Lucene search
Tenable5170.PRMHistorySep 14, 2009 - 12:00 a.m.
PostgreSQL Multiple Vulnerabilities
2009-09-1400:00:00
Tenable
www.tenable.com
14
The remote host is running PostgreSQL, a database application. The version of PostgreSQL is potentially affected by multiple issues :
-
Authenticated non-superusers can shut down the backend server by re-LOAD-ing libraries in $libdir/plugins, if any libraries are present there.
-
A privilege escalation issue allows some actions to be performed with superuser privileges instead of table owner privileges. This is related to the fix for CVE-2007-6600 which failed to include protection against misuse of ‘RESET SESSION AUTHORIZATION’.
-
If PostgreSQL is configured with LDAP authentication, and your LDAP configuration allows anonymous binds, it is possible for a user to authenticate themselves with an empty password.
Binary data 5170.prm| Vendor | Product | Version | CPE |
|---|---|---|---|
| postgresql | postgresql | cpe:/a:postgresql:postgresql |
Related
openvas
openvas
Fedora Core 11 FEDORA-2009-9473 (postgresql)
2009-09-15 00:00:00
Fedora Core 11 FEDORA-2009-9473 (postgresql)
2009-09-15 00:00:00
Fedora Core 10 FEDORA-2009-9474 (postgresql)
2009-09-15 00:00:00
postgresql
postgresql
Vulnerability in core server (CVE-2007-6600)
2008-01-09 21:46:00
veracode
veracode
Privilege Escalation
2020-04-10 00:19:40
Privilege Escalation
2020-04-10 00:37:07
fedora
fedora
[SECURITY] Fedora 11 Update: postgresql-8.3.8-1.fc11
2009-09-11 23:21:13
[SECURITY] Fedora 10 Update: postgresql-8.3.8-1.fc10
2009-09-11 23:21:46
[SECURITY] Fedora 8 Update: postgresql-8.2.6-1.fc8
2008-01-11 22:14:38
prion
prion
ubuntucve
ubuntucve
cve
cve
nessus
nessus
Oracle Linux 3 : postgresql (ELSA-2009-1485)
2013-07-12 00:00:00
CentOS 3 : postgresql (CESA-2009:1485)
2009-10-08 00:00:00
RHEL 3 : postgresql (RHSA-2009:1485)
2009-10-08 00:00:00
oraclelinux
oraclelinux
Moderate: postgresql security update
2008-01-11 00:00:00
Moderate: postgresql security update
2008-01-11 00:00:00
centos
centos
rh security update
2009-10-07 21:13:30
postgresql security update
2009-10-09 15:00:55
rh security update
2008-01-11 14:31:56
redhat
redhat
(RHSA-2009:1485) Moderate: postgresql security update
2009-10-07 00:00:00
(RHSA-2009:1484) Moderate: postgresql security update
2009-10-07 00:00:00
(RHSA-2008:0039) Moderate: postgresql security update
2008-01-11 00:00:00
securityvulns
securityvulns
[ MDVSA-2009:333 ] postgresql
2009-12-15 00:00:00
[USN-834-1] PostgreSQL vulnerabilities
2009-09-22 00:00:00
PostgreSQL database server multiple security vulnerabilities
2008-01-08 00:00:00
ubuntu
ubuntu
PostgreSQL vulnerabilities
2009-09-21 00:00:00
PostgreSQL vulnerabilities
2008-01-14 00:00:00
freebsd
freebsd
postgresql -- multiple vulnerabilities
2009-11-20 00:00:00
postgresql -- multiple vulnerabilities
2008-01-06 00:00:00
suse
suse
remote code execution in postgresql
2008-02-06 10:24:49
osv
osv
postgresql-7.4 - several
2008-01-14 00:00:00
postgresql-8.1 - several
2008-01-13 00:00:00
debian
debian
gentoo
gentoo
PostgreSQL: Multiple vulnerabilities
2008-01-29 00:00:00
Related for 5170.PRM