Lucene search
This script is Copyright (C) 2005-2021 Tenable Network Security, Inc.MANDRAKE_MDKSA-2005-040.NASLHistoryFeb 18, 2005 - 12:00 a.m.
Mandrake Linux Security Advisory : postgresql (MDKSA-2005:040)
2005-02-1800:00:00
This script is Copyright (C) 2005-2021 Tenable Network Security, Inc.
www.tenable.com
10
A number of vulnerabilities were found and corrected in the PostgreSQL DBMS :
A flaw in the LOAD command could be abused by a local user to load arbitrary shared libraries and as a result execute arbitrary code with the privileges of the user running the postgresql server (CVE-2005-0227).
A permission checking flaw was found where a local user could bypass the EXECUTE permission check for functions using the CREATE AGGREGATE command (CVE-2005-0244).
Multiple buffer overflows were discovered in PL/PgSQL. A database user with permission to create plpgsql functions could trigger these flaws which could then lead to arbitrary code execution with the privileges of the user running the postgresql server (CVE-2005-0245 and CVE-2005-0247).
Finally, a flaw in the integer aggregator (intagg) contrib module was found. A user could create carefully crafted arrays and crash the server, causing a Denial of Service (CVE-2005-0246).
The updated packages have been patched to correct these problems.
#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Mandrake Linux Security Advisory MDKSA-2005:040.
# The text itself is copyright (C) Mandriva S.A.
#
include('deprecated_nasl_level.inc');
include('compat.inc');
if (description)
{
script_id(17139);
script_version("1.20");
script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/06");
script_cve_id("CVE-2005-0227", "CVE-2005-0244", "CVE-2005-0245", "CVE-2005-0246", "CVE-2005-0247");
script_xref(name:"MDKSA", value:"2005:040");
script_name(english:"Mandrake Linux Security Advisory : postgresql (MDKSA-2005:040)");
script_summary(english:"Checks rpm output for the updated packages");
script_set_attribute(
attribute:"synopsis",
value:
"The remote Mandrake Linux host is missing one or more security
updates."
);
script_set_attribute(
attribute:"description",
value:
"A number of vulnerabilities were found and corrected in the PostgreSQL
DBMS :
A flaw in the LOAD command could be abused by a local user to load
arbitrary shared libraries and as a result execute arbitrary code with
the privileges of the user running the postgresql server
(CVE-2005-0227).
A permission checking flaw was found where a local user could bypass
the EXECUTE permission check for functions using the CREATE AGGREGATE
command (CVE-2005-0244).
Multiple buffer overflows were discovered in PL/PgSQL. A database user
with permission to create plpgsql functions could trigger these flaws
which could then lead to arbitrary code execution with the privileges
of the user running the postgresql server (CVE-2005-0245 and
CVE-2005-0247).
Finally, a flaw in the integer aggregator (intagg) contrib module was
found. A user could create carefully crafted arrays and crash the
server, causing a Denial of Service (CVE-2005-0246).
The updated packages have been patched to correct these problems."
);
script_set_attribute(attribute:"solution", value:"Update the affected packages.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
script_cwe_id(94, 119, 264);
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64ecpg3");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64ecpg3-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64pgtcl2");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64pgtcl2-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64pq3");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64pq3-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:libecpg3");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:libecpg3-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:libpgtcl2");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:libpgtcl2-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:libpq3");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:libpq3-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:postgresql");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:postgresql-contrib");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:postgresql-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:postgresql-docs");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:postgresql-jdbc");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:postgresql-pl");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:postgresql-server");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:postgresql-tcl");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:postgresql-test");
script_set_attribute(attribute:"cpe", value:"cpe:/o:mandrakesoft:mandrake_linux:10.0");
script_set_attribute(attribute:"cpe", value:"cpe:/o:mandrakesoft:mandrake_linux:10.1");
script_set_attribute(attribute:"patch_publication_date", value:"2005/02/17");
script_set_attribute(attribute:"plugin_publication_date", value:"2005/02/18");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_copyright(english:"This script is Copyright (C) 2005-2021 Tenable Network Security, Inc.");
script_family(english:"Mandriva Local Security Checks");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/Mandrake/release", "Host/Mandrake/rpm-list");
exit(0);
}
include("audit.inc");
include("global_settings.inc");
include("rpm.inc");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (!get_kb_item("Host/Mandrake/release")) audit(AUDIT_OS_NOT, "Mandriva / Mandake Linux");
if (!get_kb_item("Host/Mandrake/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if (cpu !~ "^(amd64|i[3-6]86|x86_64)$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Mandriva / Mandrake Linux", cpu);
flag = 0;
if (rpm_check(release:"MDK10.0", cpu:"amd64", reference:"lib64ecpg3-7.4.1-2.3.100mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK10.0", cpu:"amd64", reference:"lib64ecpg3-devel-7.4.1-2.3.100mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK10.0", cpu:"amd64", reference:"lib64pgtcl2-7.4.1-2.3.100mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK10.0", cpu:"amd64", reference:"lib64pgtcl2-devel-7.4.1-2.3.100mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK10.0", cpu:"amd64", reference:"lib64pq3-7.4.1-2.3.100mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK10.0", cpu:"amd64", reference:"lib64pq3-devel-7.4.1-2.3.100mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK10.0", cpu:"i386", reference:"libecpg3-7.4.1-2.3.100mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK10.0", cpu:"i386", reference:"libecpg3-devel-7.4.1-2.3.100mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK10.0", cpu:"i386", reference:"libpgtcl2-7.4.1-2.3.100mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK10.0", cpu:"i386", reference:"libpgtcl2-devel-7.4.1-2.3.100mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK10.0", cpu:"i386", reference:"libpq3-7.4.1-2.3.100mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK10.0", cpu:"i386", reference:"libpq3-devel-7.4.1-2.3.100mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK10.0", reference:"postgresql-7.4.1-2.3.100mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK10.0", reference:"postgresql-contrib-7.4.1-2.3.100mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK10.0", reference:"postgresql-devel-7.4.1-2.3.100mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK10.0", reference:"postgresql-docs-7.4.1-2.3.100mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK10.0", reference:"postgresql-jdbc-7.4.1-2.3.100mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK10.0", reference:"postgresql-pl-7.4.1-2.3.100mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK10.0", reference:"postgresql-server-7.4.1-2.3.100mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK10.0", reference:"postgresql-tcl-7.4.1-2.3.100mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK10.0", reference:"postgresql-test-7.4.1-2.3.100mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK10.1", cpu:"x86_64", reference:"lib64ecpg3-7.4.5-4.2.101mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK10.1", cpu:"x86_64", reference:"lib64ecpg3-devel-7.4.5-4.2.101mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK10.1", cpu:"x86_64", reference:"lib64pgtcl2-7.4.5-4.2.101mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK10.1", cpu:"x86_64", reference:"lib64pgtcl2-devel-7.4.5-4.2.101mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK10.1", cpu:"x86_64", reference:"lib64pq3-7.4.5-4.2.101mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK10.1", cpu:"x86_64", reference:"lib64pq3-devel-7.4.5-4.2.101mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK10.1", cpu:"i386", reference:"libecpg3-7.4.5-4.2.101mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK10.1", cpu:"i386", reference:"libecpg3-devel-7.4.5-4.2.101mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK10.1", cpu:"i386", reference:"libpgtcl2-7.4.5-4.2.101mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK10.1", cpu:"i386", reference:"libpgtcl2-devel-7.4.5-4.2.101mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK10.1", cpu:"i386", reference:"libpq3-7.4.5-4.2.101mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK10.1", cpu:"i386", reference:"libpq3-devel-7.4.5-4.2.101mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK10.1", reference:"postgresql-7.4.5-4.2.101mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK10.1", reference:"postgresql-contrib-7.4.5-4.2.101mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK10.1", reference:"postgresql-devel-7.4.5-4.2.101mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK10.1", reference:"postgresql-docs-7.4.5-4.2.101mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK10.1", reference:"postgresql-jdbc-7.4.5-4.2.101mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK10.1", reference:"postgresql-pl-7.4.5-4.2.101mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK10.1", reference:"postgresql-server-7.4.5-4.2.101mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK10.1", reference:"postgresql-tcl-7.4.5-4.2.101mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK10.1", reference:"postgresql-test-7.4.5-4.2.101mdk", yank:"mdk")) flag++;
if (flag)
{
if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
else security_hole(0);
exit(0);
}
else audit(AUDIT_HOST_NOT, "affected");
| Vendor | Product | Version | CPE |
|---|---|---|---|
| mandriva | linux | lib64ecpg3 | p-cpe:/a:mandriva:linux:lib64ecpg3 |
| mandriva | linux | lib64ecpg3-devel | p-cpe:/a:mandriva:linux:lib64ecpg3-devel |
| mandriva | linux | lib64pgtcl2 | p-cpe:/a:mandriva:linux:lib64pgtcl2 |
| mandriva | linux | lib64pgtcl2-devel | p-cpe:/a:mandriva:linux:lib64pgtcl2-devel |
| mandriva | linux | lib64pq3 | p-cpe:/a:mandriva:linux:lib64pq3 |
| mandriva | linux | lib64pq3-devel | p-cpe:/a:mandriva:linux:lib64pq3-devel |
| mandriva | linux | libecpg3 | p-cpe:/a:mandriva:linux:libecpg3 |
| mandriva | linux | libecpg3-devel | p-cpe:/a:mandriva:linux:libecpg3-devel |
| mandriva | linux | libpgtcl2 | p-cpe:/a:mandriva:linux:libpgtcl2 |
| mandriva | linux | libpgtcl2-devel | p-cpe:/a:mandriva:linux:libpgtcl2-devel |
Related
nessus
nessus
RHEL 4 : postgresql (RHSA-2005:138)
2005-02-22 00:00:00
PostgreSQL < 7.2.7 / 7.3.9 / 7.4.7 / 8.0.1 Multiple Vulnerabilities
2005-02-03 00:00:00
RHEL 3 : rh-postgresql (RHSA-2005:141)
2005-02-14 00:00:00
openvas
openvas
SLES9: Security update for postgresql
2009-10-10 00:00:00
SLES9: Security update for postgresql
2009-10-10 00:00:00
FreeBSD Ports: postgresql, postgresql-server, ja-postgresql
2008-09-04 00:00:00
redhat
redhat
(RHSA-2005:141) rh-postgresql security update
2005-02-14 00:00:00
(RHSA-2005:138) postgresql security update
2005-02-15 00:00:00
(RHSA-2005:150) postgresql security update
2005-02-16 00:00:00
gentoo
gentoo
PostgreSQL: Multiple vulnerabilities
2005-02-07 00:00:00
PostgreSQL: Buffer overflows in PL/PgSQL parser
2005-02-14 00:00:00
ubuntu
ubuntu
PostgreSQL vulnerabilities
2005-02-11 00:00:00
freebsd
freebsd
postgresql -- multiple vulnerabilities
2005-02-01 00:00:00
postgresql -- privilege escalation vulnerability
2005-01-21 00:00:00
postgresql -- multiple buffer overflows in PL/PgSQL parser
2005-02-07 00:00:00
debian
debian
[SECURITY] [DSA 683-1] New postgresql packages fix arbitrary code execution
2005-02-15 16:03:24
[SECURITY] [DSA 683-1] New postgresql packages fix arbitrary code execution
2005-02-15 16:03:24
ubuntucve
ubuntucve
cve
cve
osv
osv
postgresql - buffer overflows
2005-02-15 00:00:00
postgresql - privilege escalation
2005-02-04 00:00:00
postgresql
postgresql
Vulnerability in contrib module (CVE-2005-0246)
2005-05-02 04:00:00
Vulnerability in core server (CVE-2005-0245)
2005-02-01 05:00:00
Vulnerability in core server (CVE-2005-0227)
2005-05-02 04:00:00
suse
suse
remote code execution in postgresql
2005-04-20 08:52:32
race condition, arbitrary code execution in sudo
2005-06-24 12:44:43
remote code execution in cvs
2005-04-18 14:31:00
securityvulns
securityvulns
[Full-disclosure] SUSE Security Announcement: cvs (SUSE-SA:2005:024)
2005-04-18 00:00:00
Related for MANDRAKE_MDKSA-2005-040.NASL