Lucene search
UbuntuUSN-933-1HistoryApr 28, 2010 - 12:00 a.m.
PostgreSQL vulnerability
2010-04-2800:00:00
ubuntu.com
30
6.1 Medium
AI Score
Confidence
Low
6.5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:P/I:P/A:P
0.96 High
EPSS
Percentile
99.5%
Releases
- Ubuntu 9.10
- Ubuntu 9.04
- Ubuntu 8.04
- Ubuntu 6.06
Packages
- postgresql-8.1 -
- postgresql-8.3 -
- postgresql-8.4 -
Details
It was discovered that PostgreSQL did not properly sanitize its input when
using substring() with a SELECT statement. A remote authenticated attacker
could exploit this to cause a denial of service via application crash.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Ubuntu | 9.10 | noarch | postgresql-8.4 | <Β 8.4.3-0ubuntu9.10.1 | UNKNOWN |
| Ubuntu | 9.10 | noarch | libecpg-compat3 | <Β 8.4.3-0ubuntu9.10.1 | UNKNOWN |
| Ubuntu | 9.10 | noarch | libecpg-dev | <Β 8.4.3-0ubuntu9.10.1 | UNKNOWN |
| Ubuntu | 9.10 | noarch | libecpg6 | <Β 8.4.3-0ubuntu9.10.1 | UNKNOWN |
| Ubuntu | 9.10 | noarch | libpgtypes3 | <Β 8.4.3-0ubuntu9.10.1 | UNKNOWN |
| Ubuntu | 9.10 | noarch | libpq-dev | <Β 8.4.3-0ubuntu9.10.1 | UNKNOWN |
| Ubuntu | 9.10 | noarch | libpq5 | <Β 8.4.3-0ubuntu9.10.1 | UNKNOWN |
| Ubuntu | 9.10 | noarch | postgresql-client-8.4 | <Β 8.4.3-0ubuntu9.10.1 | UNKNOWN |
| Ubuntu | 9.10 | noarch | postgresql-contrib-8.4 | <Β 8.4.3-0ubuntu9.10.1 | UNKNOWN |
| Ubuntu | 9.10 | noarch | postgresql-plperl-8.4 | <Β 8.4.3-0ubuntu9.10.1 | UNKNOWN |
References
Related
prion
prion
Buffer overflow
2010-02-02 18:30:00
checkpoint_advisories
checkpoint_advisories
PostgreSQL Bit Substring Buffer Overflow (CVE-2010-0442)
2010-09-28 00:00:00
securityvulns
securityvulns
PostgreSQL DoS
2010-04-29 00:00:00
[USN-933-1] PostgreSQL vulnerability
2010-04-29 00:00:00
openvas
openvas
PostgreSQL 'bitsubstr' Buffer Overflow Vulnerability
2010-01-28 00:00:00
Ubuntu: Security Advisory (USN-933-1)
2010-04-30 00:00:00
Ubuntu Update for PostgreSQL vulnerability USN-933-1
2010-04-30 00:00:00
freebsd
freebsd
postgresql -- bitsubstr overflow
2010-01-27 00:00:00
seebug
seebug
PostgreSQL bitsubstrε½ζ°θΏη¨ζΊ’εΊζΌζ΄
2010-01-29 00:00:00
ubuntucve
ubuntucve
CVE-2010-0442
2010-02-02 00:00:00
cve
cve
CVE-2010-0442
2010-02-02 18:30:00
nessus
nessus
FreeBSD : postgresql -- bitsubstr overflow (e050119b-3856-11df-b2b2-002170daae37)
2010-03-26 00:00:00
Ubuntu 6.06 LTS / 8.04 LTS / 9.04 / 9.10 : postgresql-8.1, postgresql-8.3, postgresql-8.4 vulnerability (USN-933-1)
2010-04-29 00:00:00
Mandriva Linux Security Advisory : postgresql (MDVSA-2010:103)
2010-05-21 00:00:00
veracode
veracode
Denial Of Service (DoS)
2020-04-10 00:48:51
debian
debian
redhat
redhat
(RHSA-2010:0427) Moderate: postgresql security update
2010-05-19 00:00:00
(RHSA-2010:0429) Moderate: postgresql security update
2010-05-19 00:00:00
(RHSA-2010:0428) Moderate: postgresql security update
2010-05-19 00:00:00
centos
centos
rh security update
2010-05-21 22:01:26
postgresql security update
2010-05-28 10:45:13
postgresql security update
2010-05-21 22:22:02
oraclelinux
oraclelinux
postgresql security update
2010-05-19 00:00:00
postgresql security update
2010-05-19 00:00:00
postgresql security update
2010-05-19 00:00:00
osv
osv
postgresql-8.3 - several
2010-05-24 00:00:00
gentoo
gentoo
PostgreSQL: Multiple vulnerabilities
2011-10-25 00:00:00
6.1 Medium
AI Score
Confidence
Low
6.5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:P/I:P/A:P
0.96 High
EPSS
Percentile
99.5%
Related for USN-933-1