 |
|
|
|
| PostgreSQL database server multiple security vulnerabilities | | Published: |  | 08.01.2008 | | Source: |  | BUGTRAQ | | SecurityVulns ID: |  | 8539 | | Type: |  | local | | Level: |  | 5/10 | | Description: |  | Privilege escalation with indexing functions, privilege escalation with DBLink, DoS with regular expressions. |
| Affected: |  | POSTGRESQL : PostgreSQL 7.3 | | | | POSTGRES : PostgreSQL 7.4 | | | | POSTGRES : PostgreSQL 8.0 | | | | POSTGRES : PostgreSQL 8.1 | | | | POSTGRES : PostgreSQL 8.2 | | CVE: |  | CVE-2007-6601 | | | | CVE-2007-6600 | | | | CVE-2007-6067 | | | | CVE-2007-4772 (The regular expression parser in TCL before 8.4.17, as used in PostgreSQL 8.2 before 8.2.6, 8.1 before 8.1.11, 8.0 before 8.0.15, and 7.4 before 7.4.19, allows context-dependent attackers to cause a denial of service (infinite loop) via a crafted regular expression.) | | | | CVE-2007-4769 (The regular expression parser in TCL before 8.4.17, as used in PostgreSQL 8.2 before 8.2.6, 8.1 before 8.1.11, 8.0 before 8.0.15, and 7.4 before 7.4.19, allows remote authenticated users to cause a denial of service (backend crash) via an out-of-bounds backref number.) |
|
|
|
|
|
|
|
|
