CVE-2007-0555
First published: Tue Feb 06 2007(Updated: )
PostgreSQL 7.3 before 7.3.13, 7.4 before 7.4.16, 8.0 before 8.0.11, 8.1 before 8.1.7, and 8.2 before 8.2.2 allows attackers to disable certain checks for the data types of SQL function arguments, which allows remote authenticated users to cause a denial of service (server crash) and possibly access database content.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| PostgreSQL Common | >=7.3<7.3.18 | |
| PostgreSQL Common | >=7.4<7.4.16 | |
| PostgreSQL Common | >=8.0<8.0.11 | |
| PostgreSQL Common | >=8.1<8.1.7 | |
| PostgreSQL Common | >=8.2<8.2.2 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://fedoranews.org/cms/node/2554
- http://lists.rpath.com/pipermail/security-announce/2007-February/000141.html
- http://osvdb.org/33087
- http://secunia.com/advisories/24028
- http://secunia.com/advisories/24033
- http://secunia.com/advisories/24042
- http://secunia.com/advisories/24050
- http://secunia.com/advisories/24057
- http://secunia.com/advisories/24094
- http://secunia.com/advisories/24151
- http://secunia.com/advisories/24158
- http://secunia.com/advisories/24284
- http://secunia.com/advisories/24315
- http://secunia.com/advisories/24513
- http://secunia.com/advisories/24577
- http://secunia.com/advisories/25220
- http://security.gentoo.org/glsa/glsa-200703-15.xml
- http://securitytracker.com/id?1017597
- http://sunsolve.sun.com/search/document.do?assetkey=1-26-102825-1
- http://support.avaya.com/elmodocs2/security/ASA-2007-117.htm
- http://www.debian.org/security/2007/dsa-1261
- http://www.mandriva.com/security/advisories?name=MDKSA-2007:037
- http://www.novell.com/linux/security/advisories/2007_10_sr.html
- http://www.postgresql.org/support/security
- http://www.redhat.com/support/errata/RHSA-2007-0064.html
- http://www.redhat.com/support/errata/RHSA-2007-0067.html
- http://www.redhat.com/support/errata/RHSA-2007-0068.html
- http://www.securityfocus.com/archive/1/459280/100/0/threaded
- http://www.securityfocus.com/archive/1/459448/100/0/threaded
- http://www.securityfocus.com/bid/22387
- http://www.trustix.org/errata/2007/0007
- http://www.ubuntu.com/usn/usn-417-2
- http://www.vupen.com/english/advisories/2007/0478
- http://www.vupen.com/english/advisories/2007/0774
- https://exchange.xforce.ibmcloud.com/vulnerabilities/32195
- https://issues.rpath.com/browse/RPL-1025
- https://issues.rpath.com/browse/RPL-830
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9739
- https://usn.ubuntu.com/417-1/
Frequently Asked Questions
What is the severity of CVE-2007-0555?
CVE-2007-0555 has been identified as a moderate severity vulnerability due to its potential to cause a denial of service and possibly unauthorized access.
How do I fix CVE-2007-0555?
To fix CVE-2007-0555, upgrade your PostgreSQL installation to version 7.3.13, 7.4.16, 8.0.11, 8.1.7, or 8.2.2 or later.
Which versions of PostgreSQL are affected by CVE-2007-0555?
CVE-2007-0555 affects PostgreSQL versions prior to 7.3.13, 7.4.16, 8.0.11, 8.1.7, and 8.2.2.
Can CVE-2007-0555 lead to unauthorized access?
Yes, CVE-2007-0555 can potentially allow remote authenticated users to gain unauthorized access under certain conditions.
What is the impact of exploiting CVE-2007-0555?
Exploiting CVE-2007-0555 may lead to a denial of service, resulting in a server crash.
- agent/type
- agent/references
- agent/weakness
- agent/severity
- agent/author
- agent/description
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/first-publish-date
- agent/event
- agent/source
- agent/tags
- agent/softwarecombine
- collector/nvd-index
- agent/software-canonical-lookup-request
- collector/nvd-historical
- vendor/postgresql
- canonical/postgresql common
- version/postgresql common/7.3
- version/postgresql common/7.4
- version/postgresql common/8.0
- version/postgresql common/8.1
- version/postgresql common/8.2