Mandriva Linux Security Advisory : postgresql (MDVSA-2011:021)

NASLDB: Mandriva Linux Security Advisory : postgresql (MDVSA-2011:021)

General

ID: 51898
Name: Mandriva Linux Security Advisory : postgresql (MDVSA-2011:021)

Summary: Checks rpm output for the updated packages

Credits: Tenable Network Security, Inc.

Classification

Risk: –

CVSS: –
CVSS Base Vector: CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P
CVSS Temporal Vector: –

Port: 0
Family: Mandriva Local Security Checks
Type: Local

Description

A vulnerability was discovered and corrected in postgresql :

Buffer overflow in the gettoken function in
contrib/intarray/_int_bool.c in the intarray array module in
PostgreSQL 9.0.x before 9.0.3, 8.4.x before 8.4.7, 8.3.x before
8.3.14, and 8.2.x before 8.2.20 allows remote authenticated users to
cause a denial of service (crash) and possibly execute arbitrary code
via integers with a large number of digits to unspecified functions
(CVE-2010-4015).

Packages for 2009.0 are provided as of the Extended Maintenance
Program. Please visit this link to learn more:
http://store.mandriva.com/product_info.php?cPath=149 products_id=490

This update provides a solution to this vulnerability.

Exploiting

Exploit Available: –
Exploitability Ease: –

Sources

CVE: CVE-2010-4015
OSVDB: –
Bugtraq: –
scipID: –

Timeline

Vulnerability Disclosure: –
Patch Release: 2011/02/07
Plugin Release: 2011/02/08

Plugin

Version: 1.5
Filename: mandriva_MDVSA-2011-021.nasl
Filesize: 8033 bytes
MD5 Hash: 1cc698d4882df3afb2d60159dff8d34a

Identification: Host/local_checks_enabled
Require Keys: Host/local_checks_enabled", "Host/cpu", "Host/Mandrake/release", "Host/Mandrake/rpm-list
Dependencies: "ssh_get_info.nasl"

Letzte Plugins

Letzte Plugins

scip AG