 |
Inicial ▼ Bookkeeping
Online ▼ Auditorias ▼
DNS
Administrado ▼
Acerca de DNS
Ordenar/Renovar
Preguntas Frecuentes
AUP
Dynamic DNS Clients
Configurar Dominios Dynamic DNS Update Password Monitoreo
de Redes ▼
Enterprise
Avanzado
Estándarr
Prueba
Preguntas Frecuentes
Resumen de Precio/Funciones
Ordenar
Muestras
Configure/Status Alert Profiles | ||
| ID de Prueba: | 1.3.6.1.4.1.25623.1.0.57626 |
| Categoría: | Mandrake Local Security Checks |
| Título: | Mandrake Security Advisory MDKSA-2006:194 (postgresql) |
| Resumen: | NOSUMMARY |
| Descripción: | Description: The remote host is missing an update to postgresql announced via advisory MDKSA-2006:194. A vulnerability in PostgreSQL 8.1.x allowed remote authenticated users to cause a Denial of Service (daemon crash) via certain aggregate functions in an UPDATE statement which were not handled correctly (CVE-2006-5540). Another DoS issue in PostgreSQL 7.4.x, 8.0.x, and 8.1.x allowed remote authenticated users to crash the daemon via a coercion of an unknown element to ANYARRAY (CVE-2006-5541). Finally, another vulnerability in 8.1.x could allow a remote authenticated user to cause a DoS related to duration logging of V3-protocol Execute message for COMMIT and ROLLBACK statements (CVE-2006-5542). This updated provides the latest 8.0.x and 8.1.x PostgreSQL versions and patches the version of PostgreSQL shipped with Corporate 3.0. After installing this upgrade, you will need to execute service postgresql restart for it to take effect. Affected: 2006.0, 2007.0, Corporate 3.0, Corporate 4.0 Solution: To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. http://www.securityspace.com/smysecure/catid.html?in=MDKSA-2006:194 Risk factor : Medium CVSS Score: 4.0 |
| Referencia Cruzada: |
Common Vulnerability Exposure (CVE) ID: CVE-2006-5540 BugTraq ID: 20717 http://www.securityfocus.com/bid/20717 http://www.mandriva.com/security/advisories?name=MDKSA-2006:194 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11425 http://www.redhat.com/support/errata/RHSA-2007-0064.html http://www.redhat.com/support/errata/RHSA-2007-0067.html http://www.redhat.com/support/errata/RHSA-2007-0068.html http://securitytracker.com/id?1017115 http://secunia.com/advisories/22562 http://secunia.com/advisories/22584 http://secunia.com/advisories/22606 http://secunia.com/advisories/22636 http://secunia.com/advisories/23048 http://secunia.com/advisories/23132 http://secunia.com/advisories/24094 http://secunia.com/advisories/24284 http://secunia.com/advisories/24577 SGI Security Advisory: 20070201-01-P ftp://patches.sgi.com/support/free/security/advisories/20070201-01-P.asc SuSE Security Announcement: SUSE-SR:2006:027 (Google Search) http://www.novell.com/linux/security/advisories/2006_27_sr.html http://www.trustix.org/errata/2006/0059/ http://www.ubuntu.com/usn/usn-369-1 http://www.ubuntu.com/usn/usn-369-2 http://www.vupen.com/english/advisories/2006/4182 Common Vulnerability Exposure (CVE) ID: CVE-2006-5541 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10905 Common Vulnerability Exposure (CVE) ID: CVE-2006-5542 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10122 |
| Copyright | Copyright (c) 2006 E-Soft Inc. http://www.securityspace.com |
| Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora. |