Regular Expression Denial Of Service (ReDoS)

🗓️ 15 Jan 2019 08:52:38Reported by Veracode Vulnerability DatabaseType

tcl vulnerability to ReDoS attack in PostgreSQ

Reporter	Title	Published	Views	Family All 142
Tenable Nessus	PostgreSQL Multiple Vulnerabilities	7 Jan 200800:00	–	nessus
Tenable Nessus	CentOS 4 / 5 : postgresql (CESA-2008:0038)	14 Jan 200800:00	–	nessus
Tenable Nessus	CentOS 3 : tcltk (CESA-2008:0134)	25 Feb 200800:00	–	nessus
Tenable Nessus	CentOS 5 : tcl (CESA-2013:0122)	17 Jan 201300:00	–	nessus
Tenable Nessus	Debian DSA-1460-1 : postgresql-8.1 - several vulnerabilities	14 Jan 200800:00	–	nessus
Tenable Nessus	Debian DSA-1463-1 : postgresql-7.4 - several vulnerabilities	15 Jan 200800:00	–	nessus
Tenable Nessus	Fedora 8 : postgresql-8.2.6-1.fc8 (2008-0478)	14 Jan 200800:00	–	nessus
Tenable Nessus	Fedora 7 : postgresql-8.2.6-1.fc7 (2008-0552)	14 Jan 200800:00	–	nessus
Tenable Nessus	FreeBSD : postgresql -- multiple vulnerabilities (51436b4c-1250-11dd-bab7-0016179b2dd5)	28 Apr 200800:00	–	nessus
Tenable Nessus	GLSA-200801-15 : PostgreSQL: Multiple vulnerabilities	29 Jan 200800:00	–	nessus

Vulners

Node

tcl tclMatch8.4.13_4.el5

postgresql postgresqlMatch8.1.8_1.el4s1.1

postgresql postgresqlMatch8.1.11_1.el5_1.1

postgresql postgresqlMatch7.4.19_1.el4_6.1

postgresql postgresqlMatch8.1.4_1.el4s1.1

postgresql postgresqlMatch8.1.7_3.el4s1.1

postgresql postgresqlMatch8.1.9_1.el4s1.1

Source	Link
securitytracker	www.securitytracker.com/id
sunsolve	www.sunsolve.sun.com/search/document.do
sunsolve	www.sunsolve.sun.com/search/document.do
securityfocus	www.securityfocus.com/archive/1/485864/100/0/threaded
securityfocus	www.securityfocus.com/archive/1/486407/100/0/threaded
securityfocus	www.securityfocus.com/archive/1/493080/100/0/threaded
securityfocus	www.securityfocus.com/bid/27163
secunia	www.secunia.com/advisories/28359
secunia	www.secunia.com/advisories/28376
secunia	www.secunia.com/advisories/28437

10 Oct 2019 02:55Current

8.1High risk

Vulners AI Score8.1

CVSS 24

EPSS0.00278