Vulnerability Assessment & Network Security Forums



If through a vulnerability assessment, a network security issue is detected for the vulnerability below, applying the appropriate security patches in a timely matter is very important.  If you have detected that your system has already been compromised, following CERT's Network Security recovery document will assist with recommended steps for system recovery.


Home >> Browse Vulnerability Assessment Database >> Mandrake Local Security Checks >> MDKSA-2007:037-1: postgresql


Vulnerability Assessment Details

MDKSA-2007:037-1: postgresql

Vulnerability Assessment Summary
Check for the version of the postgresql package

Detailed Explanation for this Vulnerability Assessment

The remote host is missing the patch for the advisory MDKSA-2007:037-1 (postgresql).

Jeff Trout discovered that the PostgreSQL server did not sufficiently
check data types of SQL function arguments in some cases. A user could
then exploit this to crash the database server or read out arbitrary
locations of the server's memory, which could be used to retrieve
database contents that the user should not be able to see. Note that a
user must be authenticated in order to exploit this (CVE-2007-0555).
As well, Jeff Trout also discovered that the query planner did not
verify that a table was still compatible with a previously-generated
query plan, which could be exploted to read out arbitrary locations of
the server's memory by using ALTER COLUMN TYPE during query execution.
Again, a user must be authenticated in order to exploit this
(CVE-2007-0556).
Update:
The previous update updated PostgreSQL to upstream versions, including
8.1.7 which contained a bug with typemod data types used with check
constraints and expression indexes. This regression has been corrected
in the new 8.1.8 version that is being provided.

Solution : http://wwwnew.mandriva.com/security/advisories?name=MDKSA-2007:037-1
Network Security Threat Level: High

Networks Security ID:

Vulnerability Assessment Copyright: This script is Copyright (C) 2007 Tenable Network Security

Cables, Connectors

HP Proliant BL460c G8 v2 - CTO - 735151-B21
$602.76
HP Proliant BL460c G8 v2 - CTO - 735151-B21 pictureHP Proliant DL380p G8, 2 Intel E5-2690, 64 Gb Ram, 2x 300 Go SAS 10K
$1760.1
HP Proliant DL380p G8, 2 Intel E5-2690, 64 Gb Ram, 2x 300 Go SAS 10K pictureHP Proliant BL460c G8 v1 / v2 - CTO - Heatsink - FLB554 - NEW
$410.89
HP Proliant BL460c G8 v1 / v2 - CTO - Heatsink - FLB554 - NEW pictureFujitsu BX920 S3 S26361-K140-V200 Blade Server No CPU No Memory No HDD
$400.0
Fujitsu BX920 S3 S26361-K140-V200 Blade Server No CPU No Memory No HDD picture


Discussions

No Discussions have been posted on this vulnerability.