Permissions, Privileges, and Access Controls in PostgreSQL - CVE-2012-0866
Published: July 19, 2012 / Updated: August 11, 2020
Vulnerability identifier: #VU43839
CSH Severity: Low
CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2012-0866
CWE-ID: CWE-264
Exploitation vector: Remote access
Exploit availability:
No public exploit available
Vendor: PostgreSQL Global Development Group
Affected software:
PostgreSQL
PostgreSQL
Detailed vulnerability description
The vulnerability allows a remote #AU# to read and manipulate data.
CREATE TRIGGER in PostgreSQL 8.3.x before 8.3.18, 8.4.x before 8.4.11, 9.0.x before 9.0.7, and 9.1.x before 9.1.3 does not properly check the execute permission for trigger functions marked SECURITY DEFINER, which allows remote authenticated users to execute otherwise restricted triggers on arbitrary data by installing the trigger on an attacker-owned table.
How to mitigate CVE-2012-0866
Install update from vendor's website.
Sources
- http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705
- http://lists.opensuse.org/opensuse-updates/2012-09/msg00060.html
- http://rhn.redhat.com/errata/RHSA-2012-0677.html
- http://rhn.redhat.com/errata/RHSA-2012-0678.html
- http://secunia.com/advisories/49272
- http://secunia.com/advisories/49273
- http://www.debian.org/security/2012/dsa-2418
- http://www.mandriva.com/security/advisories?name=MDVSA-2012:026
- http://www.mandriva.com/security/advisories?name=MDVSA-2012:027
- http://www.mandriva.com/security/advisories?name=MDVSA-2012:092
- http://www.postgresql.org/about/news/1377/
- http://www.postgresql.org/docs/8.3/static/release-8-3-18.html
- http://www.postgresql.org/docs/8.4/static/release-8-4-11.html
- http://www.postgresql.org/docs/9.0/static/release-9-0-7.html
- http://www.postgresql.org/docs/9.1/static/release-9-1-3.html