Executive Summary
Informations | |||
---|---|---|---|
Name | MDVSA-2010:197 | First vendor Publication | 2010-10-06 |
Vendor | Mandriva | Last vendor Modification | 2010-10-06 |
Severity (Vendor) | N/A | Revision | N/A |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:M/Au:S/C:P/I:P/A:P) | |||
---|---|---|---|
Cvss Base Score | 6 | Attack Range | Network |
Cvss Impact Score | 6.4 | Attack Complexity | Medium |
Cvss Expoit Score | 6.8 | Authentication | Requires single instance |
Calculate full CVSS 2.0 Vectors scores |
Detail
Multiple vulnerabilities was discovered and corrected in postgresql: An authenticated database user can manipulate modules and tied variables in some external procedural languages to execute code with enhanced privileges (CVE-2010-3433). Packages for 2008.0 and 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more: http://store.mandriva.com/product_info.php?cPath=149&products_id=490 This update provides a solution to these vulnerabilities. |
Original Source
Url : http://www.mandriva.com/security/advisories?name=MDVSA-2010:197 |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
100 % | CWE-264 | Permissions, Privileges, and Access Controls |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:12311 | |||
Oval ID: | oval:org.mitre.oval:def:12311 | ||
Title: | DSA-2120-1 postgresql-8.3 -- privilege escalation | ||
Description: | Tim Bunce discovered that PostgreSQL, a database server software, does not properly separate interpreters for server-side stored procedures which run in different security contexts. As a result, non-privileged authenticated database users might gain additional privileges. Note that this security update may impact intended communication through global variables between stored procedures. It might be necessary to convert these functions to run under the plperlu or pltclu languages, with database superuser privileges. This security update also includes unrelated bug fixes from PostgreSQL 8.3.12. For the stable distribution, this problem has been fixed in version 8.3_8.3.12-0lenny1. For the unstable distribution, this problem has been fixed in version 8.4.5-1 of the postgresql-8.4 package. We recommend that you upgrade your PostgreSQL packages. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-2120-1 CVE-2010-3433 | Version: | 5 |
Platform(s): | Debian GNU/Linux 5.0 | Product(s): | postgresql-8.3 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:12988 | |||
Oval ID: | oval:org.mitre.oval:def:12988 | ||
Title: | USN-1002-2 -- postgresql-8.4 vulnerability | ||
Description: | USN-1002-1 fixed vulnerabilities in PostgreSQL. This update provides the corresponding update for Ubuntu 10.10. Original advisory details: It was discovered that PostgreSQL did not properly enforce permissions within sessions when PL/Perl and PL/Tcl functions or operators were redefined. A remote authenticated attacker could exploit this to execute arbitrary code with permissions of a different user, possibly leading to privilege escalation. | ||
Family: | unix | Class: | patch |
Reference(s): | USN-1002-2 CVE-2010-3433 | Version: | 5 |
Platform(s): | Ubuntu 10.10 | Product(s): | postgresql-8.4 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:21895 | |||
Oval ID: | oval:org.mitre.oval:def:21895 | ||
Title: | RHSA-2010:0908: postgresql security update (Moderate) | ||
Description: | The PL/perl and PL/Tcl implementations in PostgreSQL 7.4 before 7.4.30, 8.0 before 8.0.26, 8.1 before 8.1.22, 8.2 before 8.2.18, 8.3 before 8.3.12, 8.4 before 8.4.5, and 9.0 before 9.0.1 do not properly protect script execution by a different SQL user identity within the same session, which allows remote authenticated users to gain privileges via crafted script code in a SECURITY DEFINER function, as demonstrated by (1) redefining standard functions or (2) redefining operators, a different vulnerability than CVE-2010-1168, CVE-2010-1169, CVE-2010-1170, and CVE-2010-1447. | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2010:0908-01 CVE-2010-3433 | Version: | 4 |
Platform(s): | Red Hat Enterprise Linux 6 | Product(s): | postgresql |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:23035 | |||
Oval ID: | oval:org.mitre.oval:def:23035 | ||
Title: | ELSA-2010:0908: postgresql security update (Moderate) | ||
Description: | The PL/perl and PL/Tcl implementations in PostgreSQL 7.4 before 7.4.30, 8.0 before 8.0.26, 8.1 before 8.1.22, 8.2 before 8.2.18, 8.3 before 8.3.12, 8.4 before 8.4.5, and 9.0 before 9.0.1 do not properly protect script execution by a different SQL user identity within the same session, which allows remote authenticated users to gain privileges via crafted script code in a SECURITY DEFINER function, as demonstrated by (1) redefining standard functions or (2) redefining operators, a different vulnerability than CVE-2010-1168, CVE-2010-1169, CVE-2010-1170, and CVE-2010-1447. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2010:0908-01 CVE-2010-3433 | Version: | 6 |
Platform(s): | Oracle Linux 6 | Product(s): | postgresql |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:7291 | |||
Oval ID: | oval:org.mitre.oval:def:7291 | ||
Title: | Privilege-escalation vulnerability in PostgreSQL version less than or equal to 9.0 | ||
Description: | The PL/perl and PL/Tcl implementations in PostgreSQL 7.4 before 7.4.30, 8.0 before 8.0.26, 8.1 before 8.1.22, 8.2 before 8.2.18, 8.3 before 8.3.12, 8.4 before 8.4.5, and 9.0 before 9.0.1 do not properly protect script execution by a different SQL user identity within the same session, which allows remote authenticated users to gain privileges via crafted script code in a SECURITY DEFINER function, as demonstrated by (1) redefining standard functions or (2) redefining operators, a different vulnerability than CVE-2010-1168, CVE-2010-1169, CVE-2010-1170, and CVE-2010-1447. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2010-3433 | Version: | 7 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows XP | Product(s): | PostgreSQL |
Definition Synopsis: | |||
|
CPE : Common Platform Enumeration
OpenVAS Exploits
Date | Description |
---|---|
2012-02-12 | Name : Gentoo Security Advisory GLSA 201110-22 (postgresql-server postgresql-base) File : nvt/glsa_201110_22.nasl |
2011-08-09 | Name : CentOS Update for postgresql84 CESA-2010:0742 centos5 i386 File : nvt/gb_CESA-2010_0742_postgresql84_centos5_i386.nasl |
2011-08-09 | Name : CentOS Update for postgresql CESA-2010:0742 centos5 i386 File : nvt/gb_CESA-2010_0742_postgresql_centos5_i386.nasl |
2011-02-11 | Name : Fedora Update for postgresql FEDORA-2011-0963 File : nvt/gb_fedora_2011_0963_postgresql_fc13.nasl |
2010-12-02 | Name : Fedora Update for postgresql FEDORA-2010-15852 File : nvt/gb_fedora_2010_15852_postgresql_fc14.nasl |
2010-12-02 | Name : Fedora Update for sepostgresql FEDORA-2010-15870 File : nvt/gb_fedora_2010_15870_sepostgresql_fc14.nasl |
2010-11-23 | Name : Ubuntu Update for postgresql-8.4 vulnerability USN-1002-2 File : nvt/gb_ubuntu_USN_1002_2.nasl |
2010-11-17 | Name : Debian Security Advisory DSA 2120-1 (postgresql-8.3) File : nvt/deb_2120_1.nasl |
2010-11-04 | Name : Fedora Update for sepostgresql FEDORA-2010-16004 File : nvt/gb_fedora_2010_16004_sepostgresql_fc13.nasl |
2010-10-22 | Name : Fedora Update for postgresql FEDORA-2010-15954 File : nvt/gb_fedora_2010_15954_postgresql_fc12.nasl |
2010-10-22 | Name : Fedora Update for postgresql FEDORA-2010-15960 File : nvt/gb_fedora_2010_15960_postgresql_fc13.nasl |
2010-10-19 | Name : CentOS Update for postgresql CESA-2010:0742 centos4 i386 File : nvt/gb_CESA-2010_0742_postgresql_centos4_i386.nasl |
2010-10-19 | Name : RedHat Update for postgresql and postgresql84 RHSA-2010:0742-01 File : nvt/gb_RHSA-2010_0742-01_postgresql_and_postgresql84.nasl |
2010-10-19 | Name : Mandriva Update for postgresql MDVSA-2010:197 (postgresql) File : nvt/gb_mandriva_MDVSA_2010_197.nasl |
2010-10-19 | Name : Ubuntu Update for PostgreSQL vulnerability USN-1002-1 File : nvt/gb_ubuntu_USN_1002_1.nasl |
2010-10-06 | Name : PostgreSQL PL/Perl and PL/Tcl Local Privilege Escalation Vulnerability File : nvt/gb_postgresql_43747.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
68436 | PostgreSQL PL perl / Tcl SECURITY DEFINER Function Crafted Script Code Execut... PostgreSQL contains a flaw that may allow an attacker to gain access to unauthorized privileges. The issue is triggered when the PL/perl and PL/Tcl implementations fail to properly prevent different SQL users from executing scripts in the same session, allowing a remote authenticated attacker to use crafted script code in a SECURITY DEFINER function to gain elevated privileges, allowing the execution of SQL code with the privileges of the initial user. |
Information Assurance Vulnerability Management (IAVM)
Date | Description |
---|---|
2012-08-16 | IAVM : 2012-A-0136 - Multiple Vulnerabilities in Juniper Network Management Products Severity : Category I - VMSKEY : V0033662 |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_3_postgresql-101019.nasl - Type : ACT_GATHER_INFO |
2013-09-13 | Name : The remote host is affected by multiple vulnerabilities. File : juniper_nsm_2012_1.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2010-0742.nasl - Type : ACT_GATHER_INFO |
2012-12-28 | Name : The remote database server is affected by a privilege escalation vulnerability. File : postgresql_20101005.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20101123_postgresql_on_SL6_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20101006_postgresql_and_postgresql84_on_SL4_x.nasl - Type : ACT_GATHER_INFO |
2011-10-25 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201110-22.nasl - Type : ACT_GATHER_INFO |
2010-11-24 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2010-0908.nasl - Type : ACT_GATHER_INFO |
2010-10-29 | Name : The remote Fedora host is missing a security update. File : fedora_2010-15870.nasl - Type : ACT_GATHER_INFO |
2010-10-28 | Name : The remote Fedora host is missing a security update. File : fedora_2010-16004.nasl - Type : ACT_GATHER_INFO |
2010-10-28 | Name : The remote openSUSE host is missing a security update. File : suse_11_2_postgresql-101019.nasl - Type : ACT_GATHER_INFO |
2010-10-28 | Name : The remote openSUSE host is missing a security update. File : suse_11_1_postgresql-101012.nasl - Type : ACT_GATHER_INFO |
2010-10-20 | Name : The remote Fedora host is missing a security update. File : fedora_2010-15960.nasl - Type : ACT_GATHER_INFO |
2010-10-20 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_postgresql-7186.nasl - Type : ACT_GATHER_INFO |
2010-10-20 | Name : The remote Fedora host is missing a security update. File : fedora_2010-15954.nasl - Type : ACT_GATHER_INFO |
2010-10-18 | Name : The remote Fedora host is missing a security update. File : fedora_2010-15852.nasl - Type : ACT_GATHER_INFO |
2010-10-14 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2120.nasl - Type : ACT_GATHER_INFO |
2010-10-08 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1002-1.nasl - Type : ACT_GATHER_INFO |
2010-10-08 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1002-2.nasl - Type : ACT_GATHER_INFO |
2010-10-07 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2010-0742.nasl - Type : ACT_GATHER_INFO |
2010-10-07 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2010-0742.nasl - Type : ACT_GATHER_INFO |
2010-10-07 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2010-197.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2014-02-17 11:41:46 |
|