Site Network: Beskerming.com | Skiifwrald.com | Jongsma & Jongsma

Security for All

Sûnnet Beskerming is a company with a focus and a drive to provide Information Security services for all those who want to stay safe and secure in an online world.

Username: | Password: Contact us to request an account

PostgreSQL - Remote hacker automatic control

Version: Multiple
Technical Details:

Various security vulnerabilities were patched in a set of updates released for the PostgreSQL RDBMS platform. Five separate vulnerabilities were patched across all versions from 7.3 through to 8.2.

The vulnerabilities range from a privilege escalation vulnerability in the Index Functions, through to denial of service in regular expression libraries, and privilege escalation in DBLink.

PostgreSQL 7.3, 8.0, and 8.1 have also been EOL'ed.

Description:

The PostgreSQL Global Development Group has released updated versions of the PostgreSQL RDBMS, addressing several key vulnerabilities affecting all versions from 7.3 through to 8.2. The PostgreSQL developers consider these vulnerabilities to be critical and strongly recommend that administrators update to the latest versions as soon as possible.

PostgreSQL developers discovered the vulnerabilities during security analysis, and have worked to ensure backwards compatibility for existing data stores with the updated versions.

It should also be noted that PostgreSQL versions 7.3, 8.0, and 8.1 have been EOL'ed and it is recommended that administrators update to current versions.

Mitigation:

Update to the releases provided by the PostgreSQL development group.

Updates:

http://www.postgresql.org/ftp/binary/

Source:

http://www.postgresql.org/support/security

Exploits:

External Tracking Data:


Social bookmark this page