exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 4 of 4 RSS Feed

CVE-2007-0556

Status Candidate

Overview

The query planner in PostgreSQL before 8.0.11, 8.1 before 8.1.7, and 8.2 before 8.2.2 does not verify that a table is compatible with a "previously made query plan," which allows remote authenticated users to cause a denial of service (server crash) and possibly access database content via an "ALTER COLUMN TYPE" SQL statement, which can be leveraged to read arbitrary memory from the server.

Related Files

Gentoo Linux Security Advisory 200703-15
Posted Mar 20, 2007
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200703-15 - PostgreSQL does not correctly check the data types of the SQL function arguments under unspecified circumstances nor the format of the provided tables in the query planner. Versions less than 8.0.11 are affected.

tags | advisory
systems | linux, gentoo
advisories | CVE-2007-0555, CVE-2007-0556
SHA-256 | c9929224f19d0c7685ee31835f690bc91906c7cc2995d71a459afd27ff620bbc
Mandriva Linux Security Advisory 2007.037
Posted Feb 13, 2007
Authored by Mandriva | Site mandriva.com

Mandriva Security Advisory - Jeff Trout discovered that the PostgreSQL server did not sufficiently check data types of SQL function arguments in some cases. A user could then exploit this to crash the database server or read out arbitrary locations of the server's memory, which could be used to retrieve database contents that the user should not be able to see. Note that a user must be authenticated in order to exploit this. As well, Jeff Trout also discovered that the query planner did not verify that a table was still compatible with a previously-generated query plan, which could be exploited to read out arbitrary locations of the server's memory by using ALTER COLUMN TYPE during query execution. Again, a user must be authenticated in order to exploit this.

tags | advisory, arbitrary
systems | linux, mandriva
advisories | CVE-2007-0555, CVE-2007-0556
SHA-256 | b9d49ee3a0db5fd14be3b0494fb05ea115fa2b63baca89b8c5f81a95bd12adf0
Mandriva Linux Security Advisory 2007.037
Posted Feb 8, 2007
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory - Jeff Trout discovered that the PostgreSQL server did not sufficiently check data types of SQL function arguments in some cases. A user could then exploit this to crash the database server or read out arbitrary locations of the server's memory, which could be used to retrieve database contents that the user should not be able to see. Note that a user must be authenticated in order to exploit this. As well, Jeff Trout also discovered that the query planner did not verify that a table was still compatible with a previously-generated query plan, which could be exploted to read out arbitrary locations of the server's memory by using ALTER COLUMN TYPE during query execution. Again, a user must be authenticated in order to exploit this.

tags | advisory, arbitrary
systems | linux, mandriva
advisories | CVE-2007-0555, CVE-2007-0556
SHA-256 | 8ba13b500368cd9f0de2fc453f06366e7735626f388086f0770d74d75a357737
Ubuntu Security Notice 417-1
Posted Feb 6, 2007
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 417-1 - Jeff Trout discovered that the PostgreSQL server did not sufficiently check data types of SQL function arguments in some cases. An authenticated attacker could exploit this to crash the database server or read out arbitrary locations in the server's memory, which could allow retrieving database content the attacker should not be able to see. Jeff Trout reported that the query planner did not verify that a table was still compatible with a previously made query plan. By using ALTER COLUMN TYPE during query execution, an attacker could exploit this to read out arbitrary locations in the server's memory, which could allow retrieving database content the attacker should not be able to see.

tags | advisory, arbitrary
systems | linux, ubuntu
advisories | CVE-2007-0555, CVE-2007-0556
SHA-256 | 276efa3f8ae6e6316c21d9bd4a5cc9aad843153f184120b3fde27f02a2123412
Page 1 of 1
Back1Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    69 Files
  • 14
    Nov 14th
    0 Files
  • 15
    Nov 15th
    0 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    0 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close