First published: Wed Sep 09 2009(Updated: )
The core server component in PostgreSQL 8.4 before 8.4.1, 8.3 before 8.3.8, 8.2 before 8.2.14, 8.1 before 8.1.18, 8.0 before 8.0.22, and 7.4 before 7.4.26 does not use the appropriate privileges for the (1) RESET ROLE and (2) RESET SESSION AUTHORIZATION operations, which allows remote authenticated users to gain privileges. NOTE: this is due to an incomplete fix for CVE-2007-6600.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
redhat/postgresql | <0:7.4.26-1.el4_8.1 | 0:7.4.26-1.el4_8.1 |
redhat/postgresql | <0:8.1.18-2.el5_4.1 | 0:8.1.18-2.el5_4.1 |
PostgreSQL PostgreSQL | =7.4 | |
PostgreSQL PostgreSQL | =7.4.1 | |
PostgreSQL PostgreSQL | =7.4.2 | |
PostgreSQL PostgreSQL | =7.4.3 | |
PostgreSQL PostgreSQL | =7.4.4 | |
PostgreSQL PostgreSQL | =7.4.5 | |
PostgreSQL PostgreSQL | =7.4.6 | |
PostgreSQL PostgreSQL | =7.4.7 | |
PostgreSQL PostgreSQL | =7.4.8 | |
PostgreSQL PostgreSQL | =7.4.9 | |
PostgreSQL PostgreSQL | =7.4.10 | |
PostgreSQL PostgreSQL | =7.4.11 | |
PostgreSQL PostgreSQL | =7.4.12 | |
PostgreSQL PostgreSQL | =7.4.13 | |
PostgreSQL PostgreSQL | =7.4.14 | |
PostgreSQL PostgreSQL | =7.4.15 | |
PostgreSQL PostgreSQL | =7.4.16 | |
PostgreSQL PostgreSQL | =7.4.17 | |
PostgreSQL PostgreSQL | =7.4.18 | |
PostgreSQL PostgreSQL | =7.4.19 | |
PostgreSQL PostgreSQL | =7.4.20 | |
PostgreSQL PostgreSQL | =7.4.21 | |
PostgreSQL PostgreSQL | =7.4.22 | |
PostgreSQL PostgreSQL | =7.4.23 | |
PostgreSQL PostgreSQL | =7.4.24 | |
PostgreSQL PostgreSQL | =7.4.25 | |
PostgreSQL PostgreSQL | =8.0 | |
PostgreSQL PostgreSQL | =8.0.1 | |
PostgreSQL PostgreSQL | =8.0.2 | |
PostgreSQL PostgreSQL | =8.0.3 | |
PostgreSQL PostgreSQL | =8.0.4 | |
PostgreSQL PostgreSQL | =8.0.5 | |
PostgreSQL PostgreSQL | =8.0.6 | |
PostgreSQL PostgreSQL | =8.0.7 | |
PostgreSQL PostgreSQL | =8.0.8 | |
PostgreSQL PostgreSQL | =8.0.9 | |
PostgreSQL PostgreSQL | =8.0.10 | |
PostgreSQL PostgreSQL | =8.0.11 | |
PostgreSQL PostgreSQL | =8.0.12 | |
PostgreSQL PostgreSQL | =8.0.13 | |
PostgreSQL PostgreSQL | =8.0.14 | |
PostgreSQL PostgreSQL | =8.0.15 | |
PostgreSQL PostgreSQL | =8.0.16 | |
PostgreSQL PostgreSQL | =8.0.17 | |
PostgreSQL PostgreSQL | =8.0.18 | |
PostgreSQL PostgreSQL | =8.0.19 | |
PostgreSQL PostgreSQL | =8.0.20 | |
PostgreSQL PostgreSQL | =8.0.21 | |
PostgreSQL PostgreSQL | =8.1 | |
PostgreSQL PostgreSQL | =8.1.1 | |
PostgreSQL PostgreSQL | =8.1.2 | |
PostgreSQL PostgreSQL | =8.1.3 | |
PostgreSQL PostgreSQL | =8.1.4 | |
PostgreSQL PostgreSQL | =8.1.5 | |
PostgreSQL PostgreSQL | =8.1.6 | |
PostgreSQL PostgreSQL | =8.1.7 | |
PostgreSQL PostgreSQL | =8.1.8 | |
PostgreSQL PostgreSQL | =8.1.9 | |
PostgreSQL PostgreSQL | =8.1.10 | |
PostgreSQL PostgreSQL | =8.1.11 | |
PostgreSQL PostgreSQL | =8.1.12 | |
PostgreSQL PostgreSQL | =8.1.13 | |
PostgreSQL PostgreSQL | =8.1.14 | |
PostgreSQL PostgreSQL | =8.1.15 | |
PostgreSQL PostgreSQL | =8.1.16 | |
PostgreSQL PostgreSQL | =8.2 | |
PostgreSQL PostgreSQL | =8.2.1 | |
PostgreSQL PostgreSQL | =8.2.2 | |
PostgreSQL PostgreSQL | =8.2.3 | |
PostgreSQL PostgreSQL | =8.2.4 | |
PostgreSQL PostgreSQL | =8.2.5 | |
PostgreSQL PostgreSQL | =8.2.6 | |
PostgreSQL PostgreSQL | =8.2.7 | |
PostgreSQL PostgreSQL | =8.2.8 | |
PostgreSQL PostgreSQL | =8.2.9 | |
PostgreSQL PostgreSQL | =8.2.10 | |
PostgreSQL PostgreSQL | =8.2.11 | |
PostgreSQL PostgreSQL | =8.2.12 | |
PostgreSQL PostgreSQL | =8.2.13 | |
PostgreSQL PostgreSQL | =8.3.1 | |
PostgreSQL PostgreSQL | =8.3.2 | |
PostgreSQL PostgreSQL | =8.3.3 | |
PostgreSQL PostgreSQL | =8.3.4 | |
PostgreSQL PostgreSQL | =8.3.5 | |
PostgreSQL PostgreSQL | =8.3.6 | |
PostgreSQL PostgreSQL | =8.3.7 | |
PostgreSQL PostgreSQL | =8.4 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.