SB2017091930 - Multiple vulnerabilities in PostgreSQL
Published: September 19, 2017 Updated: June 23, 2025
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 4 secuirty vulnerabilities.
1) Permissions, Privileges, and Access Controls (CVE-ID: CVE-2010-1975)
The vulnerability allows a remote user to read and manipulate data.
PostgreSQL 7.4 before 7.4.29, 8.0 before 8.0.25, 8.1 before 8.1.21, 8.2 before 8.2.17, 8.3 before 8.3.11, and 8.4 before 8.4.4 does not properly check privileges during certain RESET ALL operations, which allows remote authenticated users to remove arbitrary parameter settings via a (1) ALTER USER or (2) ALTER DATABASE statement.
2) Permissions, Privileges, and Access Controls (CVE-ID: CVE-2010-1447)
The vulnerability allows a remote user to execute arbitrary code.
The Safe (aka Safe.pm) module 2.26, and certain earlier versions, for Perl, as used in PostgreSQL 7.4 before 7.4.29, 8.0 before 8.0.25, 8.1 before 8.1.21, 8.2 before 8.2.17, 8.3 before 8.3.11, 8.4 before 8.4.4, and 9.0 Beta before 9.0 Beta 2, allows context-dependent attackers to bypass intended (1) Safe::reval and (2) Safe::rdo access restrictions, and inject and execute arbitrary code, via vectors involving subroutine references and delayed execution.
3) Permissions, Privileges, and Access Controls (CVE-ID: CVE-2010-1170)
The vulnerability allows a remote user to read and manipulate data.
The PL/Tcl implementation in PostgreSQL 7.4 before 7.4.29, 8.0 before 8.0.25, 8.1 before 8.1.21, 8.2 before 8.2.17, 8.3 before 8.3.11, 8.4 before 8.4.4, and 9.0 Beta before 9.0 Beta 2 loads Tcl code from the pltcl_modules table regardless of the table's ownership and permissions, which allows remote authenticated users, with database-creation privileges, to execute arbitrary Tcl code by creating this table and inserting a crafted Tcl script.
4) Code Injection (CVE-ID: CVE-2010-1169)
The vulnerability allows a remote user to execute arbitrary code.
PostgreSQL 7.4 before 7.4.29, 8.0 before 8.0.25, 8.1 before 8.1.21, 8.2 before 8.2.17, 8.3 before 8.3.11, 8.4 before 8.4.4, and 9.0 Beta before 9.0 Beta 2 does not properly restrict PL/perl procedures, which allows remote authenticated users, with database-creation privileges, to execute arbitrary Perl code via a crafted script, related to the Safe module (aka Safe.pm) for Perl. NOTE: some sources report that this issue is the same as CVE-2010-1447.
Remediation
Install update from vendor's website.
References
- http://lists.opensuse.org/opensuse-security-announce/2010-08/msg00001.html
- http://marc.info/?l=bugtraq&m=134124585221119&w=2
- http://secunia.com/advisories/39939
- http://www.debian.org/security/2010/dsa-2051
- http://www.mandriva.com/security/advisories?name=MDVSA-2010:103
- http://www.postgresql.org/docs/current/static/release-7-4-29.html
- http://www.postgresql.org/docs/current/static/release-8-0-25.html
- http://www.postgresql.org/docs/current/static/release-8-1-21.html
- http://www.postgresql.org/docs/current/static/release-8-2-17.html
- http://www.postgresql.org/docs/current/static/release-8-3-11.html
- http://www.postgresql.org/docs/current/static/release-8-4-4.html
- http://www.securityfocus.com/bid/40304
- http://www.vupen.com/english/advisories/2010/1207
- http://www.vupen.com/english/advisories/2010/1221
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11004
- http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705
- http://osvdb.org/64756
- http://secunia.com/advisories/39845
- http://secunia.com/advisories/40049
- http://secunia.com/advisories/40052
- http://security-tracker.debian.org/tracker/CVE-2010-1447
- http://www.debian.org/security/2011/dsa-2267
- http://www.mandriva.com/security/advisories?name=MDVSA-2010:115
- http://www.mandriva.com/security/advisories?name=MDVSA-2010:116
- http://www.openwall.com/lists/oss-security/2010/05/20/5
- http://www.postgresql.org/about/news.1203
- http://www.redhat.com/support/errata/RHSA-2010-0457.html
- http://www.redhat.com/support/errata/RHSA-2010-0458.html
- http://www.securityfocus.com/bid/40305
- http://www.securitytracker.com/id?1023988
- http://www.vupen.com/english/advisories/2010/1167
- https://bugs.launchpad.net/bugs/cve/2010-1447
- https://bugzilla.redhat.com/show_bug.cgi?id=588269
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11530
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7320
- http://lists.fedoraproject.org/pipermail/package-announce/2010-May/041559.html
- http://lists.fedoraproject.org/pipermail/package-announce/2010-May/041579.html
- http://lists.fedoraproject.org/pipermail/package-announce/2010-May/041591.html
- http://osvdb.org/64757
- http://secunia.com/advisories/39815
- http://secunia.com/advisories/39820
- http://secunia.com/advisories/39898
- http://www.postgresql.org/support/security
- http://www.redhat.com/support/errata/RHSA-2010-0427.html
- http://www.redhat.com/support/errata/RHSA-2010-0428.html
- http://www.redhat.com/support/errata/RHSA-2010-0429.html
- http://www.redhat.com/support/errata/RHSA-2010-0430.html
- http://www.securityfocus.com/bid/40215
- http://www.securitytracker.com/id?1023987
- http://www.vupen.com/english/advisories/2010/1182
- http://www.vupen.com/english/advisories/2010/1197
- http://www.vupen.com/english/advisories/2010/1198
- https://bugzilla.redhat.com/show_bug.cgi?id=583072
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10510
- http://osvdb.org/64755
- https://bugzilla.redhat.com/show_bug.cgi?id=582615
- https://exchange.xforce.ibmcloud.com/vulnerabilities/58693
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10645