CVE-2012-0866
First published: Wed Jul 18 2012(Updated: )
CREATE TRIGGER in PostgreSQL 8.3.x before 8.3.18, 8.4.x before 8.4.11, 9.0.x before 9.0.7, and 9.1.x before 9.1.3 does not properly check the execute permission for trigger functions marked SECURITY DEFINER, which allows remote authenticated users to execute otherwise restricted triggers on arbitrary data by installing the trigger on an attacker-owned table.
Credit: secalert@redhat.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| PostgreSQL Common | =8.3 | |
| PostgreSQL Common | =8.3.1 | |
| PostgreSQL Common | =8.3.2 | |
| PostgreSQL Common | =8.3.3 | |
| PostgreSQL Common | =8.3.4 | |
| PostgreSQL Common | =8.3.5 | |
| PostgreSQL Common | =8.3.6 | |
| PostgreSQL Common | =8.3.7 | |
| PostgreSQL Common | =8.3.8 | |
| PostgreSQL Common | =8.3.9 | |
| PostgreSQL Common | =8.3.10 | |
| PostgreSQL Common | =8.3.11 | |
| PostgreSQL Common | =8.3.12 | |
| PostgreSQL Common | =8.3.13 | |
| PostgreSQL Common | =8.3.14 | |
| PostgreSQL Common | =8.3.15 | |
| PostgreSQL Common | =8.3.16 | |
| PostgreSQL Common | =8.3.17 | |
| PostgreSQL Common | =8.4 | |
| PostgreSQL Common | =8.4.1 | |
| PostgreSQL Common | =8.4.2 | |
| PostgreSQL Common | =8.4.3 | |
| PostgreSQL Common | =8.4.4 | |
| PostgreSQL Common | =8.4.5 | |
| PostgreSQL Common | =8.4.6 | |
| PostgreSQL Common | =8.4.7 | |
| PostgreSQL Common | =8.4.8 | |
| PostgreSQL Common | =8.4.9 | |
| PostgreSQL Common | =8.4.10 | |
| PostgreSQL Common | =9.0 | |
| PostgreSQL Common | =9.0.1 | |
| PostgreSQL Common | =9.0.2 | |
| PostgreSQL Common | =9.0.3 | |
| PostgreSQL Common | =9.0.4 | |
| PostgreSQL Common | =9.0.5 | |
| PostgreSQL Common | =9.0.6 | |
| PostgreSQL Common | =9.1 | |
| PostgreSQL Common | =9.1.1 | |
| PostgreSQL Common | =9.1.2 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705
- http://lists.opensuse.org/opensuse-updates/2012-09/msg00060.html
- http://rhn.redhat.com/errata/RHSA-2012-0677.html
- http://rhn.redhat.com/errata/RHSA-2012-0678.html
- http://secunia.com/advisories/49272
- http://secunia.com/advisories/49273
- http://www.debian.org/security/2012/dsa-2418
- http://www.mandriva.com/security/advisories?name=MDVSA-2012:026
- http://www.mandriva.com/security/advisories?name=MDVSA-2012:027
- http://www.mandriva.com/security/advisories?name=MDVSA-2012:092
- http://www.postgresql.org/about/news/1377/
- http://www.postgresql.org/docs/8.3/static/release-8-3-18.html
- http://www.postgresql.org/docs/8.4/static/release-8-4-11.html
- http://www.postgresql.org/docs/9.0/static/release-9-0-7.html
- http://www.postgresql.org/docs/9.1/static/release-9-1-3.html
Frequently Asked Questions
What is the severity of CVE-2012-0866?
The severity of CVE-2012-0866 is considered to be medium, as it allows remote authenticated users to execute restricted triggers.
How do I fix CVE-2012-0866?
To fix CVE-2012-0866, upgrade PostgreSQL to versions 8.3.18, 8.4.11, 9.0.7, or 9.1.3 or later.
Who is affected by CVE-2012-0866?
CVE-2012-0866 affects users of PostgreSQL versions 8.3.x prior to 8.3.18, 8.4.x prior to 8.4.11, 9.0.x prior to 9.0.7, and 9.1.x prior to 9.1.3.
What does CVE-2012-0866 exploit?
CVE-2012-0866 exploits insufficient permission checks for trigger functions that are marked as SECURITY DEFINER.
Can CVE-2012-0866 allow unauthorized access?
Yes, CVE-2012-0866 can allow remote authenticated users to execute triggers they should not have access to, potentially leading to unauthorized data manipulation.
- agent/type
- agent/references
- agent/weakness
- agent/severity
- agent/author
- agent/description
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/first-publish-date
- agent/event
- agent/source
- agent/tags
- agent/softwarecombine
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/postgresql
- canonical/postgresql common
- version/postgresql common/8.3
- version/postgresql common/8.3.1
- version/postgresql common/8.3.2
- version/postgresql common/8.3.3
- version/postgresql common/8.3.4
- version/postgresql common/8.3.5
- version/postgresql common/8.3.6
- version/postgresql common/8.3.7
- version/postgresql common/8.3.8
- version/postgresql common/8.3.9
- version/postgresql common/8.3.10
- version/postgresql common/8.3.11
- version/postgresql common/8.3.12
- version/postgresql common/8.3.13
- version/postgresql common/8.3.14
- version/postgresql common/8.3.15
- version/postgresql common/8.3.16
- version/postgresql common/8.3.17
- version/postgresql common/8.4
- version/postgresql common/8.4.1
- version/postgresql common/8.4.2
- version/postgresql common/8.4.3
- version/postgresql common/8.4.4
- version/postgresql common/8.4.5
- version/postgresql common/8.4.6
- version/postgresql common/8.4.7
- version/postgresql common/8.4.8
- version/postgresql common/8.4.9
- version/postgresql common/8.4.10
- version/postgresql common/9.0
- version/postgresql common/9.0.1
- version/postgresql common/9.0.2
- version/postgresql common/9.0.3
- version/postgresql common/9.0.4
- version/postgresql common/9.0.5
- version/postgresql common/9.0.6
- version/postgresql common/9.1
- version/postgresql common/9.1.1
- version/postgresql common/9.1.2