Multiple vulnerabilities in PostgreSQL
| Risk | Low |
| Patch available | YES |
| Number of vulnerabilities | 2 |
| CVE-ID | CVE-2006-5542 CVE-2006-5540 |
| CWE-ID | CWE-20 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software |
PostgreSQL Server applications / Database software |
| Vendor | PostgreSQL Global Development Group |
Security Bulletin
This security bulletin contains information about 2 vulnerabilities.
1) Input validation error
EUVDB-ID: #VU111784
Risk: Low
CVSSv4.0: 1.3 [CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2006-5542
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote user to perform service disruption.
backend/tcop/postgres.c in PostgreSQL 8.1.x before 8.1.5 allows remote authenticated users to cause a denial of service (daemon crash) related to duration logging of V3-protocol Execute messages for (1) COMMIT and (2) ROLLBACK SQL statements.
MitigationInstall update from vendor's website.
Vulnerable software versionsPostgreSQL: 8.1 - 8.1.4
CPE2.3- cpe:2.3:a:postgresql_global_development_group:postgresql:8.1:*:*:*:*:*:*:*
- cpe:2.3:a:postgresql_global_development_group:postgresql:*:*:*:*:*:*:*:*
- cpe:2.3:a:postgresql_global_development_group:postgresql:8.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:postgresql_global_development_group:postgresql:8.1.2:*:*:*:*:*:*:*
- cpe:2.3:a:postgresql_global_development_group:postgresql:8.1.3:*:*:*:*:*:*:*
https://projects.commandprompt.com/public/pgsql/changeset/25953
https://secunia.com/advisories/22562
https://secunia.com/advisories/22584
https://secunia.com/advisories/22606
https://secunia.com/advisories/22636
https://secunia.com/advisories/23048
https://secunia.com/advisories/23132
https://secunia.com/advisories/24577
https://securitytracker.com/id?1017115
https://support.avaya.com/elmodocs2/security/ASA-2007-117.htm
https://support.novell.com/techcenter/psdb/59650c03a8bc5ae310cd7898bd106ad2.html
https://www.mandriva.com/security/advisories?name=MDKSA-2006:194
https://www.novell.com/linux/security/advisories/2006_27_sr.html
https://www.postgresql.org/about/news.664
https://www.redhat.com/support/errata/RHSA-2007-0067.html
https://www.redhat.com/support/errata/RHSA-2007-0068.html
https://www.securityfocus.com/bid/20717
https://www.trustix.org/errata/2006/0059/
https://www.ubuntu.com/usn/usn-369-1
https://www.ubuntu.com/usn/usn-369-2
https://www.vupen.com/english/advisories/2006/4182
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10122
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected application in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Input validation error
EUVDB-ID: #VU111786
Risk: Low
CVSSv4.0: 1.3 [CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2006-5540
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote user to perform service disruption.
backend/parser/analyze.c in PostgreSQL 8.1.x before 8.1.5 allows remote authenticated users to cause a denial of service (daemon crash) via certain aggregate functions in an UPDATE statement, which are not properly handled during a "MIN/MAX index optimization."
MitigationInstall update from vendor's website.
Vulnerable software versionsPostgreSQL: 8.1 - 8.1.4
CPE2.3- cpe:2.3:a:postgresql_global_development_group:postgresql:8.1:*:*:*:*:*:*:*
- cpe:2.3:a:postgresql_global_development_group:postgresql:8.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:postgresql_global_development_group:postgresql:8.1.2:*:*:*:*:*:*:*
- cpe:2.3:a:postgresql_global_development_group:postgresql:8.1.3:*:*:*:*:*:*:*
https:ftp://patches.sgi.com/support/free/security/advisories/20070201-01-P.asc
https://projects.commandprompt.com/public/pgsql/changeset/25504
https://secunia.com/advisories/22562
https://secunia.com/advisories/22584
https://secunia.com/advisories/22606
https://secunia.com/advisories/22636
https://secunia.com/advisories/23048
https://secunia.com/advisories/23132
https://secunia.com/advisories/24094
https://secunia.com/advisories/24284
https://secunia.com/advisories/24577
https://securitytracker.com/id?1017115
https://support.avaya.com/elmodocs2/security/ASA-2007-117.htm
https://support.novell.com/techcenter/psdb/59650c03a8bc5ae310cd7898bd106ad2.html
https://www.mandriva.com/security/advisories?name=MDKSA-2006:194
https://www.novell.com/linux/security/advisories/2006_27_sr.html
https://www.postgresql.org/about/news.664
https://www.redhat.com/support/errata/RHSA-2007-0064.html
https://www.redhat.com/support/errata/RHSA-2007-0067.html
https://www.redhat.com/support/errata/RHSA-2007-0068.html
https://www.securityfocus.com/bid/20717
https://www.trustix.org/errata/2006/0059/
https://www.ubuntu.com/usn/usn-369-1
https://www.ubuntu.com/usn/usn-369-2
https://www.vupen.com/english/advisories/2006/4182
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11425
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected application in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
