postgresql: substring() negative length argument buffer overflow

The bitsubstr function in backend/utils/adt/varbit.c in PostgreSQL 8.0.23, 8.1.11, and 8.3.8 allows remote authenticated users to cause a denial of service daemon crash or have unspecified other impact via vectors involving a negative integer in the third argument, as demonstrated by a SELECT...

PT-2010-2206 · Postgresql +1 · Postgresql +1

Name of the Vulnerable Software and Affected Versions: PostgreSQL versions 8.0.23 through 8.3.8 Description: The issue allows remote authenticated users to cause a denial of service or have unspecified other impact via vectors involving a negative integer in the third argument of the bitsubstr...