Lucene search
UbuntuUSN-1717-1HistoryFeb 12, 2013 - 12:00 a.m.
PostgreSQL vulnerability
2013-02-1200:00:00
ubuntu.com
27
9.4 High
AI Score
Confidence
High
6.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:L/Au:S/C:N/I:N/A:C
0.016 Low
EPSS
Percentile
87.4%
Releases
- Ubuntu 12.10
- Ubuntu 12.04
- Ubuntu 11.10
- Ubuntu 10.04
- Ubuntu 8.04
Packages
- postgresql-8.3 - Object-relational SQL database
- postgresql-8.4 - Object-relational SQL database
- postgresql-9.1 - Object-relational SQL database
Details
Sumit Soni discovered that PostgreSQL incorrectly handled calling a certain
internal function with invalid arguments. An authenticated attacker could
use this issue to cause PostgreSQL to crash, resulting in a denial of
service.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Ubuntu | 8.04 | noarch | postgresql-8.3 | < 8.3.23-0ubuntu8.04 | UNKNOWN |
| Ubuntu | 8.04 | noarch | libecpg-compat3 | < 8.3.23-0ubuntu8.04 | UNKNOWN |
| Ubuntu | 8.04 | noarch | libecpg-dev | < 8.3.23-0ubuntu8.04 | UNKNOWN |
| Ubuntu | 8.04 | noarch | libecpg6 | < 8.3.23-0ubuntu8.04 | UNKNOWN |
| Ubuntu | 8.04 | noarch | libpgtypes3 | < 8.3.23-0ubuntu8.04 | UNKNOWN |
| Ubuntu | 8.04 | noarch | libpq-dev | < 8.3.23-0ubuntu8.04 | UNKNOWN |
| Ubuntu | 8.04 | noarch | libpq5 | < 8.3.23-0ubuntu8.04 | UNKNOWN |
| Ubuntu | 8.04 | noarch | postgresql-client-8.3 | < 8.3.23-0ubuntu8.04 | UNKNOWN |
| Ubuntu | 8.04 | noarch | postgresql-contrib-8.3 | < 8.3.23-0ubuntu8.04 | UNKNOWN |
| Ubuntu | 8.04 | noarch | postgresql-plperl-8.3 | < 8.3.23-0ubuntu8.04 | UNKNOWN |
References
Related
nessus
nessus
Debian DSA-2630-1 : postgresql-8.4 - programming error
2013-02-21 00:00:00
PostgreSQL 8.3 < 8.3.23 / 8.4 < 8.4.16 / 9.0 < 9.0.12 / 9.1 < 9.1.8 / 9.2 < 9.2.3 Denial of Service
2013-02-18 00:00:00
Mandriva Linux Security Advisory : postgresql (MDVSA-2013:012)
2013-02-17 00:00:00
openvas
openvas
Fedora Update for postgresql FEDORA-2013-2123
2013-02-15 00:00:00
Ubuntu Update for postgresql-9.1 USN-1717-1
2013-02-15 00:00:00
Ubuntu Update for postgresql-9.1 USN-1717-1
2013-02-15 00:00:00
threatpost
threatpost
PostgreSQL Patches DOS Vulnerability, Other Security Issues
2013-02-07 19:40:11
fedora
fedora
[SECURITY] Fedora 18 Update: postgresql-9.2.3-1.fc18
2013-02-11 04:53:51
[SECURITY] Fedora 18 Update: postgresql-9.2.4-1.fc18
2013-04-05 22:59:41
[SECURITY] Fedora 17 Update: postgresql-9.1.8-1.fc17
2013-02-17 03:30:04
debian
debian
[SECURITY] [DSA 2630-1] postgresql-8.4 security update
2013-02-20 21:03:23
cve
cve
CVE-2013-0255
2013-02-13 01:55:00
postgresql
postgresql
Vulnerability in core server (CVE-2013-0255)
2013-02-13 01:55:00
prion
prion
Out-of-bounds
2013-02-13 01:55:00
ubuntucve
ubuntucve
CVE-2013-0255
2013-02-07 00:00:00
veracode
veracode
Denial Of Service
2019-01-15 09:01:23
securityvulns
securityvulns
PostgreSQL information leakage
2013-02-18 00:00:00
oraclelinux
oraclelinux
postgresql and postgresql84 security update
2013-10-29 00:00:00
amazon
amazon
Medium: postgresql8
2013-11-03 12:09:00
centos
centos
postgresql, postgresql84 security update
2013-10-29 20:28:29
redhat
redhat
(RHSA-2013:1475) Moderate: postgresql and postgresql84 security update
2013-10-29 00:00:00
gentoo
gentoo
PostgreSQL: Multiple vulnerabilities
2014-08-29 00:00:00
oracle
oracle
Oracle Critical Patch Update - October 2017
2017-10-17 00:00:00
9.4 High
AI Score
Confidence
High
6.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:L/Au:S/C:N/I:N/A:C
0.016 Low
EPSS
Percentile
87.4%
Related for USN-1717-1