Lucene search
Ubuntu.comUB:CVE-2007-2138HistoryApr 24, 2007 - 12:00 a.m.
CVE-2007-2138
2007-04-2400:00:00
ubuntu.com
ubuntu.com
11
6 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:S/C:P/I:P/A:P
0.004 Low
EPSS
Percentile
72.6%
Untrusted search path vulnerability in PostgreSQL before 7.3.19, 7.4.x
before 7.4.17, 8.0.x before 8.0.13, 8.1.x before 8.1.9, and 8.2.x before
8.2.4 allows remote authenticated users, when permitted to call a SECURITY
DEFINER function, to gain the privileges of the function owner, related to
“search_path settings.”
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| ubuntu | 6.06 | noarch | postgresql-8.1 | < 8.1.9-0ubuntu0.6.06 | UNKNOWN |
| ubuntu | 6.10 | noarch | postgresql-8.1 | < 8.1.9-0ubuntu0.6.10 | UNKNOWN |
| ubuntu | 7.10 | noarch | postgresql-8.1 | < 8.1.10-1 | UNKNOWN |
| ubuntu | 7.04 | noarch | postgresql-8.2 | < 8.2.4-0ubuntu0.7.04 | UNKNOWN |
| ubuntu | 7.10 | noarch | postgresql-8.2 | < 8.2.5-1 | UNKNOWN |
| ubuntu | 8.04 | noarch | postgresql-8.2 | < 8.2.5-1 | UNKNOWN |
Related
redhat
redhat
(RHSA-2007:0337) Moderate: postgresql security update
2007-05-03 00:00:00
(RHSA-2007:0336) Moderate: postgresql security update
2007-05-08 00:00:00
veracode
veracode
Untrusted Search Path
2020-04-10 00:13:56
openvas
openvas
Fedora Update for postgresql FEDORA-2007-0174
2009-02-27 00:00:00
Ubuntu Update for postgresql-8.1, postgresql-8.2 vulnerability USN-454-1
2009-03-23 00:00:00
Mandriva Update for postgresql MDKSA-2007:094 (postgresql)
2009-04-09 00:00:00
debian
debian
[SECURITY] [DSA 1311-1] New PostgreSQL 7.4 packages fix privilege escalation
2007-06-17 23:23:17
[SECURITY] [DSA 1309-1] New PostgreSQL 8.1 packages fix privilege escalation
2007-06-16 21:34:45
[SECURITY] [DLA-1874-1] postgresql-9.4 security update
2019-08-09 08:33:57
fedora
fedora
[SECURITY] Fedora 7 Update: postgresql-8.2.4-1.fc7
2007-06-06 03:02:26
[SECURITY] Fedora Core 6 Update: postgresql-8.1.9-1.fc6
2007-06-06 17:22:21
[SECURITY] Fedora Core 5 Update: postgresql-8.1.9-1.fc5
2007-06-06 17:24:23
nessus
nessus
RHEL 3 / 4 / 5 : postgresql (RHSA-2007:0336)
2007-05-10 00:00:00
Fedora Core 6 : postgresql-8.1.9-1.fc6 (2007-565)
2007-06-07 00:00:00
GLSA-200705-12 : PostgreSQL: Privilege escalation
2007-05-11 00:00:00
postgresql
postgresql
Vulnerability in core server (CVE-2007-2138)
2007-04-24 20:19:00
securityvulns
securityvulns
PostgreSQL privilege escalation
2007-04-24 00:00:00
rPSA-2007-0081-1 postgresql postgresql-server
2007-04-24 00:00:00
centos
centos
postgresql, rh security update
2007-05-08 16:27:32
gentoo
gentoo
PostgreSQL: Privilege escalation
2007-05-10 00:00:00
cve
cve
CVE-2007-2138
2007-04-24 20:19:00
prion
prion
Design/Logic Flaw
2007-04-24 20:19:00
ubuntu
ubuntu
PostgreSQL vulnerability
2007-04-27 00:00:00
freebsd
freebsd
archlinux
archlinux
[ASA-201908-8] postgresql: multiple issues
2019-08-10 00:00:00
[ASA-201908-7] postgresql-libs: multiple issues
2019-08-10 00:00:00
oraclelinux
oraclelinux
Moderate: postgresql security update
2007-05-08 00:00:00
6 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:S/C:P/I:P/A:P
0.004 Low
EPSS
Percentile
72.6%
Related for UB:CVE-2007-2138