Описание
The DBLink module in PostgreSQL 8.2 before 8.2.6, 8.1 before 8.1.11, 8.0 before 8.0.15, 7.4 before 7.4.19, and 7.3 before 7.3.21, when local trust or ident authentication is used, allows remote attackers to gain privileges via unspecified vectors. NOTE: this issue exists because of an incomplete fix for CVE-2007-3278.
The DBLink module in PostgreSQL 8.2 before 8.2.6, 8.1 before 8.1.11, 8.0 before 8.0.15, 7.4 before 7.4.19, and 7.3 before 7.3.21, when local trust or ident authentication is used, allows remote attackers to gain privileges via unspecified vectors. NOTE: this issue exists because of an incomplete fix for CVE-2007-3278.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2007-6601
- https://exchange.xforce.ibmcloud.com/vulnerabilities/39500
- https://issues.rpath.com/browse/RPL-1768
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11127
- https://usn.ubuntu.com/568-1
- https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00397.html
- https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00469.html
- http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01420154
- http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00000.html
- http://secunia.com/advisories/28359
- http://secunia.com/advisories/28376
- http://secunia.com/advisories/28437
- http://secunia.com/advisories/28438
- http://secunia.com/advisories/28445
- http://secunia.com/advisories/28454
- http://secunia.com/advisories/28455
- http://secunia.com/advisories/28464
- http://secunia.com/advisories/28477
- http://secunia.com/advisories/28479
- http://secunia.com/advisories/28679
- http://secunia.com/advisories/28698
- http://secunia.com/advisories/29638
- http://security.gentoo.org/glsa/glsa-200801-15.xml
- http://securitytracker.com/id?1019157
- http://sunsolve.sun.com/search/document.do?assetkey=1-26-103197-1
- http://sunsolve.sun.com/search/document.do?assetkey=1-66-200559-1
- http://www.debian.org/security/2008/dsa-1460
- http://www.debian.org/security/2008/dsa-1463
- http://www.mandriva.com/security/advisories?name=MDVSA-2008:004
- http://www.postgresql.org/about/news.905
- http://www.redhat.com/support/errata/RHSA-2008-0038.html
- http://www.redhat.com/support/errata/RHSA-2008-0039.html
- http://www.redhat.com/support/errata/RHSA-2008-0040.html
- http://www.securityfocus.com/archive/1/485864/100/0/threaded
- http://www.securityfocus.com/archive/1/486407/100/0/threaded
- http://www.securityfocus.com/bid/27163
- http://www.vupen.com/english/advisories/2008/0061
- http://www.vupen.com/english/advisories/2008/0109
- http://www.vupen.com/english/advisories/2008/1071/references
Связанные уязвимости
The DBLink module in PostgreSQL 8.2 before 8.2.6, 8.1 before 8.1.11, 8.0 before 8.0.15, 7.4 before 7.4.19, and 7.3 before 7.3.21, when local trust or ident authentication is used, allows remote attackers to gain privileges via unspecified vectors. NOTE: this issue exists because of an incomplete fix for CVE-2007-3278.
The DBLink module in PostgreSQL 8.2 before 8.2.6, 8.1 before 8.1.11, 8.0 before 8.0.15, 7.4 before 7.4.19, and 7.3 before 7.3.21, when local trust or ident authentication is used, allows remote attackers to gain privileges via unspecified vectors. NOTE: this issue exists because of an incomplete fix for CVE-2007-3278.
The DBLink module in PostgreSQL 8.2 before 8.2.6, 8.1 before 8.1.11, 8.0 before 8.0.15, 7.4 before 7.4.19, and 7.3 before 7.3.21, when local trust or ident authentication is used, allows remote attackers to gain privileges via unspecified vectors. NOTE: this issue exists because of an incomplete fix for CVE-2007-3278.
The DBLink module in PostgreSQL 8.2 before 8.2.6, 8.1 before 8.1.11, 8 ...
ELSA-2008-0038: Moderate: postgresql security update (MODERATE)