seeing is believing
Showing 1 - 7 of 7 RSS Feed

CVE-2012-0866

Status Candidate

Overview

CREATE TRIGGER in PostgreSQL 8.3.x before 8.3.18, 8.4.x before 8.4.11, 9.0.x before 9.0.7, and 9.1.x before 9.1.3 does not properly check the execute permission for trigger functions marked SECURITY DEFINER, which allows remote authenticated users to execute otherwise restricted triggers on arbitrary data by installing the trigger on an attacker-owned table.

Related Files

Gentoo Linux Security Advisory 201209-24
Posted Sep 28, 2012
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201209-24 - Multiple vulnerabilities have been found in PostgreSQL which may allow a remote attacker to conduct several attacks. Versions less than 9.1.5 are affected.

tags | advisory, remote, vulnerability
systems | linux, gentoo
advisories | CVE-2012-0866, CVE-2012-0867, CVE-2012-0868, CVE-2012-2143, CVE-2012-2655, CVE-2012-3488, CVE-2012-3489
MD5 | b413793adf8cac8b1de5c98182898751
Red Hat Security Advisory 2012-0677-01
Posted May 22, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-0677-01 - PostgreSQL is an advanced object-relational database management system. The pg_dump utility inserted object names literally into comments in the SQL script it produces. An unprivileged database user could create an object whose name includes a newline followed by an SQL command. This SQL command might then be executed by a privileged user during later restore of the backup dump, allowing privilege escalation. CREATE TRIGGER did not do a permissions check on the trigger function to be called. This could possibly allow an authenticated database user to call a privileged trigger function on data of their choosing.

tags | advisory
systems | linux, redhat
advisories | CVE-2012-0866, CVE-2012-0868
MD5 | 5589be2ef5de15f4c20bd819d5669875
Red Hat Security Advisory 2012-0678-01
Posted May 22, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-0678-01 - PostgreSQL is an advanced object-relational database management system. The pg_dump utility inserted object names literally into comments in the SQL script it produces. An unprivileged database user could create an object whose name includes a newline followed by an SQL command. This SQL command might then be executed by a privileged user during later restore of the backup dump, allowing privilege escalation. When configured to do SSL certificate verification, PostgreSQL only checked the first 31 characters of the certificate's Common Name field. Depending on the configuration, this could allow an attacker to impersonate a server or a client using a certificate from a trusted Certificate Authority issued for a different name.

tags | advisory
systems | linux, redhat
advisories | CVE-2012-0866, CVE-2012-0867, CVE-2012-0868
MD5 | e1a961e6fbae0168e6ab55161d04fc13
Mandriva Linux Security Advisory 2012-027
Posted Mar 1, 2012
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2012-027 - Multiple vulnerabilities has been discovered and corrected in postgresql. Permissions on a function called by a trigger are not properly checked. Line breaks in object names can be exploited to execute arbitrary SQL when reloading a pg_dump file. This advisory provides the latest version of PostgreSQL that is not vulnerable to these issues.

tags | advisory, arbitrary, vulnerability
systems | linux, mandriva
advisories | CVE-2012-0866, CVE-2012-0868
MD5 | 375620d206b478a1028f5f14d6bed579
Mandriva Linux Security Advisory 2012-026
Posted Feb 29, 2012
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2012-026 - Multiple vulnerabilities has been discovered and corrected in postgresql. Permissions on a function called by a trigger are not properly checked. SSL certificate name checks are truncated to 32 characters, allowing connection spoofing under some circumstances when using third party certificate authorities. Line breaks in object names can be exploited to execute arbitrary SQL when reloading a pg_dump file. This advisory provides the latest versions of PostgreSQL that is not vulnerable to these issues.

tags | advisory, arbitrary, spoof, vulnerability
systems | linux, mandriva
advisories | CVE-2012-0866, CVE-2012-0867, CVE-2012-0868
MD5 | f728f35a754010929427e9f14844f505
Ubuntu Security Notice USN-1378-1
Posted Feb 29, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1378-1 - It was discovered that PostgreSQL incorrectly checked permissions on functions called by a trigger. An attacker could attach a trigger to a table they owned and possibly escalate privileges. It was discovered that PostgreSQL incorrectly truncated SSL certificate name checks to 32 characters. If a host name was exactly 32 characters, this issue could be exploited by an attacker to spoof the SSL certificate. This issue affected Ubuntu 10.04 LTS, Ubuntu 10.10, Ubuntu 11.04 and Ubuntu 11.10. Various other issues were also addressed.

tags | advisory, spoof
systems | linux, ubuntu
advisories | CVE-2012-0866, CVE-2012-0867, CVE-2012-0868, CVE-2012-0866, CVE-2012-0867, CVE-2012-0868
MD5 | c6d497732c221a6c0a60ff2a9ac24a31
Debian Security Advisory 2418-1
Posted Feb 28, 2012
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2418-1 - Several local vulnerabilities have been discovered in PostgreSQL, an object-relational SQL database.

tags | advisory, local, vulnerability
systems | linux, debian
advisories | CVE-2012-0866, CVE-2012-0867, CVE-2012-0868
MD5 | 0f8d2d68e3571902f6851a5e902ba616
Page 1 of 1
Back1Next

File Archive:

July 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    2 Files
  • 2
    Jul 2nd
    3 Files
  • 3
    Jul 3rd
    15 Files
  • 4
    Jul 4th
    4 Files
  • 5
    Jul 5th
    15 Files
  • 6
    Jul 6th
    15 Files
  • 7
    Jul 7th
    10 Files
  • 8
    Jul 8th
    2 Files
  • 9
    Jul 9th
    10 Files
  • 10
    Jul 10th
    15 Files
  • 11
    Jul 11th
    15 Files
  • 12
    Jul 12th
    19 Files
  • 13
    Jul 13th
    16 Files
  • 14
    Jul 14th
    15 Files
  • 15
    Jul 15th
    3 Files
  • 16
    Jul 16th
    2 Files
  • 17
    Jul 17th
    8 Files
  • 18
    Jul 18th
    11 Files
  • 19
    Jul 19th
    15 Files
  • 20
    Jul 20th
    15 Files
  • 21
    Jul 21st
    15 Files
  • 22
    Jul 22nd
    7 Files
  • 23
    Jul 23rd
    2 Files
  • 24
    Jul 24th
    19 Files
  • 25
    Jul 25th
    28 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close