 |
Startseite ▼ Bookkeeping
Online ▼ Sicherheits
Überprüfungs ▼
Verwaltetes
DNS ▼
Info
Bestellen/Erneuern
FAQ
AUP
Dynamic DNS Clients
Domaine konfigurieren Dyanmic DNS Update Password Netzwerk
Überwachung ▼
Enterprise
Erweiterte
Standard
Gratis Test
FAQ
Preis/Funktionszusammenfassung
Bestellen
Beispiele
Konfigurieren/Status Alarm Profile | ||
| Test Kennung: | 1.3.6.1.4.1.25623.1.0.57626 |
| Kategorie: | Mandrake Local Security Checks |
| Titel: | Mandrake Security Advisory MDKSA-2006:194 (postgresql) |
| Zusammenfassung: | NOSUMMARY |
| Beschreibung: | Description: The remote host is missing an update to postgresql announced via advisory MDKSA-2006:194. A vulnerability in PostgreSQL 8.1.x allowed remote authenticated users to cause a Denial of Service (daemon crash) via certain aggregate functions in an UPDATE statement which were not handled correctly (CVE-2006-5540). Another DoS issue in PostgreSQL 7.4.x, 8.0.x, and 8.1.x allowed remote authenticated users to crash the daemon via a coercion of an unknown element to ANYARRAY (CVE-2006-5541). Finally, another vulnerability in 8.1.x could allow a remote authenticated user to cause a DoS related to duration logging of V3-protocol Execute message for COMMIT and ROLLBACK statements (CVE-2006-5542). This updated provides the latest 8.0.x and 8.1.x PostgreSQL versions and patches the version of PostgreSQL shipped with Corporate 3.0. After installing this upgrade, you will need to execute service postgresql restart for it to take effect. Affected: 2006.0, 2007.0, Corporate 3.0, Corporate 4.0 Solution: To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. http://www.securityspace.com/smysecure/catid.html?in=MDKSA-2006:194 Risk factor : Medium CVSS Score: 4.0 |
| Querverweis: |
Common Vulnerability Exposure (CVE) ID: CVE-2006-5540 BugTraq ID: 20717 http://www.securityfocus.com/bid/20717 http://www.mandriva.com/security/advisories?name=MDKSA-2006:194 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11425 http://www.redhat.com/support/errata/RHSA-2007-0064.html http://www.redhat.com/support/errata/RHSA-2007-0067.html http://www.redhat.com/support/errata/RHSA-2007-0068.html http://securitytracker.com/id?1017115 http://secunia.com/advisories/22562 http://secunia.com/advisories/22584 http://secunia.com/advisories/22606 http://secunia.com/advisories/22636 http://secunia.com/advisories/23048 http://secunia.com/advisories/23132 http://secunia.com/advisories/24094 http://secunia.com/advisories/24284 http://secunia.com/advisories/24577 SGI Security Advisory: 20070201-01-P ftp://patches.sgi.com/support/free/security/advisories/20070201-01-P.asc SuSE Security Announcement: SUSE-SR:2006:027 (Google Search) http://www.novell.com/linux/security/advisories/2006_27_sr.html http://www.trustix.org/errata/2006/0059/ http://www.ubuntu.com/usn/usn-369-1 http://www.ubuntu.com/usn/usn-369-2 http://www.vupen.com/english/advisories/2006/4182 Common Vulnerability Exposure (CVE) ID: CVE-2006-5541 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10905 Common Vulnerability Exposure (CVE) ID: CVE-2006-5542 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10122 |
| Copyright | Copyright (c) 2006 E-Soft Inc. http://www.securityspace.com |
| Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten. |