Lucene search
K

51 matches found

Prion
Prion
added 2009/09/29 9:30 p.m.26 views

Authorization

IBM DB2 9.1 before FP8 does not require the SETSESSIONUSER privilege for the SET SESSION AUTHORIZATION statement, which has unspecified impact and remote attack vectors...

10CVSS7.2AI score0.02006EPSS
Exploits0References5Affected Software1
NVD
NVD
added 2009/09/29 9:30 p.m.32 views

CVE-2009-3473

IBM DB2 9.1 before FP8 does not require the SETSESSIONUSER privilege for the SET SESSION AUTHORIZATION statement, which has unspecified impact and remote attack vectors...

10CVSS6.5AI score0.02006EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2008/02/01 2:55 p.m.15 views

PostgreSQL privilege escalation

PostgreSQL 8.2 before 8.2.6, 8.1 before 8.1.11, 8.0 before 8.0.15, 7.4 before 7.4.19, and 7.3 before 7.3.21 uses superuser privileges instead of table owner privileges for 1 VACUUM and 2 ANALYZE operations within index functions, and supports 3 SET ROLE and 4 SET SESSION AUTHORIZATION within inde...

6.5CVSS7.4AI score0.03098EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2008/01/15 12:0 a.m.33 views

Ubuntu 6.06 LTS / 6.10 / 7.04 / 7.10 : postgresql vulnerabilities (USN-568-1)

Nico Leidecker discovered that PostgreSQL did not properly restrict dblink functions. An authenticated user could exploit this flaw to access arbitrary accounts and execute arbitrary SQL queries. CVE-2007-3278, CVE-2007-6601 It was discovered that the TCL regular expression parser used by...

7.2CVSS8.2AI score0.03855EPSS
Exploits3References7
RedHat Linux
RedHat Linux
added 2008/01/11 12:44 p.m.6 views

PostgreSQL privilege escalation

PostgreSQL 8.2 before 8.2.6, 8.1 before 8.1.11, 8.0 before 8.0.15, 7.4 before 7.4.19, and 7.3 before 7.3.21 uses superuser privileges instead of table owner privileges for 1 VACUUM and 2 ANALYZE operations within index functions, and supports 3 SET ROLE and 4 SET SESSION AUTHORIZATION within inde...

6.5CVSS7.4AI score0.03098EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2008/01/11 12:37 p.m.7 views

PostgreSQL privilege escalation

PostgreSQL 8.2 before 8.2.6, 8.1 before 8.1.11, 8.0 before 8.0.15, 7.4 before 7.4.19, and 7.3 before 7.3.21 uses superuser privileges instead of table owner privileges for 1 VACUUM and 2 ANALYZE operations within index functions, and supports 3 SET ROLE and 4 SET SESSION AUTHORIZATION within inde...

6.5CVSS7.4AI score0.03098EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2008/01/09 9:46 p.m.31 views

CVE-2007-6600

PostgreSQL 8.2 before 8.2.6, 8.1 before 8.1.11, 8.0 before 8.0.15, 7.4 before 7.4.19, and 7.3 before 7.3.21 uses superuser privileges instead of table owner privileges for 1 VACUUM and 2 ANALYZE operations within index functions, and supports 3 SET ROLE and 4 SET SESSION AUTHORIZATION within inde...

6.5CVSS7.2AI score0.03098EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2006/03/13 12:0 a.m.24 views

Ubuntu 4.10 / 5.04 / 5.10 : postgresql-7.4, postgresql-8.0, postgresql vulnerability (USN-258-1)

Akio Ishida discovered that the SET SESSION AUTHORIZATION command did not properly verify the validity of its argument. An authenticated PostgreSQL user could exploit this to crash the server. However, this does not affect the official binary Ubuntu packages. The crash can only be triggered if th...

1.5CVSS5.5AI score0.00333EPSS
Exploits0References1
Ubuntu
Ubuntu
added 2006/02/27 6:45 p.m.39 views

USN-258-1: PostgreSQL vulnerability

Akio Ishida discovered that the SET SESSION AUTHORIZATION command did not properly verify the validity of its argument. An authenticated PostgreSQL user could exploit this to crash the server. However, this does not affect the official binary Ubuntu packages. The crash can only be triggered if th...

1.5CVSS5.3AI score0.00333EPSS
Exploits0
securityvulns
securityvulns
added 2006/02/16 12:0 a.m.59 views

PostgreSQL privilege escalation

With SET ROLE or SET SESSION AUTHORIZATION it's possible to elevate privileges to any database acccount, including superuser or cause database engine crash...

3.1AI score
Exploits0References1Affected Software1
PostrgeSql
PostrgeSql
added 2006/02/14 7:0 p.m.63 views

Vulnerability in core server (CVE-2006-0678)

A bug in the handling of SET SESSION AUTHORIZATION can cause a backend crash in Assert enabled builds. This will cause the postmaster to restart all backend, resulting in a denial of service. A valid login is required to exploit this vulnerability...

1.5CVSS5.9AI score0.00333EPSS
Exploits0Affected Software1
Rows per page
Query Builder