Test Kennung:	1.3.6.1.4.1.25623.1.0.57120
Kategorie:	Gentoo Local Security Checks
Titel:	Gentoo Security Advisory GLSA 200607-04 (postgresql)
Zusammenfassung:	The remote host is missing updates announced in;advisory GLSA 200607-04.
Beschreibung:	Summary: The remote host is missing updates announced in advisory GLSA 200607-04. Vulnerability Insight: A flaw in the multibyte character handling allows execution of arbitrary SQL statements. Solution: All PostgreSQL users should upgrade to the latest version in the respective branch they are using: # emerge --sync # emerge --ask --oneshot --verbose dev-db/postgresql Note: While a fix exists for the 7.3 branch it doesn't currently work on Gentoo. All 7.3.x users of PostgreSQL should consider updating their installations to the 7.4 (or higher) branch as soon as possible! CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2006-2313 BugTraq ID: 18092 http://www.securityfocus.com/bid/18092 Bugtraq: 20060523 PostgreSQL security releases 8.1.4, 8.0.8, 7.4.13, 7.3.15 (Google Search) http://www.securityfocus.com/archive/1/435038/100/0/threaded Bugtraq: 20060524 rPSA-2006-0080-1 postgresql postgresql-server (Google Search) http://www.securityfocus.com/archive/1/435161/100/0/threaded Debian Security Information: DSA-1087 (Google Search) http://www.debian.org/security/2006/dsa-1087 http://security.gentoo.org/glsa/glsa-200607-04.xml http://www.mandriva.com/security/advisories?name=MDKSA-2006:098 http://archives.postgresql.org/pgsql-announce/2006-05/msg00010.php https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10618 http://www.redhat.com/support/errata/RHSA-2006-0526.html http://securitytracker.com/id?1016142 http://secunia.com/advisories/20231 http://secunia.com/advisories/20232 http://secunia.com/advisories/20314 http://secunia.com/advisories/20435 http://secunia.com/advisories/20451 http://secunia.com/advisories/20503 http://secunia.com/advisories/20555 http://secunia.com/advisories/20653 http://secunia.com/advisories/20782 http://secunia.com/advisories/21001 SGI Security Advisory: 20060602-01-U ftp://patches.sgi.com/support/free/security/advisories/20060602-01-U.asc SuSE Security Announcement: SUSE-SA:2006:030 (Google Search) http://lists.suse.com/archive/suse-security-announce/2006-Jun/0002.html http://www.trustix.org/errata/2006/0032/ https://usn.ubuntu.com/288-1/ http://www.ubuntu.com/usn/usn-288-2 http://www.vupen.com/english/advisories/2006/1941 XForce ISS Database: postgresql-multibyte-sql-injection(26627) https://exchange.xforce.ibmcloud.com/vulnerabilities/26627 Common Vulnerability Exposure (CVE) ID: CVE-2006-2314 http://www.osvdb.org/25731 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9947 http://secunia.com/advisories/21749 SuSE Security Announcement: SUSE-SR:2006:021 (Google Search) http://www.novell.com/linux/security/advisories/2006_21_sr.html http://www.ubuntu.com/usn/usn-288-3 XForce ISS Database: postgresql-ascii-sql-injection(26628) https://exchange.xforce.ibmcloud.com/vulnerabilities/26628
Copyright	Copyright (C) 2008 E-Soft Inc.

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.