Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2009-3230

Опубликовано: 17 сент. 2009
Источник: ubuntu
Приоритет: medium
EPSS Низкий
CVSS2: 6.5

Описание

The core server component in PostgreSQL 8.4 before 8.4.1, 8.3 before 8.3.8, 8.2 before 8.2.14, 8.1 before 8.1.18, 8.0 before 8.0.22, and 7.4 before 7.4.26 does not use the appropriate privileges for the (1) RESET ROLE and (2) RESET SESSION AUTHORIZATION operations, which allows remote authenticated users to gain privileges. NOTE: this is due to an incomplete fix for CVE-2007-6600.

РелизСтатусПримечание
dapper

released

8.1.18-0ubuntu0.6.06
devel

DNE

hardy

DNE

intrepid

DNE

jaunty

DNE

upstream

released

8.1.18

Показывать по

РелизСтатусПримечание
dapper

DNE

devel

not-affected

8.3.8-1
hardy

released

8.3.8-0ubuntu8.04
intrepid

released

8.3.8-0ubuntu8.10
jaunty

released

8.3.8-0ubuntu9.04
upstream

released

8.3.8

Показывать по

Ссылки на источники

EPSS

Процентиль: 76%
0.00993
Низкий

6.5 Medium

CVSS2

Связанные уязвимости

redhat логотип

CVE-2009-3230

redhat
почти 16 лет назад

The core server component in PostgreSQL 8.4 before 8.4.1, 8.3 before 8.3.8, 8.2 before 8.2.14, 8.1 before 8.1.18, 8.0 before 8.0.22, and 7.4 before 7.4.26 does not use the appropriate privileges for the (1) RESET ROLE and (2) RESET SESSION AUTHORIZATION operations, which allows remote authenticated users to gain privileges. NOTE: this is due to an incomplete fix for CVE-2007-6600.

nvd логотип

CVE-2009-3230

nvd
почти 16 лет назад

The core server component in PostgreSQL 8.4 before 8.4.1, 8.3 before 8.3.8, 8.2 before 8.2.14, 8.1 before 8.1.18, 8.0 before 8.0.22, and 7.4 before 7.4.26 does not use the appropriate privileges for the (1) RESET ROLE and (2) RESET SESSION AUTHORIZATION operations, which allows remote authenticated users to gain privileges. NOTE: this is due to an incomplete fix for CVE-2007-6600.

debian логотип

CVE-2009-3230

debian
почти 16 лет назад

The core server component in PostgreSQL 8.4 before 8.4.1, 8.3 before 8 ...

github логотип

GHSA-cjf3-jm6v-3h96

github
около 3 лет назад

The core server component in PostgreSQL 8.4 before 8.4.1, 8.3 before 8.3.8, 8.2 before 8.2.14, 8.1 before 8.1.18, 8.0 before 8.0.22, and 7.4 before 7.4.26 does not use the appropriate privileges for the (1) RESET ROLE and (2) RESET SESSION AUTHORIZATION operations, which allows remote authenticated users to gain privileges. NOTE: this is due to an incomplete fix for CVE-2007-6600.

oracle-oval логотип

ELSA-2009-1484

oracle-oval
больше 15 лет назад

ELSA-2009-1484: postgresql security update (MODERATE)

EPSS

Процентиль: 76%
0.00993
Низкий

6.5 Medium

CVSS2