Lucene search

[email protected]NVD:CVE-2010-0733

HistoryMar 19, 2010 - 7:30 p.m.

CVE-2010-0733

2010-03-1919:30:00

CWE-189

[email protected]

web.nvd.nist.gov

3.5 Low

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:S/C:N/I:N/A:P

6.2 Medium

AI Score

Confidence

Low

0.04 Low

EPSS

Percentile

92.1%

JSON

Integer overflow in src/backend/executor/nodeHash.c in PostgreSQL 8.4.1 and earlier, and 8.5 through 8.5alpha2, allows remote authenticated users to cause a denial of service (daemon crash) via a SELECT statement with many LEFT JOIN clauses, related to certain hashtable size calculations.

Affected configurations

NVD

Node

postgresqlpostgresqlRange≤8.4.1

postgresqlpostgresqlMatch8.0

postgresqlpostgresqlMatch8.0.0

postgresqlpostgresqlMatch8.0.1

postgresqlpostgresqlMatch8.0.2

postgresqlpostgresqlMatch8.0.3

postgresqlpostgresqlMatch8.0.4

postgresqlpostgresqlMatch8.0.5

postgresqlpostgresqlMatch8.0.6

postgresqlpostgresqlMatch8.0.7

postgresqlpostgresqlMatch8.0.8

postgresqlpostgresqlMatch8.0.9

postgresqlpostgresqlMatch8.0.10

postgresqlpostgresqlMatch8.0.11

postgresqlpostgresqlMatch8.0.12

postgresqlpostgresqlMatch8.0.13

postgresqlpostgresqlMatch8.0.14

postgresqlpostgresqlMatch8.0.15

postgresqlpostgresqlMatch8.0.16

postgresqlpostgresqlMatch8.0.17

postgresqlpostgresqlMatch8.0.18

postgresqlpostgresqlMatch8.0.19

postgresqlpostgresqlMatch8.0.20

postgresqlpostgresqlMatch8.0.21

postgresqlpostgresqlMatch8.0.22

postgresqlpostgresqlMatch8.0.23

postgresqlpostgresqlMatch8.0.24

postgresqlpostgresqlMatch8.0.317

postgresqlpostgresqlMatch8.1

postgresqlpostgresqlMatch8.1.0

postgresqlpostgresqlMatch8.1.1

postgresqlpostgresqlMatch8.1.2

postgresqlpostgresqlMatch8.1.3

postgresqlpostgresqlMatch8.1.4

postgresqlpostgresqlMatch8.1.5

postgresqlpostgresqlMatch8.1.6

postgresqlpostgresqlMatch8.1.7

postgresqlpostgresqlMatch8.1.8

postgresqlpostgresqlMatch8.1.9

postgresqlpostgresqlMatch8.1.10

postgresqlpostgresqlMatch8.1.11

postgresqlpostgresqlMatch8.1.12

postgresqlpostgresqlMatch8.1.13

postgresqlpostgresqlMatch8.1.14

postgresqlpostgresqlMatch8.1.15

postgresqlpostgresqlMatch8.1.16

postgresqlpostgresqlMatch8.1.17

postgresqlpostgresqlMatch8.1.18

postgresqlpostgresqlMatch8.1.19

postgresqlpostgresqlMatch8.1.20

postgresqlpostgresqlMatch8.2

postgresqlpostgresqlMatch8.2.1

postgresqlpostgresqlMatch8.2.2

postgresqlpostgresqlMatch8.2.3

postgresqlpostgresqlMatch8.2.4

postgresqlpostgresqlMatch8.2.5

postgresqlpostgresqlMatch8.2.6

postgresqlpostgresqlMatch8.2.7

postgresqlpostgresqlMatch8.2.8

postgresqlpostgresqlMatch8.2.9

postgresqlpostgresqlMatch8.2.10

postgresqlpostgresqlMatch8.2.11

postgresqlpostgresqlMatch8.2.12

postgresqlpostgresqlMatch8.2.13

postgresqlpostgresqlMatch8.2.14

postgresqlpostgresqlMatch8.2.15

postgresqlpostgresqlMatch8.2.16

postgresqlpostgresqlMatch8.3

postgresqlpostgresqlMatch8.3.1

postgresqlpostgresqlMatch8.3.2

postgresqlpostgresqlMatch8.3.3

postgresqlpostgresqlMatch8.3.4

postgresqlpostgresqlMatch8.3.5

postgresqlpostgresqlMatch8.3.6

postgresqlpostgresqlMatch8.3.7

postgresqlpostgresqlMatch8.3.8

postgresqlpostgresqlMatch8.3.9

postgresqlpostgresqlMatch8.3.10

postgresqlpostgresqlMatch8.4

postgresqlpostgresqlMatch8.5

postgresqlpostgresqlMatch8.5alpha1

postgresqlpostgresqlMatch8.5alpha2

References

archives.postgresql.org/pgsql-bugs/2009-10/msg00277.php

archives.postgresql.org/pgsql-bugs/2009-10/msg00287.php

archives.postgresql.org/pgsql-bugs/2009-10/msg00289.php

archives.postgresql.org/pgsql-bugs/2009-10/msg00310.php

git.postgresql.org/gitweb?p=postgresql.git%3Ba=commit%3Bh=64b057e6823655fb6c5d1f24a28f236b94dd6c54

lists.opensuse.org/opensuse-security-announce/2010-08/msg00001.html

secunia.com/advisories/39820

www.openwall.com/lists/oss-security/2010/03/09/2

www.openwall.com/lists/oss-security/2010/03/16/10

www.redhat.com/support/errata/RHSA-2010-0427.html

www.redhat.com/support/errata/RHSA-2010-0428.html

www.redhat.com/support/errata/RHSA-2010-0429.html

www.securityfocus.com/bid/38619

www.vupen.com/english/advisories/2010/1197

bugzilla.redhat.com/show_bug.cgi?id=546621

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10691

3.5 Low

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:S/C:N/I:N/A:P

6.2 Medium

AI Score

Confidence

Low

0.04 Low

EPSS

Percentile

92.1%

JSON

Related for NVD:CVE-2010-0733

openvas16 seebug1 cve1 cvelist1 veracode1 ubuntucve1 packetstorm1 prion1 nessus18 oraclelinux3 redhat3 centos3 gentoo1