ID SUSE_SA_2002_038.NASL Type nessus Reporter This script is Copyright (C) 2004-2021 Tenable Network Security, Inc. Modified 2004-07-25T00:00:00
Description
The remote host is missing the patch for the advisory SUSE-SA:2002:038 (postgresql).
The PostgreSQL Object-Relational DBMS was found vulnerable to several
security related buffer overflow problems.
The buffer overflows are located in:
* handling long datetime input
* lpad() and rpad() function with multibyte
* repeat() function
* TZ and SET TIME ZONE environment variables
These bugs could just be exploited by attackers who have access to the
postgresql server to gain the privileges postgres user ID .
The PostgreSQL package is not installed by default.
A temporary fix is not known.
Please download the update package for your distribution and verify its
integrity by the methods listed in section 3) of this announcement.
Then, install the package using the command 'rpm -Fhv file.rpm' to apply
the update.
#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# This plugin text was extracted from SuSE Security Advisory SUSE-SA:2002:038
#
if ( ! defined_func("bn_random") ) exit(0);
include('deprecated_nasl_level.inc');
include('compat.inc');
if(description)
{
script_id(13759);
script_version("1.13");
script_cve_id("CVE-2002-0972");
name["english"] = "SUSE-SA:2002:038: postgresql";
script_name(english:name["english"]);
script_set_attribute(attribute:"synopsis", value:
"The remote host is missing a vendor-supplied security patch" );
script_set_attribute(attribute:"description", value:
"The remote host is missing the patch for the advisory SUSE-SA:2002:038 (postgresql).
The PostgreSQL Object-Relational DBMS was found vulnerable to several
security related buffer overflow problems.
The buffer overflows are located in:
* handling long datetime input
* lpad() and rpad() function with multibyte
* repeat() function
* TZ and SET TIME ZONE environment variables
These bugs could just be exploited by attackers who have access to the
postgresql server to gain the privileges postgres user ID .
The PostgreSQL package is not installed by default.
A temporary fix is not known.
Please download the update package for your distribution and verify its
integrity by the methods listed in section 3) of this announcement.
Then, install the package using the command 'rpm -Fhv file.rpm' to apply
the update." );
script_set_attribute(attribute:"solution", value:
"http://www.suse.de/security/2002_038_postgresql.html" );
script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P");
script_set_attribute(attribute:"plugin_publication_date", value: "2004/07/25");
script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/14");
script_end_attributes();
summary["english"] = "Check for the version of the postgresql package";
script_summary(english:summary["english"]);
script_category(ACT_GATHER_INFO);
script_copyright(english:"This script is Copyright (C) 2004-2021 Tenable Network Security, Inc.");
family["english"] = "SuSE Local Security Checks";
script_family(english:family["english"]);
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/SuSE/rpm-list");
exit(0);
}
include("rpm.inc");
if ( rpm_check( reference:"postgresql-libs-7.1.3-116", release:"SUSE7.3") )
{
security_warning(0);
exit(0);
}
if ( rpm_check( reference:"postgresql-7.1.3-116", release:"SUSE7.3") )
{
security_warning(0);
exit(0);
}
if ( rpm_check( reference:"postgresql-contrib-7.1.3-116", release:"SUSE7.3") )
{
security_warning(0);
exit(0);
}
if ( rpm_check( reference:"postgresql-devel-7.1.3-116", release:"SUSE7.3") )
{
security_warning(0);
exit(0);
}
if ( rpm_check( reference:"postgresql-docs-7.1.3-116", release:"SUSE7.3") )
{
security_warning(0);
exit(0);
}
if ( rpm_check( reference:"postgresql-jdbc-7.1.3-116", release:"SUSE7.3") )
{
security_warning(0);
exit(0);
}
if ( rpm_check( reference:"postgresql-odbc-7.1.3-116", release:"SUSE7.3") )
{
security_warning(0);
exit(0);
}
if ( rpm_check( reference:"postgresql-perl-7.1.3-116", release:"SUSE7.3") )
{
security_warning(0);
exit(0);
}
if ( rpm_check( reference:"postgresql-python-7.1.3-116", release:"SUSE7.3") )
{
security_warning(0);
exit(0);
}
if ( rpm_check( reference:"postgresql-server-7.1.3-116", release:"SUSE7.3") )
{
security_warning(0);
exit(0);
}
if ( rpm_check( reference:"postgresql-tcl-7.1.3-116", release:"SUSE7.3") )
{
security_warning(0);
exit(0);
}
if ( rpm_check( reference:"postgresql-test-7.1.3-116", release:"SUSE7.3") )
{
security_warning(0);
exit(0);
}
if ( rpm_check( reference:"postgresql-tk-7.1.3-116", release:"SUSE7.3") )
{
security_warning(0);
exit(0);
}
if ( rpm_check( reference:"postgresql-libs-7.2-103", release:"SUSE8.0") )
{
security_warning(0);
exit(0);
}
if ( rpm_check( reference:"postgresql-7.2-103", release:"SUSE8.0") )
{
security_warning(0);
exit(0);
}
if ( rpm_check( reference:"postgresql-contrib-7.2-103", release:"SUSE8.0") )
{
security_warning(0);
exit(0);
}
if ( rpm_check( reference:"postgresql-devel-7.2-103", release:"SUSE8.0") )
{
security_warning(0);
exit(0);
}
if ( rpm_check( reference:"postgresql-docs-7.2-103", release:"SUSE8.0") )
{
security_warning(0);
exit(0);
}
if ( rpm_check( reference:"postgresql-jdbc-7.2-103", release:"SUSE8.0") )
{
security_warning(0);
exit(0);
}
if ( rpm_check( reference:"postgresql-odbc-7.2-103", release:"SUSE8.0") )
{
security_warning(0);
exit(0);
}
if ( rpm_check( reference:"postgresql-perl-7.2-103", release:"SUSE8.0") )
{
security_warning(0);
exit(0);
}
if ( rpm_check( reference:"postgresql-python-7.2-103", release:"SUSE8.0") )
{
security_warning(0);
exit(0);
}
if ( rpm_check( reference:"postgresql-server-7.2-103", release:"SUSE8.0") )
{
security_warning(0);
exit(0);
}
if ( rpm_check( reference:"postgresql-tcl-7.2-103", release:"SUSE8.0") )
{
security_warning(0);
exit(0);
}
if ( rpm_check( reference:"postgresql-test-7.2-103", release:"SUSE8.0") )
{
security_warning(0);
exit(0);
}
if ( rpm_check( reference:"postgresql-tk-7.2-103", release:"SUSE8.0") )
{
security_warning(0);
exit(0);
}
if (rpm_exists(rpm:"postgresql-", release:"SUSE7.3")
|| rpm_exists(rpm:"postgresql-", release:"SUSE8.0") )
{
set_kb_item(name:"CVE-2002-0972", value:TRUE);
}
{"id": "SUSE_SA_2002_038.NASL", "bulletinFamily": "scanner", "title": "SUSE-SA:2002:038: postgresql", "description": "The remote host is missing the patch for the advisory SUSE-SA:2002:038 (postgresql).\n\n\nThe PostgreSQL Object-Relational DBMS was found vulnerable to several\nsecurity related buffer overflow problems.\nThe buffer overflows are located in:\n* handling long datetime input\n* lpad() and rpad() function with multibyte\n* repeat() function\n* TZ and SET TIME ZONE environment variables\nThese bugs could just be exploited by attackers who have access to the\npostgresql server to gain the privileges postgres user ID .\n\nThe PostgreSQL package is not installed by default.\nA temporary fix is not known.\n\nPlease download the update package for your distribution and verify its\nintegrity by the methods listed in section 3) of this announcement.\nThen, install the package using the command 'rpm -Fhv file.rpm' to apply\nthe update.", "published": "2004-07-25T00:00:00", "modified": "2004-07-25T00:00:00", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}, "href": "https://www.tenable.com/plugins/nessus/13759", "reporter": "This script is Copyright (C) 2004-2021 Tenable Network Security, Inc.", "references": [], "cvelist": ["CVE-2002-0972"], "type": "nessus", "lastseen": "2021-01-17T14:14:42", "edition": 24, "viewCount": 4, "enchantments": {"dependencies": {"references": [{"type": "cve", "idList": ["CVE-2002-0972"]}, {"type": "osvdb", "idList": ["OSVDB:9503"]}, {"type": "openvas", "idList": ["OPENVAS:53421"]}, {"type": "debian", "idList": ["DEBIAN:DSA-165-1:CF4E4"]}, {"type": "suse", "idList": ["SUSE-SA:2002:038", "SUSE-SA:2002:039"]}, {"type": "redhat", "idList": ["RHSA-2002:301"]}, {"type": "nessus", "idList": ["MANDRAKE_MDKSA-2002-062.NASL", "DEBIAN_DSA-165.NASL", "REDHAT-RHSA-2002-301.NASL"]}], "modified": "2021-01-17T14:14:42", "rev": 2}, "score": {"value": 6.9, "vector": "NONE", "modified": "2021-01-17T14:14:42", "rev": 2}, "vulnersScore": 6.9}, "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# This plugin text was extracted from SuSE Security Advisory SUSE-SA:2002:038\n#\n\n\nif ( ! defined_func(\"bn_random\") ) exit(0);\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif(description)\n{\n script_id(13759);\n script_version(\"1.13\");\n script_cve_id(\"CVE-2002-0972\");\n \n name[\"english\"] = \"SUSE-SA:2002:038: postgresql\";\n \n script_name(english:name[\"english\"]);\n \n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote host is missing a vendor-supplied security patch\" );\n script_set_attribute(attribute:\"description\", value:\n\"The remote host is missing the patch for the advisory SUSE-SA:2002:038 (postgresql).\n\n\nThe PostgreSQL Object-Relational DBMS was found vulnerable to several\nsecurity related buffer overflow problems.\nThe buffer overflows are located in:\n* handling long datetime input\n* lpad() and rpad() function with multibyte\n* repeat() function\n* TZ and SET TIME ZONE environment variables\nThese bugs could just be exploited by attackers who have access to the\npostgresql server to gain the privileges postgres user ID .\n\nThe PostgreSQL package is not installed by default.\nA temporary fix is not known.\n\nPlease download the update package for your distribution and verify its\nintegrity by the methods listed in section 3) of this announcement.\nThen, install the package using the command 'rpm -Fhv file.rpm' to apply\nthe update.\" );\n script_set_attribute(attribute:\"solution\", value:\n\"http://www.suse.de/security/2002_038_postgresql.html\" );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P\");\n\n\n\n\n script_set_attribute(attribute:\"plugin_publication_date\", value: \"2004/07/25\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n script_end_attributes();\n\n \n summary[\"english\"] = \"Check for the version of the postgresql package\";\n script_summary(english:summary[\"english\"]);\n \n script_category(ACT_GATHER_INFO);\n \n script_copyright(english:\"This script is Copyright (C) 2004-2021 Tenable Network Security, Inc.\");\n family[\"english\"] = \"SuSE Local Security Checks\";\n script_family(english:family[\"english\"]);\n \n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/SuSE/rpm-list\");\n exit(0);\n}\n\ninclude(\"rpm.inc\");\nif ( rpm_check( reference:\"postgresql-libs-7.1.3-116\", release:\"SUSE7.3\") )\n{\n security_warning(0);\n exit(0);\n}\nif ( rpm_check( reference:\"postgresql-7.1.3-116\", release:\"SUSE7.3\") )\n{\n security_warning(0);\n exit(0);\n}\nif ( rpm_check( reference:\"postgresql-contrib-7.1.3-116\", release:\"SUSE7.3\") )\n{\n security_warning(0);\n exit(0);\n}\nif ( rpm_check( reference:\"postgresql-devel-7.1.3-116\", release:\"SUSE7.3\") )\n{\n security_warning(0);\n exit(0);\n}\nif ( rpm_check( reference:\"postgresql-docs-7.1.3-116\", release:\"SUSE7.3\") )\n{\n security_warning(0);\n exit(0);\n}\nif ( rpm_check( reference:\"postgresql-jdbc-7.1.3-116\", release:\"SUSE7.3\") )\n{\n security_warning(0);\n exit(0);\n}\nif ( rpm_check( reference:\"postgresql-odbc-7.1.3-116\", release:\"SUSE7.3\") )\n{\n security_warning(0);\n exit(0);\n}\nif ( rpm_check( reference:\"postgresql-perl-7.1.3-116\", release:\"SUSE7.3\") )\n{\n security_warning(0);\n exit(0);\n}\nif ( rpm_check( reference:\"postgresql-python-7.1.3-116\", release:\"SUSE7.3\") )\n{\n security_warning(0);\n exit(0);\n}\nif ( rpm_check( reference:\"postgresql-server-7.1.3-116\", release:\"SUSE7.3\") )\n{\n security_warning(0);\n exit(0);\n}\nif ( rpm_check( reference:\"postgresql-tcl-7.1.3-116\", release:\"SUSE7.3\") )\n{\n security_warning(0);\n exit(0);\n}\nif ( rpm_check( reference:\"postgresql-test-7.1.3-116\", release:\"SUSE7.3\") )\n{\n security_warning(0);\n exit(0);\n}\nif ( rpm_check( reference:\"postgresql-tk-7.1.3-116\", release:\"SUSE7.3\") )\n{\n security_warning(0);\n exit(0);\n}\nif ( rpm_check( reference:\"postgresql-libs-7.2-103\", release:\"SUSE8.0\") )\n{\n security_warning(0);\n exit(0);\n}\nif ( rpm_check( reference:\"postgresql-7.2-103\", release:\"SUSE8.0\") )\n{\n security_warning(0);\n exit(0);\n}\nif ( rpm_check( reference:\"postgresql-contrib-7.2-103\", release:\"SUSE8.0\") )\n{\n security_warning(0);\n exit(0);\n}\nif ( rpm_check( reference:\"postgresql-devel-7.2-103\", release:\"SUSE8.0\") )\n{\n security_warning(0);\n exit(0);\n}\nif ( rpm_check( reference:\"postgresql-docs-7.2-103\", release:\"SUSE8.0\") )\n{\n security_warning(0);\n exit(0);\n}\nif ( rpm_check( reference:\"postgresql-jdbc-7.2-103\", release:\"SUSE8.0\") )\n{\n security_warning(0);\n exit(0);\n}\nif ( rpm_check( reference:\"postgresql-odbc-7.2-103\", release:\"SUSE8.0\") )\n{\n security_warning(0);\n exit(0);\n}\nif ( rpm_check( reference:\"postgresql-perl-7.2-103\", release:\"SUSE8.0\") )\n{\n security_warning(0);\n exit(0);\n}\nif ( rpm_check( reference:\"postgresql-python-7.2-103\", release:\"SUSE8.0\") )\n{\n security_warning(0);\n exit(0);\n}\nif ( rpm_check( reference:\"postgresql-server-7.2-103\", release:\"SUSE8.0\") )\n{\n security_warning(0);\n exit(0);\n}\nif ( rpm_check( reference:\"postgresql-tcl-7.2-103\", release:\"SUSE8.0\") )\n{\n security_warning(0);\n exit(0);\n}\nif ( rpm_check( reference:\"postgresql-test-7.2-103\", release:\"SUSE8.0\") )\n{\n security_warning(0);\n exit(0);\n}\nif ( rpm_check( reference:\"postgresql-tk-7.2-103\", release:\"SUSE8.0\") )\n{\n security_warning(0);\n exit(0);\n}\nif (rpm_exists(rpm:\"postgresql-\", release:\"SUSE7.3\")\n || rpm_exists(rpm:\"postgresql-\", release:\"SUSE8.0\") )\n{\n set_kb_item(name:\"CVE-2002-0972\", value:TRUE);\n}\n", "naslFamily": "SuSE Local Security Checks", "pluginID": "13759", "cpe": [], "scheme": null}
{"cve": [{"lastseen": "2021-02-02T05:19:06", "description": "Buffer overflows in PostgreSQL 7.2 allow attackers to cause a denial of service and possibly execute arbitrary code via long arguments to the functions (1) lpad or (2) rpad.", "edition": 4, "cvss3": {}, "published": "2002-09-24T04:00:00", "title": "CVE-2002-0972", "type": "cve", "cwe": ["NVD-CWE-Other"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": true, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 4.6, "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2002-0972"], "modified": "2016-10-18T02:23:00", "cpe": ["cpe:/a:postgresql:postgresql:7.2.1", "cpe:/a:postgresql:postgresql:7.1.2", "cpe:/a:postgresql:postgresql:7.1.1", "cpe:/a:postgresql:postgresql:6.5.3", "cpe:/a:postgresql:postgresql:7.1", "cpe:/a:postgresql:postgresql:6.3.2", "cpe:/a:postgresql:postgresql:7.2"], "id": "CVE-2002-0972", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2002-0972", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:a:postgresql:postgresql:6.5.3:*:*:*:*:*:*:*", "cpe:2.3:a:postgresql:postgresql:7.1:*:*:*:*:*:*:*", "cpe:2.3:a:postgresql:postgresql:7.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:postgresql:postgresql:7.2.1:*:*:*:*:*:*:*", "cpe:2.3:a:postgresql:postgresql:7.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:postgresql:postgresql:6.3.2:*:*:*:*:*:*:*", "cpe:2.3:a:postgresql:postgresql:7.2:*:*:*:*:*:*:*"]}], "osvdb": [{"lastseen": "2017-04-28T13:20:04", "bulletinFamily": "software", "cvelist": ["CVE-2002-0972"], "edition": 1, "description": "# No description provided by the source\n\n## References:\nMail List Post: http://archives.neohapsis.com/archives/bugtraq/2002-08/0205.html\nMail List Post: http://archives.neohapsis.com/archives/bugtraq/2002-08/0258.html\nISS X-Force ID: 9927\n[CVE-2002-0972](https://vulners.com/cve/CVE-2002-0972)\nBugtraq ID: 5528\n", "modified": "2002-08-20T00:00:00", "published": "2002-08-20T00:00:00", "id": "OSVDB:9503", "href": "https://vulners.com/osvdb/OSVDB:9503", "title": "PostgreSQL Multiple Function Long Argument Overflow", "type": "osvdb", "cvss": {"score": 4.6, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "openvas": [{"lastseen": "2017-07-24T12:49:50", "bulletinFamily": "scanner", "cvelist": ["CVE-2002-0972"], "description": "The remote host is missing an update to postgresql\nannounced via advisory DSA 165-1.", "modified": "2017-07-07T00:00:00", "published": "2008-01-17T00:00:00", "id": "OPENVAS:53421", "href": "http://plugins.openvas.org/nasl.php?oid=53421", "type": "openvas", "title": "Debian Security Advisory DSA 165-1 (postgresql)", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_165_1.nasl 6616 2017-07-07 12:10:49Z cfischer $\n# Description: Auto-generated from advisory DSA 165-1\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largerly excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Mordred Labs and others found several vulnerabilities in PostgreSQL,\nan object-relational SQL database. They are inherited from several\nbuffer overflows and integer overflows. Specially crafted long date\nand time input, currency, repeat data and long timezone names could\ncause the PostgreSQL server to crash as well as specially crafted\ninput data for lpad() and rpad(). More buffer/integer overflows were\nfound in circle_poly(), path_encode() and path_addr().\n\nExcept for the last three, these problems are fixed in the upstream\nrelease 7.2.2 of PostgreSQL which is the recommended version to use.\n\nMost of these problems do not exist in the version of PostgreSQL that\nDebian ships in the potato release since the corresponding\nfunctionality is not yet implemented. However, PostgreSQL 6.5.3 is\nquite old and may bear more risks than we are aware of, which may\ninclude further buffer overflows, and certainly include bugs that\nthreaten the integrity of your data.\n\nYou are strongly advised not to use this release but to upgrade your\nsystem to Debian 3.0 (stable) including PostgreSQL release 7.2.1\ninstead, where many bugs have been fixed and new features introduced\nto increase compatibility with the SQL standards.\n\nIf you consider an upgrade, please make sure to dump the entire\ndatabase system using the pg_dumpall utility. Please take into\nconsideration that the newer PostgreSQL is more strict in its input\nhandling. This means that tests line foo = NULL which are not valid\nwon't be accepted anymore. It also means that when using UNICODE\nencoding, ISO 8859-1 and ISO 8859-15 are no longer valid incoding to\nuse when inserting data into the relation. In such a case you are\nadvised to convert the dump in question using recode latin1..utf-16.\n\nThese problems have been fixed in version 7.2.1-2woody2 for the\ncurrent stable distribution (woody) and in version 7.2.2-2 for the\nunstable distribution (sid). The old stable distribution (potato) is\npartially affected and we ship a fixed version 6.5.3-27.2 for it.\n\nWe recommend that you upgrade your PostgreSQL packages.\";\ntag_summary = \"The remote host is missing an update to postgresql\nannounced via advisory DSA 165-1.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%20165-1\";\n\nif(description)\n{\n script_id(53421);\n script_version(\"$Revision: 6616 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 14:10:49 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2008-01-17 22:24:46 +0100 (Thu, 17 Jan 2008)\");\n script_cve_id(\"CVE-2002-0972\");\n script_tag(name:\"cvss_base\", value:\"4.6\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"Debian Security Advisory DSA 165-1 (postgresql)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"postgresql-doc\", ver:\"6.5.3-27.2\", rls:\"DEB2.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"postgresql\", ver:\"6.5.3-27.2\", rls:\"DEB2.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"postgresql-client\", ver:\"6.5.3-27.2\", rls:\"DEB2.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"postgresql-contrib\", ver:\"6.5.3-27.2\", rls:\"DEB2.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"postgresql-dev\", ver:\"6.5.3-27.2\", rls:\"DEB2.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"postgresql-doc\", ver:\"7.2.1-2woody2\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"postgresql\", ver:\"7.2.1-2woody2\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"postgresql-client\", ver:\"7.2.1-2woody2\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"postgresql-contrib\", ver:\"7.2.1-2woody2\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"postgresql-dev\", ver:\"7.2.1-2woody2\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 4.6, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "debian": [{"lastseen": "2019-05-30T02:21:53", "bulletinFamily": "unix", "cvelist": ["CVE-2002-0972"], "description": "- --------------------------------------------------------------------------\nDebian Security Advisory DSA 165-1 security@debian.org\nhttp://www.debian.org/security/ Martin Schulze\nSeptember 12th, 2002 http://www.debian.org/security/faq\n- --------------------------------------------------------------------------\n\nPackage : postgresql\nVulnerability : buffer overflows\nProblem-Type : remote\nDebian-specific: no\nCVE Id : CAN-2002-0972\n\nMordred Labs and others found several vulnerabilities in PostgreSQL,\nan object-relational SQL database. They are inherited from several\nbuffer overflows and integer overflows. Specially crafted long date\nand time input, currency, repeat data and long timezone names could\ncause the PostgreSQL server to crash as well as specially crafted\ninput data for lpad() and rpad(). More buffer/integer overflows were\nfound in circle_poly(), path_encode() and path_addr().\n\nExcept for the last three, these problems are fixed in the upstream\nrelease 7.2.2 of PostgreSQL which is the recommended version to use.\n\nMost of these problems do not exist in the version of PostgreSQL that\nDebian ships in the potato release since the corresponding\nfunctionality is not yet implemented. However, PostgreSQL 6.5.3 is\nquite old and may bear more risks than we are aware of, which may\ninclude further buffer overflows, and certainly include bugs that\nthreaten the integrity of your data.\n\nYou are strongly advised not to use this release but to upgrade your\nsystem to Debian 3.0 (stable) including PostgreSQL release 7.2.1\ninstead, where many bugs have been fixed and new features introduced\nto increase compatibility with the SQL standards.\n\nIf you consider an upgrade, please make sure to dump the entire\ndatabase system using the pg_dumpall utility. Please take into\nconsideration that the newer PostgreSQL is more strict in its input\nhandling. This means that tests line "foo = NULL" which are not valid\nwon't be accepted anymore. It also means that when using UNICODE\nencoding, ISO 8859-1 and ISO 8859-15 are no longer valid incoding to\nuse when inserting data into the relation. In such a case you are\nadvised to convert the dump in question using recode latin1..utf-16.\n\nThese problems have been fixed in version 7.2.1-2woody2 for the\ncurrent stable distribution (woody) and in version 7.2.2-2 for the\nunstable distribution (sid). The old stable distribution (potato) is\npartially affected and we ship a fixed version 6.5.3-27.2 for it.\n\nWe recommend that you upgrade your PostgreSQL packages.\n\nwget url\n will fetch the file for you\ndpkg -i file.deb\n will install the referenced file.\n\nIf you are using the apt-get package manager, use the line for\nsources.list as given below:\n\napt-get update\n will update the internal database\napt-get upgrade\n will install corrected packages\n\nYou may use an automated update by adding the resources from the\nfooter to the proper configuration.\n\n\nDebian GNU/Linux 2.2 alias potato\n- ---------------------------------\n\n Source archives:\n\n http://security.debian.org/pool/updates/main/p/postgresql/postgresql_6.5.3-27.2.dsc\n Size/MD5 checksum: 898 0c0e93f2ccf5ce9facc4a465b6292cd8\n http://security.debian.org/pool/updates/main/p/postgresql/postgresql_6.5.3-27.2.diff.gz\n Size/MD5 checksum: 156968 5f2ef24ed154bd4de57dc5726ac3cc86\n http://security.debian.org/pool/updates/main/p/postgresql/postgresql_6.5.3.orig.tar.gz\n Size/MD5 checksum: 6833791 098d1ee4316500a2d033ced3ebd5b831\n\n Architecture independent components:\n\n http://security.debian.org/pool/updates/main/p/postgresql/postgresql-doc_6.5.3-27.2_all.deb\n Size/MD5 checksum: 2174496 79be7470e7ed11d31a42fc39c9a2d31c\n\n Alpha architecture:\n\n http://security.debian.org/pool/updates/main/p/postgresql/postgresql_6.5.3-27.2_alpha.deb\n Size/MD5 checksum: 881594 8e998e45147625c1193cdd2d76ce2180\n http://security.debian.org/pool/updates/main/p/postgresql/postgresql-client_6.5.3-27.2_alpha.deb\n Size/MD5 checksum: 99800 de594d91602d7488e15b17c791177b3c\n http://security.debian.org/pool/updates/main/p/postgresql/postgresql-contrib_6.5.3-27.2_alpha.deb\n Size/MD5 checksum: 105720 fb4db53673387a3d2316be3c2c712553\n http://security.debian.org/pool/updates/main/p/postgresql/postgresql-dev_6.5.3-27.2_alpha.deb\n Size/MD5 checksum: 263928 9236097a2fd2563f553eddc1837dcec0\n\n ARM architecture:\n\n http://security.debian.org/pool/updates/main/p/postgresql/postgresql_6.5.3-27.2_arm.deb\n Size/MD5 checksum: 722526 007e62202fdc2e90e035089dffd72b14\n http://security.debian.org/pool/updates/main/p/postgresql/postgresql-client_6.5.3-27.2_arm.deb\n Size/MD5 checksum: 89978 fcf9df5c2492ab78004327e001ef2c1f\n http://security.debian.org/pool/updates/main/p/postgresql/postgresql-contrib_6.5.3-27.2_arm.deb\n Size/MD5 checksum: 97820 01a66c480ee709733b28fe052f2c2374\n http://security.debian.org/pool/updates/main/p/postgresql/postgresql-dev_6.5.3-27.2_arm.deb\n Size/MD5 checksum: 239052 971adf428f0eb32f57e6ac028f653c2d\n\n Intel IA-32 architecture:\n\n http://security.debian.org/pool/updates/main/p/postgresql/postgresql_6.5.3-27.2_i386.deb\n Size/MD5 checksum: 687334 8b448ec3a6c1e6cd52bca10b5cc48cc3\n http://security.debian.org/pool/updates/main/p/postgresql/postgresql-client_6.5.3-27.2_i386.deb\n Size/MD5 checksum: 88128 4d3b874a135665ff355001fada0fddef\n http://security.debian.org/pool/updates/main/p/postgresql/postgresql-contrib_6.5.3-27.2_i386.deb\n Size/MD5 checksum: 95942 0ebcebc831c984a7b18d61cbed5875a0\n http://security.debian.org/pool/updates/main/p/postgresql/postgresql-dev_6.5.3-27.2_i386.deb\n Size/MD5 checksum: 233256 a15449922f2ac541b2ef6c5d108c9e80\n\n Motorola 680x0 architecture:\n\n http://security.debian.org/pool/updates/main/p/postgresql/postgresql_6.5.3-27.2_m68k.deb\n Size/MD5 checksum: 648568 04bfd07630393444bf0fe0fe9cddec46\n http://security.debian.org/pool/updates/main/p/postgresql/postgresql-client_6.5.3-27.2_m68k.deb\n Size/MD5 checksum: 83542 13ff333a8d436d4c35a9edbcf609c695\n http://security.debian.org/pool/updates/main/p/postgresql/postgresql-contrib_6.5.3-27.2_m68k.deb\n Size/MD5 checksum: 95810 dbe390fa02b7e6fd8c851504e9ee038f\n http://security.debian.org/pool/updates/main/p/postgresql/postgresql-dev_6.5.3-27.2_m68k.deb\n Size/MD5 checksum: 231918 20a4eb3180cae532ecbcd0746606c324\n\n PowerPC architecture:\n\n http://security.debian.org/pool/updates/main/p/postgresql/postgresql_6.5.3-27.2_powerpc.deb\n Size/MD5 checksum: 730152 1e02e009522175777d1e07baadf19278\n http://security.debian.org/pool/updates/main/p/postgresql/postgresql-client_6.5.3-27.2_powerpc.deb\n Size/MD5 checksum: 87736 3ebcf8ca5a0865b5098cd38a5bd21330\n http://security.debian.org/pool/updates/main/p/postgresql/postgresql-contrib_6.5.3-27.2_powerpc.deb\n Size/MD5 checksum: 99108 f18306dbdc39f59fec68ebe698200b24\n http://security.debian.org/pool/updates/main/p/postgresql/postgresql-dev_6.5.3-27.2_powerpc.deb\n Size/MD5 checksum: 251990 c55b7e233046b78b82f14312b3bd7ef5\n\n Sun Sparc architecture:\n\n\n http://security.debian.org/pool/updates/main/p/postgresql/postgresql_6.5.3-27.2_sparc.deb\n Size/MD5 checksum: 715944 7508c6790fa0a27d2c1f0e3aeee05a7a\n http://security.debian.org/pool/updates/main/p/postgresql/postgresql-client_6.5.3-27.2_sparc.deb\n Size/MD5 checksum: 94714 764b44e5556ddf84f8bbabc76932d3f2\n http://security.debian.org/pool/updates/main/p/postgresql/postgresql-contrib_6.5.3-27.2_sparc.deb\n Size/MD5 checksum: 99438 7f9e005d970e914886a796733e8fb9d7\n http://security.debian.org/pool/updates/main/p/postgresql/postgresql-dev_6.5.3-27.2_sparc.deb\n Size/MD5 checksum: 235090 412d135c6f5b2f811ca1829fc58971cc\n\n\nDebian GNU/Linux 3.0 alias woody\n- --------------------------------\n\n Source archives:\n\n http://security.debian.org/pool/updates/main/p/postgresql/postgresql_7.2.1-2woody2.dsc\n Size/MD5 checksum: 966 608f67b79934e98459ca278879f6b742\n http://security.debian.org/pool/updates/main/p/postgresql/postgresql_7.2.1-2woody2.diff.gz\n Size/MD5 checksum: 108324 c02c93a8b361d3da4c0703aeb68618ba\n http://security.debian.org/pool/updates/main/p/postgresql/postgresql_7.2.1.orig.tar.gz\n Size/MD5 checksum: 9237680 d075e9c49135899645dff57bc58d6233\n\n Architecture independent components:\n\n http://security.debian.org/pool/updates/main/p/postgresql/postgresql-doc_7.2.1-2woody2_all.deb\n Size/MD5 checksum: 1962362 e881e3b62e524dcfd36fc20624939ab5\n\n Alpha architecture:\n\n http://security.debian.org/pool/updates/main/p/postgresql/postgresql_7.2.1-2woody2_alpha.deb\n Size/MD5 checksum: 1816268 50ac206e7e3493b672014f6ecc70010d\n http://security.debian.org/pool/updates/main/p/postgresql/postgresql-client_7.2.1-2woody2_alpha.deb\n Size/MD5 checksum: 319026 130d19aee5351f6411c8af835ddbf7bc\n http://security.debian.org/pool/updates/main/p/postgresql/postgresql-contrib_7.2.1-2woody2_alpha.deb\n Size/MD5 checksum: 386660 ec7f4c9403549db4664722aea7e68f3d\n http://security.debian.org/pool/updates/main/p/postgresql/postgresql-dev_7.2.1-2woody2_alpha.deb\n Size/MD5 checksum: 539598 426361b14677071337cda4782720b7e1\n\n ARM architecture:\n\n http://security.debian.org/pool/updates/main/p/postgresql/postgresql_7.2.1-2woody2_arm.deb\n Size/MD5 checksum: 1599594 2bb62ee39fdb23117a668a42efbf61e0\n http://security.debian.org/pool/updates/main/p/postgresql/postgresql-client_7.2.1-2woody2_arm.deb\n Size/MD5 checksum: 284670 b570f4e391beba66b94bed46e238b210\n http://security.debian.org/pool/updates/main/p/postgresql/postgresql-contrib_7.2.1-2woody2_arm.deb\n Size/MD5 checksum: 340194 279f464364be344e21122cefbb409e49\n http://security.debian.org/pool/updates/main/p/postgresql/postgresql-dev_7.2.1-2woody2_arm.deb\n Size/MD5 checksum: 509944 2997e961cad38ebaed1462885a33964e\n\n Intel IA-32 architecture:\n\n http://security.debian.org/pool/updates/main/p/postgresql/postgresql_7.2.1-2woody2_i386.deb\n Size/MD5 checksum: 1550462 57b8949853a7b1b85b91c40e0ff6f50f\n http://security.debian.org/pool/updates/main/p/postgresql/postgresql-client_7.2.1-2woody2_i386.deb\n Size/MD5 checksum: 280466 d0322e0e9297ed7f93e742c3a7c87e3e\n http://security.debian.org/pool/updates/main/p/postgresql/postgresql-contrib_7.2.1-2woody2_i386.deb\n Size/MD5 checksum: 329492 a499acbee40aee5044a9777f6f208cf0\n http://security.debian.org/pool/updates/main/p/postgresql/postgresql-dev_7.2.1-2woody2_i386.deb\n Size/MD5 checksum: 495648 4cbe718afd5717d2b463a799a7963c48\n\n Intel IA-64 architecture:\n\n http://security.debian.org/pool/updates/main/p/postgresql/postgresql_7.2.1-2woody2_ia64.deb\n Size/MD5 checksum: 2091424 ae4a192a487d27d92365905e6b6a140c\n http://security.debian.org/pool/updates/main/p/postgresql/postgresql-client_7.2.1-2woody2_ia64.deb\n Size/MD5 checksum: 362760 2f369d4f74f31c0ee49f253ace0ba341\n http://security.debian.org/pool/updates/main/p/postgresql/postgresql-contrib_7.2.1-2woody2_ia64.deb\n Size/MD5 checksum: 434010 97aa15eaf45c8126455410832aace650\n http://security.debian.org/pool/updates/main/p/postgresql/postgresql-dev_7.2.1-2woody2_ia64.deb\n Size/MD5 checksum: 554460 cc2b261cbc7d74395955787538ee1be4\n\n HP Precision architecture:\n\n http://security.debian.org/pool/updates/main/p/postgresql/postgresql_7.2.1-2woody2_hppa.deb\n Size/MD5 checksum: 1825936 d4123b1fb38be1b5f590c7647ac67d09\n http://security.debian.org/pool/updates/main/p/postgresql/postgresql-client_7.2.1-2woody2_hppa.deb\n Size/MD5 checksum: 303976 2ed721a638cc122e9df2c7c8d9c3136c\n http://security.debian.org/pool/updates/main/p/postgresql/postgresql-contrib_7.2.1-2woody2_hppa.deb\n Size/MD5 checksum: 371292 eca7dda3a5770e9559431c91591bd011\n http://security.debian.org/pool/updates/main/p/postgresql/postgresql-dev_7.2.1-2woody2_hppa.deb\n Size/MD5 checksum: 523432 39037260439d1a0e7657057081b025ac\n\n Motorola 680x0 architecture:\n\n http://security.debian.org/pool/updates/main/p/postgresql/postgresql_7.2.1-2woody2_m68k.deb\n Size/MD5 checksum: 1582574 0821e366132154d678a265eb905fafea\n http://security.debian.org/pool/updates/main/p/postgresql/postgresql-client_7.2.1-2woody2_m68k.deb\n Size/MD5 checksum: 269228 4f0d8a52aab71f35ed927ecb8b459a04\n http://security.debian.org/pool/updates/main/p/postgresql/postgresql-contrib_7.2.1-2woody2_m68k.deb\n Size/MD5 checksum: 324506 defc39e7b301a0e8e3eaa31e95f44bd1\n http://security.debian.org/pool/updates/main/p/postgresql/postgresql-dev_7.2.1-2woody2_m68k.deb\n Size/MD5 checksum: 489576 d0e07f1c808bcea4b079ee666af89e18\n\n Big endian MIPS architecture:\n\n http://security.debian.org/pool/updates/main/p/postgresql/postgresql_7.2.1-2woody2_mips.deb\n Size/MD5 checksum: 1749892 038f144371c532a7054310ebafc0fabf\n http://security.debian.org/pool/updates/main/p/postgresql/postgresql-client_7.2.1-2woody2_mips.deb\n Size/MD5 checksum: 293452 5f2933c441851dc091e5fd3689883333\n http://security.debian.org/pool/updates/main/p/postgresql/postgresql-contrib_7.2.1-2woody2_mips.deb\n Size/MD5 checksum: 343074 88123045ac6311fcaf75a04123d99a11\n http://security.debian.org/pool/updates/main/p/postgresql/postgresql-dev_7.2.1-2woody2_mips.deb\n Size/MD5 checksum: 514694 87275f4241190fef029bd5550b1bc60f\n\n Little endian MIPS architecture:\n\n http://security.debian.org/pool/updates/main/p/postgresql/postgresql_7.2.1-2woody2_mipsel.deb\n Size/MD5 checksum: 1661496 549f289431252de4a3f568e70ea239aa\n http://security.debian.org/pool/updates/main/p/postgresql/postgresql-client_7.2.1-2woody2_mipsel.deb\n Size/MD5 checksum: 293778 cd3985f57d9146bf029e8b1341305ba3\n http://security.debian.org/pool/updates/main/p/postgresql/postgresql-contrib_7.2.1-2woody2_mipsel.deb\n Size/MD5 checksum: 342846 27b7dc830124cd7172da925d2cd41a28\n http://security.debian.org/pool/updates/main/p/postgresql/postgresql-dev_7.2.1-2woody2_mipsel.deb\n Size/MD5 checksum: 511992 ce6368fcf94ea24f99b03ed966ae3a1b\n\n PowerPC architecture:\n\n http://security.debian.org/pool/updates/main/p/postgresql/postgresql_7.2.1-2woody2_powerpc.deb\n Size/MD5 checksum: 1700298 110f547a75ef7e029cf0a85f6d0371b4\n http://security.debian.org/pool/updates/main/p/postgresql/postgresql-client_7.2.1-2woody2_powerpc.deb\n Size/MD5 checksum: 287804 89157efe96d18948dc2be1e3197c6ce8\n http://security.debian.org/pool/updates/main/p/postgresql/postgresql-contrib_7.2.1-2woody2_powerpc.deb\n Size/MD5 checksum: 341156 62010d6c0229a9be34dfadba6d596a27\n http://security.debian.org/pool/updates/main/p/postgresql/postgresql-dev_7.2.1-2woody2_powerpc.deb\n Size/MD5 checksum: 510338 62a64b00fa3d6778684e9d09ea1a7184\n\n IBM S/390 architecture:\n\n http://security.debian.org/pool/updates/main/p/postgresql/postgresql_7.2.1-2woody2_s390.deb\n Size/MD5 checksum: 1655658 338ea4946f02a733a5847fa21691a69b\n http://security.debian.org/pool/updates/main/p/postgresql/postgresql-client_7.2.1-2woody2_s390.deb\n Size/MD5 checksum: 281394 7d1dd1d5cc597d0a4cd3ce4fce711c1f\n http://security.debian.org/pool/updates/main/p/postgresql/postgresql-contrib_7.2.1-2woody2_s390.deb\n Size/MD5 checksum: 337208 cbecafbcf64329be5f1427c1dfd53611\n http://security.debian.org/pool/updates/main/p/postgresql/postgresql-dev_7.2.1-2woody2_s390.deb\n Size/MD5 checksum: 500784 b96c9bc7ef7f7f6af453c97bc1847c3d\n\n Sun Sparc architecture:\n\n http://security.debian.org/pool/updates/main/p/postgresql/postgresql_7.2.1-2woody2_sparc.deb\n Size/MD5 checksum: 1671132 f7ce98738c9fffd61d249b25e85e64d4\n http://security.debian.org/pool/updates/main/p/postgresql/postgresql-client_7.2.1-2woody2_sparc.deb\n Size/MD5 checksum: 288190 ed62e7c92a30fd818e4758ab5c37ceaa\n http://security.debian.org/pool/updates/main/p/postgresql/postgresql-contrib_7.2.1-2woody2_sparc.deb\n Size/MD5 checksum: 370490 7416f29f108b2583a040c0211d2050ac\n http://security.debian.org/pool/updates/main/p/postgresql/postgresql-dev_7.2.1-2woody2_sparc.deb\n Size/MD5 checksum: 501558 8c0f2688e7cdc815c49b88a2772c3ceb\n\n Please note that all python source packages produce more binary\n packages than the ones listed above. They are not relevant for the\n fixed problems, though.\n\n These files will probably be moved into the stable distribution on\n its next revision.\n\n- ---------------------------------------------------------------------------------\nFor apt-get: deb http://security.debian.org/ stable/updates main\nFor dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main\nMailing list: debian-security-announce@lists.debian.org\nPackage info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>\n\n", "edition": 2, "modified": "2002-09-12T00:00:00", "published": "2002-09-12T00:00:00", "id": "DEBIAN:DSA-165-1:CF4E4", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2002/msg00085.html", "title": "[SECURITY] [DSA 165-1] New PostgreSQL packages fix several vulnerabilities", "type": "debian", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}], "suse": [{"lastseen": "2016-09-04T11:28:41", "bulletinFamily": "unix", "cvelist": ["CVE-2002-0972", "CVE-2002-0839", "CVE-2002-1200"], "description": "The syslog-ng package is a portable syslog implementation which can be used as syslogd replacement. Syslog-ng contained buffer overflows in its macro expansion routines. These overflows could be triggered by remote attackers if certain configuration options were enabled. Syslog-ng is not used by default on SuSE Linux, and even if installed, the problematic options are not enabled by default. We recommend an update of the syslog-ng package nevertheless if you use syslog-ng for logging. To be sure the update takes effect you have to restart the daemon by issuing the following command as root:", "edition": 1, "modified": "2002-10-31T10:25:06", "published": "2002-10-31T10:25:06", "id": "SUSE-SA:2002:039", "href": "http://lists.opensuse.org/opensuse-security-announce/2002-10/msg00012.html", "type": "suse", "title": "remote command execution in syslog-ng", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2016-09-04T11:56:36", "bulletinFamily": "unix", "cvelist": ["CVE-2002-1398", "CVE-2002-1402", "CVE-2002-0972", "CVE-2002-1400"], "description": "The PostgreSQL Object-Relational DBMS was found vulnerable to several security related buffer overflow problems. The buffer overflows are located in: * handling long datetime input * lpad() and rpad() function with multibyte * repeat() function * TZ and SET TIME ZONE environment variables These bugs could just be exploited by attackers who have access to the postgresql server to gain the privileges postgres user ID .", "edition": 1, "modified": "2002-10-21T15:54:39", "published": "2002-10-21T15:54:39", "id": "SUSE-SA:2002:038", "href": "http://lists.opensuse.org/opensuse-security-announce/2002-10/msg00010.html", "type": "suse", "title": "remote privilege escalation in postgresql", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "redhat": [{"lastseen": "2019-08-13T18:44:41", "bulletinFamily": "unix", "cvelist": ["CVE-2002-0972", "CVE-2002-1397", "CVE-2002-1398", "CVE-2002-1400", "CVE-2002-1401", "CVE-2002-1402"], "description": "PostgreSQL is an advanced Object-Relational database management system\n(DBMS). Red Hat Linux Advanced Server 2.1 shipped with PostgreSQL version\n7.1.3 which has several security vulnerabilities. \n\nBuffer overflows in PostgreSQL 7.2 allow attackers to cause a denial of\nservice and possibly execute arbitrary code via long arguments to the lpad\nor rpad functions. CAN-2002-0972\n\nBuffer overflow in the cash_words() function for PostgreSQL 7.2 and\nearlier allows local users to cause a denial of service and possibly\nexecute arbitrary code via a malformed argument. CAN-2002-1397\n\nBuffer overflow in the date parser for PostgreSQL before 7.2.2 allows\nattackers to cause a denial of service and possibly execute arbitrary\ncode via a long date string, referred to as a vulnerability \"in handling\nlong datetime input.\" CAN-2002-1398\n\nHeap-based buffer overflow in the repeat() function for PostgreSQL\nbefore 7.2.2 allows attackers to execute arbitrary code by causing\nrepeat() to generate a large string. CAN-2002-1400\n\nBuffer overflows in circle_poly, path_encode, and path_add allow attackers\nto cause a denial of service and possibly execute arbitrary code. Note\nthat these issues have been fixed in our packages and in PostgreSQL CVS,\nbut are not included in PostgreSQL version 7.2.2 or 7.2.3. CAN-2002-1401\n\nBuffer overflows in the TZ and SET TIME ZONE enivronment variables for\nPostgreSQL 7.2.1 and earlier allow local users to cause a denial of service\nand possibly execute arbitrary code. CAN-2002-1402\n\nNote that these vulnerabilities are only critical on open or shared systems\nbecause connecting to the database is required before the vulnerabilities\ncan be exploited.\n\nThe PostgreSQL Global Development Team has released versions of PostgreSQL\nthat fix these vulnerabilities, and these fixes have been isolated and\nbackported into the updated 7.1.3 packages provided with this errata.\nAll users of Red Hat Linux Advanced Server 2.1 who use PostgreSQL are\nadvised to install these updated packages.", "modified": "2018-03-14T19:27:29", "published": "2003-02-06T05:00:00", "id": "RHSA-2002:301", "href": "https://access.redhat.com/errata/RHSA-2002:301", "type": "redhat", "title": "(RHSA-2002:301) postgresql security update", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "nessus": [{"lastseen": "2021-01-07T11:51:17", "description": "Vulnerabilities were discovered in the Postgresql relational database\nby Mordred Labs. These vulnerabilities are buffer overflows in the\nrpad(), lpad(), repeat(), and cash_words() functions. The Postgresql\ndevelopers also fixed a buffer overflow in functions that deal with\ntime/date and timezone.\n\nFinally, more buffer overflows were discovered by Mordred Labs in the\n7.2.2 release that are currently only fixed in CVS. These buffer\noverflows exist in the circle_poly(), path_encode(), and path_addr()\nfunctions.\n\nIn order for these vulnerabilities to be exploited, an attacker must\nbe able to query the server somehow. However, this cannot directly\nlead to root privilege because the server runs as the postgresql user.\n\nPrior to upgrading, users should dump their database and retain it as\nbackup. You can dump the database by using :\n\n$ pg_dumpall > db.out\n\nIf you need to restore from the backup, you can do so by using :\n\n$ psql -f db.out template1\n\nUpdate :\n\nThe previous update missed a few small fixes, including a buffer\noverflow in the cash_words() function that allows local users to cause\na DoS and possibly execute arbitrary code via a malformed argument in\nPostgresql 7.2 and earlier. As well, buffer overflows in the TZ and\nSET TIME ZONE environment variables for Postgresql 7.2.1 and earlier\ncan allow local users to cause a DoS and possibly execute arbitrary\ncode.", "edition": 24, "published": "2004-07-31T00:00:00", "title": "Mandrake Linux Security Advisory : postgresql (MDKSA-2002:062-1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2002-1398", "CVE-2002-1401", "CVE-2002-1402", "CVE-2002-0972", "CVE-2002-1397", "CVE-2002-1400"], "modified": "2004-07-31T00:00:00", "cpe": ["cpe:/o:mandrakesoft:mandrake_linux:7.2", "p-cpe:/a:mandriva:linux:postgresql-tcl", "p-cpe:/a:mandriva:linux:postgresql", "p-cpe:/a:mandriva:linux:libpgtcl2", "p-cpe:/a:mandriva:linux:postgresql-devel", "p-cpe:/a:mandriva:linux:libpgsql2", "p-cpe:/a:mandriva:linux:postgresql-docs", "cpe:/o:mandrakesoft:mandrake_linux:8.2", "p-cpe:/a:mandriva:linux:postgresql-test", "p-cpe:/a:mandriva:linux:postgresql-perl", "cpe:/o:mandrakesoft:mandrake_linux:8.0", "p-cpe:/a:mandriva:linux:postgresql-plperl", "p-cpe:/a:mandriva:linux:postgresql-odbc", "p-cpe:/a:mandriva:linux:postgresql-libs", "p-cpe:/a:mandriva:linux:postgresql-python", "p-cpe:/a:mandriva:linux:libpgsqlodbc0", "cpe:/o:mandrakesoft:mandrake_linux:9.0", "p-cpe:/a:mandriva:linux:libecpg3", "p-cpe:/a:mandriva:linux:postgresql-contrib", "cpe:/o:mandrakesoft:mandrake_linux:8.1", "p-cpe:/a:mandriva:linux:postgresql-jdbc", "p-cpe:/a:mandriva:linux:postgresql-tk", "p-cpe:/a:mandriva:linux:postgresql-server", "p-cpe:/a:mandriva:linux:libpgperl"], "id": "MANDRAKE_MDKSA-2002-062.NASL", "href": "https://www.tenable.com/plugins/nessus/13963", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandrake Linux Security Advisory MDKSA-2002:062. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(13963);\n script_version(\"1.21\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2002-0972\", \"CVE-2002-1397\", \"CVE-2002-1398\", \"CVE-2002-1400\", \"CVE-2002-1401\", \"CVE-2002-1402\");\n script_xref(name:\"MDKSA\", value:\"2002:062-1\");\n\n script_name(english:\"Mandrake Linux Security Advisory : postgresql (MDKSA-2002:062-1)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandrake Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Vulnerabilities were discovered in the Postgresql relational database\nby Mordred Labs. These vulnerabilities are buffer overflows in the\nrpad(), lpad(), repeat(), and cash_words() functions. The Postgresql\ndevelopers also fixed a buffer overflow in functions that deal with\ntime/date and timezone.\n\nFinally, more buffer overflows were discovered by Mordred Labs in the\n7.2.2 release that are currently only fixed in CVS. These buffer\noverflows exist in the circle_poly(), path_encode(), and path_addr()\nfunctions.\n\nIn order for these vulnerabilities to be exploited, an attacker must\nbe able to query the server somehow. However, this cannot directly\nlead to root privilege because the server runs as the postgresql user.\n\nPrior to upgrading, users should dump their database and retain it as\nbackup. You can dump the database by using :\n\n$ pg_dumpall > db.out\n\nIf you need to restore from the backup, you can do so by using :\n\n$ psql -f db.out template1\n\nUpdate :\n\nThe previous update missed a few small fixes, including a buffer\noverflow in the cash_words() function that allows local users to cause\na DoS and possibly execute arbitrary code via a malformed argument in\nPostgresql 7.2 and earlier. As well, buffer overflows in the TZ and\nSET TIME ZONE environment variables for Postgresql 7.2.1 and earlier\ncan allow local users to cause a DoS and possibly execute arbitrary\ncode.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://archives.postgresql.org/pgsql-announce/2002-08/msg00004.php\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://online.securityfocus.com/archive/1/288036\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://online.securityfocus.com/archive/1/288305\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://online.securityfocus.com/archive/1/288334\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_cwe_id(119);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libecpg3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libpgperl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libpgsql2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libpgsqlodbc0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libpgtcl2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:postgresql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:postgresql-contrib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:postgresql-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:postgresql-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:postgresql-jdbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:postgresql-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:postgresql-odbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:postgresql-perl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:postgresql-plperl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:postgresql-python\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:postgresql-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:postgresql-tcl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:postgresql-test\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:postgresql-tk\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandrakesoft:mandrake_linux:7.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandrakesoft:mandrake_linux:8.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandrakesoft:mandrake_linux:8.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandrakesoft:mandrake_linux:8.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandrakesoft:mandrake_linux:9.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2003/02/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2004/07/31\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2004-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK7.2\", cpu:\"i386\", reference:\"postgresql-7.0.2-6.2mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK7.2\", cpu:\"i386\", reference:\"postgresql-devel-7.0.2-6.2mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK7.2\", cpu:\"i386\", reference:\"postgresql-jdbc-7.0.2-6.2mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK7.2\", cpu:\"i386\", reference:\"postgresql-odbc-7.0.2-6.2mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK7.2\", cpu:\"i386\", reference:\"postgresql-perl-7.0.2-6.2mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK7.2\", cpu:\"i386\", reference:\"postgresql-python-7.0.2-6.2mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK7.2\", cpu:\"i386\", reference:\"postgresql-server-7.0.2-6.2mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK7.2\", cpu:\"i386\", reference:\"postgresql-tcl-7.0.2-6.2mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK7.2\", cpu:\"i386\", reference:\"postgresql-test-7.0.2-6.2mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK7.2\", cpu:\"i386\", reference:\"postgresql-tk-7.0.2-6.2mdk\", yank:\"mdk\")) flag++;\n\nif (rpm_check(release:\"MDK8.0\", cpu:\"i386\", reference:\"postgresql-7.0.3-12.3mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK8.0\", cpu:\"i386\", reference:\"postgresql-devel-7.0.3-12.3mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK8.0\", cpu:\"i386\", reference:\"postgresql-jdbc-7.0.3-12.3mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK8.0\", cpu:\"i386\", reference:\"postgresql-odbc-7.0.3-12.3mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK8.0\", cpu:\"i386\", reference:\"postgresql-perl-7.0.3-12.3mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK8.0\", cpu:\"i386\", reference:\"postgresql-python-7.0.3-12.3mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK8.0\", cpu:\"i386\", reference:\"postgresql-server-7.0.3-12.3mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK8.0\", cpu:\"i386\", reference:\"postgresql-tcl-7.0.3-12.3mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK8.0\", cpu:\"i386\", reference:\"postgresql-test-7.0.3-12.3mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK8.0\", cpu:\"i386\", reference:\"postgresql-tk-7.0.3-12.3mdk\", yank:\"mdk\")) flag++;\n\nif (rpm_check(release:\"MDK8.1\", cpu:\"i386\", reference:\"postgresql-7.1.2-19.3mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK8.1\", cpu:\"i386\", reference:\"postgresql-contrib-7.1.2-19.3mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK8.1\", cpu:\"i386\", reference:\"postgresql-devel-7.1.2-19.3mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK8.1\", cpu:\"i386\", reference:\"postgresql-docs-7.1.2-19.3mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK8.1\", cpu:\"i386\", reference:\"postgresql-jdbc-7.1.2-19.3mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK8.1\", cpu:\"i386\", reference:\"postgresql-libs-7.1.2-19.3mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK8.1\", cpu:\"i386\", reference:\"postgresql-odbc-7.1.2-19.3mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK8.1\", cpu:\"i386\", reference:\"postgresql-perl-7.1.2-19.3mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK8.1\", cpu:\"i386\", reference:\"postgresql-plperl-7.1.2-19.3mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK8.1\", cpu:\"i386\", reference:\"postgresql-python-7.1.2-19.3mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK8.1\", cpu:\"i386\", reference:\"postgresql-server-7.1.2-19.3mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK8.1\", cpu:\"i386\", reference:\"postgresql-tcl-7.1.2-19.3mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK8.1\", cpu:\"i386\", reference:\"postgresql-test-7.1.2-19.3mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK8.1\", cpu:\"i386\", reference:\"postgresql-tk-7.1.2-19.3mdk\", yank:\"mdk\")) flag++;\n\nif (rpm_check(release:\"MDK8.2\", cpu:\"i386\", reference:\"libecpg3-7.2-12.2mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK8.2\", cpu:\"i386\", reference:\"libpgperl-7.2-12.2mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK8.2\", cpu:\"i386\", reference:\"libpgsql2-7.2-12.2mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK8.2\", cpu:\"i386\", reference:\"libpgsqlodbc0-7.2-12.2mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK8.2\", cpu:\"i386\", reference:\"libpgtcl2-7.2-12.2mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK8.2\", cpu:\"i386\", reference:\"postgresql-7.2-12.2mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK8.2\", cpu:\"i386\", reference:\"postgresql-contrib-7.2-12.2mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK8.2\", cpu:\"i386\", reference:\"postgresql-devel-7.2-12.2mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK8.2\", cpu:\"i386\", reference:\"postgresql-docs-7.2-12.2mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK8.2\", cpu:\"i386\", reference:\"postgresql-jdbc-7.2-12.2mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK8.2\", cpu:\"i386\", reference:\"postgresql-python-7.2-12.2mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK8.2\", cpu:\"i386\", reference:\"postgresql-server-7.2-12.2mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK8.2\", cpu:\"i386\", reference:\"postgresql-tcl-7.2-12.2mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK8.2\", cpu:\"i386\", reference:\"postgresql-test-7.2-12.2mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK8.2\", cpu:\"i386\", reference:\"postgresql-tk-7.2-12.2mdk\", yank:\"mdk\")) flag++;\n\nif (rpm_check(release:\"MDK9.0\", cpu:\"i386\", reference:\"libecpg3-7.2.2-1.2mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK9.0\", cpu:\"i386\", reference:\"libpgperl-7.2.2-1.2mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK9.0\", cpu:\"i386\", reference:\"libpgsql2-7.2.2-1.2mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK9.0\", cpu:\"i386\", reference:\"libpgsqlodbc0-7.2.2-1.2mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK9.0\", cpu:\"i386\", reference:\"libpgtcl2-7.2.2-1.2mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK9.0\", cpu:\"i386\", reference:\"postgresql-7.2.2-1.2mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK9.0\", cpu:\"i386\", reference:\"postgresql-contrib-7.2.2-1.2mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK9.0\", cpu:\"i386\", reference:\"postgresql-devel-7.2.2-1.2mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK9.0\", cpu:\"i386\", reference:\"postgresql-docs-7.2.2-1.2mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK9.0\", cpu:\"i386\", reference:\"postgresql-jdbc-7.2.2-1.2mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK9.0\", cpu:\"i386\", reference:\"postgresql-python-7.2.2-1.2mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK9.0\", cpu:\"i386\", reference:\"postgresql-server-7.2.2-1.2mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK9.0\", cpu:\"i386\", reference:\"postgresql-tcl-7.2.2-1.2mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK9.0\", cpu:\"i386\", reference:\"postgresql-test-7.2.2-1.2mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK9.0\", cpu:\"i386\", reference:\"postgresql-tk-7.2.2-1.2mdk\", yank:\"mdk\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-17T13:05:15", "description": "Updated PostgreSQL packages are available which correct several minor\nsecurity vulnerabilities.\n\n[Updated 06 Feb 2003] Added fixed packages for Advanced Workstation\n2.1\n\nPostgreSQL is an advanced Object-Relational database management system\n(DBMS). Red Hat Linux Advanced Server 2.1 shipped with PostgreSQL\nversion 7.1.3 which has several security vulnerabilities.\n\nBuffer overflows in PostgreSQL 7.2 allow attackers to cause a denial\nof service and possibly execute arbitrary code via long arguments to\nthe lpad or rpad functions. CVE-2002-0972\n\nBuffer overflow in the cash_words() function for PostgreSQL 7.2 and\nearlier allows local users to cause a denial of service and possibly\nexecute arbitrary code via a malformed argument. CVE-2002-1397\n\nBuffer overflow in the date parser for PostgreSQL before 7.2.2 allows\nattackers to cause a denial of service and possibly execute arbitrary\ncode via a long date string, referred to as a vulnerability 'in\nhandling long datetime input.' CVE-2002-1398\n\nHeap-based buffer overflow in the repeat() function for PostgreSQL\nbefore 7.2.2 allows attackers to execute arbitrary code by causing\nrepeat() to generate a large string. CVE-2002-1400\n\nBuffer overflows in circle_poly, path_encode, and path_add allow\nattackers to cause a denial of service and possibly execute arbitrary\ncode. Note that these issues have been fixed in our packages and in\nPostgreSQL CVS, but are not included in PostgreSQL version 7.2.2 or\n7.2.3. CVE-2002-1401\n\nBuffer overflows in the TZ and SET TIME ZONE enivronment variables for\nPostgreSQL 7.2.1 and earlier allow local users to cause a denial of\nservice and possibly execute arbitrary code. CVE-2002-1402\n\nNote that these vulnerabilities are only critical on open or shared\nsystems because connecting to the database is required before the\nvulnerabilities can be exploited.\n\nThe PostgreSQL Global Development Team has released versions of\nPostgreSQL that fix these vulnerabilities, and these fixes have been\nisolated and backported into the updated 7.1.3 packages provided with\nthis errata. All users of Red Hat Linux Advanced Server 2.1 who use\nPostgreSQL are advised to install these updated packages.", "edition": 28, "published": "2004-07-06T00:00:00", "title": "RHEL 2.1 : postgresql (RHSA-2002:301)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2002-1398", "CVE-2002-1401", "CVE-2002-1402", "CVE-2002-0972", "CVE-2002-1397", "CVE-2002-1400"], "modified": "2004-07-06T00:00:00", "cpe": ["cpe:/o:redhat:enterprise_linux:2.1", "p-cpe:/a:redhat:enterprise_linux:postgresql-tk", "p-cpe:/a:redhat:enterprise_linux:postgresql-devel", "p-cpe:/a:redhat:enterprise_linux:postgresql-docs", "p-cpe:/a:redhat:enterprise_linux:postgresql-odbc", "p-cpe:/a:redhat:enterprise_linux:postgresql-tcl", "p-cpe:/a:redhat:enterprise_linux:postgresql", "p-cpe:/a:redhat:enterprise_linux:postgresql-jdbc", "p-cpe:/a:redhat:enterprise_linux:postgresql-server", "p-cpe:/a:redhat:enterprise_linux:postgresql-python", "p-cpe:/a:redhat:enterprise_linux:postgresql-perl", "p-cpe:/a:redhat:enterprise_linux:postgresql-contrib", "p-cpe:/a:redhat:enterprise_linux:postgresql-libs"], "id": "REDHAT-RHSA-2002-301.NASL", "href": "https://www.tenable.com/plugins/nessus/12343", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2002:301. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(12343);\n script_version(\"1.27\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2002-0972\", \"CVE-2002-1397\", \"CVE-2002-1398\", \"CVE-2002-1400\", \"CVE-2002-1401\", \"CVE-2002-1402\");\n script_xref(name:\"RHSA\", value:\"2002:301\");\n\n script_name(english:\"RHEL 2.1 : postgresql (RHSA-2002:301)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated PostgreSQL packages are available which correct several minor\nsecurity vulnerabilities.\n\n[Updated 06 Feb 2003] Added fixed packages for Advanced Workstation\n2.1\n\nPostgreSQL is an advanced Object-Relational database management system\n(DBMS). Red Hat Linux Advanced Server 2.1 shipped with PostgreSQL\nversion 7.1.3 which has several security vulnerabilities.\n\nBuffer overflows in PostgreSQL 7.2 allow attackers to cause a denial\nof service and possibly execute arbitrary code via long arguments to\nthe lpad or rpad functions. CVE-2002-0972\n\nBuffer overflow in the cash_words() function for PostgreSQL 7.2 and\nearlier allows local users to cause a denial of service and possibly\nexecute arbitrary code via a malformed argument. CVE-2002-1397\n\nBuffer overflow in the date parser for PostgreSQL before 7.2.2 allows\nattackers to cause a denial of service and possibly execute arbitrary\ncode via a long date string, referred to as a vulnerability 'in\nhandling long datetime input.' CVE-2002-1398\n\nHeap-based buffer overflow in the repeat() function for PostgreSQL\nbefore 7.2.2 allows attackers to execute arbitrary code by causing\nrepeat() to generate a large string. CVE-2002-1400\n\nBuffer overflows in circle_poly, path_encode, and path_add allow\nattackers to cause a denial of service and possibly execute arbitrary\ncode. Note that these issues have been fixed in our packages and in\nPostgreSQL CVS, but are not included in PostgreSQL version 7.2.2 or\n7.2.3. CVE-2002-1401\n\nBuffer overflows in the TZ and SET TIME ZONE enivronment variables for\nPostgreSQL 7.2.1 and earlier allow local users to cause a denial of\nservice and possibly execute arbitrary code. CVE-2002-1402\n\nNote that these vulnerabilities are only critical on open or shared\nsystems because connecting to the database is required before the\nvulnerabilities can be exploited.\n\nThe PostgreSQL Global Development Team has released versions of\nPostgreSQL that fix these vulnerabilities, and these fixes have been\nisolated and backported into the updated 7.1.3 packages provided with\nthis errata. All users of Red Hat Linux Advanced Server 2.1 who use\nPostgreSQL are advised to install these updated packages.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2002-0972\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2002-1397\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2002-1398\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2002-1400\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2002-1401\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2002-1402\"\n );\n # http://lwn.net/Articles/8445/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lwn.net/Articles/8445/\"\n );\n # http://marc.theaimsgroup.com/?l=postgresql-announce&m=103062536330644\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://marc.info/?l=postgresql-announce&m=103062536330644\"\n );\n # http://marc.theaimsgroup.com/?l=bugtraq&m=102978152712430\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://marc.info/?l=bugtraq&m=102978152712430\"\n );\n # http://marc.theaimsgroup.com/?l=bugtraq&m=102987306029821\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://marc.info/?l=bugtraq&m=102987306029821\"\n );\n # http://marc.theaimsgroup.com/?l=postgresql-general&m=102995302604086\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://marc.info/?l=postgresql-general&m=102995302604086\"\n );\n # http://online.securityfocus.com/archive/1/288334\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://online.securityfocus.com/archive/1/288334\"\n );\n # http://online.securityfocus.com/archive/1/288305\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://online.securityfocus.com/archive/1/288305\"\n );\n # http://online.securityfocus.com/archive/1/288036\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://online.securityfocus.com/archive/1/288036\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2002:301\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_cwe_id(119);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:postgresql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:postgresql-contrib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:postgresql-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:postgresql-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:postgresql-jdbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:postgresql-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:postgresql-odbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:postgresql-perl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:postgresql-python\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:postgresql-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:postgresql-tcl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:postgresql-tk\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:2.1\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2002/09/24\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2003/02/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2004/07/06\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2004-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^2\\.1([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 2.1\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\nif (cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i386\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2002:301\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL2.1\", cpu:\"i386\", reference:\"postgresql-7.1.3-4bp.2\")) flag++;\n if (rpm_check(release:\"RHEL2.1\", cpu:\"i386\", reference:\"postgresql-contrib-7.1.3-4bp.2\")) flag++;\n if (rpm_check(release:\"RHEL2.1\", cpu:\"i386\", reference:\"postgresql-devel-7.1.3-4bp.2\")) flag++;\n if (rpm_check(release:\"RHEL2.1\", cpu:\"i386\", reference:\"postgresql-docs-7.1.3-4bp.2\")) flag++;\n if (rpm_check(release:\"RHEL2.1\", cpu:\"i386\", reference:\"postgresql-jdbc-7.1.3-4bp.2\")) flag++;\n if (rpm_check(release:\"RHEL2.1\", cpu:\"i386\", reference:\"postgresql-libs-7.1.3-4bp.2\")) flag++;\n if (rpm_check(release:\"RHEL2.1\", cpu:\"i386\", reference:\"postgresql-odbc-7.1.3-4bp.2\")) flag++;\n if (rpm_check(release:\"RHEL2.1\", cpu:\"i386\", reference:\"postgresql-perl-7.1.3-4bp.2\")) flag++;\n if (rpm_check(release:\"RHEL2.1\", cpu:\"i386\", reference:\"postgresql-python-7.1.3-4bp.2\")) flag++;\n if (rpm_check(release:\"RHEL2.1\", cpu:\"i386\", reference:\"postgresql-server-7.1.3-4bp.2\")) flag++;\n if (rpm_check(release:\"RHEL2.1\", cpu:\"i386\", reference:\"postgresql-tcl-7.1.3-4bp.2\")) flag++;\n if (rpm_check(release:\"RHEL2.1\", cpu:\"i386\", reference:\"postgresql-tk-7.1.3-4bp.2\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"postgresql / postgresql-contrib / postgresql-devel / etc\");\n }\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-06T09:45:07", "description": "Mordred Labs and others found several vulnerabilities in PostgreSQL,\nan object-relational SQL database. They are inherited from several\nbuffer overflows and integer overflows. Specially crafted long date\nand time input, currency, repeat data and long timezone names could\ncause the PostgreSQL server to crash as well as specially crafted\ninput data for lpad() and rpad(). More buffer/integer overflows were\nfound in circle_poly(), path_encode() and path_addr().\n\nExcept for the last three, these problems are fixed in the upstream\nrelease 7.2.2 of PostgreSQL which is the recommended version to use.\n\nMost of these problems do not exist in the version of PostgreSQL that\nDebian ships in the potato release since the corresponding\nfunctionality is not yet implemented. However, PostgreSQL 6.5.3 is\nquite old and may bear more risks than we are aware of, which may\ninclude further buffer overflows, and certainly include bugs that\nthreaten the integrity of your data.\n\nYou are strongly advised not to use this release but to upgrade your\nsystem to Debian 3.0 (stable) including PostgreSQL release 7.2.1\ninstead, where many bugs have been fixed and new features introduced\nto increase compatibility with the SQL standards.\n\nIf you consider an upgrade, please make sure to dump the entire\ndatabase system using the pg_dumpall utility. Please take into\nconsideration that the newer PostgreSQL is more strict in its input\nhandling. This means that tests like 'foo = NULL' which are not valid\nwon't be accepted anymore. It also means that when using UNICODE\nencoding, ISO 8859-1 and ISO 8859-15 are no longer valid encodings to\nuse when inserting data into the relation. In such a case you are\nadvised to convert the dump in question usingrecode latin1..utf-16.\n\nThese problems have been fixed in version 7.2.1-2woody2 for the\ncurrent stable distribution (woody) and in version 7.2.2-2 for the\nunstable distribution (sid). The old stable distribution (potato) is\npartially affected and we ship a fixed version 6.5.3-27.2 for it.", "edition": 26, "published": "2004-09-29T00:00:00", "title": "Debian DSA-165-1 : postgresql - buffer overflows", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2002-1398", "CVE-2002-1401", "CVE-2002-1402", "CVE-2002-0972", "CVE-2002-1397", "CVE-2002-1400"], "modified": "2004-09-29T00:00:00", "cpe": ["cpe:/o:debian:debian_linux:2.2", "cpe:/o:debian:debian_linux:3.0", "p-cpe:/a:debian:debian_linux:postgresql"], "id": "DEBIAN_DSA-165.NASL", "href": "https://www.tenable.com/plugins/nessus/15002", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-165. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(15002);\n script_version(\"1.20\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2002-0972\", \"CVE-2002-1397\", \"CVE-2002-1398\", \"CVE-2002-1400\", \"CVE-2002-1401\", \"CVE-2002-1402\");\n script_xref(name:\"DSA\", value:\"165\");\n\n script_name(english:\"Debian DSA-165-1 : postgresql - buffer overflows\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Mordred Labs and others found several vulnerabilities in PostgreSQL,\nan object-relational SQL database. They are inherited from several\nbuffer overflows and integer overflows. Specially crafted long date\nand time input, currency, repeat data and long timezone names could\ncause the PostgreSQL server to crash as well as specially crafted\ninput data for lpad() and rpad(). More buffer/integer overflows were\nfound in circle_poly(), path_encode() and path_addr().\n\nExcept for the last three, these problems are fixed in the upstream\nrelease 7.2.2 of PostgreSQL which is the recommended version to use.\n\nMost of these problems do not exist in the version of PostgreSQL that\nDebian ships in the potato release since the corresponding\nfunctionality is not yet implemented. However, PostgreSQL 6.5.3 is\nquite old and may bear more risks than we are aware of, which may\ninclude further buffer overflows, and certainly include bugs that\nthreaten the integrity of your data.\n\nYou are strongly advised not to use this release but to upgrade your\nsystem to Debian 3.0 (stable) including PostgreSQL release 7.2.1\ninstead, where many bugs have been fixed and new features introduced\nto increase compatibility with the SQL standards.\n\nIf you consider an upgrade, please make sure to dump the entire\ndatabase system using the pg_dumpall utility. Please take into\nconsideration that the newer PostgreSQL is more strict in its input\nhandling. This means that tests like 'foo = NULL' which are not valid\nwon't be accepted anymore. It also means that when using UNICODE\nencoding, ISO 8859-1 and ISO 8859-15 are no longer valid encodings to\nuse when inserting data into the relation. In such a case you are\nadvised to convert the dump in question usingrecode latin1..utf-16.\n\nThese problems have been fixed in version 7.2.1-2woody2 for the\ncurrent stable distribution (woody) and in version 7.2.2-2 for the\nunstable distribution (sid). The old stable distribution (potato) is\npartially affected and we ship a fixed version 6.5.3-27.2 for it.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.debian.org/security/2002/dsa-165\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Upgrade the PostgreSQL packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_cwe_id(119);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:postgresql\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:2.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:3.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2002/09/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2004/09/29\");\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2002/08/19\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2004-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"2.2\", prefix:\"ecpg\", reference:\"6.5.3-27.2\")) flag++;\nif (deb_check(release:\"2.2\", prefix:\"libpgperl\", reference:\"6.5.3-27.2\")) flag++;\nif (deb_check(release:\"2.2\", prefix:\"libpgsql2\", reference:\"6.5.3-27.2\")) flag++;\nif (deb_check(release:\"2.2\", prefix:\"libpgtcl\", reference:\"6.5.3-27.2\")) flag++;\nif (deb_check(release:\"2.2\", prefix:\"odbc-postgresql\", reference:\"6.5.3-27.2\")) flag++;\nif (deb_check(release:\"2.2\", prefix:\"pgaccess\", reference:\"6.5.3-27.2\")) flag++;\nif (deb_check(release:\"2.2\", prefix:\"postgresql\", reference:\"6.5.3-27.2\")) flag++;\nif (deb_check(release:\"2.2\", prefix:\"postgresql-client\", reference:\"6.5.3-27.2\")) flag++;\nif (deb_check(release:\"2.2\", prefix:\"postgresql-contrib\", reference:\"6.5.3-27.2\")) flag++;\nif (deb_check(release:\"2.2\", prefix:\"postgresql-dev\", reference:\"6.5.3-27.2\")) flag++;\nif (deb_check(release:\"2.2\", prefix:\"postgresql-doc\", reference:\"6.5.3-27.2\")) flag++;\nif (deb_check(release:\"2.2\", prefix:\"postgresql-pl\", reference:\"6.5.3-27.2\")) flag++;\nif (deb_check(release:\"2.2\", prefix:\"postgresql-test\", reference:\"6.5.3-27.2\")) flag++;\nif (deb_check(release:\"2.2\", prefix:\"python-pygresql\", reference:\"6.5.3-27.2\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"courier-authpostgresql\", reference:\"0.37.3-3.1\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"libecpg3\", reference:\"7.2.1-2woody2\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"libpgperl\", reference:\"7.2.1-2woody2\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"libpgsql2\", reference:\"7.2.1-2woody2\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"libpgtcl\", reference:\"7.2.1-2woody2\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"odbc-postgresql\", reference:\"7.2.1-2woody2\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"pgaccess\", reference:\"7.2.1-2woody2\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"postgresql\", reference:\"7.2.1-2woody2\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"postgresql-client\", reference:\"7.2.1-2woody2\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"postgresql-contrib\", reference:\"7.2.1-2woody2\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"postgresql-dev\", reference:\"7.2.1-2woody2\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"postgresql-doc\", reference:\"7.2.1-2woody2\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"python-pygresql\", reference:\"7.2.1-2woody2\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}]}