openSUSE Security Update : postgresql (openSUSE-SU-2011:0254-1)

A buffer overflow in the intarray module potentially allowed attackers to execute arbitrary code as the user running postgresql CVE-2010-4015:CVSS v2 Base Score: 4.9. Additionally a possible log forging problem was fixed too. CVE-2010-4014 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The...

Mandriva Update for postgresql MDVSA-2011:021 (postgresql)

The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

PostgreSQL buffer overflow

Buffer overflow in intarray on large numbers parsing...

Ubuntu: Security Advisory (USN-1058-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian DSA-2157-1 : postgresql-8.3, postgresql-8.4, postgresql-9.0 - buffer overflow

It was discovered that PostgreSQL's intarray contrib module does not properly handle integers with a large number of digits, leading to a server crash and potentially arbitrary code execution. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this...

Ubuntu 6.06 LTS / 8.04 LTS / 9.10 / 10.04 LTS / 10.10 : postgresql-8.1, postgresql-8.3, postgresql-8.4 vulnerability (USN-1058-1)

Geoff Keating reported that a buffer overflow exists in the intarray module's input function for the queryint type. This could allow an attacker to cause a denial of service or possibly execute arbitrary code as the postgres user. Note that Tenable Network Security has extracted the preceding...

USN-1058-1: PostgreSQL vulnerability

Geoff Keating reported that a buffer overflow exists in the intarray module's input function for the queryint type. This could allow an attacker to cause a denial of service or possibly execute arbitrary code as the postgres user...

PostgreSQL: Stack-based buffer overflow by processing certain tokens from SQL query string when intarray module enabled

Buffer overflow in the gettoken function in contrib/intarray/intbool.c in the intarray array module in PostgreSQL 9.0.x before 9.0.3, 8.4.x before 8.4.7, 8.3.x before 8.3.14, and 8.2.x before 8.2.20 allows remote authenticated users to cause a denial of service crash and possibly execute arbitrar...

PostgreSQL: Stack-based buffer overflow by processing certain tokens from SQL query string when intarray module enabled

Buffer overflow in the gettoken function in contrib/intarray/intbool.c in the intarray array module in PostgreSQL 9.0.x before 9.0.3, 8.4.x before 8.4.7, 8.3.x before 8.3.14, and 8.2.x before 8.2.20 allows remote authenticated users to cause a denial of service crash and possibly execute arbitrar...

[SECURITY] [DSA-2157-1] PostgreSQL security update

------------------------------------------------------------------------- Debian Security Advisory DSA-2157-1 [email protected] http://www.debian.org/security/ Florian Weimer February 03, 2011 http://www.debian.org/security/faq -...

Buffer overflow

Buffer overflow in the gettoken function in contrib/intarray/intbool.c in the intarray array module in PostgreSQL 9.0.x before 9.0.3, 8.4.x before 8.4.7, 8.3.x before 8.3.14, and 8.2.x before 8.2.20 allows remote authenticated users to cause a denial of service crash and possibly execute arbitrar...

PostgreSQL 'intarray' Module 'gettoken()' Buffer Overflow Vulnerability

PostgreSQL is prone to a buffer-overflow vulnerability because the application fails to perform adequate boundary checks on user-supplied data. The issue affects the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C ...

CVE-2010-4015

CVE-2010-4015 is a vulnerability in PostgreSQL’s intarray module: a buffer overflow in gettoken() (contrib/intarray/_int_bool.c) could be triggered by integers with a large number of digits. Affected products/versions include PostgreSQL 9.0.x before 9.0.3, 8.4.x before 8.4.7, 8.3.x before 8.3.14,...

Vulnerability in contrib module (CVE-2010-4015)

An authenticated database user can cause a buffer overrun by calling functions from the intarray optional module with certain parameters...

CVE-2010-4015

Buffer overflow in the gettoken function in contrib/intarray/intbool.c in the intarray array module in PostgreSQL 9.0.x before 9.0.3, 8.4.x before 8.4.7, 8.3.x before 8.3.14, and 8.2.x before 8.2.20 allows remote authenticated users to cause a denial of service crash and possibly execute arbitrar...