CVE-2009-3229
First published: Wed Sep 09 2009(Updated: )
The core server component in PostgreSQL 8.4 before 8.4.1, 8.3 before 8.3.8, and 8.2 before 8.2.14 allows remote authenticated users to cause a denial of service (backend shutdown) by "re-LOAD-ing" libraries from a certain plugins directory.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| PostgreSQL Common | =8.2.9 | |
| PostgreSQL Common | =8.3.6 | |
| PostgreSQL Common | =8.2.10 | |
| PostgreSQL Common | =8.2.4 | |
| PostgreSQL Common | =8.2.11 | |
| PostgreSQL Common | =8.2.12 | |
| PostgreSQL Common | =8.2.2 | |
| PostgreSQL Common | =8.3.3 | |
| PostgreSQL Common | =8.3.2 | |
| PostgreSQL Common | =8.2.5 | |
| PostgreSQL Common | =8.4 | |
| PostgreSQL Common | =8.2.1 | |
| PostgreSQL Common | =8.3.1 | |
| PostgreSQL Common | =8.3.5 | |
| PostgreSQL Common | =8.2.7 | |
| PostgreSQL Common | =8.2.6 | |
| PostgreSQL Common | =8.3.7 | |
| PostgreSQL Common | =8.3 | |
| PostgreSQL Common | =8.3.4 | |
| PostgreSQL Common | =8.2.3 | |
| PostgreSQL Common | =8.2.8 | |
| PostgreSQL Common | =8.2.13 | |
| PostgreSQL Common | =8.2 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://www.redhat.com/archives/fedora-package-announce/2009-September/msg00305.html
- https://bugzilla.redhat.com/show_bug.cgi?id=522092
- http://www.postgresql.org/support/security.html
- http://www.securityfocus.com/bid/36314
- http://secunia.com/advisories/36727
- http://www.postgresql.org/docs/8.3/static/release-8-3-8.html
- https://www.redhat.com/archives/fedora-package-announce/2009-September/msg00307.html
- http://secunia.com/advisories/36660
- http://www.us.debian.org/security/2009/dsa-1900
- http://secunia.com/advisories/36837
- http://lists.opensuse.org/opensuse-security-announce/2009-10/msg00001.html
- http://sunsolve.sun.com/search/document.do?assetkey=1-66-270408-1
- http://lists.opensuse.org/opensuse-security-announce/2009-10/msg00004.html
- http://secunia.com/advisories/36800
- http://www.ubuntu.com/usn/usn-834-1
- http://wiki.rpath.com/wiki/Advisories:rPSA-2010-0012
- http://marc.info/?l=bugtraq&m=134124585221119&w=2
- http://www.securityfocus.com/archive/1/509917/100/0/threaded
- http://admin.fedoraproject.org/updates/postgresql-8.3.8-1.fc11
- http://admin.fedoraproject.org/updates/postgresql-8.3.8-1.fc10
- https://access.redhat.com/security/cve/CVE-2009-3229
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3229
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=522092
- https://rhn.redhat.com/errata/RHSA-2009-1461.html
- https://www.cve.org/CVERecord?id=CVE-2009-3229 https://nvd.nist.gov/vuln/detail/CVE-2009-3229
- https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3229.json
Frequently Asked Questions
What is the severity of CVE-2009-3229?
CVE-2009-3229 has a severity rating of medium due to its potential to cause denial of service.
How do I fix CVE-2009-3229?
To fix CVE-2009-3229, upgrade your PostgreSQL installation to version 8.4.1 or later.
What versions of PostgreSQL are affected by CVE-2009-3229?
CVE-2009-3229 affects PostgreSQL versions 8.4 prior to 8.4.1, 8.3 prior to 8.3.8, and 8.2 prior to 8.2.14.
What is the impact of CVE-2009-3229 on PostgreSQL?
The impact of CVE-2009-3229 allows remote authenticated users to cause a shutdown of the backend server.
Is CVE-2009-3229 a remote vulnerability?
Yes, CVE-2009-3229 is a remote vulnerability that can be exploited by authenticated users.
- agent/type
- agent/first-publish-date
- collector/redhat-bugzilla
- source/Red Hat
- alias/CVE-2009-3229
- collector/redhat-cve
- agent/weakness
- agent/references
- agent/author
- agent/severity
- agent/description
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/event
- agent/source
- agent/tags
- agent/softwarecombine
- collector/nvd-historical
- agent/software-canonical-lookup-request
- collector/nvd-index
- vendor/postgresql
- canonical/postgresql common
- version/postgresql common/8.2.9
- version/postgresql common/8.3.6
- version/postgresql common/8.2.10
- version/postgresql common/8.2.4
- version/postgresql common/8.2.11
- version/postgresql common/8.2.12
- version/postgresql common/8.2.2
- version/postgresql common/8.3.3
- version/postgresql common/8.3.2
- version/postgresql common/8.2.5
- version/postgresql common/8.4
- version/postgresql common/8.2.1
- version/postgresql common/8.3.1
- version/postgresql common/8.3.5
- version/postgresql common/8.2.7
- version/postgresql common/8.2.6
- version/postgresql common/8.3.7
- version/postgresql common/8.3
- version/postgresql common/8.3.4
- version/postgresql common/8.2.3
- version/postgresql common/8.2.8
- version/postgresql common/8.2.13
- version/postgresql common/8.2