postgresql:postgresql:7.4.12:::::::* cpe:2.3:a:postgresql:postgresql:7.4.11:::::::* cpe:2.3:a:postgresql:postgresql:7.4.10:::::::* cpe:2.3:a:postgresql:postgresql:7.4.1:::::::* cpe:2.3:a:postgresql:postgresql:7.4:::::::*	110

OpenVAS Exploits

Date	Description
2012-02-12	Name : Gentoo Security Advisory GLSA 201110-22 (postgresql-server postgresql-base) File : nvt/glsa_201110_22.nasl
2011-08-09	Name : CentOS Update for postgresql CESA-2010:0429 centos5 i386 File : nvt/gb_CESA-2010_0429_postgresql_centos5_i386.nasl
2011-08-09	Name : CentOS Update for postgresql84 CESA-2010:0430 centos5 i386 File : nvt/gb_CESA-2010_0430_postgresql84_centos5_i386.nasl
2011-02-11	Name : Fedora Update for postgresql FEDORA-2011-0963 File : nvt/gb_fedora_2011_0963_postgresql_fc13.nasl
2010-12-02	Name : Fedora Update for sepostgresql FEDORA-2010-15870 File : nvt/gb_fedora_2010_15870_sepostgresql_fc14.nasl
2010-11-04	Name : Fedora Update for sepostgresql FEDORA-2010-16004 File : nvt/gb_fedora_2010_16004_sepostgresql_fc13.nasl
2010-10-22	Name : Fedora Update for postgresql FEDORA-2010-15954 File : nvt/gb_fedora_2010_15954_postgresql_fc12.nasl
2010-10-22	Name : Fedora Update for postgresql FEDORA-2010-15960 File : nvt/gb_fedora_2010_15960_postgresql_fc13.nasl
2010-06-03	Name : Debian Security Advisory DSA 2051-1 (postgresql-8.3) File : nvt/deb_2051_1.nasl
2010-05-28	Name : RedHat Update for postgresql84 RHSA-2010:0430-01 File : nvt/gb_RHSA-2010_0430-01_postgresql84.nasl
2010-05-28	Name : RedHat Update for postgresql RHSA-2010:0429-01 File : nvt/gb_RHSA-2010_0429-01_postgresql.nasl
2010-05-28	Name : RedHat Update for postgresql RHSA-2010:0428-01 File : nvt/gb_RHSA-2010_0428-01_postgresql.nasl
2010-05-28	Name : RedHat Update for postgresql RHSA-2010:0427-01 File : nvt/gb_RHSA-2010_0427-01_postgresql.nasl
2010-05-28	Name : Fedora Update for postgresql FEDORA-2010-8715 File : nvt/gb_fedora_2010_8715_postgresql_fc12.nasl
2010-05-28	Name : Fedora Update for postgresql FEDORA-2010-8723 File : nvt/gb_fedora_2010_8723_postgresql_fc11.nasl
2010-05-28	Name : CentOS Update for postgresql CESA-2010:0428 centos4 i386 File : nvt/gb_CESA-2010_0428_postgresql_centos4_i386.nasl
2010-05-28	Name : Mandriva Update for postgresql MDVSA-2010:103 (postgresql) File : nvt/gb_mandriva_MDVSA_2010_103.nasl
2010-05-28	Name : Ubuntu Update for PostgreSQL vulnerabilities USN-942-1 File : nvt/gb_ubuntu_USN_942_1.nasl
2010-05-28	Name : CentOS Update for rh-postgresql CESA-2010:0427 centos3 i386 File : nvt/gb_CESA-2010_0427_rh-postgresql_centos3_i386.nasl
2010-05-19	Name : PostgreSQL Multiple Security Vulnerabilities File : nvt/gb_postgresql_40215.nasl
2010-03-22	Name : Mandriva Update for poppler MDVA-2010:103 (poppler) File : nvt/gb_mandriva_MDVA_2010_103.nasl

Open Source Vulnerability Database (OSVDB)

Id	Description
64757	PostgreSQL PL / Tcl Implementation pltcl_modules Table Permission Weakness Ar...

Information Assurance Vulnerability Management (IAVM)

Date	Description
2012-08-16	IAVM : 2012-A-0136 - Multiple Vulnerabilities in Juniper Network Management Products Severity : Category I - VMSKEY : V0033662

Nessus® Vulnerability Scanner

Date	Description
2013-09-13	Name : The remote host is affected by multiple vulnerabilities. File : juniper_nsm_2012_1.nasl - Type : ACT_GATHER_INFO
2013-07-12	Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2010-0430.nasl - Type : ACT_GATHER_INFO
2013-07-12	Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2010-0429.nasl - Type : ACT_GATHER_INFO
2013-07-12	Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2010-0428.nasl - Type : ACT_GATHER_INFO
2013-07-12	Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2010-0427.nasl - Type : ACT_GATHER_INFO
2012-12-28	Name : The remote database server is affected by multiple vulnerabilities. File : postgresql_20100517.nasl - Type : ACT_GATHER_INFO
2012-08-01	Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20100519_postgresql_on_SL3_x.nasl - Type : ACT_GATHER_INFO
2012-08-01	Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20100519_postgresql84_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2011-10-25	Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201110-22.nasl - Type : ACT_GATHER_INFO
2010-12-02	Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_postgresql-100525.nasl - Type : ACT_GATHER_INFO
2010-10-29	Name : The remote Fedora host is missing a security update. File : fedora_2010-15870.nasl - Type : ACT_GATHER_INFO
2010-10-28	Name : The remote Fedora host is missing a security update. File : fedora_2010-16004.nasl - Type : ACT_GATHER_INFO
2010-10-11	Name : The remote SuSE 10 host is missing a security-related patch. File : suse_postgresql-7053.nasl - Type : ACT_GATHER_INFO
2010-07-14	Name : The remote openSUSE host is missing a security update. File : suse_11_2_postgresql-100525.nasl - Type : ACT_GATHER_INFO
2010-07-14	Name : The remote openSUSE host is missing a security update. File : suse_11_1_postgresql-100525.nasl - Type : ACT_GATHER_INFO
2010-07-14	Name : The remote openSUSE host is missing a security update. File : suse_11_0_postgresql-100525.nasl - Type : ACT_GATHER_INFO
2010-07-01	Name : The remote Fedora host is missing a security update. File : fedora_2010-8723.nasl - Type : ACT_GATHER_INFO
2010-07-01	Name : The remote Fedora host is missing a security update. File : fedora_2010-8715.nasl - Type : ACT_GATHER_INFO
2010-07-01	Name : The remote Fedora host is missing a security update. File : fedora_2010-8696.nasl - Type : ACT_GATHER_INFO
2010-06-01	Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2010-0430.nasl - Type : ACT_GATHER_INFO
2010-06-01	Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2010-0429.nasl - Type : ACT_GATHER_INFO
2010-05-25	Name : The remote Debian host is missing a security-related update. File : debian_DSA-2051.nasl - Type : ACT_GATHER_INFO
2010-05-24	Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-942-1.nasl - Type : ACT_GATHER_INFO
2010-05-24	Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2010-0427.nasl - Type : ACT_GATHER_INFO
2010-05-24	Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2010-0428.nasl - Type : ACT_GATHER_INFO
2010-05-21	Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2010-103.nasl - Type : ACT_GATHER_INFO
2010-05-20	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2010-0430.nasl - Type : ACT_GATHER_INFO
2010-05-20	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2010-0429.nasl - Type : ACT_GATHER_INFO
2010-05-20	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2010-0428.nasl - Type : ACT_GATHER_INFO
2010-05-20	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2010-0427.nasl - Type : ACT_GATHER_INFO

Sources (Detail)

http://lists.fedoraproject.org/pipermail/package-announce/2010-May/041559.html
http://lists.fedoraproject.org/pipermail/package-announce/2010-May/041579.html
http://lists.fedoraproject.org/pipermail/package-announce/2010-May/041591.html
http://lists.opensuse.org/opensuse-security-announce/2010-08/msg00001.html
http://marc.info/?l=bugtraq&m=134124585221119&w=2
http://marc.info/?l=bugtraq&m=134124585221119&w=2
http://osvdb.org/64757
http://secunia.com/advisories/39815
http://secunia.com/advisories/39820
http://secunia.com/advisories/39845
http://secunia.com/advisories/39898
http://secunia.com/advisories/39939
http://www.debian.org/security/2010/dsa-2051
http://www.mandriva.com/security/advisories?name=MDVSA-2010:103
http://www.openwall.com/lists/oss-security/2010/05/20/5
http://www.postgresql.org/about/news.1203
http://www.postgresql.org/docs/current/static/release-7-4-29.html
http://www.postgresql.org/docs/current/static/release-8-0-25.html
http://www.postgresql.org/docs/current/static/release-8-1-21.html
http://www.postgresql.org/docs/current/static/release-8-2-17.html
http://www.postgresql.org/docs/current/static/release-8-3-11.html
http://www.postgresql.org/docs/current/static/release-8-4-4.html
http://www.postgresql.org/support/security
http://www.redhat.com/support/errata/RHSA-2010-0427.html
http://www.redhat.com/support/errata/RHSA-2010-0428.html
http://www.redhat.com/support/errata/RHSA-2010-0429.html
http://www.redhat.com/support/errata/RHSA-2010-0430.html
http://www.securityfocus.com/bid/40215
http://www.securitytracker.com/id?1023987
http://www.vupen.com/english/advisories/2010/1167
http://www.vupen.com/english/advisories/2010/1182
http://www.vupen.com/english/advisories/2010/1197
http://www.vupen.com/english/advisories/2010/1198
http://www.vupen.com/english/advisories/2010/1207
http://www.vupen.com/english/advisories/2010/1221
https://bugzilla.redhat.com/show_bug.cgi?id=583072
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.ova...

Source	Url

Alert History

If you want to see full details history, please login or register.

Date	Informations
2024-11-28 23:08:33	Multiple Updates
2024-11-28 12:21:31	Multiple Updates
2021-05-04 12:11:28	Multiple Updates
2021-04-22 01:11:56	Multiple Updates
2020-05-23 00:25:31	Multiple Updates
2017-09-19 09:23:42	Multiple Updates
2016-08-23 09:24:37	Multiple Updates
2016-06-28 18:06:21	Multiple Updates
2016-04-26 19:41:55	Multiple Updates
2014-02-17 10:54:29	Multiple Updates
2013-11-11 12:38:43	Multiple Updates
2013-05-10 23:21:29	Multiple Updates

Global Informations

Type	Count
CWE ID(s)	1
Oval ID(s)	1
CPE ID(s)	110
Sources(s)	37
osvdb(s)	1
Openvas Exploit(s)	21
IAVM(s)	1
Nessus® Exploit(s)	30

	Related
8.5	USN-942-1
8.5	RHSA-2010:0430
8.5	RHSA-2010:0429
8.5	RHSA-2010:0428
8.5	RHSA-2010:0427
8.5	MDVSA-2010:103
8.5	HPSBMU02781 SSR...
8.5	GLSA-201110-22
8.5	DSA-2051
0	CVE-2010-1974
Info : listing not affected by your CVSS Env Score

Same Subject	Severity
Login to view 10 more Alert(s)

6 - CVE-2010-1170

Executive Summary

Security-Database Scoring CVSS v3

Security-Database Scoring CVSS v2

Detail

Original Source

CWE : Common Weakness Enumeration

OVAL Definitions

CPE : Common Platform Enumeration

OpenVAS Exploits

Open Source Vulnerability Database (OSVDB)

Information Assurance Vulnerability Management (IAVM)

Nessus® Vulnerability Scanner

Sources (Detail)

Alert History

Global Informations

Open Standards

Other Databases

COMPANY

STANDARDS

RECENT POSTS

MENU