CVE-2007-0555
First published: Tue Feb 06 2007(Updated: )
PostgreSQL 7.3 before 7.3.13, 7.4 before 7.4.16, 8.0 before 8.0.11, 8.1 before 8.1.7, and 8.2 before 8.2.2 allows attackers to disable certain checks for the data types of SQL function arguments, which allows remote authenticated users to cause a denial of service (server crash) and possibly access database content.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| PostgreSQL | >=7.3<7.3.18 | |
| PostgreSQL | >=7.4<7.4.16 | |
| PostgreSQL | >=8.0<8.0.11 | |
| PostgreSQL | >=8.1<8.1.7 | |
| PostgreSQL | >=8.2<8.2.2 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://fedoranews.org/cms/node/2554
- http://lists.rpath.com/pipermail/security-announce/2007-February/000141.html
- http://osvdb.org/33087
- http://secunia.com/advisories/24028
- http://secunia.com/advisories/24033
- http://secunia.com/advisories/24042
- http://secunia.com/advisories/24050
- http://secunia.com/advisories/24057
- http://secunia.com/advisories/24094
- http://secunia.com/advisories/24151
- http://secunia.com/advisories/24158
- http://secunia.com/advisories/24284
- http://secunia.com/advisories/24315
- http://secunia.com/advisories/24513
- http://secunia.com/advisories/24577
- http://secunia.com/advisories/25220
- http://security.gentoo.org/glsa/glsa-200703-15.xml
- http://securitytracker.com/id?1017597
- http://sunsolve.sun.com/search/document.do?assetkey=1-26-102825-1
- http://support.avaya.com/elmodocs2/security/ASA-2007-117.htm
- http://www.debian.org/security/2007/dsa-1261
- http://www.mandriva.com/security/advisories?name=MDKSA-2007:037
- http://www.novell.com/linux/security/advisories/2007_10_sr.html
- http://www.postgresql.org/support/security
- http://www.redhat.com/support/errata/RHSA-2007-0064.html
- http://www.redhat.com/support/errata/RHSA-2007-0067.html
- http://www.redhat.com/support/errata/RHSA-2007-0068.html
- http://www.securityfocus.com/archive/1/459280/100/0/threaded
- http://www.securityfocus.com/archive/1/459448/100/0/threaded
- http://www.securityfocus.com/bid/22387
- http://www.trustix.org/errata/2007/0007
- http://www.ubuntu.com/usn/usn-417-2
- http://www.vupen.com/english/advisories/2007/0478
- http://www.vupen.com/english/advisories/2007/0774
- https://exchange.xforce.ibmcloud.com/vulnerabilities/32195
- https://issues.rpath.com/browse/RPL-1025
- https://issues.rpath.com/browse/RPL-830
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9739
- https://usn.ubuntu.com/417-1/
- agent/type
- agent/references
- agent/weakness
- agent/severity
- agent/author
- agent/softwarecombine
- agent/description
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/first-publish-date
- agent/event
- agent/source
- agent/tags
- collector/nvd-historical
- agent/software-canonical-lookup-request
- collector/nvd-index
- vendor/postgresql
- canonical/postgresql
- version/postgresql/7.3
- version/postgresql/7.4
- version/postgresql/8.0
- version/postgresql/8.1
- version/postgresql/8.2