Lucene search

[email protected]NVD:CVE-2007-6601

HistoryJan 09, 2008 - 9:46 p.m.

CVE-2007-6601

2008-01-0921:46:00

CWE-287

[email protected]

web.nvd.nist.gov

7.2 High

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

6.9 Medium

AI Score

Confidence

Low

0.004 Low

EPSS

Percentile

72.7%

JSON

The DBLink module in PostgreSQL 8.2 before 8.2.6, 8.1 before 8.1.11, 8.0 before 8.0.15, 7.4 before 7.4.19, and 7.3 before 7.3.21, when local trust or ident authentication is used, allows remote attackers to gain privileges via unspecified vectors. NOTE: this issue exists because of an incomplete fix for CVE-2007-3278.

Affected configurations

NVD

Node

postgresqlpostgresqlRange7.3.0–7.3.21

postgresqlpostgresqlRange7.4.0–7.4.19

postgresqlpostgresqlRange8.0.0–8.0.15

postgresqlpostgresqlRange8.1.0–8.1.11

postgresqlpostgresqlRange8.2.0–8.2.6

postgresqlpostgresqlMatch8.2

Node

debiandebian_linuxMatch3.1

debiandebian_linuxMatch4.0

Node

fedoraprojectfedoraMatch7

fedoraprojectfedoraMatch8

References

h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01420154

lists.opensuse.org/opensuse-security-announce/2008-02/msg00000.html

secunia.com/advisories/28359

secunia.com/advisories/28376

secunia.com/advisories/28437

secunia.com/advisories/28438

secunia.com/advisories/28445

secunia.com/advisories/28454

secunia.com/advisories/28455

secunia.com/advisories/28464

secunia.com/advisories/28477

secunia.com/advisories/28479

secunia.com/advisories/28679

secunia.com/advisories/28698

secunia.com/advisories/29638

security.gentoo.org/glsa/glsa-200801-15.xml

securitytracker.com/id?1019157

sunsolve.sun.com/search/document.do?assetkey=1-26-103197-1

sunsolve.sun.com/search/document.do?assetkey=1-66-200559-1

www.debian.org/security/2008/dsa-1460

www.debian.org/security/2008/dsa-1463

www.mandriva.com/security/advisories?name=MDVSA-2008:004

www.postgresql.org/about/news.905

www.redhat.com/support/errata/RHSA-2008-0038.html

www.redhat.com/support/errata/RHSA-2008-0039.html

www.redhat.com/support/errata/RHSA-2008-0040.html

www.securityfocus.com/archive/1/485864/100/0/threaded

www.securityfocus.com/archive/1/486407/100/0/threaded

www.securityfocus.com/bid/27163

www.vupen.com/english/advisories/2008/0061

www.vupen.com/english/advisories/2008/0109

www.vupen.com/english/advisories/2008/1071/references

exchange.xforce.ibmcloud.com/vulnerabilities/39500

issues.rpath.com/browse/RPL-1768

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11127

usn.ubuntu.com/568-1/

www.redhat.com/archives/fedora-package-announce/2008-January/msg00397.html

www.redhat.com/archives/fedora-package-announce/2008-January/msg00469.html

7.2 High

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

6.9 Medium

AI Score

Confidence

Low

0.004 Low

EPSS

Percentile

72.7%

JSON

Related for NVD:CVE-2007-6601

cvelist2 cve2 ubuntucve2 prion2 redhat3 nessus20 openvas38 centos2 nvd1 veracode2 postgresql1 oraclelinux2 gentoo1 debian2 osv2 ubuntu1 securityvulns4 fedora2 freebsd1 suse1