The remote host is running PostgreSQL earlier than 8.4.4, 8.3.11, 8.2.17, 8.1.21, 8.0.25, or 7.4.29. Such versions are potentially affected by multiple vulnerabilities.
A vulnerability in Safe.pm and PL/Perl can allow an authenticated user to run arbitrary Perl code on the database server if PL/Perl is installed and enabled. (CVE-2010-1169)
Insecure permissions on the pltcl_modules table could allow an authenticated user to run arbitrary Tcl code on the database server i PL/Tcl is installed and enabled. (CVE-2010-1170)
The application does not properly check privileges during certain RESET ALL operations, which could allow a remote authenticated ser to remove arbitrary parameter settings via ALTER USER or ALTER DATABASE statements.
Binary data 5546.prm
Vendor | Product | Version | CPE |
---|---|---|---|
postgresql | postgresql | cpe:/a:postgresql:postgresql |