exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 6 of 6 RSS Feed

CVE-2007-4769

Status Candidate

Overview

The regular expression parser in TCL before 8.4.17, as used in PostgreSQL 8.2 before 8.2.6, 8.1 before 8.1.11, 8.0 before 8.0.15, and 7.4 before 7.4.19, allows remote authenticated users to cause a denial of service (backend crash) via an out-of-bounds backref number.

Related Files

HP Security Bulletin 2008-00.6
Posted Apr 3, 2008
Authored by Hewlett Packard | Site hp.com

HP Security Bulletin - Potential security vulnerabilities have been identified in PostgreSQL versions 8.2.4 and earlier running on HP Internet Express for Tru64 UNIX. The vulnerabilities could be exploited to execute arbitrary code, elevation of privilege, or cause a Denial of Service (DoS).

tags | advisory, denial of service, arbitrary, vulnerability
systems | unix
advisories | CVE-2007-3278, CVE-2007-4769, CVE-2007-4772, CVE-2007-6067, CVE-2007-6600, CVE-2007-6601
SHA-256 | afd1bc6c33580067923d30d07609a12eab7bab28a754619e073a2ce527a5286a
Gentoo Linux Security Advisory 200801-15
Posted Jan 30, 2008
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200801-15 - If using the expression indexes feature, PostgreSQL executes index functions as the superuser during VACUUM and ANALYZE instead of the table owner, and allows SET ROLE and SET SESSION AUTHORIZATION in the index functions (CVE-2007-6600). Additionally, several errors involving regular expressions were found (CVE-2007-4769, CVE-2007-4772, CVE-2007-6067). Eventually, a privilege escalation vulnerability via unspecified vectors in the DBLink module was reported (CVE-2007-6601). This vulnerability is exploitable when local trust or ident authentication is used, and is due to an incomplete fix of CVE-2007-3278. Versions less than 8.0.15 are affected.

tags | advisory, local
systems | linux, gentoo
advisories | CVE-2007-3278, CVE-2007-4769, CVE-2007-4772, CVE-2007-6067, CVE-2007-6600, CVE-2007-6601
SHA-256 | 172cdfb474f0118a788ae219c7fb68c7559798040452c1e1dd818d4e41193477
Ubuntu Security Notice 568-1
Posted Jan 14, 2008
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 568-1 - Nico Leidecker discovered that PostgreSQL did not properly restrict dblink functions. An authenticated user could exploit this flaw to access arbitrary accounts and execute arbitrary SQL queries. It was discovered that the TCL regular expression parser used by PostgreSQL did not properly check its input. An attacker could send crafted regular expressions to PostgreSQL and cause a denial of service via resource exhaustion or database crash. It was discovered that PostgreSQL executed VACUUM and ANALYZE operations within index functions with superuser privileges and also allowed SET ROLE and SET SESSION AUTHORIZATION within index functions. A remote authenticated user could exploit these flaws to gain privileges.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2007-6600, CVE-2007-3278, CVE-2007-6601, CVE-2007-4769, CVE-2007-4772, CVE-2007-6067
SHA-256 | 47d59960e481124c283b84984065380cc224fcda98eb11e54fce799c288e75c1
Debian Linux Security Advisory 1463-1
Posted Jan 14, 2008
Authored by Debian | Site debian.org

Debian Security Advisory 1463-1 - Several local vulnerabilities have been discovered in PostgreSQL, an object-relational SQL database.

tags | advisory, local, vulnerability
systems | linux, debian
advisories | CVE-2007-3278, CVE-2007-4769, CVE-2007-4772, CVE-2007-6067, CVE-2007-6600, CVE-2007-6601
SHA-256 | bf82c28f78aa61e68865b176249ca0279e41256a1de3a041b5d109a070a22eeb
Debian Linux Security Advisory 1460-1
Posted Jan 14, 2008
Authored by Debian | Site debian.org

Debian Security Advisory 1460-1 - Several local vulnerabilities have been discovered in PostgreSQL, an object-relational SQL database.

tags | advisory, local, vulnerability
systems | linux, debian
advisories | CVE-2007-3278, CVE-2007-4769, CVE-2007-4772, CVE-2007-6067, CVE-2007-6600, CVE-2007-6601
SHA-256 | 15fa8c37a84c4650b0057ddb1f483cac6bd377383f70e2bbe3482537af09de8a
Mandriva Linux Security Advisory 2008-004
Posted Jan 9, 2008
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory - Index Functions Privilege Escalation: as a unique feature, PostgreSQL allows users to create indexes on the results of user-defined functions, known as expression indexes. This provided two vulnerabilities to privilege escalation: (1) index functions were executed as the superuser and not the table owner during VACUUM and ANALYZE, and (2) that SET ROLE and SET SESSION AUTHORIZATION were permitted within index functions. Regular Expression Denial-of-Service: three separate issues in the regular expression libraries used by PostgreSQL allowed malicious users to initiate a denial-of-service by passing certain regular expressions in SQL queries. First, users could create infinite loops using some specific regular expressions. Second, certain complex regular expressions could consume excessive amounts of memory. Third, out-of-range backref numbers could be used to crash the backend. DBLink Privilege Escalation: DBLink functions combined with local trust or ident authentication could be used by a malicious user to gain superuser privileges. This issue has been fixed, and does not affect users who have not installed DBLink (an optional module), or who are using password authentication for local access. This same problem was addressed in the previous release cycle , but that patch failed to close all forms of the loophole.

tags | advisory, local, vulnerability
systems | linux, mandriva
advisories | CVE-2007-6600, CVE-2007-4772, CVE-2007-6067, CVE-2007-4769, CVE-2007-6601
SHA-256 | edab60a1473e35b9b319cf42931a033907dbd44cba5d3b178ce486cce8517747
Page 1 of 1
Back1Next

File Archive:

August 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Aug 1st
    20 Files
  • 2
    Aug 2nd
    4 Files
  • 3
    Aug 3rd
    6 Files
  • 4
    Aug 4th
    55 Files
  • 5
    Aug 5th
    16 Files
  • 6
    Aug 6th
    0 Files
  • 7
    Aug 7th
    0 Files
  • 8
    Aug 8th
    0 Files
  • 9
    Aug 9th
    0 Files
  • 10
    Aug 10th
    0 Files
  • 11
    Aug 11th
    0 Files
  • 12
    Aug 12th
    0 Files
  • 13
    Aug 13th
    0 Files
  • 14
    Aug 14th
    0 Files
  • 15
    Aug 15th
    0 Files
  • 16
    Aug 16th
    0 Files
  • 17
    Aug 17th
    0 Files
  • 18
    Aug 18th
    0 Files
  • 19
    Aug 19th
    0 Files
  • 20
    Aug 20th
    0 Files
  • 21
    Aug 21st
    0 Files
  • 22
    Aug 22nd
    0 Files
  • 23
    Aug 23rd
    0 Files
  • 24
    Aug 24th
    0 Files
  • 25
    Aug 25th
    0 Files
  • 26
    Aug 26th
    0 Files
  • 27
    Aug 27th
    0 Files
  • 28
    Aug 28th
    0 Files
  • 29
    Aug 29th
    0 Files
  • 30
    Aug 30th
    0 Files
  • 31
    Aug 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close