CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:P/I:P/A:P
EPSS
Percentile
78.0%
The PostgreSQL team reports:
Due to inadequate validity checking, a user could exploit
the special case that SET ROLE normally uses to restore
the previous role setting after an error. This allowed
ordinary users to acquire superuser status, for
example.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
FreeBSD | any | noarch | postgresql-server | = 8.1.0 | UNKNOWN |
FreeBSD | any | noarch | postgresql-server | < 8.1.3 | UNKNOWN |