#VU43839 Permissions, Privileges, and Access Controls in PostgreSQL - CVE-2012-0866
Published: July 19, 2012 / Updated: August 11, 2020
Vulnerability identifier: #VU43839
Vulnerability risk: Low
CVSSv4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2012-0866
CWE-ID: CWE-264
Exploitation vector: Remote access
Exploit availability:
No public exploit available
Vulnerable software:
PostgreSQL
PostgreSQL
Software vendor:
PostgreSQL Global Development Group
PostgreSQL Global Development Group
Description
The vulnerability allows a remote #AU# to read and manipulate data.
CREATE TRIGGER in PostgreSQL 8.3.x before 8.3.18, 8.4.x before 8.4.11, 9.0.x before 9.0.7, and 9.1.x before 9.1.3 does not properly check the execute permission for trigger functions marked SECURITY DEFINER, which allows remote authenticated users to execute otherwise restricted triggers on arbitrary data by installing the trigger on an attacker-owned table.
Remediation
Install update from vendor's website.
External links
- http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705
- http://lists.opensuse.org/opensuse-updates/2012-09/msg00060.html
- http://rhn.redhat.com/errata/RHSA-2012-0677.html
- http://rhn.redhat.com/errata/RHSA-2012-0678.html
- http://secunia.com/advisories/49272
- http://secunia.com/advisories/49273
- http://www.debian.org/security/2012/dsa-2418
- http://www.mandriva.com/security/advisories?name=MDVSA-2012:026
- http://www.mandriva.com/security/advisories?name=MDVSA-2012:027
- http://www.mandriva.com/security/advisories?name=MDVSA-2012:092
- http://www.postgresql.org/about/news/1377/
- http://www.postgresql.org/docs/8.3/static/release-8-3-18.html
- http://www.postgresql.org/docs/8.4/static/release-8-4-11.html
- http://www.postgresql.org/docs/9.0/static/release-9-0-7.html
- http://www.postgresql.org/docs/9.1/static/release-9-1-3.html