12 matches found
SUSE CVE-2010-0442
The bitsubstr function in backend/utils/adt/varbit.c in PostgreSQL 8.0.23, 8.1.11, and 8.3.8 allows remote authenticated users to cause a denial of service daemon crash or have unspecified other impact via vectors involving a negative integer in the third argument, as demonstrated by a SELECT...
PostgreSQL 'bitsubstr' Buffer Overflow Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/37973/info PostgreSQL is prone to a buffer-overflow vulnerability because the application fails to perform adequate boundary checks on user-supplied data. Attackers can exploit this issue to execute arbitrary code with...
Mandriva Update for postgresql MDVSA-2010:103 (postgresql)
Check for the Version of postgresql OpenVAS Vulnerability Test Mandriva Update for postgresql MDVSA-2010:103 postgresql Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modif...
postgresql: substring() negative length argument buffer overflow
The bitsubstr function in backend/utils/adt/varbit.c in PostgreSQL 8.0.23, 8.1.11, and 8.3.8 allows remote authenticated users to cause a denial of service daemon crash or have unspecified other impact via vectors involving a negative integer in the third argument, as demonstrated by a SELECT...
postgresql: substring() negative length argument buffer overflow
The bitsubstr function in backend/utils/adt/varbit.c in PostgreSQL 8.0.23, 8.1.11, and 8.3.8 allows remote authenticated users to cause a denial of service daemon crash or have unspecified other impact via vectors involving a negative integer in the third argument, as demonstrated by a SELECT...
Buffer overflow
The bitsubstr function in backend/utils/adt/varbit.c in PostgreSQL 8.0.23, 8.1.11, and 8.3.8 allows remote authenticated users to cause a denial of service daemon crash or have unspecified other impact via vectors involving a negative integer in the third argument, as demonstrated by a SELECT...
CVE-2010-0442
CVE-2010-0442 affects PostgreSQL bit-string handling: the bitsubstr function in backend/utils/adt/varbit.c on PostgreSQL versions 8.0.23, 8.1.11, and 8.3.8 can be triggered by a negative integer in the third argument of a bit-string substring call, leading to a denial of service (daemon crash) an...
PT-2010-2206 · Postgresql +1 · Postgresql +1
Name of the Vulnerable Software and Affected Versions: PostgreSQL versions 8.0.23 through 8.3.8 Description: The issue allows remote authenticated users to cause a denial of service or have unspecified other impact via vectors involving a negative integer in the third argument of the bitsubstr...
PostgreSQL bitsubstr函数远程溢出漏洞
BUGTRAQ ID: 37973 CVECAN ID: CVE-2010-0442 PostgreSQL是一款高级对象-关系型数据库管理系统,支持扩展的SQL标准子集。 远程攻击者可以利用PostgreSQL的bitsubstr函数处理超长字符串时的缓冲区溢出导致拒绝服务或执行任意代码。 PostgreSQL 8.0.23 厂商补丁: PostgreSQL ---------- 目前厂商还没有提供补丁或者升级程序,我们建议使用此软件的用户随时关注厂商的主页以获取最新版本: http://www.postgresql.org testdb= select...
PostgreSQL 'bitsubstr' Buffer Overflow Vulnerability
PostgreSQL is prone to a buffer-overflow vulnerability because the application fails to perform adequate boundary checks on user-supplied data. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective righ...
PostgreSQL - 'bitsubstr' Buffer Overflow
source: https://www.securityfocus.com/bid/37973/info PostgreSQL is prone to a buffer-overflow vulnerability because the application fails to perform adequate boundary checks on user-supplied data. Attackers can exploit this issue to execute arbitrary code with elevated privileges or crash the...
postgresql -- bitsubstr overflow
BugTraq reports: PostgreSQL is prone to a buffer-overflow vulnerability because the application fails to perform adequate boundary checks on user-supplied data. Attackers can exploit this issue to execute arbitrary code with elevated privileges or crash the affected application...