PostgreSQL: Multiple vulnerabilities

Security Team Contact Address

Updated February 07, 2005

1. Gentoo Linux Security Advisory

Advisory Reference	GLSA 200502-08 / postgresql
Release Date	February 07, 2005
Latest Revision	June 26, 2007: 06
Impact	normal
Exploitable	remote and local

Package	Vulnerable versions	Unaffected versions	Architecture(s)
dev-db/postgresql	< 7.3.10, < 7.4.7, < 8.0.1	= 7.3, = 7.4, >= 8.0.1	All supported architectures

Related bugreports: #80342

Synopsis

PostgreSQL contains several vulnerabilities which could lead to execution of arbitrary code, Denial of Service and security bypass.

2. Impact Information

Background

PostgreSQL is a SQL compliant, open source object-relational database management system.

Description

PostgreSQL's contains several vulnerabilities:

John Heasman discovered that the LOAD extension is vulnerable to local privilege escalation (CAN-2005-0227).
It is possible to bypass the EXECUTE permission check for functions (CAN-2005-0244).
The PL/PgSQL parser is vulnerable to heap-based buffer overflow (CAN-2005-0244).
The intagg contrib module is vulnerable to a Denial of Service (CAN-2005-0246).

Impact

An attacker could exploit this to execute arbitrary code with the privileges of the PostgreSQL server, bypass security restrictions and crash the server.

3. Resolution Information

Workaround

There is no know workaround at this time.

Resolution

All PostgreSQL users should upgrade to the latest version:

Code Listing 3.1: Resolution

# emerge --sync
# emerge --ask --oneshot --verbose dev-db/postgresql

4. References