The Third Party Vulnerability Resolution Blog covers CVEs and patches in Systems product suite.

Sun Alert 103197 Multiple Security Vulnerabilities in PostgreSQL Shipped with Solaris 10 May Allow Elevation of Privileges or Denial of Service (DoS)

Guest Author
Product: Solaris 10 Operating System

Multiple security vulnerabilities affecting the PostgreSQL software shipped with Solaris 10 may allow a local or remote user who has access to the PostgreSQL server to cause a Denial of Service (DoS) to the PostgreSQL instance or the server it runs on (due to excessive resource consumption), or to gain elevated privileges on the server.

These issues are described in the following documents:

Official PostgreSQL annoucement: http://www.postgresql.org/about/news.905

CVE-2007-4769 at http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4769

CVE-2007-4772 at http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4772

CVE-2007-6067 at http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6067

CVE-2007-6600 at http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6600

CVE-2007-6601 at http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6601

CVE-2007-3278 at http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3278

Avoidance: None
State: Preliminary
First released: 10-Jan-2008

Be the first to comment

Comments ( 0 )
Please enter your name.Please provide a valid email address.Please enter a comment.CAPTCHA challenge response provided was incorrect. Please try again.