EUVD-2010-1200

Malware in sbrugna...

SUSE CVE-2010-1170

The PL/Tcl implementation in PostgreSQL 7.4 before 7.4.29, 8.0 before 8.0.25, 8.1 before 8.1.21, 8.2 before 8.2.17, 8.3 before 8.3.11, 8.4 before 8.4.4, and 9.0 Beta before 9.0 Beta 2 loads Tcl code from the pltclmodules table regardless of the table's ownership and permissions, which allows remo...

Remote Code Execution (RCE)

PostgreSQL is vulnerable to remote code execution RCE. Due to a flaw found in the way PostgreSQL enforced permission checks on scripts written in PL/Tcl, if the PL/Tcl procedural language was registered on a particular database, an authenticated database user running a specially-crafted PL/Tcl...

Oracle Linux 5 : postgresql (ELSA-2010-0429)

The remote Oracle Linux 5 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2010-0429 advisory. 8.1.21-1.el55.1 - Update to PostgreSQL 8.1.21 to fix CVE-2010-1169, CVE-2010-1170, CVE-2009-4136, CVE-2010-0733, CVE-2010-0442, and assorted other bugs...

Scientific Linux Security Update : postgresql84 on SL5.x i386/x86_64

A flaw was found in the way PostgreSQL enforced permission checks on scripts written in PL/Perl. If the PL/Perl procedural language was registered on a particular database, an authenticated database user running a specially crafted PL/Perl script could use this flaw to bypass intended PL/Perl...

Scientific Linux Security Update : postgresql and postgresql84 on SL4.x, SL5.x i386/x86_64

It was discovered that a user could utilize the features of the PL/Perl and PL/Tcl languages to modify the behavior of a SECURITY DEFINER function created by a different user. If the PL/Perl or PL/Tcl language was used to implement a SECURITY DEFINER function, an authenticated database user could...

Scientific Linux Security Update : postgresql on SL6.x i386/x86_64

It was discovered that a user could utilize the features of the PL/Perl andaPL/Tcl languages to modify the behavior of a SECURITY DEFINER functionacreated by a different user. If the PL/Perl or PL/Tcl language was used toaimplement a SECURITY DEFINER function, an authenticated database user...

Scientific Linux Security Update : postgresql on SL3.x, SL4.x, SL5.x i386/x86_64

PostgreSQL is an advanced object-relational database management system DBMS. PL/Perl and PL/Tcl allow users to write PostgreSQL functions in the Perl and Tcl languages, and are installed in trusted mode by default. In trusted mode, certain operations, such as operating system level access, are...

CentOS Update for postgresql84 CESA-2010:0430 centos5 i386

Check for the Version of postgresql84 OpenVAS Vulnerability Test CentOS Update for postgresql84 CESA-2010:0430 centos5 i386 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or...

Moderate: Red Hat Security Advisory: postgresql security update

Updated postgresql packages that fix one security issue are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

Ubuntu Update for postgresql-8.4 vulnerability USN-1002-2

Ubuntu Update for Linux kernel vulnerabilities USN-1002-2 OpenVAS Vulnerability Test $Id: gbubuntuUSN10022.nasl 7965 2017-12-01 07:38:25Z santu $ Ubuntu Update for postgresql-8.4 vulnerability USN-1002-2 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH,...

Ubuntu Update for PostgreSQL vulnerability USN-1002-1

Ubuntu Update for Linux kernel vulnerabilities USN-1002-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN10021.nasl 7965 2017-12-01 07:38:25Z santu $ Ubuntu Update for PostgreSQL vulnerability USN-1002-1 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH,...

SuSE 10 Security Update : postgresql (ZYPP Patch Number 7053)

This update of postgresql fixes several minor security vulnerabilities : - Postgresql does not properly check privileges during certain RESET ALL operations, which allows remote authenticated users to remove arbitrary parameter settings. CVE-2010-1975 - The PL/Tcl implementation in postgresql loa...

BSA-005 Security Update for postgresql-8.4

Gerfried Fuchs uploaded new packages for postgresql-8.4 which fixed the following security problem: CVE-2010-3433 The PL/perl and PL/Tcl implementations in PostgreSQL 7.4 before 7.4.30, 8.0 before 8.0.26, 8.1 before 8.1.22, 8.2 before 8.2.18, 8.3 before 8.3.12, 8.4 before 8.4.5, and 9.0 before...

Ubuntu 10.10 : postgresql-8.4 vulnerability (USN-1002-2)

USN-1002-1 fixed vulnerabilities in PostgreSQL. This update provides the corresponding update for Ubuntu 10.10. It was discovered that PostgreSQL did not properly enforce permissions within sessions when PL/Perl and PL/Tcl functions or operators were redefined. A remote authenticated attacker cou...

Ubuntu 6.06 LTS / 8.04 LTS / 9.04 / 9.10 / 10.04 LTS : postgresql-8.1, postgresql-8.3, postgresql-8.4 vulnerability (USN-1002-1)

It was discovered that PostgreSQL did not properly enforce permissions within sessions when PL/Perl and PL/Tcl functions or operators were redefined. A remote authenticated attacker could exploit this to execute arbitrary code with permissions of a different user, possibly leading to privilege...

USN-1002-2: PostgreSQL vulnerability

USN-1002-1 fixed vulnerabilities in PostgreSQL. This update provides the corresponding update for Ubuntu 10.10. Original advisory details: It was discovered that PostgreSQL did not properly enforce permissions within sessions when PL/Perl and PL/Tcl functions or operators were redefined. A remote...

USN-1002-1: PostgreSQL vulnerability

It was discovered that PostgreSQL did not properly enforce permissions within sessions when PL/Perl and PL/Tcl functions or operators were redefined. A remote authenticated attacker could exploit this to execute arbitrary code with permissions of a different user, possibly leading to privilege...

CentOS 4 / 5 : postgresql / postgresql84 (CESA-2010:0742)

Updated postgresql and postgresql84 packages that fix one security issue are now available for Red Hat Enterprise Linux 4 and 5. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detail...

RHEL 4 / 5 : postgresql and postgresql84 (RHSA-2010:0742)

Updated postgresql and postgresql84 packages that fix one security issue are now available for Red Hat Enterprise Linux 4 and 5. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detail...