Lucene search
FreeBSD0B2B4B4D-A07C-11DA-BE0A-000C6EC775D9HistoryFeb 14, 2006 - 12:00 a.m.
postgresql81-server -- SET ROLE privilege escalation
2006-02-1400:00:00
vuxml.freebsd.org
16
CVSS2
6.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:P/I:P/A:P
EPSS
0.006
Percentile
78.0%
The PostgreSQL team reports:
Due to inadequate validity checking, a user could exploit
the special case that SET ROLE normally uses to restore
the previous role setting after an error. This allowed
ordinary users to acquire superuser status, for
example.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| FreeBSD | any | noarch | postgresql-server | = 8.1.0 | UNKNOWN |
| FreeBSD | any | noarch | postgresql-server | < 8.1.3 | UNKNOWN |
Related
postgresql
postgresql
Vulnerability in core server (CVE-2006-0553)
2006-02-14 19:06:00
nessus
nessus
cert
cert
PostgreSQL database privilege escalation vulnerability
2006-02-27 00:00:00
openvas
openvas
FreeBSD Ports: postgresql-server
2008-09-04 00:00:00
FreeBSD Ports: postgresql-server
2008-09-04 00:00:00
cvelist
cvelist
CVE-2006-0553
2006-02-14 19:00:00
CVE-2006-0678
2006-02-14 19:00:00
securityvulns
securityvulns
PostgreSQL security releases 8.1.3, 8.0.7, 7.4.12, 7.3.14
2006-02-16 00:00:00
prion
prion
Authorization
2006-02-14 19:06:00
Security feature bypass
2006-02-14 19:06:00
cve
cve
CVE-2006-0678
2006-02-14 19:06:00
CVE-2006-0553
2006-02-14 19:06:00
nvd
nvd
CVE-2006-0553
2006-02-14 19:06:00
CVE-2006-0678
2006-02-14 19:06:00
redhatcve
redhatcve
CVE-2006-0553
2015-10-30 10:23:02
ubuntucve
ubuntucve
CVE-2006-0678
2006-02-14 00:00:00
CVE-2006-0553
2006-02-14 00:00:00
CVSS2
6.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:P/I:P/A:P
EPSS
0.006
Percentile
78.0%
Related for 0B2B4B4D-A07C-11DA-BE0A-000C6EC775D9