 |
Home ▼ Bookkeeping
Online ▼ Security
Audits ▼
Managed
DNS ▼
About
Order
FAQ
Acceptable Use Policy
Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password Network
Monitor ▼
Enterprise Package
Advanced Package
Standard Package
Free Trial
FAQ
Price/Feature Summary
Order/Renew
Examples
Configure/Status Alert Profiles | ||
| Test ID: | 1.3.6.1.4.1.25623.1.0.840046 |
| Category: | Ubuntu Local Security Checks |
| Title: | Ubuntu: Security Advisory (USN-454-1) |
| Summary: | The remote host is missing an update for the 'postgresql-8.1, postgresql-8.2' package(s) announced via the USN-454-1 advisory. |
| Description: | Summary: The remote host is missing an update for the 'postgresql-8.1, postgresql-8.2' package(s) announced via the USN-454-1 advisory. Vulnerability Insight: PostgreSQL did not handle the 'search_path' configuration option in a secure way for functions declared as 'SECURITY DEFINER'. Previously, an attacker could override functions and operators used by the security definer function to execute arbitrary SQL commands with the privileges of the user who created the security definer function. The updated version does not search the temporary table schema for functions and operators any more. Similarly, an attacker could put forged tables into the temporary table schema to trick the security definer function into using attacker defined data for processing. This was possible because the temporary schema was always implicitly searched first before all other entries in 'search_path'. The updated version now supports explicit placement of the temporary schema. Please see the HTML documentation or the manual page for 'CREATE FUNCTION' for details and an example how to write security definer functions in a secure way. Affected Software/OS: 'postgresql-8.1, postgresql-8.2' package(s) on Ubuntu 6.06, Ubuntu 6.10, Ubuntu 7.04. Solution: Please install the updated package(s). CVSS Score: 6.0 CVSS Vector: AV:N/AC:M/Au:S/C:P/I:P/A:P |
| Cross-Ref: |
Common Vulnerability Exposure (CVE) ID: CVE-2007-2138 BugTraq ID: 23618 http://www.securityfocus.com/bid/23618 Debian Security Information: DSA-1309 (Google Search) http://www.debian.org/security/2007/dsa-1309 Debian Security Information: DSA-1311 (Google Search) http://www.debian.org/security/2007/dsa-1311 http://security.gentoo.org/glsa/glsa-200705-12.xml http://www.mandriva.com/security/advisories?name=MDKSA-2007:094 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10090 RedHat Security Advisories: RHSA-2007:0336 http://rhn.redhat.com/errata/RHSA-2007-0336.html http://www.redhat.com/support/errata/RHSA-2007-0337.html http://www.securitytracker.com/id?1017974 http://secunia.com/advisories/24989 http://secunia.com/advisories/24999 http://secunia.com/advisories/25005 http://secunia.com/advisories/25019 http://secunia.com/advisories/25037 http://secunia.com/advisories/25058 http://secunia.com/advisories/25184 http://secunia.com/advisories/25238 http://secunia.com/advisories/25334 http://secunia.com/advisories/25717 http://secunia.com/advisories/25720 http://secunia.com/advisories/25725 http://sunsolve.sun.com/search/document.do?assetkey=1-26-102894-1 http://www.trustix.org/errata/2007/0015/ http://www.ubuntu.com/usn/usn-454-1 http://www.vupen.com/english/advisories/2007/1497 http://www.vupen.com/english/advisories/2007/1549 XForce ISS Database: postgresql-searchpath-privilege-escalation(33842) https://exchange.xforce.ibmcloud.com/vulnerabilities/33842 |
| Copyright | Copyright (C) 2009 Greenbone AG |
| This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below. |