ID CVE-2009-0922
Summary PostgreSQL before 8.3.7, 8.2.13, 8.1.17, 8.0.21, and 7.4.25 allows remote authenticated users to cause a denial of service (stack consumption and crash) by triggering a failure in the conversion of a localized error message to a client-specified encoding, as demonstrated using mismatched encoding conversion requests.
References
Vulnerable Configurations
  • PostgreSQL PostgreSQL 7.4.24
    cpe:2.3:a:postgresql:postgresql:7.4.24
  • PostgreSQL PostgreSQL 8.0.20
    cpe:2.3:a:postgresql:postgresql:8.0.20
  • PostgreSQL 8.1.16
    cpe:2.3:a:postgresql:postgresql:8.1.16
  • PostgreSQL 8.2.12
    cpe:2.3:a:postgresql:postgresql:8.2.12
  • PostgreSQL 8.3.6
    cpe:2.3:a:postgresql:postgresql:8.3.6
CVSS
Base: 4.0 (as of 17-03-2009 - 13:35)
Impact:
Exploitability:
CWE CWE-399
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW SINGLE_INSTANCE
Impact
ConfidentialityIntegrityAvailability
NONE NONE PARTIAL
exploit-db via4
description PostgreSQL 8.3.6 Conversion Encoding Remote Denial of Service Vulnerability. CVE-2009-0922. Dos exploit for linux platform
id EDB-ID:32849
last seen 2016-02-03
modified 2009-03-11
published 2009-03-11
reporter Afonin Denis
source https://www.exploit-db.com/download/32849/
title PostgreSQL <= 8.3.6 - Conversion Encoding Remote Denial of Service Vulnerability
nessus via4
  • NASL family Gentoo Local Security Checks
    NASL id GENTOO_GLSA-201110-22.NASL
    description The remote host is affected by the vulnerability described in GLSA-201110-22 (PostgreSQL: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in PostgreSQL. Please review the CVE identifiers referenced below for details. Impact : A remote authenticated attacker could send a specially crafted SQL query to a PostgreSQL server with the 'intarray' module enabled, possibly resulting in the execution of arbitrary code with the privileges of the PostgreSQL server process, or a Denial of Service condition. Furthermore, a remote authenticated attacker could execute arbitrary Perl code, cause a Denial of Service condition via different vectors, bypass LDAP authentication, bypass X.509 certificate validation, gain database privileges, exploit weak blowfish encryption and possibly cause other unspecified impact. Workaround : There is no known workaround at this time.
    last seen 2019-02-21
    modified 2018-07-11
    plugin id 56626
    published 2011-10-25
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=56626
    title GLSA-201110-22 : PostgreSQL: Multiple vulnerabilities
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS10_X86_138827.NASL
    description SunOS 5.10_x86: PostgreSQL 8.3 core patch. Date this patch was last updated by Sun : Mar/29/13 This plugin has been deprecated and either replaced with individual 138827 patch-revision plugins, or deemed non-security related.
    last seen 2019-02-21
    modified 2018-07-30
    plugin id 39558
    published 2009-06-28
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=39558
    title Solaris 10 (x86) : 138827-12 (deprecated)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_11_POSTGRESQL-090324.NASL
    description Remote authenticated users could crash the postgresql server by requesting a conversion with an inappropriate encoding. (CVE-2009-0922)
    last seen 2019-02-21
    modified 2013-10-25
    plugin id 41450
    published 2009-09-24
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=41450
    title SuSE 11 Security Update : PostgreSQL (SAT Patch Number 674)
  • NASL family SuSE Local Security Checks
    NASL id SUSE9_12383.NASL
    description Remote authenticated users could crash the postgresql server by requesting a conversion with an inappropriate encoding. (CVE-2009-0922)
    last seen 2019-02-21
    modified 2012-04-23
    plugin id 41288
    published 2009-09-24
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=41288
    title SuSE9 Security Update : PostgreSQL (YOU Patch Number 12383)
  • NASL family CentOS Local Security Checks
    NASL id CENTOS_RHSA-2009-1484.NASL
    description Updated postgresql packages that fix two security issues are now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. PostgreSQL is an advanced object-relational database management system (DBMS). It was discovered that the upstream patch for CVE-2007-6600 included in the Red Hat Security Advisory RHSA-2008:0038 did not include protection against misuse of the RESET ROLE and RESET SESSION AUTHORIZATION commands. An authenticated user could use this flaw to install malicious code that would later execute with superuser privileges. (CVE-2009-3230) A flaw was found in the way PostgreSQL handled encoding conversion. A remote, authenticated user could trigger an encoding conversion failure, possibly leading to a temporary denial of service. Note: To exploit this issue, a locale and client encoding for which specific messages fail to translate must be selected (the availability of these is determined by an administrator-defined locale setting). (CVE-2009-0922) Note: For Red Hat Enterprise Linux 4, this update upgrades PostgreSQL to version 7.4.26. For Red Hat Enterprise Linux 5, this update upgrades PostgreSQL to version 8.1.18. Refer to the PostgreSQL Release Notes for a list of changes : http://www.postgresql.org/docs/7.4/static/release.html http://www.postgresql.org/docs/8.1/static/release.html All PostgreSQL users should upgrade to these updated packages, which resolve these issues. If the postgresql service is running, it will be automatically restarted after installing this update.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 43800
    published 2010-01-06
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=43800
    title CentOS 4 / 5 : postgresql (CESA-2009:1484)
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS10_123590.NASL
    description SunOS 5.10: PostgreSQL patch. Date this patch was last updated by Sun : Jan/14/10 This plugin has been deprecated and either replaced with individual 123590 patch-revision plugins, or deemed non-security related.
    last seen 2019-02-21
    modified 2018-07-30
    plugin id 24845
    published 2007-03-18
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=24845
    title Solaris 10 (sparc) : 123590-12 (deprecated)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_POSTGRESQL-6115.NASL
    description Remote authenticated users could crash the postgresql server by requesting a conversion with an inappropriate encoding (CVE-2009-0922).
    last seen 2019-02-21
    modified 2014-06-13
    plugin id 36169
    published 2009-04-16
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=36169
    title openSUSE 10 Security Update : postgresql (postgresql-6115)
  • NASL family Mandriva Local Security Checks
    NASL id MANDRIVA_MDVSA-2009-079.NASL
    description PostgreSQL before 8.3.7, 8.2.13, 8.1.17, 8.0.21, and 7.4.25 allows remote authenticated users to cause a denial of service (stack consumption and crash) by triggering a failure in the conversion of a localized error message to a client-specified encoding, as demonstrated using mismatched encoding conversion requests (CVE-2009-0922). This update provides a fix for this vulnerability.
    last seen 2019-02-21
    modified 2019-01-02
    plugin id 37346
    published 2009-04-23
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=37346
    title Mandriva Linux Security Advisory : postgresql (MDVSA-2009:079)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_11_1_POSTGRESQL-090324.NASL
    description Remote authenticated users could crash the postgresql server by requesting a conversion with an inappropriate encoding (CVE-2009-0922).
    last seen 2019-02-21
    modified 2014-06-13
    plugin id 40299
    published 2009-07-21
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=40299
    title openSUSE Security Update : postgresql (postgresql-675)
  • NASL family Ubuntu Local Security Checks
    NASL id UBUNTU_USN-753-1.NASL
    description It was discovered that PostgreSQL did not properly handle encoding conversion failures. An attacker could exploit this by sending specially crafted requests to PostgreSQL, leading to a denial of service. Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2019-01-02
    plugin id 37152
    published 2009-04-23
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=37152
    title Ubuntu 6.06 LTS / 8.04 LTS / 8.10 : postgresql-8.1, postgresql-8.3 vulnerability (USN-753-1)
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS10_138826-12.NASL
    description SunOS 5.10: PostgreSQL 8.3 core patch. Date this patch was last updated by Sun : Mar/29/13
    last seen 2018-10-27
    modified 2018-10-26
    plugin id 107507
    published 2018-03-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=107507
    title Solaris 10 (sparc) : 138826-12
  • NASL family Oracle Linux Local Security Checks
    NASL id ORACLELINUX_ELSA-2009-1484.NASL
    description From Red Hat Security Advisory 2009:1484 : Updated postgresql packages that fix two security issues are now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. PostgreSQL is an advanced object-relational database management system (DBMS). It was discovered that the upstream patch for CVE-2007-6600 included in the Red Hat Security Advisory RHSA-2008:0038 did not include protection against misuse of the RESET ROLE and RESET SESSION AUTHORIZATION commands. An authenticated user could use this flaw to install malicious code that would later execute with superuser privileges. (CVE-2009-3230) A flaw was found in the way PostgreSQL handled encoding conversion. A remote, authenticated user could trigger an encoding conversion failure, possibly leading to a temporary denial of service. Note: To exploit this issue, a locale and client encoding for which specific messages fail to translate must be selected (the availability of these is determined by an administrator-defined locale setting). (CVE-2009-0922) Note: For Red Hat Enterprise Linux 4, this update upgrades PostgreSQL to version 7.4.26. For Red Hat Enterprise Linux 5, this update upgrades PostgreSQL to version 8.1.18. Refer to the PostgreSQL Release Notes for a list of changes : http://www.postgresql.org/docs/7.4/static/release.html http://www.postgresql.org/docs/8.1/static/release.html All PostgreSQL users should upgrade to these updated packages, which resolve these issues. If the postgresql service is running, it will be automatically restarted after installing this update.
    last seen 2019-02-21
    modified 2016-12-07
    plugin id 67936
    published 2013-07-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=67936
    title Oracle Linux 4 / 5 : postgresql (ELSA-2009-1484)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_POSTGRESQL-6114.NASL
    description Remote authenticated users could crash the postgresql server by requesting a conversion with an inappropriate encoding. (CVE-2009-0922)
    last seen 2019-02-21
    modified 2012-05-17
    plugin id 41579
    published 2009-09-24
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=41579
    title SuSE 10 Security Update : PostgreSQL (ZYPP Patch Number 6114)
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS10_136998-10.NASL
    description SunOS 5.10: PostgreSQL 8.2 core patch. Date this patch was last updated by Sun : Jun/09/11
    last seen 2018-10-27
    modified 2018-10-26
    plugin id 107480
    published 2018-03-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=107480
    title Solaris 10 (sparc) : 136998-10
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2009-1484.NASL
    description Updated postgresql packages that fix two security issues are now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. PostgreSQL is an advanced object-relational database management system (DBMS). It was discovered that the upstream patch for CVE-2007-6600 included in the Red Hat Security Advisory RHSA-2008:0038 did not include protection against misuse of the RESET ROLE and RESET SESSION AUTHORIZATION commands. An authenticated user could use this flaw to install malicious code that would later execute with superuser privileges. (CVE-2009-3230) A flaw was found in the way PostgreSQL handled encoding conversion. A remote, authenticated user could trigger an encoding conversion failure, possibly leading to a temporary denial of service. Note: To exploit this issue, a locale and client encoding for which specific messages fail to translate must be selected (the availability of these is determined by an administrator-defined locale setting). (CVE-2009-0922) Note: For Red Hat Enterprise Linux 4, this update upgrades PostgreSQL to version 7.4.26. For Red Hat Enterprise Linux 5, this update upgrades PostgreSQL to version 8.1.18. Refer to the PostgreSQL Release Notes for a list of changes : http://www.postgresql.org/docs/7.4/static/release.html http://www.postgresql.org/docs/8.1/static/release.html All PostgreSQL users should upgrade to these updated packages, which resolve these issues. If the postgresql service is running, it will be automatically restarted after installing this update.
    last seen 2019-02-21
    modified 2018-11-27
    plugin id 42064
    published 2009-10-08
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=42064
    title RHEL 4 / 5 : postgresql (RHSA-2009:1484)
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2009-2959.NASL
    description Update to PostgreSQL 8.3.7, for various fixes described at http://www.postgresql.org/docs/8.3/static/release-8-3-7.html Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-12-24
    plugin id 36811
    published 2009-04-23
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=36811
    title Fedora 10 : postgresql-8.3.7-1.fc10 (2009-2959)
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS10_X86_123591.NASL
    description SunOS 5.10_x86: PostgreSQL patch. Date this patch was last updated by Sun : Jan/14/10 This plugin has been deprecated and either replaced with individual 123591 patch-revision plugins, or deemed non-security related.
    last seen 2019-02-21
    modified 2018-07-30
    plugin id 24849
    published 2007-03-18
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=24849
    title Solaris 10 (x86) : 123591-12 (deprecated)
  • NASL family Scientific Linux Local Security Checks
    NASL id SL_20091007_POSTGRESQL_ON_SL3_X.NASL
    description CVE-2009-0922 postgresql: potential DoS due to conversion functions CVE-2009-3230 postgresql: SQL privilege escalation, incomplete fix for CVE-2007-6600 It was discovered that the upstream patch for CVE-2007-6600 included in the Scientific Linux did not include protection against misuse of the RESET ROLE and RESET SESSION AUTHORIZATION commands. An authenticated user could use this flaw to install malicious code that would later execute with superuser privileges. (CVE-2009-3230) A flaw was found in the way PostgreSQL handled encoding conversion. A remote, authenticated user could trigger an encoding conversion failure, possibly leading to a temporary denial of service. Note: To exploit this issue, a locale and client encoding for which specific messages fail to translate must be selected (the availability of these is determined by an administrator-defined locale setting). (CVE-2009-0922) Note: For Scientific Linux 4, this update upgrades PostgreSQL to version 7.4.26. For Scientific Linux 5, this update upgrades PostgreSQL to version 8.1.18. Refer to the PostgreSQL Release Notes for a list of changes : http://www.postgresql.org/docs/7.4/static/release.html http://www.postgresql.org/docs/8.1/static/release.html If the postgresql service is running, it will be automatically restarted after installing this update.
    last seen 2019-02-21
    modified 2019-01-02
    plugin id 60675
    published 2012-08-01
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=60675
    title Scientific Linux Security Update : postgresql on SL3.x, SL4.x, SL5.x i386/x86_64
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS10_123590-12.NASL
    description SunOS 5.10: PostgreSQL patch. Date this patch was last updated by Sun : Jan/14/10
    last seen 2018-10-27
    modified 2018-10-26
    plugin id 107391
    published 2018-03-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=107391
    title Solaris 10 (sparc) : 123590-12
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS10_136998.NASL
    description SunOS 5.10: PostgreSQL 8.2 core patch. Date this patch was last updated by Sun : Jun/09/11 This plugin has been deprecated and either replaced with individual 136998 patch-revision plugins, or deemed non-security related.
    last seen 2019-02-21
    modified 2018-07-30
    plugin id 30169
    published 2008-02-05
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=30169
    title Solaris 10 (sparc) : 136998-10 (deprecated)
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS10_X86_136999-10.NASL
    description SunOS 5.10_x86: PostgreSQL 8.2 core patch. Date this patch was last updated by Sun : Jun/09/11
    last seen 2018-10-31
    modified 2018-10-29
    plugin id 107978
    published 2018-03-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=107978
    title Solaris 10 (x86) : 136999-10
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2009-2927.NASL
    description Update to PostgreSQL 8.3.7, for various fixes described at http://www.postgresql.org/docs/8.3/static/release-8-3-7.html Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-12-24
    plugin id 35995
    published 2009-03-24
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=35995
    title Fedora 9 : postgresql-8.3.7-1.fc9 (2009-2927)
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS10_X86_136999.NASL
    description SunOS 5.10_x86: PostgreSQL 8.2 core patch. Date this patch was last updated by Sun : Jun/09/11 This plugin has been deprecated and either replaced with individual 136999 patch-revision plugins, or deemed non-security related.
    last seen 2019-02-21
    modified 2018-07-30
    plugin id 30175
    published 2008-02-05
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=30175
    title Solaris 10 (x86) : 136999-10 (deprecated)
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS10_138826.NASL
    description SunOS 5.10: PostgreSQL 8.3 core patch. Date this patch was last updated by Sun : Mar/29/13 This plugin has been deprecated and either replaced with individual 138826 patch-revision plugins, or deemed non-security related.
    last seen 2019-02-21
    modified 2018-07-30
    plugin id 39555
    published 2009-06-28
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=39555
    title Solaris 10 (sparc) : 138826-12 (deprecated)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_11_0_POSTGRESQL-090324.NASL
    description Remote authenticated users could crash the postgresql server by requesting a conversion with an inappropriate encoding (CVE-2009-0922).
    last seen 2019-02-21
    modified 2014-06-13
    plugin id 40113
    published 2009-07-21
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=40113
    title openSUSE Security Update : postgresql (postgresql-675)
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS10_X86_123591-12.NASL
    description SunOS 5.10_x86: PostgreSQL patch. Date this patch was last updated by Sun : Jan/14/10
    last seen 2018-10-31
    modified 2018-10-29
    plugin id 107893
    published 2018-03-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=107893
    title Solaris 10 (x86) : 123591-12
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS10_X86_138827-12.NASL
    description SunOS 5.10_x86: PostgreSQL 8.3 core patch. Date this patch was last updated by Sun : Mar/29/13
    last seen 2018-10-31
    modified 2018-10-29
    plugin id 108005
    published 2018-03-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=108005
    title Solaris 10 (x86) : 138827-12
oval via4
  • accepted 2013-04-29T04:09:32.967-04:00
    class vulnerability
    contributors
    • name Aharon Chernin
      organization SCAP.com, LLC
    • name Dragos Prisaca
      organization G2, Inc.
    definition_extensions
    • comment The operating system installed on the system is Red Hat Enterprise Linux 4
      oval oval:org.mitre.oval:def:11831
    • comment CentOS Linux 4.x
      oval oval:org.mitre.oval:def:16636
    • comment Oracle Linux 4.x
      oval oval:org.mitre.oval:def:15990
    • comment The operating system installed on the system is Red Hat Enterprise Linux 5
      oval oval:org.mitre.oval:def:11414
    • comment The operating system installed on the system is CentOS Linux 5.x
      oval oval:org.mitre.oval:def:15802
    • comment Oracle Linux 5.x
      oval oval:org.mitre.oval:def:15459
    description PostgreSQL before 8.3.7, 8.2.13, 8.1.17, 8.0.21, and 7.4.25 allows remote authenticated users to cause a denial of service (stack consumption and crash) by triggering a failure in the conversion of a localized error message to a client-specified encoding, as demonstrated using mismatched encoding conversion requests.
    family unix
    id oval:org.mitre.oval:def:10874
    status accepted
    submitted 2010-07-09T03:56:16-04:00
    title PostgreSQL before 8.3.7, 8.2.13, 8.1.17, 8.0.21, and 7.4.25 allows remote authenticated users to cause a denial of service (stack consumption and crash) by triggering a failure in the conversion of a localized error message to a client-specified encoding, as demonstrated using mismatched encoding conversion requests.
    version 24
  • accepted 2009-09-07T04:00:13.826-04:00
    class vulnerability
    contributors
    name Pai Peng
    organization Hewlett-Packard
    definition_extensions
    • comment Solaris 10 (SPARC) is installed
      oval oval:org.mitre.oval:def:1440
    • comment Solaris 10 (SPARC) is installed
      oval oval:org.mitre.oval:def:1440
    • comment Solaris 10 (SPARC) is installed
      oval oval:org.mitre.oval:def:1440
    • comment Solaris 10 (x86) is installed
      oval oval:org.mitre.oval:def:1926
    • comment Solaris 10 (x86) is installed
      oval oval:org.mitre.oval:def:1926
    • comment Solaris 10 (x86) is installed
      oval oval:org.mitre.oval:def:1926
    description PostgreSQL before 8.3.7, 8.2.13, 8.1.17, 8.0.21, and 7.4.25 allows remote authenticated users to cause a denial of service (stack consumption and crash) by triggering a failure in the conversion of a localized error message to a client-specified encoding, as demonstrated using mismatched encoding conversion requests.
    family unix
    id oval:org.mitre.oval:def:6252
    status accepted
    submitted 2009-07-28T11:46:34.000-04:00
    title Security Vulnerability in PostgreSQL Shipped with Solaris may Allow a Denial of Service (DoS)
    version 31
redhat via4
advisories
rhsa
id RHSA-2009:1067
rpms
  • postgresql-0:7.4.26-1.el4_8.1
  • postgresql-contrib-0:7.4.26-1.el4_8.1
  • postgresql-devel-0:7.4.26-1.el4_8.1
  • postgresql-docs-0:7.4.26-1.el4_8.1
  • postgresql-jdbc-0:7.4.26-1.el4_8.1
  • postgresql-libs-0:7.4.26-1.el4_8.1
  • postgresql-pl-0:7.4.26-1.el4_8.1
  • postgresql-python-0:7.4.26-1.el4_8.1
  • postgresql-server-0:7.4.26-1.el4_8.1
  • postgresql-tcl-0:7.4.26-1.el4_8.1
  • postgresql-test-0:7.4.26-1.el4_8.1
  • postgresql-0:8.1.18-2.el5_4.1
  • postgresql-contrib-0:8.1.18-2.el5_4.1
  • postgresql-devel-0:8.1.18-2.el5_4.1
  • postgresql-docs-0:8.1.18-2.el5_4.1
  • postgresql-libs-0:8.1.18-2.el5_4.1
  • postgresql-pl-0:8.1.18-2.el5_4.1
  • postgresql-python-0:8.1.18-2.el5_4.1
  • postgresql-server-0:8.1.18-2.el5_4.1
  • postgresql-tcl-0:8.1.18-2.el5_4.1
  • postgresql-test-0:8.1.18-2.el5_4.1
refmap via4
bid 34090
bugtraq 20090519 rPSA-2009-0086-1 postgresql postgresql-contrib postgresql-server
confirm
fedora
  • FEDORA-2009-2927
  • FEDORA-2009-2959
hp
  • HPSBMU02781
  • SSRT100617
mandriva MDVSA-2009:079
mlist
  • [oss-security] 20090311 CVE request -- postgresql
  • [pgsql-bugs] 20090227 BUG #4680: Server crashed if using wrong (mismatch) conversion functions
  • [pgsql-bugs] 20090227 Re: BUG #4680: Server crashed if using wrong (mismatch) conversion functions
sectrack 1021860
secunia
  • 34453
  • 35100
sunalert
  • 1020455
  • 258808
suse SUSE-SR:2009:009
vupen
  • ADV-2009-0767
  • ADV-2009-1316
statements via4
contributor Tomas Hoger
lastmodified 2009-10-08
organization Red Hat
statement This issue has been addressed in Red Hat Enterprise Linux 4 and 5 via: https://rhn.redhat.com/errata/RHSA-2009-1484.html and in Red Hat Application Stack v2 via: https://rhn.redhat.com/errata/RHSA-2009-1067.html
Last major update 22-08-2016 - 21:59
Published 17-03-2009 - 13:30
Last modified 10-10-2018 - 15:32
Back to Top