Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
seebugRootSSV:19669
HistoryMay 21, 2010 - 12:00 a.m.

PostgreSQL RESET ALL操作不安全权限检查漏洞

2010-05-2100:00:00
Root
www.seebug.org
61

0.003 Low

EPSS

Percentile

68.3%

JSON

BUGTRAQ ID: 40304
CVE ID: CVE-2010-1975

PostgreSQL是一款高级对象-关系型数据库管理系统,支持扩展的SQL标准子集。

PostgreSQL在执行某些RESET ALL操作期间没有正确地执行权限检查,通过认证的远程用户可以通过ALTER USER或ALTER DATABASE语句删除任意参数设置。

PostgreSQL 8.4
PostgreSQL 8.3
PostgreSQL 8.2
PostgreSQL 8.1
PostgreSQL 8.0
PostgreSQL 7.4
厂商补丁:

PostgreSQL

目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:

http://www.postgresql.org/support/security

Related

veracode 1
postgresql 1
prion 1
openvas 12
cve 1
ubuntucve 1
redhat 3
centos 3
debian 3
ubuntu 1
nessus 19
oraclelinux 3
osv 1
gentoo 1
veracode
veracode
Denial Of Service (DoS)
2020-04-10 00:48:53
postgresql
postgresql
Vulnerability in core server (CVE-2010-1975)
2010-05-19 18:30:00
prion
prion
Code injection
2010-05-19 18:30:00
openvas
openvas
PostgreSQL 'RESET ALL' Unauthorized Access Vulnerability
2010-05-21 00:00:00
Oracle: Security Advisory (ELSA-2010-0430)
2015-10-06 00:00:00
Ubuntu: Security Advisory (USN-942-1)
2010-05-28 00:00:00
cve
cve
CVE-2010-1975
2010-05-19 18:30:00
ubuntucve
ubuntucve
CVE-2010-1975
2010-05-18 00:00:00
redhat
redhat
(RHSA-2010:0430) Moderate: postgresql84 security update
2010-05-19 00:00:00
(RHSA-2010:0428) Moderate: postgresql security update
2010-05-19 00:00:00
(RHSA-2010:0429) Moderate: postgresql security update
2010-05-19 00:00:00
centos
centos
postgresql84 security update
2010-05-28 10:47:00
postgresql security update
2010-05-21 22:22:02
postgresql security update
2010-05-28 10:45:13
debian
debian
[Backports-security-announce] Security Update for postgresql-8.4
2010-05-25 11:24:49
[Backports-security-announce] Security Update for postgresql-8.4
2010-05-25 11:30:45
[SECURITY] [DSA 2051-1] New postgresql-8.3 packages fix several vulnerabilities
2010-05-24 16:00:34
ubuntu
ubuntu
PostgreSQL vulnerabilities
2010-05-21 00:00:00
nessus
nessus
PostgreSQL 7.4 < 7.4.29 / 8.0 < 8.0.25 / 8.1 < 8.1.21 / 8.2 < 8.2.17 / 8.3 < 8.3.11 / 8.4 < 8.4.4 Multiple Vulnerabilities
2012-12-28 00:00:00
RHEL 5 : postgresql84 (RHSA-2010:0430)
2010-05-20 00:00:00
Oracle Linux 5 : postgresql84 (ELSA-2010-0430)
2013-07-12 00:00:00
oraclelinux
oraclelinux
postgresql84 security update
2010-05-19 00:00:00
postgresql security update
2010-05-19 00:00:00
postgresql security update
2010-05-19 00:00:00
osv
osv
postgresql-8.3 - several
2010-05-24 00:00:00
gentoo
gentoo
PostgreSQL: Multiple vulnerabilities
2011-10-25 00:00:00

0.003 Low

EPSS

Percentile

68.3%

JSON
Related for SSV:19669
veracode1postgresql1prion1openvas12cve1ubuntucve1redhat3centos3debian3ubuntu1nessus19oraclelinux3osv1gentoo1