Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:
Category:Red Hat Local Security Checks
Title:RedHat Security Advisory RHSA-2007:0064

The remote host is missing updates announced in
advisory RHSA-2007:0064.

PostgreSQL is an advanced Object-Relational database management system

A flaw was found in the way the PostgreSQL server handles certain
SQL-language functions. An authenticated user could execute a sequence of
commands which could crash the PostgreSQL server or possibly read from
arbitrary memory locations. A user would need to have permissions to drop
and add database tables to be able to exploit this issue (CVE-2007-0555).

A denial of service flaw was found affecting the PostgreSQL server running
on Red Hat Enterprise Linux 4 systems. An authenticated user could execute
an SQL command which could crash the PostgreSQL server. (CVE-2006-5540)

Users of PostgreSQL should upgrade to these updated packages containing
PostgreSQL version 7.4.16 or 7.3.18, which correct these issues.

Please note that this update is available via
Red Hat Network. To use Red Hat Network, launch the Red
Hat Update Agent with the following command: up2date

Risk factor : Critical

CVSS Score:

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2006-5540
BugTraq ID: 20717
SGI Security Advisory: 20070201-01-P
SuSE Security Announcement: SUSE-SR:2006:027 (Google Search)
Common Vulnerability Exposure (CVE) ID: CVE-2007-0555
BugTraq ID: 22387
Bugtraq: 20070206 rPSA-2007-0025-1 postgresql postgresql-server (Google Search)
Bugtraq: 20070208 rPSA-2007-0025-2 postgresql postgresql-server (Google Search)
Debian Security Information: DSA-1261 (Google Search)
SuSE Security Announcement: SUSE-SR:2007:010 (Google Search)
XForce ISS Database: postgresql-sqlfunctions-info-disclosure(32195)
CopyrightCopyright (c) 2007 E-Soft Inc.

This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.

© 1998-2021 E-Soft Inc. All rights reserved.