English | Deutsch | Español
 
Home ▼
Home About Us Contact Us Privacy Partner Programs Testimonials In Press Mailing Lists Abuse Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
Security
Audits ▼
Home Dedicated audits Advanced audits Standard audits Recurring audits No Risk audits Desktop audits Basic audit Security Seal FAQ Price/Feature Summary Order New Tests All Tests Confidentiality Vulnerability search Run Audit Scheduler IP Permissions Audit Configuration Editor Scan Queue Reminder Notification Schedule Seal Reports Reports Style Editor
Managed
DNS ▼
About Order FAQ Acceptable Use Policy Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password
Network
Monitor ▼
Enterprise Package Advanced Package Standard Package Free Trial FAQ Price/Feature Summary Order/Renew Examples
Configure/Status Alert Profiles
Research
Reports ▼
Home FAQ Glossary Archive
 Login/Register 
 
 Vulnerability   
Search   		     Search 324607 CVE descriptions
and 145615 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.60158
Category:Fedora Local Security Checks
Title:Fedora Core 7 FEDORA-2008-0552 (postgresql)
Summary:NOSUMMARY
Description:Description:

The remote host is missing an update to postgresql
announced via advisory FEDORA-2008-0552.

References:

Resolves: #237682 - CVE-2007-2138 PostgreSQL security-definer function privilege escalation
https://bugzilla.redhat.com/show_bug.cgi?id=237682
[ 1 ] Bug #427128 - CVE-2007-6601 PostgreSQL privilege escalation via dblink
https://bugzilla.redhat.com/show_bug.cgi?id=427128
[ 2 ] Bug #315231 - CVE-2007-4769 postgresql integer overflow in regex code
https://bugzilla.redhat.com/show_bug.cgi?id=315231
[ 3 ] Bug #427772 - CVE-2007-4769 CVE-2007-4772 CVE-2007-6067 CVE-2007-6600 CVE-2007-6601 Multiple postgresql vulnerabilities [Fedora 7]
https://bugzilla.redhat.com/show_bug.cgi?id=427772
[ 4 ] Bug #316511 - CVE-2007-4772 postgresql DoS via infinite loop in regex NFA optimization code
https://bugzilla.redhat.com/show_bug.cgi?id=316511
[ 5 ] Bug #400931 - CVE-2007-6067 postgresql: tempory DoS caused by slow regex NFA cleanup
https://bugzilla.redhat.com/show_bug.cgi?id=400931
[ 6 ] Bug #427127 - CVE-2007-6600 PostgreSQL privilege escalation
https://bugzilla.redhat.com/show_bug.cgi?id=427127

Solution: Apply the appropriate updates.

This update can be installed with the yum update program. Use
su -c 'yum update postgresql'
at the command line. For more information, refer to Managing Software
with yum, available at http://docs.fedoraproject.org/yum/.

http://www.securityspace.com/smysecure/catid.html?in=FEDORA-2008-0552

Risk factor : High

CVSS Score:
7.2

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2007-4769
BugTraq ID: 27163
http://www.securityfocus.com/bid/27163
Bugtraq: 20080107 PostgreSQL 2007-01-07 Cumulative Security Release (Google Search)
http://www.securityfocus.com/archive/1/485864/100/0/threaded
Bugtraq: 20080115 rPSA-2008-0016-1 postgresql postgresql-server (Google Search)
http://www.securityfocus.com/archive/1/486407/100/0/threaded
Debian Security Information: DSA-1460 (Google Search)
http://www.debian.org/security/2008/dsa-1460
Debian Security Information: DSA-1463 (Google Search)
http://www.debian.org/security/2008/dsa-1463
https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00397.html
https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00469.html
http://security.gentoo.org/glsa/glsa-200801-15.xml
HPdes Security Advisory: HPSBTU02325
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01420154
HPdes Security Advisory: SSRT080006
http://www.mandriva.com/security/advisories?name=MDVSA-2008:004
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9804
http://www.redhat.com/support/errata/RHSA-2008-0038.html
http://www.redhat.com/support/errata/RHSA-2008-0040.html
http://securitytracker.com/id?1019157
http://secunia.com/advisories/28359
http://secunia.com/advisories/28376
http://secunia.com/advisories/28437
http://secunia.com/advisories/28438
http://secunia.com/advisories/28454
http://secunia.com/advisories/28455
http://secunia.com/advisories/28464
http://secunia.com/advisories/28477
http://secunia.com/advisories/28479
http://secunia.com/advisories/28679
http://secunia.com/advisories/28698
http://secunia.com/advisories/29638
http://sunsolve.sun.com/search/document.do?assetkey=1-26-103197-1
http://sunsolve.sun.com/search/document.do?assetkey=1-66-200559-1
SuSE Security Announcement: SUSE-SA:2008:005 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00000.html
https://usn.ubuntu.com/568-1/
http://www.vupen.com/english/advisories/2008/0061
http://www.vupen.com/english/advisories/2008/0109
http://www.vupen.com/english/advisories/2008/1071/references
XForce ISS Database: postgresql-backref-dos(39499)
https://exchange.xforce.ibmcloud.com/vulnerabilities/39499
Common Vulnerability Exposure (CVE) ID: CVE-2007-4772
Bugtraq: 20080604 VMSA-2008-0009 Updates to VMware Workstation, VMware Player, VMware ACE, VMware Fusion, VMware Server, VMware VIX API, VMware ESX, VMware ESXi resolve critical security issues (Google Search)
http://www.securityfocus.com/archive/1/493080/100/0/threaded
http://www.mandriva.com/security/advisories?name=MDVSA-2008:059
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11569
http://www.redhat.com/support/errata/RHSA-2008-0134.html
RedHat Security Advisories: RHSA-2013:0122
http://rhn.redhat.com/errata/RHSA-2013-0122.html
http://secunia.com/advisories/29070
http://secunia.com/advisories/29248
http://secunia.com/advisories/30535
SuSE Security Announcement: SUSE-SU-2016:0539 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00052.html
SuSE Security Announcement: SUSE-SU-2016:0555 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00054.html
SuSE Security Announcement: SUSE-SU-2016:0677 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00016.html
SuSE Security Announcement: openSUSE-SU-2016:0531 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00049.html
SuSE Security Announcement: openSUSE-SU-2016:0578 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00056.html
http://www.vupen.com/english/advisories/2008/1744
XForce ISS Database: postgresql-regular-expression-dos(39497)
https://exchange.xforce.ibmcloud.com/vulnerabilities/39497
Common Vulnerability Exposure (CVE) ID: CVE-2007-6067
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10235
XForce ISS Database: postgresql-complex-expression-dos(39498)
https://exchange.xforce.ibmcloud.com/vulnerabilities/39498
Common Vulnerability Exposure (CVE) ID: CVE-2007-6600
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10493
http://www.redhat.com/support/errata/RHSA-2008-0039.html
http://secunia.com/advisories/28445
XForce ISS Database: postgresql-indexfunctions-priv-escalation(39496)
https://exchange.xforce.ibmcloud.com/vulnerabilities/39496
Common Vulnerability Exposure (CVE) ID: CVE-2007-6601
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11127
XForce ISS Database: postgresql-dblink-privilege-escalation(39500)
https://exchange.xforce.ibmcloud.com/vulnerabilities/39500
Common Vulnerability Exposure (CVE) ID: CVE-2007-2138
BugTraq ID: 23618
http://www.securityfocus.com/bid/23618
Debian Security Information: DSA-1309 (Google Search)
http://www.debian.org/security/2007/dsa-1309
Debian Security Information: DSA-1311 (Google Search)
http://www.debian.org/security/2007/dsa-1311
http://security.gentoo.org/glsa/glsa-200705-12.xml
http://www.mandriva.com/security/advisories?name=MDKSA-2007:094
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10090
RedHat Security Advisories: RHSA-2007:0336
http://rhn.redhat.com/errata/RHSA-2007-0336.html
http://www.redhat.com/support/errata/RHSA-2007-0337.html
http://www.securitytracker.com/id?1017974
http://secunia.com/advisories/24989
http://secunia.com/advisories/24999
http://secunia.com/advisories/25005
http://secunia.com/advisories/25019
http://secunia.com/advisories/25037
http://secunia.com/advisories/25058
http://secunia.com/advisories/25184
http://secunia.com/advisories/25238
http://secunia.com/advisories/25334
http://secunia.com/advisories/25717
http://secunia.com/advisories/25720
http://secunia.com/advisories/25725
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102894-1
http://www.trustix.org/errata/2007/0015/
http://www.ubuntu.com/usn/usn-454-1
http://www.vupen.com/english/advisories/2007/1497
http://www.vupen.com/english/advisories/2007/1549
XForce ISS Database: postgresql-searchpath-privilege-escalation(33842)
https://exchange.xforce.ibmcloud.com/vulnerabilities/33842
CopyrightCopyright (c) 2008 E-Soft Inc. http://www.securityspace.com

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.



© 1998-2025 E-Soft Inc. All rights reserved.