Lucene search
UbuntuUSN-1058-1HistoryFeb 03, 2011 - 12:00 a.m.
PostgreSQL vulnerability
2011-02-0300:00:00
ubuntu.com
27
7.6 High
AI Score
Confidence
Low
6.5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:P/I:P/A:P
0.019 Low
EPSS
Percentile
88.3%
Releases
- Ubuntu 10.10
- Ubuntu 10.04
- Ubuntu 9.10
- Ubuntu 8.04
- Ubuntu 6.06
Packages
- postgresql-8.1 -
- postgresql-8.3 -
- postgresql-8.4 -
Details
Geoff Keating reported that a buffer overflow exists in the intarray
module’s input function for the query_int type. This could allow an
attacker to cause a denial of service or possibly execute arbitrary
code as the postgres user.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Ubuntu | 9.10 | noarch | postgresql-contrib-8.4 | < 8.4.7-0ubuntu0.9.10 | UNKNOWN |
| Ubuntu | 9.10 | noarch | libecpg-compat3 | < 8.4.7-0ubuntu0.9.10 | UNKNOWN |
| Ubuntu | 9.10 | noarch | libecpg-dev | < 8.4.7-0ubuntu0.9.10 | UNKNOWN |
| Ubuntu | 9.10 | noarch | libecpg6 | < 8.4.7-0ubuntu0.9.10 | UNKNOWN |
| Ubuntu | 9.10 | noarch | libpgtypes3 | < 8.4.7-0ubuntu0.9.10 | UNKNOWN |
| Ubuntu | 9.10 | noarch | libpq-dev | < 8.4.7-0ubuntu0.9.10 | UNKNOWN |
| Ubuntu | 9.10 | noarch | libpq5 | < 8.4.7-0ubuntu0.9.10 | UNKNOWN |
| Ubuntu | 9.10 | noarch | postgresql-8.4 | < 8.4.7-0ubuntu0.9.10 | UNKNOWN |
| Ubuntu | 9.10 | noarch | postgresql-client-8.4 | < 8.4.7-0ubuntu0.9.10 | UNKNOWN |
| Ubuntu | 9.10 | noarch | postgresql-plperl-8.4 | < 8.4.7-0ubuntu0.9.10 | UNKNOWN |
References
Related
nessus
nessus
Solaris 10 (sparc) : 138822-12 (deprecated)
2009-06-28 00:00:00
Scientific Linux Security Update : postgresql on SL4.x, SL5.x i386/x86_64
2012-08-01 00:00:00
securityvulns
securityvulns
PostgreSQL buffer overflow
2011-02-04 00:00:00
[SECURITY] [DSA-2157-1] PostgreSQL security update
2011-02-04 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 9 package postgresql12 version 9.0.3-alt1
2011-02-02 00:00:00
Security fix for the ALT Linux 8 package postgresql12 version 9.0.3-alt1
2011-02-02 00:00:00
Security fix for the ALT Linux 8 package postgresql9.6 version 9.0.3-alt1
2011-02-02 00:00:00
openvas
openvas
RedHat Update for postgresql84 RHSA-2011:0198-01
2011-02-04 00:00:00
Ubuntu: Security Advisory (USN-1058-1)
2011-02-04 00:00:00
PostgreSQL 'intarray' Module 'gettoken()' Buffer Overflow Vulnerability
2011-02-02 00:00:00
centos
centos
postgresql84 security update
2011-04-14 23:48:20
postgresql security update
2011-02-04 10:52:58
fedora
fedora
[SECURITY] Fedora 14 Update: postgresql-8.4.7-1.fc14
2011-02-07 19:59:27
[SECURITY] Fedora 13 Update: postgresql-8.4.7-1.fc13
2011-02-09 20:21:57
postgresql
postgresql
Vulnerability in contrib module (CVE-2010-4015)
2011-02-02 01:00:00
redhat
redhat
(RHSA-2011:0198) Moderate: postgresql84 security update
2011-02-03 00:00:00
(RHSA-2011:0197) Moderate: postgresql security update
2011-02-03 00:00:00
ubuntucve
ubuntucve
CVE-2010-4015
2011-02-01 00:00:00
debian
debian
[SECURITY] [DSA-2157-1] PostgreSQL security update
2011-02-03 20:11:01
cve
cve
CVE-2010-4015
2011-02-02 01:00:00
oraclelinux
oraclelinux
postgresql84 security update
2011-02-03 00:00:00
postgresql security update
2011-02-03 00:00:00
prion
prion
Buffer overflow
2011-02-02 01:00:00
veracode
veracode
Arbitrary Code Execution
2020-04-10 00:58:44
gentoo
gentoo
PostgreSQL: Multiple vulnerabilities
2011-10-25 00:00:00
7.6 High
AI Score
Confidence
Low
6.5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:P/I:P/A:P
0.019 Low
EPSS
Percentile
88.3%
Related for USN-1058-1