Full Disclosure mailing list archives
rPSA-2007-0025-1 postgresql postgresql-server
From: rPath Update Announcements <announce-noreply () rpath com>
Date: Tue, 06 Feb 2007 01:54:52 -0500
rPath Security Advisory: 2007-0025-1 Published: 2007-02-06 Products: rPath Linux 1 Rating: Major Exposure Level Classification: Local User Deterministic Vulnerability Updated Versions: postgresql=/conary.rpath.com@rpl:devel//1/8.1.7-0.1-1 postgresql-server=/conary.rpath.com@rpl:devel//1/8.1.7-0.1-1 References: http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0555 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0556 https://issues.rpath.com/browse/RPL-830 Description: Previous versions of the postgresql package are vulnerable to two attacks in which an authenticated database user can cause the database server process to crash (Denial of Service), and possibly also read privileged database content (Information Exposure). _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- rPSA-2007-0025-1 postgresql postgresql-server rPath Update Announcements (Feb 06)