HP Security Bulletin HPSBMU02781 SSRT100617 2 - Potential security vulnerabilities have been identified with HP Network Node Manager i (NNMi) for HP-UX, Linux, Solaris, and Windows running PostgreSQL. The vulnerabilities could be remotely exploited resulting in execution of arbitrary code and Denial of Service (DoS). Revision 2 of this advisory.
969977237cbe019bfcfe019ff2785e5a2cd29b36bd1679c3d115100fcd8f2197HP Security Bulletin HPSBMU02781 SSRT100617 - Potential security vulnerabilities have been identified with HP Network Node Manager i (NNMi) for HP-UX, Linux, Solaris, and Windows running PostgreSQL. The vulnerabilities could be remotely exploited resulting in execution of arbitrary code and Denial of Service (DoS) . Revision 1 of this advisory.
b85e8b8a8b2b6709cb17786ee687f79c84cb868d3e8d7908aac5a6e2bead0467Gentoo Linux Security Advisory 201110-22 - Multiple vulnerabilities in the PostgreSQL server and client allow remote attackers to conduct several attacks, including the execution of arbitrary code and denial of service. Versions less than or equal to 9 are affected.
82243da3aec06c210e0496833735c49ccf39afb961407ead00319a66417c0cd7Debian Linux Security Advisory 2120-1 - Tim Bunce discovered that PostgreSQL, a database server software, does not properly separate interpreters for server-side stored procedures which run in different security contexts. As a result, non-privileged authenticated database users might gain additional privileges.
9079cbdc3cfecf1a7ce80c5ecbed29077721b922234d2590a891c916471c7c82Ubuntu Security Notice 1002-2 - USN-1002-1 fixed vulnerabilities in PostgreSQL. This update provides the corresponding update for Ubuntu 10.10. It was discovered that PostgreSQL did not properly enforce permissions within sessions when PL/Perl and PL/Tcl functions or operators were redefined. A remote authenticated attacker could exploit this to execute arbitrary code with permissions of a different user, possibly leading to privilege escalation.
085a6581138140094c3a3e7e5218e13c206bda65a3d3ed3d068b202fda63e0baUbuntu Security Notice 1002-1 - It was discovered that PostgreSQL did not properly enforce permissions within sessions when PL/Perl and PL/Tcl functions or operators were redefined. A remote authenticated attacker could exploit this to execute arbitrary code with permissions of a different user, possibly leading to privilege escalation.
d38447e625136f99a89cecd34849184cf00b07d42061e2c9072142a231c9438cMandriva Linux Security Advisory 2010-197 - An authenticated database user can manipulate modules and tied variables in some external procedural languages to execute code with enhanced privileges.
60b055a722cc4bc0545e71200d94b800b38708d3e38b1a277486b92cc61f22cb
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed