Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:
Category:Red Hat Local Security Checks
Title:RedHat Security Advisory RHSA-2005:150

The remote host is missing updates announced in
advisory RHSA-2005:150.

PostgreSQL is an advanced Object-Relational database management system

A flaw in the LOAD command in PostgreSQL was discovered. A local user
could use this flaw to load arbitrary shared libraries and therefore
execute arbitrary code, gaining the privileges of the PostgreSQL server.
The Common Vulnerabilities and Exposures project ( has
assigned the name CVE-2005-0227 to this issue.

Multiple buffer overflows were found in PL/PgSQL. A database user who has
permissions to create plpgsql functions could trigger this flaw which could
lead to arbitrary code execution, gaining the privileges of the PostgreSQL
server. The Common Vulnerabilities and Exposures project (
has assigned the names CVE-2005-0245 and CVE-2005-0247 to these issues.

Users of PostgreSQL are advised to update to these erratum packages which
are not vulnerable to these issues.

Please note that this update is available via
Red Hat Network. To use Red Hat Network, launch the Red
Hat Update Agent with the following command: up2date

Risk factor : High

CVSS Score:

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2005-0227
BugTraq ID: 12411
Bugtraq: 20050201 [USN-71-1] PostgreSQL vulnerability (Google Search)
Debian Security Information: DSA-668 (Google Search)
SuSE Security Announcement: SUSE-SA:2005:036 (Google Search)
Common Vulnerability Exposure (CVE) ID: CVE-2005-0245
BugTraq ID: 12417
Bugtraq: 20050210 [USN-79-1] PostgreSQL vulnerabilities (Google Search)
Debian Security Information: DSA-683 (Google Search)
XForce ISS Database: postgresql-cursor-bo(19188)
Common Vulnerability Exposure (CVE) ID: CVE-2005-0247
SuSE Security Announcement: SUSE-SA:2005:027 (Google Search)
XForce ISS Database: postgresql-fetch-makefetchstmt-bo(19378)
XForce ISS Database: postgresql-makeselectstmt-arbitrary-bo(19377)
XForce ISS Database: postgresql-makeselectstmt-input-bo(19376)
XForce ISS Database: postgresql-readsqlconstruct-bo(19375)
Common Vulnerability Exposure (CVE) ID: CVE-2004-0977
BugTraq ID: 11295
Debian Security Information: DSA-577 (Google Search)
XForce ISS Database: script-temporary-file-overwrite(17583)
CopyrightCopyright (c) 2005 E-Soft Inc.

This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.

© 1998-2021 E-Soft Inc. All rights reserved.