The DBLink module in PostgreSQL 8.2 before 8.2.6, 8.1 before 8.1.11, 8.0 before 8.0.15, 7.4 before 7.4.19, and 7.3 before 7.3.21, when local trust or ident authentication is used, allows remote attackers to gain privileges via unspecified vectors. NOTE: this issue exists because of an incomplete fix for CVE-2007-3278.
References
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
|
History
18 Jan 2023, 21:19
Type | Values Removed | Values Added |
---|---|---|
References | (REDHAT) http://www.redhat.com/support/errata/RHSA-2008-0039.html - Third Party Advisory | |
References | (GENTOO) http://security.gentoo.org/glsa/glsa-200801-15.xml - Third Party Advisory | |
References | (BID) http://www.securityfocus.com/bid/27163 - Patch, Third Party Advisory, VDB Entry | |
References | (DEBIAN) http://www.debian.org/security/2008/dsa-1463 - Third Party Advisory | |
References | (SECUNIA) http://secunia.com/advisories/28454 - Not Applicable | |
References | (SECUNIA) http://secunia.com/advisories/28445 - Not Applicable | |
References | (CONFIRM) http://www.postgresql.org/about/news.905 - Broken Link | |
References | (SECUNIA) http://secunia.com/advisories/28455 - Not Applicable | |
References | (SECUNIA) http://secunia.com/advisories/28438 - Not Applicable | |
References | (VUPEN) http://www.vupen.com/english/advisories/2008/1071/references - Permissions Required | |
References | (HP) http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01420154 - Broken Link | |
References | (REDHAT) http://www.redhat.com/support/errata/RHSA-2008-0040.html - Third Party Advisory | |
References | (SECUNIA) http://secunia.com/advisories/28679 - Not Applicable | |
References | (SECUNIA) http://secunia.com/advisories/29638 - Not Applicable | |
References | (FEDORA) https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00397.html - Mailing List, Third Party Advisory | |
References | (FEDORA) https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00469.html - Mailing List, Third Party Advisory | |
References | (DEBIAN) http://www.debian.org/security/2008/dsa-1460 - Third Party Advisory | |
References | (SUNALERT) http://sunsolve.sun.com/search/document.do?assetkey=1-26-103197-1 - Broken Link | |
References | (REDHAT) http://www.redhat.com/support/errata/RHSA-2008-0038.html - Third Party Advisory | |
References | (VUPEN) http://www.vupen.com/english/advisories/2008/0109 - Permissions Required, Third Party Advisory | |
References | (BUGTRAQ) http://www.securityfocus.com/archive/1/486407/100/0/threaded - Third Party Advisory, VDB Entry | |
References | (CONFIRM) https://issues.rpath.com/browse/RPL-1768 - Broken Link | |
References | (SECUNIA) http://secunia.com/advisories/28698 - Not Applicable | |
References | (UBUNTU) https://usn.ubuntu.com/568-1/ - Broken Link | |
References | (OVAL) https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11127 - Broken Link | |
References | (SECTRACK) http://securitytracker.com/id?1019157 - Broken Link, Third Party Advisory, VDB Entry | |
References | (XF) https://exchange.xforce.ibmcloud.com/vulnerabilities/39500 - Third Party Advisory, VDB Entry | |
References | (VUPEN) http://www.vupen.com/english/advisories/2008/0061 - Permissions Required | |
References | (SECUNIA) http://secunia.com/advisories/28437 - Not Applicable | |
References | (SECUNIA) http://secunia.com/advisories/28359 - Not Applicable, Vendor Advisory | |
References | (BUGTRAQ) http://www.securityfocus.com/archive/1/485864/100/0/threaded - Third Party Advisory, VDB Entry | |
References | (SECUNIA) http://secunia.com/advisories/28464 - Not Applicable | |
References | (SUNALERT) http://sunsolve.sun.com/search/document.do?assetkey=1-66-200559-1 - Broken Link | |
References | (MANDRIVA) http://www.mandriva.com/security/advisories?name=MDVSA-2008:004 - Broken Link | |
References | (SECUNIA) http://secunia.com/advisories/28376 - Not Applicable | |
References | (SECUNIA) http://secunia.com/advisories/28479 - Not Applicable | |
References | (SECUNIA) http://secunia.com/advisories/28477 - Not Applicable | |
References | (SUSE) http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00000.html - Broken Link | |
First Time |
Debian
Debian debian Linux Fedoraproject Fedoraproject fedora |
|
CPE | cpe:2.3:a:postgresql:postgresql:8.0.8:*:*:*:*:*:*:* cpe:2.3:a:postgresql:postgresql:7.4.12:*:*:*:*:*:*:* cpe:2.3:a:postgresql:postgresql:8.1.3:*:*:*:*:*:*:* cpe:2.3:a:postgresql:postgresql:8.0.5:*:*:*:*:*:*:* cpe:2.3:a:postgresql:postgresql:8.0.317:*:*:*:*:*:*:* cpe:2.3:a:postgresql:postgresql:7.3.6:*:*:*:*:*:*:* cpe:2.3:a:postgresql:postgresql:7.3.11:*:*:*:*:*:*:* cpe:2.3:a:postgresql:postgresql:8.2.3:*:*:*:*:*:*:* cpe:2.3:a:postgresql:postgresql:7.4.16:*:*:*:*:*:*:* cpe:2.3:a:postgresql:postgresql:7.3.12:*:*:*:*:*:*:* cpe:2.3:a:postgresql:postgresql:8.0.9:*:*:*:*:*:*:* cpe:2.3:a:postgresql:postgresql:7.4.14:*:*:*:*:*:*:* cpe:2.3:a:postgresql:postgresql:7.3.15:*:*:*:*:*:*:* cpe:2.3:a:postgresql:postgresql:7.4.8:*:*:*:*:*:*:* cpe:2.3:a:postgresql:postgresql:8.1.8:*:*:*:*:*:*:* cpe:2.3:a:postgresql:postgresql:8.2.2:*:*:*:*:*:*:* cpe:2.3:a:postgresql:postgresql:7.4.13:*:*:*:*:*:*:* cpe:2.3:a:postgresql:postgresql:7.4.17:*:*:*:*:*:*:* cpe:2.3:a:postgresql:postgresql:7.3.4:*:*:*:*:*:*:* cpe:2.3:a:postgresql:postgresql:7.4.3:*:*:*:*:*:*:* cpe:2.3:a:postgresql:postgresql:8.0.4:*:*:*:*:*:*:* cpe:2.3:a:postgresql:postgresql:8.0.13:*:*:*:*:*:*:* cpe:2.3:a:postgresql:postgresql:8.0.1:*:*:*:*:*:*:* cpe:2.3:a:postgresql:postgresql:7.3.3:*:*:*:*:*:*:* cpe:2.3:a:postgresql:postgresql:7.3.1:*:*:*:*:*:*:* cpe:2.3:a:postgresql:postgresql:7.3.16:*:*:*:*:*:*:* cpe:2.3:a:postgresql:postgresql:7.4.4:*:*:*:*:*:*:* cpe:2.3:a:postgresql:postgresql:7.3.10:*:*:*:*:*:*:* cpe:2.3:a:postgresql:postgresql:7.4.5:*:*:*:*:*:*:* cpe:2.3:a:postgresql:postgresql:7.3.2:*:*:*:*:*:*:* cpe:2.3:a:postgresql:postgresql:7.3.14:*:*:*:*:*:*:* cpe:2.3:a:postgresql:postgresql:7.3.19:*:*:*:*:*:*:* cpe:2.3:a:postgresql:postgresql:7.4:*:*:*:*:*:*:* cpe:2.3:a:postgresql:postgresql:7.4.6:*:*:*:*:*:*:* cpe:2.3:a:postgresql:postgresql:8.1.1:*:*:*:*:*:*:* cpe:2.3:a:postgresql:postgresql:8.1.7:*:*:*:*:*:*:* cpe:2.3:a:postgresql:postgresql:7.4.9:*:*:*:*:*:*:* cpe:2.3:a:postgresql:postgresql:8.1.5:*:*:*:*:*:*:* cpe:2.3:a:postgresql:postgresql:8.1.4:*:*:*:*:*:*:* cpe:2.3:a:postgresql:postgresql:8.0.2:*:*:*:*:*:*:* cpe:2.3:a:postgresql:postgresql:7.4.1:*:*:*:*:*:*:* cpe:2.3:a:postgresql:postgresql:8.2.4:*:*:*:*:*:*:* cpe:2.3:a:postgresql:postgresql:7.4.7:*:*:*:*:*:*:* cpe:2.3:a:postgresql:postgresql:7.3.13:*:*:*:*:*:*:* cpe:2.3:a:postgresql:postgresql:8.0:*:*:*:*:*:*:* cpe:2.3:a:postgresql:postgresql:8.0.3:*:*:*:*:*:*:* cpe:2.3:a:postgresql:postgresql:7.3.8:*:*:*:*:*:*:* cpe:2.3:a:postgresql:postgresql:7.3.9:*:*:*:*:*:*:* cpe:2.3:a:postgresql:postgresql:8.0.11:*:*:*:*:*:*:* cpe:2.3:a:postgresql:postgresql:7.3:*:*:*:*:*:*:* cpe:2.3:a:postgresql:postgresql:7.4.10:*:*:*:*:*:*:* cpe:2.3:a:postgresql:postgresql:7.4.11:*:*:*:*:*:*:* cpe:2.3:a:postgresql:postgresql:8.0.7:*:*:*:*:*:*:* cpe:2.3:a:postgresql:postgresql:8.1.9:*:*:*:*:*:*:* |
cpe:2.3:o:fedoraproject:fedora:8:*:*:*:*:*:*:* cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:* cpe:2.3:o:fedoraproject:fedora:7:*:*:*:*:*:*:* cpe:2.3:o:debian:debian_linux:3.1:*:*:*:*:*:*:* cpe:2.3:a:postgresql:postgresql:*:*:*:*:*:*:*:* |
Information
Published : 2008-01-09 21:46
Updated : 2023-12-10 10:40
NVD link : CVE-2007-6601
Mitre link : CVE-2007-6601
CVE.ORG link : CVE-2007-6601
JSON object : View
Products Affected
fedoraproject
- fedora
postgresql
- postgresql
debian
- debian_linux
CWE
CWE-287
Improper Authentication