ID CVE-2010-4015
Summary Buffer overflow in the gettoken function in contrib/intarray/_int_bool.c in the intarray array module in PostgreSQL 9.0.x before 9.0.3, 8.4.x before 8.4.7, 8.3.x before 8.3.14, and 8.2.x before 8.2.20 allows remote authenticated users to cause a denial of service (crash) and possibly execute arbitrary code via integers with a large number of digits to unspecified functions.
References
Vulnerable Configurations
  • PostgreSQL 8.3.11
    cpe:2.3:a:postgresql:postgresql:8.3.11
  • PostgreSQL 8.3.8
    cpe:2.3:a:postgresql:postgresql:8.3.8
  • PostgreSQL 8.3.6
    cpe:2.3:a:postgresql:postgresql:8.3.6
  • PostgreSQL 8.3.10
    cpe:2.3:a:postgresql:postgresql:8.3.10
  • PostgreSQL 8.3.9
    cpe:2.3:a:postgresql:postgresql:8.3.9
  • PostgreSQL 8.3.7
    cpe:2.3:a:postgresql:postgresql:8.3.7
  • PostgreSQL 8.3.5
    cpe:2.3:a:postgresql:postgresql:8.3.5
  • PostgreSQL 8.3.2
    cpe:2.3:a:postgresql:postgresql:8.3.2
  • PostgreSQL 8.3.1
    cpe:2.3:a:postgresql:postgresql:8.3.1
  • PostgreSQL 8.3.4
    cpe:2.3:a:postgresql:postgresql:8.3.4
  • PostgreSQL 8.3.3
    cpe:2.3:a:postgresql:postgresql:8.3.3
  • PostgreSQL 8.3
    cpe:2.3:a:postgresql:postgresql:8.3
  • PostgreSQL 8.3.12
    cpe:2.3:a:postgresql:postgresql:8.3.12
  • PostgreSQL 8.3.13
    cpe:2.3:a:postgresql:postgresql:8.3.13
  • PostgreSQL 9.0
    cpe:2.3:a:postgresql:postgresql:9.0
  • PostgreSQL 9.0.1
    cpe:2.3:a:postgresql:postgresql:9.0.1
  • PostgreSQL 9.0.2
    cpe:2.3:a:postgresql:postgresql:9.0.2
  • PostgreSQL 8.4
    cpe:2.3:a:postgresql:postgresql:8.4
  • PostgreSQL 8.4.2
    cpe:2.3:a:postgresql:postgresql:8.4.2
  • PostgreSQL 8.4.3
    cpe:2.3:a:postgresql:postgresql:8.4.3
  • PostgreSQL 8.4.4
    cpe:2.3:a:postgresql:postgresql:8.4.4
  • PostgreSQL 8.4.1
    cpe:2.3:a:postgresql:postgresql:8.4.1
  • PostgreSQL 8.4.5
    cpe:2.3:a:postgresql:postgresql:8.4.5
  • PostgreSQL 8.4.6
    cpe:2.3:a:postgresql:postgresql:8.4.6
  • PostgreSQL 8.2.3
    cpe:2.3:a:postgresql:postgresql:8.2.3
  • PostgreSQL 8.2.2
    cpe:2.3:a:postgresql:postgresql:8.2.2
  • PostgreSQL 8.2.17
    cpe:2.3:a:postgresql:postgresql:8.2.17
  • PostgreSQL 8.2.14
    cpe:2.3:a:postgresql:postgresql:8.2.14
  • PostgreSQL 8.2.12
    cpe:2.3:a:postgresql:postgresql:8.2.12
  • PostgreSQL 8.2.5
    cpe:2.3:a:postgresql:postgresql:8.2.5
  • PostgreSQL 8.2.4
    cpe:2.3:a:postgresql:postgresql:8.2.4
  • PostgreSQL 8.2.16
    cpe:2.3:a:postgresql:postgresql:8.2.16
  • PostgreSQL 8.2.15
    cpe:2.3:a:postgresql:postgresql:8.2.15
  • PostgreSQL 8.2
    cpe:2.3:a:postgresql:postgresql:8.2
  • PostgreSQL 8.2.1
    cpe:2.3:a:postgresql:postgresql:8.2.1
  • PostgreSQL 8.2.7
    cpe:2.3:a:postgresql:postgresql:8.2.7
  • PostgreSQL 8.2.6
    cpe:2.3:a:postgresql:postgresql:8.2.6
  • PostgreSQL 8.2.11
    cpe:2.3:a:postgresql:postgresql:8.2.11
  • PostgreSQL 8.2.9
    cpe:2.3:a:postgresql:postgresql:8.2.9
  • PostgreSQL 8.2.8
    cpe:2.3:a:postgresql:postgresql:8.2.8
  • PostgreSQL 8.2.13
    cpe:2.3:a:postgresql:postgresql:8.2.13
  • PostgreSQL 8.2.10
    cpe:2.3:a:postgresql:postgresql:8.2.10
  • PostgreSQL 8.2.18
    cpe:2.3:a:postgresql:postgresql:8.2.18
  • cpe:2.3:a:postgresql:postgresql:8.2.19
    cpe:2.3:a:postgresql:postgresql:8.2.19
CVSS
Base: 6.5 (as of 02-02-2011 - 13:01)
Impact:
Exploitability:
CWE CWE-189
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW SINGLE_INSTANCE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
nessus via4
  • NASL family Gentoo Local Security Checks
    NASL id GENTOO_GLSA-201110-22.NASL
    description The remote host is affected by the vulnerability described in GLSA-201110-22 (PostgreSQL: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in PostgreSQL. Please review the CVE identifiers referenced below for details. Impact : A remote authenticated attacker could send a specially crafted SQL query to a PostgreSQL server with the 'intarray' module enabled, possibly resulting in the execution of arbitrary code with the privileges of the PostgreSQL server process, or a Denial of Service condition. Furthermore, a remote authenticated attacker could execute arbitrary Perl code, cause a Denial of Service condition via different vectors, bypass LDAP authentication, bypass X.509 certificate validation, gain database privileges, exploit weak blowfish encryption and possibly cause other unspecified impact. Workaround : There is no known workaround at this time.
    last seen 2019-02-21
    modified 2018-07-11
    plugin id 56626
    published 2011-10-25
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=56626
    title GLSA-201110-22 : PostgreSQL: Multiple vulnerabilities
  • NASL family SuSE Local Security Checks
    NASL id SUSE_POSTGRESQL-7341.NASL
    description A buffer overflow in the intarray module potentially allowed attackers to execute arbitrary code as the user running postgresql (CVE-2010-4015:CVSS v2 Base Score: 4.9). Additionally a possible log forging problem was fixed too. (CVE-2010-4014)
    last seen 2019-02-21
    modified 2012-05-17
    plugin id 53237
    published 2011-03-31
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=53237
    title SuSE 10 Security Update : PostgreSQL (ZYPP Patch Number 7341)
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS10_X86_138827.NASL
    description SunOS 5.10_x86: PostgreSQL 8.3 core patch. Date this patch was last updated by Sun : Mar/29/13 This plugin has been deprecated and either replaced with individual 138827 patch-revision plugins, or deemed non-security related.
    last seen 2019-02-21
    modified 2018-07-30
    plugin id 39558
    published 2009-06-28
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=39558
    title Solaris 10 (x86) : 138827-12 (deprecated)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_11_3_POSTGRESQL-110217.NASL
    description A buffer overflow in the intarray module potentially allowed attackers to execute arbitrary code as the user running postgresql (CVE-2010-4015:CVSS v2 Base Score: 4.9). Additionally a possible log forging problem was fixed too. (CVE-2010-4014)
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 75713
    published 2014-06-13
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=75713
    title openSUSE Security Update : postgresql (openSUSE-SU-2011:0254-1)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_11_2_POSTGRESQL-110217.NASL
    description A buffer overflow in the intarray module potentially allowed attackers to execute arbitrary code as the user running postgresql (CVE-2010-4015:CVSS v2 Base Score: 4.9). Additionally a possible log forging problem was fixed too. (CVE-2010-4014)
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 53793
    published 2011-05-05
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=53793
    title openSUSE Security Update : postgresql (openSUSE-SU-2011:0254-1)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_11_POSTGRESQL-110217.NASL
    description A buffer overflow in the intarray module potentially allowed attackers to execute arbitrary code as the user running PostgreSQL (CVE-2010-4015: CVSS v2 Base Score: 4.9). Additionally a possible log forging problem was fixed too. (CVE-2010-4014)
    last seen 2019-02-21
    modified 2013-10-25
    plugin id 53230
    published 2011-03-31
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=53230
    title SuSE 11.1 Security Update : PostgreSQL (SAT Patch Number 3977)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_POSTGRESQL-7404.NASL
    description A buffer overflow in the intarray module potentially allowed attackers to execute arbitrary code as the user running postgresql. (CVE-2010-4015:CVSS v2 Base Score: 4.9) Additionally a possible log forging problem was fixed too. (CVE-2010-4014)
    last seen 2019-02-21
    modified 2012-05-17
    plugin id 57244
    published 2011-12-13
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=57244
    title SuSE 10 Security Update : PostgreSQL (ZYPP Patch Number 7404)
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS10_X86_138823.NASL
    description SunOS 5.10_x86: PostgreSQL 8.3 documentation patch. Date this patch was last updated by Sun : Mar/29/13 This plugin has been deprecated and either replaced with individual 138823 patch-revision plugins, or deemed non-security related.
    last seen 2019-02-21
    modified 2018-07-30
    plugin id 39556
    published 2009-06-28
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=39556
    title Solaris 10 (x86) : 138823-12 (deprecated)
  • NASL family Scientific Linux Local Security Checks
    NASL id SL_20110203_POSTGRESQL_ON_SL4_X.NASL
    description A stack-based buffer overflow flaw was found in the way PostgreSQL processed certain tokens from a SQL query when the intarray module was enabled on a particular database. An authenticated database user running a specially crafted SQL query could use this flaw to cause a temporary denial of service (postgres daemon crash) or, potentially, execute arbitrary code with the privileges of the database server. (CVE-2010-4015) For Scientific Linux 4, the updated postgresql packages contain a backported patch for this issue; there are no other changes. For Scientific Linux 5, the updated postgresql packages upgrade PostgreSQL to version 8.1.23, and contain a backported patch for this issue. Refer to the PostgreSQL Release Notes for a full list of changes : http://www.postgresql.org/docs/8.1/static/release.html If the postgresql service is running, it will be automatically restarted after installing this update.
    last seen 2019-02-21
    modified 2018-12-31
    plugin id 60951
    published 2012-08-01
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=60951
    title Scientific Linux Security Update : postgresql on SL4.x, SL5.x i386/x86_64
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS10_X86_137001.NASL
    description SunOS 5.10_x86: PostgreSQL 8.2 documentation patch. Date this patch was last updated by Sun : Jun/09/11 This plugin has been deprecated and either replaced with individual 137001 patch-revision plugins, or deemed non-security related.
    last seen 2019-02-21
    modified 2018-07-30
    plugin id 31335
    published 2008-03-04
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=31335
    title Solaris 10 (x86) : 137001-08 (deprecated)
  • NASL family Misc.
    NASL id JUNIPER_NSM_2012_1.NASL
    description According to the version of one or more Juniper NSM servers running on the remote host, it is potentially vulnerable to multiple vulnerabilities, the worst of which may allow an authenticated user to trigger a denial of service condition or execute arbitrary code.
    last seen 2019-02-21
    modified 2018-11-15
    plugin id 69872
    published 2013-09-13
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=69872
    title Juniper NSM Servers < 2012.1 Multiple Vulnerabilities
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2011-0990.NASL
    description Update to PostgreSQL 8.4.7, for various fixes described at http://www.postgresql.org/docs/8.4/static/release-8-4-7.html including the fix for CVE-2010-4015 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-12-24
    plugin id 51897
    published 2011-02-08
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=51897
    title Fedora 14 : postgresql-8.4.7-1.fc14 (2011-0990)
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS10_138824.NASL
    description SunOS 5.10: PostgreSQL 8.3 source code patch. Date this patch was last updated by Sun : Mar/29/13 This plugin has been deprecated and either replaced with individual 138824 patch-revision plugins, or deemed non-security related.
    last seen 2019-02-21
    modified 2018-07-30
    plugin id 39554
    published 2009-06-28
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=39554
    title Solaris 10 (sparc) : 138824-12 (deprecated)
  • NASL family Oracle Linux Local Security Checks
    NASL id ORACLELINUX_ELSA-2011-0197.NASL
    description From Red Hat Security Advisory 2011:0197 : Updated postgresql packages that fix one security issue are now available for Red Hat Enterprise Linux 4, 5, and 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. PostgreSQL is an advanced object-relational database management system (DBMS). A stack-based buffer overflow flaw was found in the way PostgreSQL processed certain tokens from a SQL query when the intarray module was enabled on a particular database. An authenticated database user running a specially crafted SQL query could use this flaw to cause a temporary denial of service (postgres daemon crash) or, potentially, execute arbitrary code with the privileges of the database server. (CVE-2010-4015) Red Hat would like to thank Geoff Keating of the Apple Product Security team for reporting this issue. For Red Hat Enterprise Linux 4, the updated postgresql packages contain a backported patch for this issue; there are no other changes. For Red Hat Enterprise Linux 5, the updated postgresql packages upgrade PostgreSQL to version 8.1.23, and contain a backported patch for this issue. Refer to the PostgreSQL Release Notes for a full list of changes : http://www.postgresql.org/docs/8.1/static/release.html For Red Hat Enterprise Linux 6, the updated postgresql packages upgrade PostgreSQL to version 8.4.7, which includes a fix for this issue. Refer to the PostgreSQL Release Notes for a full list of changes : http://www.postgresql.org/docs/8.4/static/release.html All PostgreSQL users are advised to upgrade to these updated packages, which correct this issue. If the postgresql service is running, it will be automatically restarted after installing this update.
    last seen 2019-02-21
    modified 2018-07-18
    plugin id 68193
    published 2013-07-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=68193
    title Oracle Linux 4 / 5 / 6 : postgresql (ELSA-2011-0197)
  • NASL family Databases
    NASL id POSTGRESQL_20110201.NASL
    description The version of PostgreSQL installed on the remote host is 8.2.x prior to 8.2.20, 8.3.x prior to 8.3.14, 8.4.x prior to 8.4.7, or 9.0.x prior to 9.0.3. It therefore is potentially affected by a buffer overflow vulnerability. By calling functions from the intarray optional module with certain parameters, a remote, authenticated attacker could execute arbitrary code on the remote host subject to the privileges of the user running the affected application.
    last seen 2019-02-21
    modified 2018-11-15
    plugin id 63351
    published 2012-12-28
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=63351
    title PostgreSQL 8.2 < 8.2.20 / 8.3 < 8.3.14 / 8.4 < 8.4.7 / 9.0 < 9.0.3 Buffer Overflow Vulnerability
  • NASL family Mandriva Local Security Checks
    NASL id MANDRIVA_MDVSA-2011-021.NASL
    description A vulnerability was discovered and corrected in postgresql : Buffer overflow in the gettoken function in contrib/intarray/_int_bool.c in the intarray array module in PostgreSQL 9.0.x before 9.0.3, 8.4.x before 8.4.7, 8.3.x before 8.3.14, and 8.2.x before 8.2.20 allows remote authenticated users to cause a denial of service (crash) and possibly execute arbitrary code via integers with a large number of digits to unspecified functions (CVE-2010-4015). Packages for 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more: http://store.mandriva.com/product_info.php?cPath=149 products_id=490 This update provides a solution to this vulnerability.
    last seen 2019-02-21
    modified 2018-11-15
    plugin id 51898
    published 2011-02-08
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=51898
    title Mandriva Linux Security Advisory : postgresql (MDVSA-2011:021)
  • NASL family CentOS Local Security Checks
    NASL id CENTOS_RHSA-2011-0198.NASL
    description Updated postgresql84 packages that fix one security issue are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. PostgreSQL is an advanced object-relational database management system (DBMS). A stack-based buffer overflow flaw was found in the way PostgreSQL processed certain tokens from a SQL query when the intarray module was enabled on a particular database. An authenticated database user running a specially crafted SQL query could use this flaw to cause a temporary denial of service (postgres daemon crash) or, potentially, execute arbitrary code with the privileges of the database server. (CVE-2010-4015) Red Hat would like to thank Geoff Keating of the Apple Product Security team for reporting this issue. These updated postgresql84 packages upgrade PostgreSQL to version 8.4.7. Refer to the PostgreSQL Release Notes for a full list of changes : http://www.postgresql.org/docs/8.4/static/release.html All PostgreSQL users are advised to upgrade to these updated packages, which correct this issue. If the postgresql service is running, it will be automatically restarted after installing this update.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 53417
    published 2011-04-15
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=53417
    title CentOS 5 : postgresql84 (CESA-2011:0198)
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS10_137000.NASL
    description SunOS 5.10: PostgreSQL 8.2 documentation patch. Date this patch was last updated by Sun : Jun/09/11 This plugin has been deprecated and either replaced with individual 137000 patch-revision plugins, or deemed non-security related.
    last seen 2019-02-21
    modified 2018-07-30
    plugin id 31331
    published 2008-03-04
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=31331
    title Solaris 10 (sparc) : 137000-08 (deprecated)
  • NASL family Debian Local Security Checks
    NASL id DEBIAN_DSA-2157.NASL
    description It was discovered that PostgreSQL's intarray contrib module does not properly handle integers with a large number of digits, leading to a server crash and potentially arbitrary code execution.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 51862
    published 2011-02-04
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=51862
    title Debian DSA-2157-1 : postgresql-8.3, postgresql-8.4, postgresql-9.0 - buffer overflow
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS10_X86_137005.NASL
    description SunOS 5.10_x86: PostgreSQL 8.2 source code patch. Date this patch was last updated by Sun : Jun/09/11 This plugin has been deprecated and either replaced with individual 137005 patch-revision plugins, or deemed non-security related.
    last seen 2019-02-21
    modified 2018-07-30
    plugin id 31336
    published 2008-03-04
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=31336
    title Solaris 10 (x86) : 137005-09 (deprecated)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2011-0197.NASL
    description Updated postgresql packages that fix one security issue are now available for Red Hat Enterprise Linux 4, 5, and 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. PostgreSQL is an advanced object-relational database management system (DBMS). A stack-based buffer overflow flaw was found in the way PostgreSQL processed certain tokens from a SQL query when the intarray module was enabled on a particular database. An authenticated database user running a specially crafted SQL query could use this flaw to cause a temporary denial of service (postgres daemon crash) or, potentially, execute arbitrary code with the privileges of the database server. (CVE-2010-4015) Red Hat would like to thank Geoff Keating of the Apple Product Security team for reporting this issue. For Red Hat Enterprise Linux 4, the updated postgresql packages contain a backported patch for this issue; there are no other changes. For Red Hat Enterprise Linux 5, the updated postgresql packages upgrade PostgreSQL to version 8.1.23, and contain a backported patch for this issue. Refer to the PostgreSQL Release Notes for a full list of changes : http://www.postgresql.org/docs/8.1/static/release.html For Red Hat Enterprise Linux 6, the updated postgresql packages upgrade PostgreSQL to version 8.4.7, which includes a fix for this issue. Refer to the PostgreSQL Release Notes for a full list of changes : http://www.postgresql.org/docs/8.4/static/release.html All PostgreSQL users are advised to upgrade to these updated packages, which correct this issue. If the postgresql service is running, it will be automatically restarted after installing this update.
    last seen 2019-02-21
    modified 2018-11-26
    plugin id 51868
    published 2011-02-04
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=51868
    title RHEL 4 / 5 / 6 : postgresql (RHSA-2011:0197)
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2011-0963.NASL
    description Update to PostgreSQL 8.4.7, for various fixes described at http://www.postgresql.org/docs/8.4/static/release-8-4-7.html including the fix for CVE-2010-4015 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-12-24
    plugin id 51927
    published 2011-02-10
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=51927
    title Fedora 13 : postgresql-8.4.7-1.fc13 (2011-0963)
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS10_X86_138825.NASL
    description SunOS 5.10_x86: PostgreSQL 8.3 source code patch. Date this patch was last updated by Sun : Mar/29/13 This plugin has been deprecated and either replaced with individual 138825 patch-revision plugins, or deemed non-security related.
    last seen 2019-02-21
    modified 2018-07-30
    plugin id 39557
    published 2009-06-28
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=39557
    title Solaris 10 (x86) : 138825-12 (deprecated)
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS10_137004.NASL
    description SunOS 5.10: PostgreSQL 8.2 source code patch. Date this patch was last updated by Sun : Jun/09/11 This plugin has been deprecated and either replaced with individual 137004 patch-revision plugins, or deemed non-security related.
    last seen 2019-02-21
    modified 2018-07-30
    plugin id 31332
    published 2008-03-04
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=31332
    title Solaris 10 (sparc) : 137004-09 (deprecated)
  • NASL family CentOS Local Security Checks
    NASL id CENTOS_RHSA-2011-0197.NASL
    description Updated postgresql packages that fix one security issue are now available for Red Hat Enterprise Linux 4, 5, and 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. PostgreSQL is an advanced object-relational database management system (DBMS). A stack-based buffer overflow flaw was found in the way PostgreSQL processed certain tokens from a SQL query when the intarray module was enabled on a particular database. An authenticated database user running a specially crafted SQL query could use this flaw to cause a temporary denial of service (postgres daemon crash) or, potentially, execute arbitrary code with the privileges of the database server. (CVE-2010-4015) Red Hat would like to thank Geoff Keating of the Apple Product Security team for reporting this issue. For Red Hat Enterprise Linux 4, the updated postgresql packages contain a backported patch for this issue; there are no other changes. For Red Hat Enterprise Linux 5, the updated postgresql packages upgrade PostgreSQL to version 8.1.23, and contain a backported patch for this issue. Refer to the PostgreSQL Release Notes for a full list of changes : http://www.postgresql.org/docs/8.1/static/release.html For Red Hat Enterprise Linux 6, the updated postgresql packages upgrade PostgreSQL to version 8.4.7, which includes a fix for this issue. Refer to the PostgreSQL Release Notes for a full list of changes : http://www.postgresql.org/docs/8.4/static/release.html All PostgreSQL users are advised to upgrade to these updated packages, which correct this issue. If the postgresql service is running, it will be automatically restarted after installing this update.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 51888
    published 2011-02-06
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=51888
    title CentOS 4 / 5 : postgresql (CESA-2011:0197)
  • NASL family Ubuntu Local Security Checks
    NASL id UBUNTU_USN-1058-1.NASL
    description Geoff Keating reported that a buffer overflow exists in the intarray module's input function for the query_int type. This could allow an attacker to cause a denial of service or possibly execute arbitrary code as the postgres user. Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-12-01
    plugin id 51871
    published 2011-02-04
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=51871
    title Ubuntu 6.06 LTS / 8.04 LTS / 9.10 / 10.04 LTS / 10.10 : postgresql-8.1, postgresql-8.3, postgresql-8.4 vulnerability (USN-1058-1)
  • NASL family Scientific Linux Local Security Checks
    NASL id SL_20110203_POSTGRESQL84_ON_SL5_X.NASL
    description A stack-based buffer overflow flaw was found in the way PostgreSQL processed certain tokens from a SQL query when the intarray module was enabled on a particular database. An authenticated database user running a specially crafted SQL query could use this flaw to cause a temporary denial of service (postgres daemon crash) or, potentially, execute arbitrary code with the privileges of the database server. (CVE-2010-4015) These updated postgresql84 packages upgrade PostgreSQL to version 8.4.7. Refer to the PostgreSQL Release Notes for a full list of changes : http://www.postgresql.org/docs/8.4/static/release.html If the postgresql service is running, it will be automatically restarted after installing this update.
    last seen 2019-02-21
    modified 2018-12-31
    plugin id 60950
    published 2012-08-01
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=60950
    title Scientific Linux Security Update : postgresql84 on SL5.x i386/x86_64
  • NASL family Oracle Linux Local Security Checks
    NASL id ORACLELINUX_ELSA-2011-0198.NASL
    description From Red Hat Security Advisory 2011:0198 : Updated postgresql84 packages that fix one security issue are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. PostgreSQL is an advanced object-relational database management system (DBMS). A stack-based buffer overflow flaw was found in the way PostgreSQL processed certain tokens from a SQL query when the intarray module was enabled on a particular database. An authenticated database user running a specially crafted SQL query could use this flaw to cause a temporary denial of service (postgres daemon crash) or, potentially, execute arbitrary code with the privileges of the database server. (CVE-2010-4015) Red Hat would like to thank Geoff Keating of the Apple Product Security team for reporting this issue. These updated postgresql84 packages upgrade PostgreSQL to version 8.4.7. Refer to the PostgreSQL Release Notes for a full list of changes : http://www.postgresql.org/docs/8.4/static/release.html All PostgreSQL users are advised to upgrade to these updated packages, which correct this issue. If the postgresql service is running, it will be automatically restarted after installing this update.
    last seen 2019-02-21
    modified 2018-07-18
    plugin id 68194
    published 2013-07-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=68194
    title Oracle Linux 5 : postgresql84 (ELSA-2011-0198)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2011-0198.NASL
    description Updated postgresql84 packages that fix one security issue are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. PostgreSQL is an advanced object-relational database management system (DBMS). A stack-based buffer overflow flaw was found in the way PostgreSQL processed certain tokens from a SQL query when the intarray module was enabled on a particular database. An authenticated database user running a specially crafted SQL query could use this flaw to cause a temporary denial of service (postgres daemon crash) or, potentially, execute arbitrary code with the privileges of the database server. (CVE-2010-4015) Red Hat would like to thank Geoff Keating of the Apple Product Security team for reporting this issue. These updated postgresql84 packages upgrade PostgreSQL to version 8.4.7. Refer to the PostgreSQL Release Notes for a full list of changes : http://www.postgresql.org/docs/8.4/static/release.html All PostgreSQL users are advised to upgrade to these updated packages, which correct this issue. If the postgresql service is running, it will be automatically restarted after installing this update.
    last seen 2019-02-21
    modified 2018-11-26
    plugin id 51869
    published 2011-02-04
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=51869
    title RHEL 5 : postgresql84 (RHSA-2011:0198)
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS10_138822.NASL
    description SunOS 5.10: PostgreSQL 8.3 documentation patch. Date this patch was last updated by Sun : Mar/29/13 This plugin has been deprecated and either replaced with individual 138822 patch-revision plugins, or deemed non-security related.
    last seen 2019-02-21
    modified 2018-07-30
    plugin id 39553
    published 2009-06-28
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=39553
    title Solaris 10 (sparc) : 138822-12 (deprecated)
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS10_136998.NASL
    description SunOS 5.10: PostgreSQL 8.2 core patch. Date this patch was last updated by Sun : Jun/09/11 This plugin has been deprecated and either replaced with individual 136998 patch-revision plugins, or deemed non-security related.
    last seen 2019-02-21
    modified 2018-07-30
    plugin id 30169
    published 2008-02-05
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=30169
    title Solaris 10 (sparc) : 136998-10 (deprecated)
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS10_X86_136999.NASL
    description SunOS 5.10_x86: PostgreSQL 8.2 core patch. Date this patch was last updated by Sun : Jun/09/11 This plugin has been deprecated and either replaced with individual 136999 patch-revision plugins, or deemed non-security related.
    last seen 2019-02-21
    modified 2018-07-30
    plugin id 30175
    published 2008-02-05
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=30175
    title Solaris 10 (x86) : 136999-10 (deprecated)
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS10_138826.NASL
    description SunOS 5.10: PostgreSQL 8.3 core patch. Date this patch was last updated by Sun : Mar/29/13 This plugin has been deprecated and either replaced with individual 138826 patch-revision plugins, or deemed non-security related.
    last seen 2019-02-21
    modified 2018-07-30
    plugin id 39555
    published 2009-06-28
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=39555
    title Solaris 10 (sparc) : 138826-12 (deprecated)
redhat via4
advisories
  • bugzilla
    id 664402
    title CVE-2010-4015 PostgreSQL: Stack-based buffer overflow by processing certain tokens from SQL query string when intarray module enabled
    oval
    OR
    • AND
      • comment Red Hat Enterprise Linux 4 is installed
        oval oval:com.redhat.rhsa:tst:20060016001
      • OR
        • AND
          • comment postgresql is earlier than 0:7.4.30-1.el4_8.2
            oval oval:com.redhat.rhsa:tst:20110197002
          • comment postgresql is signed with Red Hat master key
            oval oval:com.redhat.rhsa:tst:20070064026
        • AND
          • comment postgresql-contrib is earlier than 0:7.4.30-1.el4_8.2
            oval oval:com.redhat.rhsa:tst:20110197006
          • comment postgresql-contrib is signed with Red Hat master key
            oval oval:com.redhat.rhsa:tst:20070064038
        • AND
          • comment postgresql-devel is earlier than 0:7.4.30-1.el4_8.2
            oval oval:com.redhat.rhsa:tst:20110197012
          • comment postgresql-devel is signed with Red Hat master key
            oval oval:com.redhat.rhsa:tst:20070064036
        • AND
          • comment postgresql-docs is earlier than 0:7.4.30-1.el4_8.2
            oval oval:com.redhat.rhsa:tst:20110197014
          • comment postgresql-docs is signed with Red Hat master key
            oval oval:com.redhat.rhsa:tst:20070064046
        • AND
          • comment postgresql-jdbc is earlier than 0:7.4.30-1.el4_8.2
            oval oval:com.redhat.rhsa:tst:20110197018
          • comment postgresql-jdbc is signed with Red Hat master key
            oval oval:com.redhat.rhsa:tst:20070064032
        • AND
          • comment postgresql-libs is earlier than 0:7.4.30-1.el4_8.2
            oval oval:com.redhat.rhsa:tst:20110197016
          • comment postgresql-libs is signed with Red Hat master key
            oval oval:com.redhat.rhsa:tst:20070064030
        • AND
          • comment postgresql-pl is earlier than 0:7.4.30-1.el4_8.2
            oval oval:com.redhat.rhsa:tst:20110197004
          • comment postgresql-pl is signed with Red Hat master key
            oval oval:com.redhat.rhsa:tst:20070064028
        • AND
          • comment postgresql-python is earlier than 0:7.4.30-1.el4_8.2
            oval oval:com.redhat.rhsa:tst:20110197022
          • comment postgresql-python is signed with Red Hat master key
            oval oval:com.redhat.rhsa:tst:20070064044
        • AND
          • comment postgresql-server is earlier than 0:7.4.30-1.el4_8.2
            oval oval:com.redhat.rhsa:tst:20110197020
          • comment postgresql-server is signed with Red Hat master key
            oval oval:com.redhat.rhsa:tst:20070064034
        • AND
          • comment postgresql-tcl is earlier than 0:7.4.30-1.el4_8.2
            oval oval:com.redhat.rhsa:tst:20110197010
          • comment postgresql-tcl is signed with Red Hat master key
            oval oval:com.redhat.rhsa:tst:20070064040
        • AND
          • comment postgresql-test is earlier than 0:7.4.30-1.el4_8.2
            oval oval:com.redhat.rhsa:tst:20110197008
          • comment postgresql-test is signed with Red Hat master key
            oval oval:com.redhat.rhsa:tst:20070064042
    • AND
      • OR
        • comment Red Hat Enterprise Linux 6 Client is installed
          oval oval:com.redhat.rhsa:tst:20100842001
        • comment Red Hat Enterprise Linux 6 Server is installed
          oval oval:com.redhat.rhsa:tst:20100842002
        • comment Red Hat Enterprise Linux 6 Workstation is installed
          oval oval:com.redhat.rhsa:tst:20100842003
        • comment Red Hat Enterprise Linux 6 ComputeNode is installed
          oval oval:com.redhat.rhsa:tst:20100842004
      • OR
        • AND
          • comment postgresql is earlier than 0:8.4.7-1.el6_0.1
            oval oval:com.redhat.rhsa:tst:20110197028
          • comment postgresql is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20100908006
        • AND
          • comment postgresql-contrib is earlier than 0:8.4.7-1.el6_0.1
            oval oval:com.redhat.rhsa:tst:20110197046
          • comment postgresql-contrib is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20100908014
        • AND
          • comment postgresql-devel is earlier than 0:8.4.7-1.el6_0.1
            oval oval:com.redhat.rhsa:tst:20110197036
          • comment postgresql-devel is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20100908010
        • AND
          • comment postgresql-docs is earlier than 0:8.4.7-1.el6_0.1
            oval oval:com.redhat.rhsa:tst:20110197038
          • comment postgresql-docs is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20100908016
        • AND
          • comment postgresql-libs is earlier than 0:8.4.7-1.el6_0.1
            oval oval:com.redhat.rhsa:tst:20110197042
          • comment postgresql-libs is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20100908024
        • AND
          • comment postgresql-plperl is earlier than 0:8.4.7-1.el6_0.1
            oval oval:com.redhat.rhsa:tst:20110197034
          • comment postgresql-plperl is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20100908022
        • AND
          • comment postgresql-plpython is earlier than 0:8.4.7-1.el6_0.1
            oval oval:com.redhat.rhsa:tst:20110197030
          • comment postgresql-plpython is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20100908018
        • AND
          • comment postgresql-pltcl is earlier than 0:8.4.7-1.el6_0.1
            oval oval:com.redhat.rhsa:tst:20110197040
          • comment postgresql-pltcl is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20100908020
        • AND
          • comment postgresql-server is earlier than 0:8.4.7-1.el6_0.1
            oval oval:com.redhat.rhsa:tst:20110197044
          • comment postgresql-server is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20100908012
        • AND
          • comment postgresql-test is earlier than 0:8.4.7-1.el6_0.1
            oval oval:com.redhat.rhsa:tst:20110197032
          • comment postgresql-test is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20100908008
    • AND
      • comment Red Hat Enterprise Linux 5 is installed
        oval oval:com.redhat.rhsa:tst:20070055001
      • OR
        • AND
          • comment postgresql is earlier than 0:8.1.23-1.el5_6.1
            oval oval:com.redhat.rhsa:tst:20110197049
          • comment postgresql is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhsa:tst:20070068003
        • AND
          • comment postgresql-contrib is earlier than 0:8.1.23-1.el5_6.1
            oval oval:com.redhat.rhsa:tst:20110197053
          • comment postgresql-contrib is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhsa:tst:20070068013
        • AND
          • comment postgresql-devel is earlier than 0:8.1.23-1.el5_6.1
            oval oval:com.redhat.rhsa:tst:20110197063
          • comment postgresql-devel is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhsa:tst:20070068009
        • AND
          • comment postgresql-docs is earlier than 0:8.1.23-1.el5_6.1
            oval oval:com.redhat.rhsa:tst:20110197051
          • comment postgresql-docs is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhsa:tst:20070068005
        • AND
          • comment postgresql-libs is earlier than 0:8.1.23-1.el5_6.1
            oval oval:com.redhat.rhsa:tst:20110197061
          • comment postgresql-libs is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhsa:tst:20070068011
        • AND
          • comment postgresql-pl is earlier than 0:8.1.23-1.el5_6.1
            oval oval:com.redhat.rhsa:tst:20110197067
          • comment postgresql-pl is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhsa:tst:20070068017
        • AND
          • comment postgresql-python is earlier than 0:8.1.23-1.el5_6.1
            oval oval:com.redhat.rhsa:tst:20110197057
          • comment postgresql-python is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhsa:tst:20070068015
        • AND
          • comment postgresql-server is earlier than 0:8.1.23-1.el5_6.1
            oval oval:com.redhat.rhsa:tst:20110197059
          • comment postgresql-server is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhsa:tst:20070068019
        • AND
          • comment postgresql-tcl is earlier than 0:8.1.23-1.el5_6.1
            oval oval:com.redhat.rhsa:tst:20110197065
          • comment postgresql-tcl is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhsa:tst:20070068007
        • AND
          • comment postgresql-test is earlier than 0:8.1.23-1.el5_6.1
            oval oval:com.redhat.rhsa:tst:20110197055
          • comment postgresql-test is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhsa:tst:20070068021
    rhsa
    id RHSA-2011:0197
    released 2011-02-03
    severity Moderate
    title RHSA-2011:0197: postgresql security update (Moderate)
  • bugzilla
    id 664402
    title CVE-2010-4015 PostgreSQL: Stack-based buffer overflow by processing certain tokens from SQL query string when intarray module enabled
    oval
    AND
    • comment Red Hat Enterprise Linux 5 is installed
      oval oval:com.redhat.rhsa:tst:20070055001
    • OR
      • AND
        • comment postgresql84 is earlier than 0:8.4.7-1.el5_6.1
          oval oval:com.redhat.rhsa:tst:20110198002
        • comment postgresql84 is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20100430003
      • AND
        • comment postgresql84-contrib is earlier than 0:8.4.7-1.el5_6.1
          oval oval:com.redhat.rhsa:tst:20110198020
        • comment postgresql84-contrib is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20100430023
      • AND
        • comment postgresql84-devel is earlier than 0:8.4.7-1.el5_6.1
          oval oval:com.redhat.rhsa:tst:20110198022
        • comment postgresql84-devel is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20100430017
      • AND
        • comment postgresql84-docs is earlier than 0:8.4.7-1.el5_6.1
          oval oval:com.redhat.rhsa:tst:20110198004
        • comment postgresql84-docs is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20100430011
      • AND
        • comment postgresql84-libs is earlier than 0:8.4.7-1.el5_6.1
          oval oval:com.redhat.rhsa:tst:20110198018
        • comment postgresql84-libs is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20100430013
      • AND
        • comment postgresql84-plperl is earlier than 0:8.4.7-1.el5_6.1
          oval oval:com.redhat.rhsa:tst:20110198016
        • comment postgresql84-plperl is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20100430005
      • AND
        • comment postgresql84-plpython is earlier than 0:8.4.7-1.el5_6.1
          oval oval:com.redhat.rhsa:tst:20110198010
        • comment postgresql84-plpython is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20100430019
      • AND
        • comment postgresql84-pltcl is earlier than 0:8.4.7-1.el5_6.1
          oval oval:com.redhat.rhsa:tst:20110198012
        • comment postgresql84-pltcl is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20100430015
      • AND
        • comment postgresql84-python is earlier than 0:8.4.7-1.el5_6.1
          oval oval:com.redhat.rhsa:tst:20110198014
        • comment postgresql84-python is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20100430025
      • AND
        • comment postgresql84-server is earlier than 0:8.4.7-1.el5_6.1
          oval oval:com.redhat.rhsa:tst:20110198006
        • comment postgresql84-server is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20100430007
      • AND
        • comment postgresql84-tcl is earlier than 0:8.4.7-1.el5_6.1
          oval oval:com.redhat.rhsa:tst:20110198024
        • comment postgresql84-tcl is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20100430009
      • AND
        • comment postgresql84-test is earlier than 0:8.4.7-1.el5_6.1
          oval oval:com.redhat.rhsa:tst:20110198008
        • comment postgresql84-test is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20100430021
    rhsa
    id RHSA-2011:0198
    released 2011-02-03
    severity Moderate
    title RHSA-2011:0198: postgresql84 security update (Moderate)
rpms
  • postgresql-0:7.4.30-1.el4_8.2
  • postgresql-contrib-0:7.4.30-1.el4_8.2
  • postgresql-devel-0:7.4.30-1.el4_8.2
  • postgresql-docs-0:7.4.30-1.el4_8.2
  • postgresql-jdbc-0:7.4.30-1.el4_8.2
  • postgresql-libs-0:7.4.30-1.el4_8.2
  • postgresql-pl-0:7.4.30-1.el4_8.2
  • postgresql-python-0:7.4.30-1.el4_8.2
  • postgresql-server-0:7.4.30-1.el4_8.2
  • postgresql-tcl-0:7.4.30-1.el4_8.2
  • postgresql-test-0:7.4.30-1.el4_8.2
  • postgresql-0:8.4.7-1.el6_0.1
  • postgresql-contrib-0:8.4.7-1.el6_0.1
  • postgresql-devel-0:8.4.7-1.el6_0.1
  • postgresql-docs-0:8.4.7-1.el6_0.1
  • postgresql-libs-0:8.4.7-1.el6_0.1
  • postgresql-plperl-0:8.4.7-1.el6_0.1
  • postgresql-plpython-0:8.4.7-1.el6_0.1
  • postgresql-pltcl-0:8.4.7-1.el6_0.1
  • postgresql-server-0:8.4.7-1.el6_0.1
  • postgresql-test-0:8.4.7-1.el6_0.1
  • postgresql-0:8.1.23-1.el5_6.1
  • postgresql-contrib-0:8.1.23-1.el5_6.1
  • postgresql-devel-0:8.1.23-1.el5_6.1
  • postgresql-docs-0:8.1.23-1.el5_6.1
  • postgresql-libs-0:8.1.23-1.el5_6.1
  • postgresql-pl-0:8.1.23-1.el5_6.1
  • postgresql-python-0:8.1.23-1.el5_6.1
  • postgresql-server-0:8.1.23-1.el5_6.1
  • postgresql-tcl-0:8.1.23-1.el5_6.1
  • postgresql-test-0:8.1.23-1.el5_6.1
  • postgresql84-0:8.4.7-1.el5_6.1
  • postgresql84-contrib-0:8.4.7-1.el5_6.1
  • postgresql84-devel-0:8.4.7-1.el5_6.1
  • postgresql84-docs-0:8.4.7-1.el5_6.1
  • postgresql84-libs-0:8.4.7-1.el5_6.1
  • postgresql84-plperl-0:8.4.7-1.el5_6.1
  • postgresql84-plpython-0:8.4.7-1.el5_6.1
  • postgresql84-pltcl-0:8.4.7-1.el5_6.1
  • postgresql84-python-0:8.4.7-1.el5_6.1
  • postgresql84-server-0:8.4.7-1.el5_6.1
  • postgresql84-tcl-0:8.4.7-1.el5_6.1
  • postgresql84-test-0:8.4.7-1.el5_6.1
refmap via4
bid 46084
confirm
debian DSA-2157
fedora
  • FEDORA-2011-0963
  • FEDORA-2011-0990
hp
  • HPSBMU02781
  • SSRT100617
mandriva MDVSA-2011:021
osvdb 70740
secunia
  • 43144
  • 43154
  • 43155
  • 43187
  • 43188
  • 43240
suse SUSE-SR:2011:005
ubuntu USN-1058-1
vupen
  • ADV-2011-0262
  • ADV-2011-0278
  • ADV-2011-0283
  • ADV-2011-0287
  • ADV-2011-0299
  • ADV-2011-0303
  • ADV-2011-0349
xf postgresql-gettoken-buffer-overflow(65060)
Last major update 07-12-2016 - 22:01
Published 01-02-2011 - 20:00
Last modified 16-08-2017 - 21:33
Back to Top