Test ID:	1.3.6.1.4.1.25623.1.0.54840
Category:	Gentoo Local Security Checks
Title:	Gentoo Security Advisory GLSA 200502-08 (postgresql)
Summary:	The remote host is missing updates announced in;advisory GLSA 200502-08.
Description:	Summary: The remote host is missing updates announced in advisory GLSA 200502-08. Vulnerability Insight: PostgreSQL contains several vulnerabilities which could lead to execution of arbitrary code, Denial of Service and security bypass. Solution: All PostgreSQL users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=dev-db/postgresql-7.4.7' CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2005-0227 BugTraq ID: 12411 http://www.securityfocus.com/bid/12411 Bugtraq: 20050201 [USN-71-1] PostgreSQL vulnerability (Google Search) http://marc.info/?l=bugtraq&m=110726899107148&w=2 Debian Security Information: DSA-668 (Google Search) http://www.debian.org/security/2005/dsa-668 http://security.gentoo.org/glsa/glsa-200502-08.xml http://www.mandriva.com/security/advisories?name=MDKSA-2005:040 http://archives.postgresql.org/pgsql-announce/2005-02/msg00000.php http://archives.postgresql.org/pgsql-bugs/2005-01/msg00269.php https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10234 http://www.redhat.com/support/errata/RHSA-2005-138.html http://www.redhat.com/support/errata/RHSA-2005-150.html http://secunia.com/advisories/12948 SuSE Security Announcement: SUSE-SA:2005:036 (Google Search) http://www.novell.com/linux/security/advisories/2005_36_sudo.html http://www.trustix.org/errata/2005/0003/ Common Vulnerability Exposure (CVE) ID: CVE-2005-0244 12417 http://www.securityfocus.com/bid/12417 12948 20050210 [USN-79-1] PostgreSQL vulnerabilities http://marc.info/?l=bugtraq&m=110806034116082&w=2 MDKSA-2005:040 RHSA-2005:138 SUSE-SA:2005:036 [pgsql-hackers] 20050127 Permissions on aggregate component functions http://archives.postgresql.org/pgsql-hackers/2005-01/msg00922.php oval:org.mitre.oval:def:10927 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10927 postgresql-security-bypass(19184) https://exchange.xforce.ibmcloud.com/vulnerabilities/19184 Common Vulnerability Exposure (CVE) ID: CVE-2005-0245 DSA-683 http://www.debian.org/security/2005/dsa-683 RHSA-2005:150 [pgsql-committers] 20050121 pgsql: Prevent overrunning a heap-allocated buffer is more than 1024 http://archives.postgresql.org/pgsql-committers/2005-01/msg00298.php [pgsql-committers] 20050207 pgsql: Prevent 4 more buffer overruns in the PL/PgSQL parser. http://archives.postgresql.org/pgsql-committers/2005-02/msg00049.php [pgsql-patches] 20050120 Re: WIP: pl/pgsql cleanup http://archives.postgresql.org/pgsql-patches/2005-01/msg00216.php oval:org.mitre.oval:def:10175 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10175 postgresql-cursor-bo(19188) https://exchange.xforce.ibmcloud.com/vulnerabilities/19188 Common Vulnerability Exposure (CVE) ID: CVE-2005-0246 [pgsql-committers] 20050127 pgsql: Fix security and 64-bit issues in contrib/intagg. http://archives.postgresql.org/pgsql-committers/2005-01/msg00401.php oval:org.mitre.oval:def:10148 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10148 postgresql-contribintagg-dos(19185) https://exchange.xforce.ibmcloud.com/vulnerabilities/19185
Copyright	Copyright (C) 2008 E-Soft Inc.

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.