CVE-2007-6601

{"id": "CVE-2007-6601", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 7.2, "accessVector": "LOCAL", "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 10.0, "baseSeverity": "HIGH", "obtainAllPrivilege": true, "exploitabilityScore": 3.9, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2008-01-09T21:46:00.000", "references": [{"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01420154", "tags": ["Broken Link"], "source": "cve@mitre.org"}, {"url": "http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00000.html", "tags": ["Broken Link"], "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/28359", "tags": ["Not Applicable", "Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/28376", "tags": ["Not Applicable"], "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/28437", "tags": ["Not Applicable"], "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/28438", "tags": ["Not Applicable"], "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/28445", "tags": ["Not Applicable"], "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/28454", "tags": ["Not Applicable"], "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/28455", "tags": ["Not Applicable"], "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/28464", "tags": ["Not Applicable"], "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/28477", "tags": ["Not Applicable"], "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/28479", "tags": ["Not Applicable"], "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/28679", "tags": ["Not Applicable"], "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/28698", "tags": ["Not Applicable"], "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/29638", "tags": ["Not Applicable"], "source": "cve@mitre.org"}, {"url": "http://security.gentoo.org/glsa/glsa-200801-15.xml", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "http://securitytracker.com/id?1019157", "tags": ["Broken Link", "Third Party Advisory", "VDB Entry"], "source": "cve@mitre.org"}, {"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-103197-1", "tags": ["Broken Link"], "source": "cve@mitre.org"}, {"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-200559-1", "tags": ["Broken Link"], "source": "cve@mitre.org"}, {"url": "http://www.debian.org/security/2008/dsa-1460", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.debian.org/security/2008/dsa-1463", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:004", "tags": ["Broken Link"], "source": "cve@mitre.org"}, {"url": "http://www.postgresql.org/about/news.905", "tags": ["Broken Link"], "source": "cve@mitre.org"}, {"url": "http://www.redhat.com/support/errata/RHSA-2008-0038.html", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.redhat.com/support/errata/RHSA-2008-0039.html", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.redhat.com/support/errata/RHSA-2008-0040.html", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/archive/1/485864/100/0/threaded", "tags": ["Third Party Advisory", "VDB Entry"], "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/archive/1/486407/100/0/threaded", "tags": ["Third Party Advisory", "VDB Entry"], "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/bid/27163", "tags": ["Patch", "Third Party Advisory", "VDB Entry"], "source": "cve@mitre.org"}, {"url": "http://www.vupen.com/english/advisories/2008/0061", "tags": ["Permissions Required"], "source": "cve@mitre.org"}, {"url": "http://www.vupen.com/english/advisories/2008/0109", "tags": ["Permissions Required", "Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.vupen.com/english/advisories/2008/1071/references", "tags": ["Permissions Required"], "source": "cve@mitre.org"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39500", "tags": ["Third Party Advisory", "VDB Entry"], "source": "cve@mitre.org"}, {"url": "https://issues.rpath.com/browse/RPL-1768", "tags": ["Broken Link"], "source": "cve@mitre.org"}, {"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11127", "tags": ["Broken Link"], "source": "cve@mitre.org"}, {"url": "https://usn.ubuntu.com/568-1/", "tags": ["Broken Link"], "source": "cve@mitre.org"}, {"url": "https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00397.html", "tags": ["Mailing List", "Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00469.html", "tags": ["Mailing List", "Third Party Advisory"], "source": "cve@mitre.org"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-287"}]}], "descriptions": [{"lang": "en", "value": "The DBLink module in PostgreSQL 8.2 before 8.2.6, 8.1 before 8.1.11, 8.0 before 8.0.15, 7.4 before 7.4.19, and 7.3 before 7.3.21, when local trust or ident authentication is used, allows remote attackers to gain privileges via unspecified vectors. NOTE: this issue exists because of an incomplete fix for CVE-2007-3278."}, {"lang": "es", "value": "El m\u00f3dulo DBLink en PostgreSQL 8.2 anterior a 8.2.6, 8.1 anterior a 8.1.11, 8.0 anterior a 8.0.15, 7.4 anterior a 7.4.19, y 7.3 anterior a 7.3.21, cuando locales de confianza o identidades de autenticaci\u00f3n son utilizadas, permite a atacantes remotos ganar privlegios a trav\u00e9s de vectores no especificados. NOTA: este asunto existe a causa de un parche incompleto para CVE-2007-3278."}], "lastModified": "2023-01-18T21:19:30.937", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:postgresql:postgresql:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "69279942-4D12-4924-96BE-EE42CEE8C6D4", "versionEndExcluding": "7.3.21", "versionStartIncluding": "7.3.0"}, {"criteria": "cpe:2.3:a:postgresql:postgresql:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A2A8D367-7B80-43B1-88CF-773792A01CCB", "versionEndExcluding": "7.4.19", "versionStartIncluding": "7.4.0"}, {"criteria": "cpe:2.3:a:postgresql:postgresql:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "44129F9A-F9CC-46A8-95AD-30573220DC70", "versionEndExcluding": "8.0.15", "versionStartIncluding": "8.0.0"}, {"criteria": "cpe:2.3:a:postgresql:postgresql:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2FC070BF-4154-4686-A5E0-6A8E942DAFDF", "versionEndExcluding": "8.1.11", "versionStartIncluding": "8.1.0"}, {"criteria": "cpe:2.3:a:postgresql:postgresql:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "809B71BC-405A-4696-ABFA-91BD4F3AE784", "versionEndExcluding": "8.2.6", "versionStartIncluding": "8.2.0"}, {"criteria": "cpe:2.3:a:postgresql:postgresql:8.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7213327F-6909-43A7-952E-11600C28D4E3"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A2E0C1F8-31F5-4F61-9DF7-E49B43D3C873"}, {"criteria": "cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0F92AB32-E7DE-43F4-B877-1F41FA162EC7"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:fedoraproject:fedora:7:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E3EFD171-01F7-450B-B6F3-0F7E443A2337"}, {"criteria": "cpe:2.3:o:fedoraproject:fedora:8:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "72E4DB7F-07C3-46BB-AAA2-05CD0312C57F"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}