Lucene search
FreeBSD5D425189-7A03-11D9-A9E7-0001020EED82HistoryJan 21, 2005 - 12:00 a.m.
postgresql -- privilege escalation vulnerability
2005-01-2100:00:00
vuxml.freebsd.org
16
4.3 Medium
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:L/Au:S/C:P/I:P/A:P
0.0004 Low
EPSS
Percentile
10.1%
John Heasman and others disovered that non-privileged users
could use the LOAD extension to load arbitrary
libraries into the postgres server process space. This
could be used by non-privileged local users to execute
arbitrary code with the privileges of the postgresql
server.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| FreeBSD | any | noarch | postgresql | < 7.3.9 | UNKNOWN |
| FreeBSD | any | noarch | postgresql-server | < 7.3.9 | UNKNOWN |
| FreeBSD | any | noarch | ja-postgresql | < 7.3.9 | UNKNOWN |
| FreeBSD | any | noarch | postgresql-devel | <= 8.0.1,1 | UNKNOWN |
Related
nessus
nessus
Fedora Core 2 : postgresql-7.4.7-1.FC2.2 (2005-125)
2005-02-10 00:00:00
Debian DSA-668-1 : postgresql - privilege escalation
2005-02-10 00:00:00
Fedora Core 3 : postgresql-7.4.7-1.FC3.2 (2005-124)
2005-02-10 00:00:00
cvelist
cvelist
CVE-2005-0227
2005-02-06 05:00:00
cve
cve
CVE-2005-0227
2005-05-02 04:00:00
postgresql
postgresql
Vulnerability in core server (CVE-2005-0227)
2005-05-02 04:00:00
openvas
openvas
FreeBSD Ports: postgresql, postgresql-server, ja-postgresql
2008-09-04 00:00:00
FreeBSD Ports: postgresql, postgresql-server, ja-postgresql
2008-09-04 00:00:00
Gentoo Security Advisory GLSA 200502-08 (postgresql)
2008-09-24 00:00:00
osv
osv
postgresql - privilege escalation
2005-02-04 00:00:00
nvd
nvd
CVE-2005-0227
2005-05-02 04:00:00
ubuntucve
ubuntucve
CVE-2005-0227
2005-05-02 00:00:00
redhat
redhat
(RHSA-2005:150) postgresql security update
2005-02-16 00:00:00
(RHSA-2005:138) postgresql security update
2005-02-15 00:00:00
(RHSA-2005:141) rh-postgresql security update
2005-02-14 00:00:00
gentoo
gentoo
PostgreSQL: Multiple vulnerabilities
2005-02-07 00:00:00
suse
suse
race condition, arbitrary code execution in sudo
2005-06-24 12:44:43
4.3 Medium
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:L/Au:S/C:P/I:P/A:P
0.0004 Low
EPSS
Percentile
10.1%
Related for 5D425189-7A03-11D9-A9E7-0001020EED82