Lucene search
MitreCVELIST:CVE-2007-3279HistoryJun 19, 2007 - 9:00 p.m.
CVE-2007-3279
2007-06-1921:00:00
mitre
www.cve.org
PostgreSQL 8.1 and probably later versions, when the PL/pgSQL (plpgsql) language has been created, grants certain plpgsql privileges to the PUBLIC domain, which allows remote attackers to create and execute functions, as demonstrated by functions that perform local brute-force password guessing attacks, which may evade intrusion detection.
References
osvdb.org/40900
www.leidecker.info/pgshell/Having_Fun_With_PostgreSQL.txt
www.mandriva.com/security/advisories?name=MDKSA-2007:188
www.portcullis.co.uk/uplds/whitepapers/Having_Fun_With_PostgreSQL.pdf
www.securityfocus.com/archive/1/471541/100/0/threaded
exchange.xforce.ibmcloud.com/vulnerabilities/35144
Related
ubuntucve
ubuntucve
CVE-2007-3279
2007-06-19 00:00:00
prion
prion
Default credentials
2007-06-19 21:30:00
nvd
nvd
CVE-2007-3279
2007-06-19 21:30:00
cve
cve
CVE-2007-3279
2007-06-19 21:30:00
redhatcve
redhatcve
CVE-2007-3279
2015-10-30 10:14:50
openvas
openvas
Mandriva Update for postgresql MDKSA-2007:188 (postgresql)
2009-04-09 00:00:00
Mandriva Update for postgresql MDKSA-2007:188 (postgresql)
2009-04-09 00:00:00
nessus
nessus
Mandrake Linux Security Advisory : postgresql (MDKSA-2007:188)
2007-09-26 00:00:00
securityvulns
securityvulns
PostgreSQL dblink library multiple security vulnerabilities
2007-09-26 00:00:00