CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:P/I:P/A:P
EPSS
Percentile
78.6%
PostgreSQL 8.2 before 8.2.6, 8.1 before 8.1.11, 8.0 before 8.0.15, 7.4
before 7.4.19, and 7.3 before 7.3.21 uses superuser privileges instead of
table owner privileges for (1) VACUUM and (2) ANALYZE operations within
index functions, and supports (3) SET ROLE and (4) SET SESSION
AUTHORIZATION within index functions, which allows remote authenticated
users to gain privileges.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
ubuntu | 6.06 | noarch | postgresql-8.1 | < 8.1.11-0ubuntu0.6.06.1 | UNKNOWN |
ubuntu | 6.10 | noarch | postgresql-8.1 | < 8.1.11-0ubuntu0.6.10.1 | UNKNOWN |
ubuntu | 7.04 | noarch | postgresql-8.2 | < 8.2.6-0ubuntu0.7.04.1 | UNKNOWN |
ubuntu | 7.10 | noarch | postgresql-8.2 | < 8.2.6-0ubuntu0.7.10.1 | UNKNOWN |
ubuntu | 8.04 | noarch | postgresql-8.2 | < 8.2.6-1 | UNKNOWN |