Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

CVE ID:CVE-2007-6600
Description:PostgreSQL 8.2 before 8.2.6, 8.1 before 8.1.11, 8.0 before 8.0.15, 7.4 before 7.4.19, and 7.3 before 7.3.21 uses superuser privileges instead of table owner privileges for (1) VACUUM and (2) ANALYZE operations within index functions, and supports (3) SET ROLE and (4) SET SESSION AUTHORIZATION within index functions, which allows remote authenticated users to gain privileges.
Test IDs:  
Cross References: Common Vulnerability Exposure (CVE) ID: CVE-2007-6600
BugTraq ID: 27163
Bugtraq: 20080107 PostgreSQL 2007-01-07 Cumulative Security Release (Google Search)
Bugtraq: 20080115 rPSA-2008-0016-1 postgresql postgresql-server (Google Search)
Debian Security Information: DSA-1460 (Google Search)
Debian Security Information: DSA-1463 (Google Search)
HPdes Security Advisory: HPSBTU02325
HPdes Security Advisory: SSRT080006
RedHat Security Advisories: RHSA-2008:0038
RedHat Security Advisories: RHSA-2008:0039
RedHat Security Advisories: RHSA-2008:0040
SuSE Security Announcement: SUSE-SA:2008:005 (Google Search)
XForce ISS Database: postgresql-indexfunctions-priv-escalation(39496)

© 1998-2021 E-Soft Inc. All rights reserved.