Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2010-1169

Опубликовано: 17 мая 2010
Источник: redhat
CVSS2: 5.2

Описание

PostgreSQL 7.4 before 7.4.29, 8.0 before 8.0.25, 8.1 before 8.1.21, 8.2 before 8.2.17, 8.3 before 8.3.11, 8.4 before 8.4.4, and 9.0 Beta before 9.0 Beta 2 does not properly restrict PL/perl procedures, which allows remote authenticated users, with database-creation privileges, to execute arbitrary Perl code via a crafted script, related to the Safe module (aka Safe.pm) for Perl. NOTE: some sources report that this issue is the same as CVE-2010-1447.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux Extended Update Support 4.8postgresqlAffected
Red Hat Enterprise Linux Extended Update Support 6.0postgresqlAffected
Red Hat Enterprise Linux 3rh-postgresqlFixedRHSA-2010:042719.05.2010
Red Hat Enterprise Linux 4postgresqlFixedRHSA-2010:042819.05.2010
Red Hat Enterprise Linux 5postgresqlFixedRHSA-2010:042919.05.2010
Red Hat Enterprise Linux 5postgresql84FixedRHSA-2010:043019.05.2010

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate
https://bugzilla.redhat.com/show_bug.cgi?id=582615PostgreSQL: PL/Perl Intended restriction bypass

5.2 Medium

CVSS2

Связанные уязвимости

ubuntu логотип

CVE-2010-1169

ubuntu
около 15 лет назад

PostgreSQL 7.4 before 7.4.29, 8.0 before 8.0.25, 8.1 before 8.1.21, 8.2 before 8.2.17, 8.3 before 8.3.11, 8.4 before 8.4.4, and 9.0 Beta before 9.0 Beta 2 does not properly restrict PL/perl procedures, which allows remote authenticated users, with database-creation privileges, to execute arbitrary Perl code via a crafted script, related to the Safe module (aka Safe.pm) for Perl. NOTE: some sources report that this issue is the same as CVE-2010-1447.

nvd логотип

CVE-2010-1169

nvd
около 15 лет назад

PostgreSQL 7.4 before 7.4.29, 8.0 before 8.0.25, 8.1 before 8.1.21, 8.2 before 8.2.17, 8.3 before 8.3.11, 8.4 before 8.4.4, and 9.0 Beta before 9.0 Beta 2 does not properly restrict PL/perl procedures, which allows remote authenticated users, with database-creation privileges, to execute arbitrary Perl code via a crafted script, related to the Safe module (aka Safe.pm) for Perl. NOTE: some sources report that this issue is the same as CVE-2010-1447.

debian логотип

CVE-2010-1169

debian
около 15 лет назад

PostgreSQL 7.4 before 7.4.29, 8.0 before 8.0.25, 8.1 before 8.1.21, 8. ...

github логотип

GHSA-cjg9-jpjg-2p4r

github
около 3 лет назад

PostgreSQL 7.4 before 7.4.29, 8.0 before 8.0.25, 8.1 before 8.1.21, 8.2 before 8.2.17, 8.3 before 8.3.11, 8.4 before 8.4.4, and 9.0 Beta before 9.0 Beta 2 does not properly restrict PL/perl procedures, which allows remote authenticated users, with database-creation privileges, to execute arbitrary Perl code via a crafted script, related to the Safe module (aka Safe.pm) for Perl. NOTE: some sources report that this issue is the same as CVE-2010-1447.

oracle-oval логотип

ELSA-2010-0430

oracle-oval
около 15 лет назад

ELSA-2010-0430: postgresql84 security update (MODERATE)

5.2 Medium

CVSS2