exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 7 of 7 RSS Feed

CVE-2012-0868

Status Candidate

Overview

CRLF injection vulnerability in pg_dump in PostgreSQL 8.3.x before 8.3.18, 8.4.x before 8.4.11, 9.0.x before 9.0.7, and 9.1.x before 9.1.3 allows user-assisted remote attackers to execute arbitrary SQL commands via a crafted file containing object names with newlines, which are inserted into an SQL script that is used when the database is restored.

Related Files

Gentoo Linux Security Advisory 201209-24
Posted Sep 28, 2012
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201209-24 - Multiple vulnerabilities have been found in PostgreSQL which may allow a remote attacker to conduct several attacks. Versions less than 9.1.5 are affected.

tags | advisory, remote, vulnerability
systems | linux, gentoo
advisories | CVE-2012-0866, CVE-2012-0867, CVE-2012-0868, CVE-2012-2143, CVE-2012-2655, CVE-2012-3488, CVE-2012-3489
SHA-256 | aadd0a998d1f2db81a1c115cf7617428cb68b328b2051e91f2e2de0940ce8305
Red Hat Security Advisory 2012-0677-01
Posted May 22, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-0677-01 - PostgreSQL is an advanced object-relational database management system. The pg_dump utility inserted object names literally into comments in the SQL script it produces. An unprivileged database user could create an object whose name includes a newline followed by an SQL command. This SQL command might then be executed by a privileged user during later restore of the backup dump, allowing privilege escalation. CREATE TRIGGER did not do a permissions check on the trigger function to be called. This could possibly allow an authenticated database user to call a privileged trigger function on data of their choosing.

tags | advisory
systems | linux, redhat
advisories | CVE-2012-0866, CVE-2012-0868
SHA-256 | 99eb758e26ad01db7e3e088f497dd8ec98005e8f4fdef7cb43e51787e609733a
Red Hat Security Advisory 2012-0678-01
Posted May 22, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-0678-01 - PostgreSQL is an advanced object-relational database management system. The pg_dump utility inserted object names literally into comments in the SQL script it produces. An unprivileged database user could create an object whose name includes a newline followed by an SQL command. This SQL command might then be executed by a privileged user during later restore of the backup dump, allowing privilege escalation. When configured to do SSL certificate verification, PostgreSQL only checked the first 31 characters of the certificate's Common Name field. Depending on the configuration, this could allow an attacker to impersonate a server or a client using a certificate from a trusted Certificate Authority issued for a different name.

tags | advisory
systems | linux, redhat
advisories | CVE-2012-0866, CVE-2012-0867, CVE-2012-0868
SHA-256 | a11a5493acd610cf7f4bfdc27b2eba1d9d44ea753011012d38733b38292f077e
Mandriva Linux Security Advisory 2012-027
Posted Mar 1, 2012
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2012-027 - Multiple vulnerabilities has been discovered and corrected in postgresql. Permissions on a function called by a trigger are not properly checked. Line breaks in object names can be exploited to execute arbitrary SQL when reloading a pg_dump file. This advisory provides the latest version of PostgreSQL that is not vulnerable to these issues.

tags | advisory, arbitrary, vulnerability
systems | linux, mandriva
advisories | CVE-2012-0866, CVE-2012-0868
SHA-256 | b7d9d107dad134b0351ea51822094dc602ee2bed1c0393d0e07aca3b5d696327
Mandriva Linux Security Advisory 2012-026
Posted Feb 29, 2012
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2012-026 - Multiple vulnerabilities has been discovered and corrected in postgresql. Permissions on a function called by a trigger are not properly checked. SSL certificate name checks are truncated to 32 characters, allowing connection spoofing under some circumstances when using third party certificate authorities. Line breaks in object names can be exploited to execute arbitrary SQL when reloading a pg_dump file. This advisory provides the latest versions of PostgreSQL that is not vulnerable to these issues.

tags | advisory, arbitrary, spoof, vulnerability
systems | linux, mandriva
advisories | CVE-2012-0866, CVE-2012-0867, CVE-2012-0868
SHA-256 | 58823cceba466692ad13c21cdfd598a07b7adba85c277925ad3952248d6683a2
Ubuntu Security Notice USN-1378-1
Posted Feb 29, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1378-1 - It was discovered that PostgreSQL incorrectly checked permissions on functions called by a trigger. An attacker could attach a trigger to a table they owned and possibly escalate privileges. It was discovered that PostgreSQL incorrectly truncated SSL certificate name checks to 32 characters. If a host name was exactly 32 characters, this issue could be exploited by an attacker to spoof the SSL certificate. This issue affected Ubuntu 10.04 LTS, Ubuntu 10.10, Ubuntu 11.04 and Ubuntu 11.10. Various other issues were also addressed.

tags | advisory, spoof
systems | linux, ubuntu
advisories | CVE-2012-0866, CVE-2012-0867, CVE-2012-0868, CVE-2012-0866, CVE-2012-0867, CVE-2012-0868
SHA-256 | 15354f617687e5b1aa22fb70189dc40c214e0a0db7ca57569398efa37eb20a24
Debian Security Advisory 2418-1
Posted Feb 28, 2012
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2418-1 - Several local vulnerabilities have been discovered in PostgreSQL, an object-relational SQL database.

tags | advisory, local, vulnerability
systems | linux, debian
advisories | CVE-2012-0866, CVE-2012-0867, CVE-2012-0868
SHA-256 | 11a657217072f0210bb50b55f2208a3bed8d0b8e9a9900e5683fd14a41024efb
Page 1 of 1
Back1Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close