Posts Tagged ‘Postgresql’

PostgreSQL vulnerability

[USN-753-1] PostgreSQL vulnerability

<!– Envelope-to: email@address Delivery-date: Tue, 07 Apr 2009 18:36:12 +0100 Received: from outgoing.securityfocus.com ([205.206.231.27] helo=outgoing3.securityfocus.com) by lt.network5.net with esmtp (Exim 4.43) id 1LrFDX-00055K-TP for email@address; Tue, 07 Apr 2009 18:36:12 +0100 Received: from lists2.securityfocus.com (lists2.securityfocus.com [205.206.231.20]) by outgoing3.securityfocus.com (Postfix) with QMQP id DE1F223736A; Tue, 7 Apr 2009 10:33:59 -0600 (MDT) Mailing-List: contact [...]

PostgreSQL vulnerability

[USN-753-1] PostgreSQL vulnerability

Posted by Marc Deslauriers on Apr 07

=========================================================== Ubuntu Security Notice USN-753-1 April 07, 2009 postgresql-8.1, postgresql-8.3 vulnerability CVE-2009-0922 ===========================================================
A security issue affects the following Ubuntu…
URL: http://seclists.org/fulldisclosure/2009/Apr/0058.html

Next-gen SQL injection opens server door

Next-gen SQL injection opens server door

A vulnerability estimated to affect more than 1 in 10 websites could go lethal with the finding that it can be used to reliably take complete control of the site’s underlying server.
Research to be presented at the Black Hat security conference in Amsterdam later this month will show how so-called [...]

[ MDVSA-2009:079 ] postgresql

Bugtraq: [ MDVSA-2009:079 ] postgresql

[ MDVSA-2009:079 ] postgresql
URL: http://www.securityfocus.com/archive/1/502056

postgresql

[ MDVSA-2009:079 ] postgresql

Posted by security_at_mandriva.com on Mar 23

 _______________________________________________________________________
 Mandriva Linux Security Advisory MDVSA-2009:079  http://www.mandriva.com/security/  _______________________________________________________________________
 Package :…
URL: http://seclists.org/fulldisclosure/2009/Mar/0322.html

PostgreSQL Conversion Encoding Remote Denial of Service Vulnerability

Vuln: PostgreSQL Conversion Encoding Remote Denial of Service Vulnerability

PostgreSQL Conversion Encoding Remote Denial of Service Vulnerability
URL: http://www.securityfocus.com/bid/34090

0922 (postgresql)

CVE-2009-0922 (postgresql)

PostgreSQL before 8.3.7, 8.2.13, 8.1.17, 8.0.21, and 7.4.25 allows remote authenticated users to cause a denial of service (stack consumption and crash) by triggering a failure in the conversion of a localized error message to a client-specified encoding, as demonstrated using mismatched encoding conversion requests.
URL: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0922