exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 6 of 6 RSS Feed

CVE-2010-1170

Status Candidate

Overview

The PL/Tcl implementation in PostgreSQL 7.4 before 7.4.29, 8.0 before 8.0.25, 8.1 before 8.1.21, 8.2 before 8.2.17, 8.3 before 8.3.11, 8.4 before 8.4.4, and 9.0 Beta before 9.0 Beta 2 loads Tcl code from the pltcl_modules table regardless of the table's ownership and permissions, which allows remote authenticated users, with database-creation privileges, to execute arbitrary Tcl code by creating this table and inserting a crafted Tcl script.

Related Files

HP Security Bulletin HPSBMU02781 SSRT100617 2
Posted Aug 8, 2012
Authored by HP | Site hp.com

HP Security Bulletin HPSBMU02781 SSRT100617 2 - Potential security vulnerabilities have been identified with HP Network Node Manager i (NNMi) for HP-UX, Linux, Solaris, and Windows running PostgreSQL. The vulnerabilities could be remotely exploited resulting in execution of arbitrary code and Denial of Service (DoS). Revision 2 of this advisory.

tags | advisory, denial of service, arbitrary, vulnerability
systems | linux, windows, solaris, hpux
advisories | CVE-2009-0922, CVE-2009-3229, CVE-2009-3230, CVE-2009-3231, CVE-2009-4034, CVE-2009-4136, CVE-2010-1169, CVE-2010-1170, CVE-2010-1975, CVE-2010-3433, CVE-2010-4015
SHA-256 | 969977237cbe019bfcfe019ff2785e5a2cd29b36bd1679c3d115100fcd8f2197
HP Security Bulletin HPSBMU02781 SSRT100617
Posted Jul 2, 2012
Authored by HP | Site hp.com

HP Security Bulletin HPSBMU02781 SSRT100617 - Potential security vulnerabilities have been identified with HP Network Node Manager i (NNMi) for HP-UX, Linux, Solaris, and Windows running PostgreSQL. The vulnerabilities could be remotely exploited resulting in execution of arbitrary code and Denial of Service (DoS) . Revision 1 of this advisory.

tags | advisory, denial of service, arbitrary, vulnerability
systems | linux, windows, solaris, hpux
advisories | CVE-2009-0922, CVE-2009-3229, CVE-2009-3230, CVE-2009-3231, CVE-2009-4034, CVE-2009-4136, CVE-2010-1169, CVE-2010-1170, CVE-2010-1975, CVE-2010-3433, CVE-2010-4015
SHA-256 | b85e8b8a8b2b6709cb17786ee687f79c84cb868d3e8d7908aac5a6e2bead0467
Gentoo Linux Security Advisory 201110-22
Posted Oct 25, 2011
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201110-22 - Multiple vulnerabilities in the PostgreSQL server and client allow remote attackers to conduct several attacks, including the execution of arbitrary code and denial of service. Versions less than or equal to 9 are affected.

tags | advisory, remote, denial of service, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2009-0922, CVE-2009-3229, CVE-2009-3230, CVE-2009-3231, CVE-2009-4034, CVE-2009-4136, CVE-2010-0442, CVE-2010-0733, CVE-2010-1169, CVE-2010-1170, CVE-2010-1447, CVE-2010-1975, CVE-2010-3433, CVE-2010-4015, CVE-2011-2483
SHA-256 | 82243da3aec06c210e0496833735c49ccf39afb961407ead00319a66417c0cd7
Debian Linux Security Advisory 2051-1
Posted May 25, 2010
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2051-1 - Several local vulnerabilities have been discovered in PostgreSQL, an object-relational SQL database.

tags | advisory, local, vulnerability
systems | linux, debian
advisories | CVE-2010-0442, CVE-2010-1169, CVE-2010-1170, CVE-2010-1975
SHA-256 | 180b33e386f19b03736c3943e1b71129e1dfa7af334af3501bd91a08e267f7f0
Ubuntu Security Notice 942-1
Posted May 22, 2010
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 942-1 - It was discovered that the Safe.pm module as used by PostgreSQL did not properly restrict PL/perl procedures. If PostgreSQL was configured to use Perl stored procedures, a remote authenticated attacker could exploit this to execute arbitrary Perl code. It was discovered that PostgreSQL did not properly check permissions to restrict PL/Tcl procedures. If PostgreSQL was configured to use Tcl stored procedures, a remote authenticated attacker could exploit this to execute arbitrary Tcl code.

tags | advisory, remote, arbitrary, perl
systems | linux, ubuntu
advisories | CVE-2010-1169, CVE-2010-1170
SHA-256 | 741e9e2548258c38c225edc1b0858fe5b79d22d7c61bc1a93baadd70c3ee0dd8
Mandriva Linux Security Advisory 2010-103
Posted May 21, 2010
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2010-103 - Multiple vulnerabilities were discovered and corrected in postgresql. Packages for 2008.0 and 2009.0 are provided as of the Extended Maintenance Program. This update provides a solution to these vulnerabilities.

tags | advisory, vulnerability
systems | linux, mandriva
advisories | CVE-2010-0442, CVE-2010-1169, CVE-2010-1170, CVE-2010-1975
SHA-256 | dae56ddac2b338c1704ebf1658f6ad703dfa0a1e741f2de8039c4ee98eedbcbd
Page 1 of 1
Back1Next

File Archive:

July 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    27 Files
  • 2
    Jul 2nd
    10 Files
  • 3
    Jul 3rd
    35 Files
  • 4
    Jul 4th
    27 Files
  • 5
    Jul 5th
    18 Files
  • 6
    Jul 6th
    0 Files
  • 7
    Jul 7th
    0 Files
  • 8
    Jul 8th
    28 Files
  • 9
    Jul 9th
    44 Files
  • 10
    Jul 10th
    24 Files
  • 11
    Jul 11th
    25 Files
  • 12
    Jul 12th
    11 Files
  • 13
    Jul 13th
    0 Files
  • 14
    Jul 14th
    0 Files
  • 15
    Jul 15th
    28 Files
  • 16
    Jul 16th
    6 Files
  • 17
    Jul 17th
    0 Files
  • 18
    Jul 18th
    0 Files
  • 19
    Jul 19th
    0 Files
  • 20
    Jul 20th
    0 Files
  • 21
    Jul 21st
    0 Files
  • 22
    Jul 22nd
    0 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close