[SA15217] PostgreSQL Character Conversion and tsearch2 Module Vulnerabilities

---------------------------------------------------------------------- Want a new IT Security job? Vacant positions at Secunia: http://secunia.com/secuniavacancies/ ---------------------------------------------------------------------- TITLE: PostgreSQL Character Conversion and tsearch2 Module...

CVE-2005-1409

PostgreSQL 7.3.x through 8.0.x gives public EXECUTE access to certain character conversion functions, which allows unprivileged users to call those functions with malicious values, with unknown impact, aka the "Character conversion vulnerability."...

CVE-2005-1409

PostgreSQL 7.3.x through 8.0.x gives public EXECUTE access to certain character conversion functions, which allows unprivileged users to call those functions with malicious values, with unknown impact, aka the "Character conversion vulnerability."...

CVE-2005-1410

The tsearch2 module in PostgreSQL 7.4 through 8.0.x declares the 1 dexinit, 2 snbeninit, 3 snbruinit, 4 spellinit, and 5 syninit functions as "internal" even when they do not take an internal argument, which allows attackers to cause a denial of service application crash and possibly have other...

CVE-2005-1409

PostgreSQL 7.3.x through 8.0.x gives public EXECUTE access to certain character conversion functions, which allows unprivileged users to call those functions with malicious values, with unknown impact, aka the "Character conversion vulnerability."...

CVE-2005-1410

The connected documents confirm CVE-2005-1410 affects the PostgreSQL tsearch2 module (versions 7.4–8.0.x). The root cause is misdeclaring several tsearch2 functions as internal when they do not take an internal argument, enabling SQL calls to other internal-argument functions and potentially caus...

CVE-2005-1409

The CVE-2005-1409 issue concerns PostgreSQL 7.3.x–8.0.x where public EXECUTE access was granted to specific character conversion functions, allowing unprivileged users to invoke those functions with crafted values. The initial description notes the impact as unknown. Connected advisories (RHSA-20...

CVE-2005-0227

PostgreSQL pgsql 7.4.x, 7.2.x, and other versions allows local users to load arbitrary shared libraries and execute code via the LOAD extension...

CVE-2005-0244

PostgreSQL 8.0.0 and earlier allows local users to bypass the EXECUTE permission check for functions by using the CREATE AGGREGATE command...

CVE-2005-0246

The intagg contrib module for PostgreSQL 8.0.0 and earlier allows attackers to cause a denial of service crash via crafted arrays...

CVE-2005-0227

PostgreSQL pgsql 7.4.x, 7.2.x, and other versions allows local users to load arbitrary shared libraries and execute code via the LOAD extension...

CVE-2005-0247

Multiple buffer overflows in gram.y for PostgreSQL 8.0.1 and earlier may allow attackers to execute arbitrary code via 1 a large number of variables in a SQL statement being handled by the readsqlconstruct function, 2 a large number of INTO variables in a SELECT statement being handled by the...

CVE-2005-0247

Multiple buffer overflows in gram.y for PostgreSQL 8.0.1 and earlier may allow attackers to execute arbitrary code via 1 a large number of variables in a SQL statement being handled by the readsqlconstruct function, 2 a large number of INTO variables in a SELECT statement being handled by the...

postgresql -- character conversion and tsearch2 vulnerabilities

The postgresql development team reports: The more severe of the two errors is that the functions that support client-to-server character set conversion can be called from SQL commands by unprivileged users, but these functions are not designed to be safe against malicious choices of argument...

CVE-2002-1657

PostgreSQL uses the username for a salt when generating passwords, which makes it easier for remote attackers to guess passwords via a brute force attack...

CVE-2002-1657

CVE-2002-1657 affects PostgreSQL where the username is used as the salt when password hashing. This design choice can lower password strength and enable remote attackers to perform brute-force password guessing more easily, potentially compromising authentication. Available connected sources conf...

PostgreSQL weak cryptography

Username is used as a salt for MD5-hashed passwords. In addition, during authentication hash may be used directly without knowledge of cleartext password...

SUSE-SA:2005:027: postgresql

The remote host is missing the patch for the advisory SUSE-SA:2005:027 postgresql. Several problems were identified and fixed in the PostgreSQL database server. Multiple buffer overflows in the low level parsing routines may allow attackers to execute arbitrary code via: 1 a large number of...

PostgreSQL database array overflow

Array overflow on large number of variables in plpgsql...

PostgreSQL <= 8.01 Remote Reboot Denial of Service Exploit

Exploit for multiple platform in category dos / poc ========================================================== PostgreSQL include include include include include define DEFAULTPORT "5321" define DEFAULTDB "postgresql" define FUNCNAME "uKttest" define TABLENAME "unl0cktable" char str4000; char...