Lucene search

K
nessusTenable5546.PRM
HistoryMay 18, 2010 - 12:00 a.m.

PostgreSQL < 8.4.4/8.3.11/8.2.17/8.1.21/8.0.25/7.4.29 Multiple Vulnerabilities

2010-05-1800:00:00
Tenable
www.tenable.com
12

The remote host is running PostgreSQL earlier than 8.4.4, 8.3.11, 8.2.17, 8.1.21, 8.0.25, or 7.4.29. Such versions are potentially affected by multiple vulnerabilities.

  • A vulnerability in Safe.pm and PL/Perl can allow an authenticated user to run arbitrary Perl code on the database server if PL/Perl is installed and enabled. (CVE-2010-1169)

  • Insecure permissions on the pltcl_modules table could allow an authenticated user to run arbitrary Tcl code on the database server i PL/Tcl is installed and enabled. (CVE-2010-1170)

  • The application does not properly check privileges during certain RESET ALL operations, which could allow a remote authenticated ser to remove arbitrary parameter settings via ALTER USER or ALTER DATABASE statements.

Binary data 5546.prm
VendorProductVersionCPE
postgresqlpostgresqlcpe:/a:postgresql:postgresql