exploits , vulnerabilities , articles , PostgreSQL Multiple Privilege Escalation and Denial of Service Vulnerabilities

Title	PostgreSQL Multiple Privilege Escalation and Denial of Service Vulnerabilities
Published	2008-01-07-12:00AM
Updated	2008-03-05-11:51PM
Class	Unknown
CVE	CVE-2007-6600 E-2007-4772CV 2007-6067CVE- 07-4769CVE-20 -6601
Remote	Yes
Local	Yes
Credit	The vendor disclosed these issues.
Vulnerable	Ubuntu Ubuntu Linux 7.10 sparc Ubuntu Ubuntu Linux 7.10 powerpc Ubuntu Ubuntu Linux 7.10 i386 Ubuntu Ubuntu Linux 7.10 amd64 Ubuntu Ubuntu Linux 7.04 sparc Ubuntu Ubuntu Linux 7.04 powerpc Ubuntu Ubuntu Linux 7.04 i386 Ubuntu Ubuntu Linux 7.04 amd64 Ubuntu Ubuntu Linux 6.10 sparc Ubuntu Ubuntu Linux 6.10 powerpc Ubuntu Ubuntu Linux 6.10 i386 Ubuntu Ubuntu Linux 6.10 amd64 Ubuntu Ubuntu Linux 6.06 LTS sparc Ubuntu Ubuntu Linux 6.06 LTS powerpc Ubuntu Ubuntu Linux 6.06 LTS i386 Ubuntu Ubuntu Linux 6.06 LTS amd64 Turbolinux Turbolinux Server 10.0 Turbolinux Turbolinux Server 11 x64 Turbolinux Turbolinux Server 11 Turbolinux Turbolinux Server 10.0.0 x64 TurboLinux Personal TurboLinux Multimedia Turbolinux Appliance Server Hosting Edition 1.0 Turbolinux Appliance Server 1.0 Workgroup Edition Turbolinux Appliance Server 1.0 Hosting Edition Turbolinux Appliance Server 2.0 Sun Solaris 10.0 _x86 Sun Solaris 10.0 Sun Solaris 10_x86 Sun Solaris 10 S.u.S.E. SUSE Linux Enterprise Server 10 SP1 S.u.S.E. SUSE Linux Enterprise Desktop 10 SP1 S.u.S.E. SLE SDK 10.SP1 S.u.S.E. openSUSE 10.3 S.u.S.E. openSUSE 10.2 S.u.S.E. Novell Linux POS 9 S.u.S.E. Novell Linux Desktop 9 S.u.S.E. Linux Professional 10.1 S.u.S.E. Linux Personal 10.1 S.u.S.E. Linux Enterprise Server 9 rPath rPath Linux 1 RedHat Fedora 8 0 RedHat Fedora 7 0 RedHat Enterprise Linux WS 4 RedHat Enterprise Linux WS 3 RedHat Enterprise Linux WS 2.1 IA64 RedHat Enterprise Linux WS 2.1 RedHat Enterprise Linux ES 4 RedHat Enterprise Linux ES 3 RedHat Enterprise Linux ES 2.1 IA64 RedHat Enterprise Linux ES 2.1 RedHat Enterprise Linux Desktop Workstation 5 client RedHat Enterprise Linux Desktop 5 client RedHat Enterprise Linux AS 4 RedHat Enterprise Linux AS 3 RedHat Enterprise Linux AS 2.1 IA64 RedHat Enterprise Linux AS 2.1 RedHat Enterprise Linux Desktop version 4 RedHat Enterprise Linux 5 server RedHat Desktop 3.0 RedHat Application Stack v2 0 RedHat Application Stack v1 for Enterprise Linux ES 4 RedHat Application Stack v1 for Enterprise Linux AS 4 RedHat Advanced Workstation for the Itanium Processor 2.1 IA64 RedHat Advanced Workstation for the Itanium Processor 2.1 IA64 RedHat Advanced Workstation for the Itanium Processor 2.1 PostgreSQL PostgreSQL 8.2.4 PostgreSQL PostgreSQL 8.2.3 PostgreSQL PostgreSQL 8.2.2 PostgreSQL PostgreSQL 8.2 PostgreSQL PostgreSQL 8.1.9 PostgreSQL PostgreSQL 8.1.8 PostgreSQL PostgreSQL 8.1.5 PostgreSQL PostgreSQL 8.1.4 PostgreSQL PostgreSQL 8.1.3 PostgreSQL PostgreSQL 8.1.1 PostgreSQL PostgreSQL 8.0.317 PostgreSQL PostgreSQL 8.0.13 PostgreSQL PostgreSQL 8.0.9 PostgreSQL PostgreSQL 8.0.8 PostgreSQL PostgreSQL 8.0.7 PostgreSQL PostgreSQL 8.0.5 PostgreSQL PostgreSQL 8.0.4 PostgreSQL PostgreSQL 8.0.3 PostgreSQL PostgreSQL 8.0.2 Trustix Secure Linux 2.2 PostgreSQL PostgreSQL 8.0.1 PostgreSQL PostgreSQL 8.0 Trustix Secure Linux 2.2 PostgreSQL PostgreSQL 7.4.17 PostgreSQL PostgreSQL 7.4.14 PostgreSQL PostgreSQL 7.4.13 PostgreSQL PostgreSQL 7.4.12 PostgreSQL PostgreSQL 7.4.11 PostgreSQL PostgreSQL 7.4.10 PostgreSQL PostgreSQL 7.4.9 PostgreSQL PostgreSQL 7.4.8 PostgreSQL PostgreSQL 7.4.7 PostgreSQL PostgreSQL 7.4.6 Trustix Secure Linux 2.1 PostgreSQL PostgreSQL 7.4.5 PostgreSQL PostgreSQL 7.4.4 PostgreSQL PostgreSQL 7.4.3 PostgreSQL PostgreSQL 7.4.2 PostgreSQL PostgreSQL 7.4.1 PostgreSQL PostgreSQL 7.4 PostgreSQL PostgreSQL 7.3.19 PostgreSQL PostgreSQL 7.3.16 PostgreSQL PostgreSQL 7.3.15 PostgreSQL PostgreSQL 7.3.14 PostgreSQL PostgreSQL 7.3.13 PostgreSQL PostgreSQL 7.3.12 PostgreSQL PostgreSQL 7.3.11 PostgreSQL PostgreSQL 7.3.10 PostgreSQL PostgreSQL 7.3.9 PostgreSQL PostgreSQL 7.3.8 PostgreSQL PostgreSQL 7.3.6 PostgreSQL PostgreSQL 7.3.4 OpenPKG OpenPKG Current PostgreSQL PostgreSQL 7.3.3 PostgreSQL PostgreSQL 7.3.2 PostgreSQL PostgreSQL 7.3.1 PostgreSQL PostgreSQL 7.3 PostgreSQL PostgreSQL 8.1.7 PostgreSQL PostgreSQL 8.0.11 PostgreSQL PostgreSQL 7.4.16 PostgreSQL PostgreSQL 7.3.13 PDGSoft Shopping Cart 8.1.2 PDGSoft Shopping Cart 8.1 PDGSoft Shopping Cart 8.0.6 MandrakeSoft Linux Mandrake 2008.0 x86_64 MandrakeSoft Linux Mandrake 2008.0 MandrakeSoft Linux Mandrake 2007.1 x86_64 MandrakeSoft Linux Mandrake 2007.1 MandrakeSoft Linux Mandrake 2007.0 x86_64 MandrakeSoft Linux Mandrake 2007.0 MandrakeSoft Corporate Server 4.0 x86_64 MandrakeSoft Corporate Server 3.0 x86_64 MandrakeSoft Corporate Server 3.0 MandrakeSoft Corporate Server 4.0 Gentoo Linux 2007.0 Gentoo Linux Debian Linux 3.1 sparc Debian Linux 3.1 s/390 Debian Linux 3.1 ppc Debian Linux 3.1 mipsel Debian Linux 3.1 mips Debian Linux 3.1 m68k Debian Linux 3.1 ia64 Debian Linux 3.1 ia32 Debian Linux 3.1 hppa Debian Linux 3.1 arm Debian Linux 3.1 amd64 Debian Linux 3.1 alpha Debian Linux 3.1 Debian Linux 4.0 sparc Debian Linux 4.0 s/390 Debian Linux 4.0 powerpc Debian Linux 4.0 mipsel Debian Linux 4.0 mips Debian Linux 4.0 m68k Debian Linux 4.0 ia64 Debian Linux 4.0 ia32 Debian Linux 4.0 hppa Debian Linux 4.0 arm Debian Linux 4.0 amd64 Debian Linux 4.0 alpha Debian Linux 4.0 Avaya SIP Enablement Services 3.1.1 Avaya SIP Enablement Services 3.1 Avaya SIP Enablement Services 3.0 Avaya Messaging Storage Server MSS 3.0 Avaya Messaging Storage Server MM3.0 Avaya Messaging Storage Server 3.1 Avaya Message Networking MN 3.1 Avaya Message Networking 3.1 Avaya Meeting Exchange 5.0 Avaya Intuity AUDIX LX 2.0 Avaya Communication Manager 5.0 Avaya AES 3.1.4 Avaya AES 3.1.3
Not Vulnerable	PostgreSQL PostgreSQL 8.2.6 PostgreSQL PostgreSQL 8.1.11 PostgreSQL PostgreSQL 8.0.15 PostgreSQL PostgreSQL 7.4.19 PostgreSQL PostgreSQL 7.3.21
Code	Specific exploit code is not required for some of these issues.
TXT

Vulnerabilities - newest 10 RSS | More

• 2008-12-02 xrdp Multiple Buffer Overflow Vulnerabilities
• 2008-12-02 FFmpeg Multiple Denial of Service Vulnerabilities
• 2008-12-01 SystemImager Flamethrower Insecure Temporary File Creation Vulnerabilities
• 2008-12-01 Rumpus FTP Server Command Argument Remote Buffer Overflow Vulnerability
• 2008-12-01 Rumpus FTP Server HTTP Command Remote Denial of Service Vulnerability
• 2008-11-29 Multiple ActiveWebSoftwares Products Login Parameters SQL Injection Vulnerabilities
• 2008-11-29 Venalsur Booking Centre Multiple Cross-Site Scripting Vulnerabilities
• 2008-11-28 ReVou Login SQL Injection Vulnerability
• 2008-11-28 Web Calendar System SQL Injection and Cross Site Scripting Vulnerabilities
• 2008-11-28 SailPlanner Login SQL Injection Vulnerability

• Vulnerabilities
• Exploits
• News
• Articles

Copyright 2007, SecurityDot
Tue, 02 Dec 2008 21:14:01 +0000