Lucene search
+L

85 matches found

securityvulns
securityvulns
added 2006/02/16 12:0 a.m.59 views

PostgreSQL privilege escalation

With SET ROLE or SET SESSION AUTHORIZATION it's possible to elevate privileges to any database acccount, including superuser or cause database engine crash...

3.1AI score
Exploits0References1Affected Software1
Prion
Prion
added 2006/02/14 7:6 p.m.20 views

Security feature bypass

PostgreSQL 8.1.0 through 8.1.2 allows authenticated database users to gain additional privileges via "knowledge of the backend protocol" using a crafted SET ROLE to other database users, a different vulnerability than CVE-2006-0678...

6.5CVSS6.5AI score0.02945EPSS
Exploits0References10Affected Software1
Cvelist
Cvelist
added 2006/02/14 7:0 p.m.39 views

CVE-2006-0553

PostgreSQL 8.1.0 through 8.1.2 allows authenticated database users to gain additional privileges via "knowledge of the backend protocol" using a crafted SET ROLE to other database users, a different vulnerability than CVE-2006-0678...

6.2AI score0.02945EPSS
Exploits0References10
PostrgeSql
PostrgeSql
added 2006/02/14 7:0 p.m.64 views

Vulnerability in core server (CVE-2006-0553)

A bug in the handling of SET ROLE allows escalation of privileges to any other database user, including superuser. A valid login is required to exploit this vulnerability...

6.5CVSS6.2AI score0.02945EPSS
Exploits0Affected Software1
FreeBSD
FreeBSD
added 2006/02/14 12:0 a.m.27 views

postgresql81-server -- SET ROLE privilege escalation

The PostgreSQL team reports: Due to inadequate validity checking, a user could exploit the special case that SET ROLE normally uses to restore the previous role setting after an error. This allowed ordinary users to acquire superuser status, for example...

6.5CVSS6.3AI score0.02945EPSS
Exploits0References1
Rows per page
Query Builder