Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ubuntucveUbuntu.comUB:CVE-2007-3278
HistoryJun 19, 2007 - 12:00 a.m.

CVE-2007-3278

2007-06-1900:00:00
ubuntu.com
ubuntu.com
9

6.9 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

0.002 Low

EPSS

Percentile

61.7%

JSON

PostgreSQL 8.1 and probably later versions, when local trust authentication
is enabled and the Database Link library (dblink) is installed, allows
remote attackers to access arbitrary accounts and execute arbitrary SQL
queries via a dblink host parameter that proxies the connection from
127.0.0.1.

Related

prion 2
cve 2
veracode 1
ubuntucve 1
redhat 3
nessus 13
openvas 25
securityvulns 3
centos 2
osv 2
debian 2
gentoo 1
oraclelinux 1
ubuntu 1
prion
prion
Sql injection
2007-06-19 21:30:00
Authentication flaw
2008-01-09 21:46:00
cve
cve
CVE-2007-3278
2007-06-19 21:30:00
CVE-2007-6601
2008-01-09 21:46:00
veracode
veracode
Privilege Escalation
2020-04-10 00:19:39
ubuntucve
ubuntucve
CVE-2007-6601
2008-01-09 00:00:00
redhat
redhat
(RHSA-2008:0039) Moderate: postgresql security update
2008-01-11 00:00:00
(RHSA-2008:0040) Moderate: postgresql security update
2008-02-01 00:00:00
(RHSA-2008:0038) Moderate: postgresql security update
2008-01-11 00:00:00
nessus
nessus
Mandrake Linux Security Advisory : postgresql (MDKSA-2007:188)
2007-09-26 00:00:00
CentOS 3 : postgresql (CESA-2008:0039)
2008-01-14 00:00:00
RHEL 3 : postgresql (RHSA-2008:0039)
2008-01-14 00:00:00
openvas
openvas
CentOS Update for rh-postgresql CESA-2008:0039 centos3 i386
2009-02-27 00:00:00
Mandriva Update for postgresql MDKSA-2007:188 (postgresql)
2009-04-09 00:00:00
RedHat Update for postgresql RHSA-2008:0039-01
2009-03-06 00:00:00
securityvulns
securityvulns
PostgreSQL dblink library multiple security vulnerabilities
2007-09-26 00:00:00
[ MDKSA-2007:188 ] - Updated postgresql packages prevent access abuse using dblink
2007-09-26 00:00:00
PostgreSQL 2007-01-07 Cumulative Security Release
2008-01-08 00:00:00
centos
centos
rh security update
2008-01-11 14:31:56
postgresql security update
2008-01-11 15:27:05
osv
osv
postgresql-8.1 - several
2008-01-13 00:00:00
postgresql-7.4 - several
2008-01-14 00:00:00
debian
debian
[SECURITY] [DSA 1463-1] New postgresql-7.4 packages fix several vulnerabilities
2008-01-14 18:52:18
[SECURITY] [DSA 1460-1] New postgresql-8.1 packages fix several vulnerabilities
2008-01-13 15:45:28
gentoo
gentoo
PostgreSQL: Multiple vulnerabilities
2008-01-29 00:00:00
oraclelinux
oraclelinux
Moderate: postgresql security update
2008-01-11 00:00:00
ubuntu
ubuntu
PostgreSQL vulnerabilities
2008-01-14 00:00:00

6.9 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

0.002 Low

EPSS

Percentile

61.7%

JSON
Related for UB:CVE-2007-3278
prion2cve2veracode1ubuntucve1redhat3nessus13openvas25securityvulns3centos2osv2debian2gentoo1oraclelinux1ubuntu1