Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

CVE ID:CVE-2007-6600
Description:PostgreSQL 8.2 before 8.2.6, 8.1 before 8.1.11, 8.0 before 8.0.15, 7.4 before 7.4.19, and 7.3 before 7.3.21 uses superuser privileges instead of table owner privileges for (1) VACUUM and (2) ANALYZE operations within index functions, and supports (3) SET ROLE and (4) SET SESSION AUTHORIZATION within index functions, which allows remote authenticated users to gain privileges.
Test IDs: 1.3.6.1.4.1.25623.1.0.60154   1.3.6.1.4.1.25623.1.0.66478   1.3.6.1.4.1.25623.1.0.60373   1.3.6.1.4.1.25623.1.0.65729   1.3.6.1.4.1.25623.1.0.60180   1.3.6.1.4.1.25623.1.0.66681   1.3.6.1.4.1.25623.1.0.60158   1.3.6.1.4.1.25623.1.0.60178   1.3.6.1.4.1.25623.1.0.66611   1.3.6.1.4.1.25623.1.0.65730   1.3.6.1.4.1.25623.1.0.64851   1.3.6.1.4.1.25623.1.0.64850   1.3.6.1.4.1.25623.1.0.880949   1.3.6.1.4.1.25623.1.0.880695   1.3.6.1.4.1.25623.1.0.880858  
Cross References: Common Vulnerability Exposure (CVE) ID: CVE-2007-6600
BugTraq ID: 27163
http://www.securityfocus.com/bid/27163
Bugtraq: 20080107 PostgreSQL 2007-01-07 Cumulative Security Release (Google Search)
http://www.securityfocus.com/archive/1/485864/100/0/threaded
Bugtraq: 20080115 rPSA-2008-0016-1 postgresql postgresql-server (Google Search)
http://www.securityfocus.com/archive/1/486407/100/0/threaded
Debian Security Information: DSA-1460 (Google Search)
http://www.debian.org/security/2008/dsa-1460
Debian Security Information: DSA-1463 (Google Search)
http://www.debian.org/security/2008/dsa-1463
https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00397.html
https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00469.html
http://security.gentoo.org/glsa/glsa-200801-15.xml
HPdes Security Advisory: HPSBTU02325
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01420154
HPdes Security Advisory: SSRT080006
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01420154
http://www.mandriva.com/security/advisories?name=MDVSA-2008:004
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10493
RedHat Security Advisories: RHSA-2008:0038
http://www.redhat.com/support/errata/RHSA-2008-0038.html
RedHat Security Advisories: RHSA-2008:0039
http://www.redhat.com/support/errata/RHSA-2008-0039.html
RedHat Security Advisories: RHSA-2008:0040
http://www.redhat.com/support/errata/RHSA-2008-0040.html
http://securitytracker.com/id?1019157
http://secunia.com/advisories/28359
http://secunia.com/advisories/28376
http://secunia.com/advisories/28437
http://secunia.com/advisories/28438
http://secunia.com/advisories/28445
http://secunia.com/advisories/28454
http://secunia.com/advisories/28455
http://secunia.com/advisories/28464
http://secunia.com/advisories/28477
http://secunia.com/advisories/28479
http://secunia.com/advisories/28679
http://secunia.com/advisories/28698
http://secunia.com/advisories/29638
http://sunsolve.sun.com/search/document.do?assetkey=1-26-103197-1
http://sunsolve.sun.com/search/document.do?assetkey=1-66-200559-1
SuSE Security Announcement: SUSE-SA:2008:005 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00000.html
https://usn.ubuntu.com/568-1/
http://www.vupen.com/english/advisories/2008/0061
http://www.vupen.com/english/advisories/2008/0109
http://www.vupen.com/english/advisories/2008/1071/references
XForce ISS Database: postgresql-indexfunctions-priv-escalation(39496)
https://exchange.xforce.ibmcloud.com/vulnerabilities/39496




© 1998-2024 E-Soft Inc. All rights reserved.