Executive Summary
Summary | |
---|---|
Title | postgresql security update |
Informations | |||
---|---|---|---|
Name | RHSA-2005:150 | First vendor Publication | 2005-02-16 |
Vendor | RedHat | Last vendor Modification | 2005-02-16 |
Severity (Vendor) | Important | Revision | 01 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:N/C:P/I:P/A:P) | |||
---|---|---|---|
Cvss Base Score | 7.5 | Attack Range | Network |
Cvss Impact Score | 6.4 | Attack Complexity | Low |
Cvss Expoit Score | 10 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Problem Description: Updated PostgreSQL packages to fix various security flaws are now available for Red Hat Enterprise Linux 2.1AS. This update has been rated as having important security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS (Advanced Server) version 2.1 - i386, ia64 Red Hat Linux Advanced Workstation 2.1 - ia64 Red Hat Enterprise Linux ES version 2.1 - i386 Red Hat Enterprise Linux WS version 2.1 - i386 3. Problem description: PostgreSQL is an advanced Object-Relational database management system (DBMS). A flaw in the LOAD command in PostgreSQL was discovered. A local user could use this flaw to load arbitrary shared libraries and therefore execute arbitrary code, gaining the privileges of the PostgreSQL server. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2005-0227 to this issue. Multiple buffer overflows were found in PL/PgSQL. A database user who has permissions to create plpgsql functions could trigger this flaw which could lead to arbitrary code execution, gaining the privileges of the PostgreSQL server. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CAN-2005-0245 and CAN-2005-0247 to these issues. Users of PostgreSQL are advised to update to these erratum packages which are not vulnerable to these issues. 4. Solution: Before applying this update, make sure that all previously-released errata relevant to your system have been applied. Use Red Hat Network to download and update your packages. To launch the Red Hat Update Agent, use the following command: up2date For information on how to install packages manually, refer to the following Web page for the System Administration or Customization guide specific to your system: http://www.redhat.com/docs/manuals/enterprise/ 5. Bug IDs fixed (http://bugzilla.redhat.com/): 147703 - CAN-2005-0227 Multiple security and data-loss issues in PostgreSQL (CAN-2004-0977 CAN-2005-0245 CAN-2005-0247) 130818 - PostgreSQL can lose committed transactions |
Original Source
Url : https://rhn.redhat.com/errata/RHSA-2005-150.html |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
50 % | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
50 % | CWE-94 | Failure to Control Generation of Code ('Code Injection') |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:9345 | |||
Oval ID: | oval:org.mitre.oval:def:9345 | ||
Title: | Buffer overflow in gram.y for PostgreSQL 8.0.0 and earlier may allow attackers to execute arbitrary code via a large number of arguments to a refcursor function (gram.y), which leads to a heap-based buffer overflow, a different vulnerability than CVE-2005-0247. | ||
Description: | Multiple buffer overflows in gram.y for PostgreSQL 8.0.1 and earlier may allow attackers to execute arbitrary code via (1) a large number of variables in a SQL statement being handled by the read_sql_construct function, (2) a large number of INTO variables in a SELECT statement being handled by the make_select_stmt function, (3) a large number of arbitrary variables in a SELECT statement being handled by the make_select_stmt function, and (4) a large number of INTO variables in a FETCH statement being handled by the make_fetch_stmt function, a different set of vulnerabilities than CVE-2005-0245. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2005-0247 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 | Product(s): | |
Definition Synopsis: | |||
|
CPE : Common Platform Enumeration
OpenVAS Exploits
Date | Description |
---|---|
2009-10-10 | Name : SLES9: Security update for PostgreSQL File : nvt/sles9p5010972.nasl |
2009-10-10 | Name : SLES9: Security update for postgresql File : nvt/sles9p5013194.nasl |
2008-09-24 | Name : Gentoo Security Advisory GLSA 200410-16 (PostgreSQL) File : nvt/glsa_200410_16.nasl |
2008-09-24 | Name : Gentoo Security Advisory GLSA 200502-08 (postgresql) File : nvt/glsa_200502_08.nasl |
2008-09-24 | Name : Gentoo Security Advisory GLSA 200502-19 (postgresql) File : nvt/glsa_200502_19.nasl |
2008-09-04 | Name : FreeBSD Ports: postgresql-contrib File : nvt/freebsd_postgresql-contrib.nasl |
2008-09-04 | Name : FreeBSD Ports: postgresql, postgresql-server, ja-postgresql File : nvt/freebsd_postgresql.nasl |
2008-09-04 | Name : FreeBSD Ports: postgresql, postgresql-server, ja-postgresql File : nvt/freebsd_postgresql0.nasl |
2008-09-04 | Name : FreeBSD Ports: postgresql, postgresql-server, ja-postgresql File : nvt/freebsd_postgresql3.nasl |
2008-01-17 | Name : Debian Security Advisory DSA 577-1 (postgresql) File : nvt/deb_577_1.nasl |
2008-01-17 | Name : Debian Security Advisory DSA 683-1 (postgresql) File : nvt/deb_683_1.nasl |
2005-11-03 | Name : PostgreSQL insecure temporary file creation File : nvt/postgresql_tempfile.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
13896 | PostgreSQL make_fetch_stmt FETCH INTO Variables Overflow |
13895 | PostgreSQL make_select_stmt SELECT Variables Overflow |
13894 | PostgreSQL make_select_stmt SELECT INTO Variables Overflow |
13893 | PostgreSQL read_sql_construct SQL Variables Overflow |
13774 | PostgreSQL gram.y refcursor Function Argument Number Overflow |
13354 | PostgreSQL LOAD Arbitrary Command Execution |
10941 | PostgreSQL make_oidjoins_check Arbitrary File Overwrite PostgreSQL contains a flaw that may allow a malicious user to overwrite files. The issue is triggered due to the "make_oidjoins_check" script creating temporary files insecurely. It is possible that the flaw may allow a malicious user to overwrite another user's files, resulting in a loss of integrity. |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2009-04-23 | Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_6a164d842f7f11d9a9e70001020eed82.nasl - Type : ACT_GATHER_INFO |
2006-08-14 | Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_65c8ecf92adb11dba6e2000e0c2e438a.nasl - Type : ACT_GATHER_INFO |
2006-01-15 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-79-1.nasl - Type : ACT_GATHER_INFO |
2006-01-15 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-6-1.nasl - Type : ACT_GATHER_INFO |
2005-09-12 | Name : The remote Fedora Core host is missing a security update. File : fedora_2005-157.nasl - Type : ACT_GATHER_INFO |
2005-09-12 | Name : The remote Fedora Core host is missing a security update. File : fedora_2005-158.nasl - Type : ACT_GATHER_INFO |
2005-07-13 | Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_5d4251897a0311d9a9e70001020eed82.nasl - Type : ACT_GATHER_INFO |
2005-07-13 | Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_6b4b0b3f812711d9a9e70001020eed82.nasl - Type : ACT_GATHER_INFO |
2005-04-21 | Name : The remote host is missing a vendor-supplied security patch File : suse_SA_2005_027.nasl - Type : ACT_GATHER_INFO |
2005-02-22 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2005-138.nasl - Type : ACT_GATHER_INFO |
2005-02-18 | Name : The remote Mandrake Linux host is missing one or more security updates. File : mandrake_MDKSA-2005-040.nasl - Type : ACT_GATHER_INFO |
2005-02-16 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-683.nasl - Type : ACT_GATHER_INFO |
2005-02-16 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2005-150.nasl - Type : ACT_GATHER_INFO |
2005-02-15 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200502-19.nasl - Type : ACT_GATHER_INFO |
2005-02-14 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200502-08.nasl - Type : ACT_GATHER_INFO |
2005-02-14 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2005-141.nasl - Type : ACT_GATHER_INFO |
2005-02-10 | Name : The remote Fedora Core host is missing a security update. File : fedora_2005-125.nasl - Type : ACT_GATHER_INFO |
2005-02-10 | Name : The remote Fedora Core host is missing a security update. File : fedora_2005-124.nasl - Type : ACT_GATHER_INFO |
2005-02-10 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-668.nasl - Type : ACT_GATHER_INFO |
2005-02-03 | Name : It may be possible to run arbitrary commands on the remote server. File : postgresql_multiple_flaws2.nasl - Type : ACT_GATHER_INFO |
2004-12-21 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2004-489.nasl - Type : ACT_GATHER_INFO |
2004-12-14 | Name : The remote Mandrake Linux host is missing one or more security updates. File : mandrake_MDKSA-2004-149.nasl - Type : ACT_GATHER_INFO |
2004-11-10 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-577.nasl - Type : ACT_GATHER_INFO |
2004-10-19 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200410-16.nasl - Type : ACT_GATHER_INFO |
2004-10-04 | Name : The remote service is vulnerable to an unspecified flaw. File : postgresql_tempfile.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2014-02-17 11:49:05 |
|
2013-05-11 12:22:52 |
|