Vulnerabilities > CVE-2006-5540 - Unspecified vulnerability in Postgresql
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN postgresql
nessus
Summary
backend/parser/analyze.c in PostgreSQL 8.1.x before 8.1.5 allows remote authenticated users to cause a denial of service (daemon crash) via certain aggregate functions in an UPDATE statement, which are not properly handled during a "MIN/MAX index optimization."
Vulnerable Configurations
Nessus
NASL family Oracle Linux Local Security Checks NASL id ORACLELINUX_ELSA-2007-0064.NASL description From Red Hat Security Advisory 2007:0064 : Updated postgresql packages that fix two security issues are now available for Red Hat Enterprise Linux 3 and 4. This update has been rated as having moderate security impact by the Red Hat Security Response Team. PostgreSQL is an advanced Object-Relational database management system (DBMS). A flaw was found in the way the PostgreSQL server handles certain SQL-language functions. An authenticated user could execute a sequence of commands which could crash the PostgreSQL server or possibly read from arbitrary memory locations. A user would need to have permissions to drop and add database tables to be able to exploit this issue (CVE-2007-0555). A denial of service flaw was found affecting the PostgreSQL server running on Red Hat Enterprise Linux 4 systems. An authenticated user could execute a SQL command which could crash the PostgreSQL server. (CVE-2006-5540) Users of PostgreSQL should upgrade to these updated packages containing PostgreSQL version 7.4.16 or 7.3.18, which correct these issues. last seen 2020-06-01 modified 2020-06-02 plugin id 67447 published 2013-07-12 reporter This script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/67447 title Oracle Linux 3 / 4 : postgresql (ELSA-2007-0064) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Red Hat Security Advisory RHSA-2007:0064 and # Oracle Linux Security Advisory ELSA-2007-0064 respectively. # include("compat.inc"); if (description) { script_id(67447); script_version("1.10"); script_cvs_date("Date: 2019/10/25 13:36:06"); script_cve_id("CVE-2006-5540", "CVE-2007-0555"); script_bugtraq_id(22387); script_xref(name:"RHSA", value:"2007:0064"); script_name(english:"Oracle Linux 3 / 4 : postgresql (ELSA-2007-0064)"); script_summary(english:"Checks rpm output for the updated packages"); script_set_attribute( attribute:"synopsis", value:"The remote Oracle Linux host is missing one or more security updates." ); script_set_attribute( attribute:"description", value: "From Red Hat Security Advisory 2007:0064 : Updated postgresql packages that fix two security issues are now available for Red Hat Enterprise Linux 3 and 4. This update has been rated as having moderate security impact by the Red Hat Security Response Team. PostgreSQL is an advanced Object-Relational database management system (DBMS). A flaw was found in the way the PostgreSQL server handles certain SQL-language functions. An authenticated user could execute a sequence of commands which could crash the PostgreSQL server or possibly read from arbitrary memory locations. A user would need to have permissions to drop and add database tables to be able to exploit this issue (CVE-2007-0555). A denial of service flaw was found affecting the PostgreSQL server running on Red Hat Enterprise Linux 4 systems. An authenticated user could execute a SQL command which could crash the PostgreSQL server. (CVE-2006-5540) Users of PostgreSQL should upgrade to these updated packages containing PostgreSQL version 7.4.16 or 7.3.18, which correct these issues." ); script_set_attribute( attribute:"see_also", value:"https://oss.oracle.com/pipermail/el-errata/2007-February/000047.html" ); script_set_attribute( attribute:"see_also", value:"https://oss.oracle.com/pipermail/el-errata/2007-March/000096.html" ); script_set_attribute( attribute:"solution", value:"Update the affected postgresql packages." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:S/C:C/I:N/A:C"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"exploit_available", value:"false"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:postgresql"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:postgresql-contrib"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:postgresql-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:postgresql-docs"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:postgresql-jdbc"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:postgresql-libs"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:postgresql-pl"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:postgresql-python"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:postgresql-server"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:postgresql-tcl"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:postgresql-test"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:rh-postgresql"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:rh-postgresql-contrib"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:rh-postgresql-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:rh-postgresql-docs"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:rh-postgresql-jdbc"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:rh-postgresql-libs"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:rh-postgresql-pl"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:rh-postgresql-python"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:rh-postgresql-server"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:rh-postgresql-tcl"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:rh-postgresql-test"); script_set_attribute(attribute:"cpe", value:"cpe:/o:oracle:linux:3"); script_set_attribute(attribute:"cpe", value:"cpe:/o:oracle:linux:4"); script_set_attribute(attribute:"vuln_publication_date", value:"2006/10/26"); script_set_attribute(attribute:"patch_publication_date", value:"2007/02/08"); script_set_attribute(attribute:"plugin_publication_date", value:"2013/07/12"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Oracle Linux Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/OracleLinux", "Host/RedHat/release", "Host/RedHat/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); if (!get_kb_item("Host/OracleLinux")) audit(AUDIT_OS_NOT, "Oracle Linux"); release = get_kb_item("Host/RedHat/release"); if (isnull(release) || !pregmatch(pattern: "Oracle (?:Linux Server|Enterprise Linux)", string:release)) audit(AUDIT_OS_NOT, "Oracle Linux"); os_ver = pregmatch(pattern: "Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\.[0-9]+)?)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Oracle Linux"); os_ver = os_ver[1]; if (! preg(pattern:"^(3|4)([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Oracle Linux 3 / 4", "Oracle Linux " + os_ver); if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && "ia64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Oracle Linux", cpu); flag = 0; if (rpm_check(release:"EL3", cpu:"x86_64", reference:"rh-postgresql-7.3.18-1")) flag++; if (rpm_check(release:"EL3", cpu:"x86_64", reference:"rh-postgresql-contrib-7.3.18-1")) flag++; if (rpm_check(release:"EL3", cpu:"x86_64", reference:"rh-postgresql-devel-7.3.18-1")) flag++; if (rpm_check(release:"EL3", cpu:"x86_64", reference:"rh-postgresql-docs-7.3.18-1")) flag++; if (rpm_check(release:"EL3", cpu:"x86_64", reference:"rh-postgresql-jdbc-7.3.18-1")) flag++; if (rpm_check(release:"EL3", cpu:"x86_64", reference:"rh-postgresql-libs-7.3.18-1")) flag++; if (rpm_check(release:"EL3", cpu:"x86_64", reference:"rh-postgresql-pl-7.3.18-1")) flag++; if (rpm_check(release:"EL3", cpu:"x86_64", reference:"rh-postgresql-python-7.3.18-1")) flag++; if (rpm_check(release:"EL3", cpu:"x86_64", reference:"rh-postgresql-server-7.3.18-1")) flag++; if (rpm_check(release:"EL3", cpu:"x86_64", reference:"rh-postgresql-tcl-7.3.18-1")) flag++; if (rpm_check(release:"EL3", cpu:"x86_64", reference:"rh-postgresql-test-7.3.18-1")) flag++; if (rpm_check(release:"EL4", cpu:"i386", reference:"postgresql-7.4.16-1.RHEL4.1")) flag++; if (rpm_check(release:"EL4", cpu:"x86_64", reference:"postgresql-7.4.16-1.RHEL4.1")) flag++; if (rpm_check(release:"EL4", cpu:"i386", reference:"postgresql-contrib-7.4.16-1.RHEL4.1")) flag++; if (rpm_check(release:"EL4", cpu:"x86_64", reference:"postgresql-contrib-7.4.16-1.RHEL4.1")) flag++; if (rpm_check(release:"EL4", cpu:"i386", reference:"postgresql-devel-7.4.16-1.RHEL4.1")) flag++; if (rpm_check(release:"EL4", cpu:"x86_64", reference:"postgresql-devel-7.4.16-1.RHEL4.1")) flag++; if (rpm_check(release:"EL4", cpu:"i386", reference:"postgresql-docs-7.4.16-1.RHEL4.1")) flag++; if (rpm_check(release:"EL4", cpu:"x86_64", reference:"postgresql-docs-7.4.16-1.RHEL4.1")) flag++; if (rpm_check(release:"EL4", cpu:"i386", reference:"postgresql-jdbc-7.4.16-1.RHEL4.1")) flag++; if (rpm_check(release:"EL4", cpu:"x86_64", reference:"postgresql-jdbc-7.4.16-1.RHEL4.1")) flag++; if (rpm_check(release:"EL4", cpu:"i386", reference:"postgresql-libs-7.4.16-1.RHEL4.1")) flag++; if (rpm_check(release:"EL4", cpu:"x86_64", reference:"postgresql-libs-7.4.16-1.RHEL4.1")) flag++; if (rpm_check(release:"EL4", cpu:"i386", reference:"postgresql-pl-7.4.16-1.RHEL4.1")) flag++; if (rpm_check(release:"EL4", cpu:"x86_64", reference:"postgresql-pl-7.4.16-1.RHEL4.1")) flag++; if (rpm_check(release:"EL4", cpu:"i386", reference:"postgresql-python-7.4.16-1.RHEL4.1")) flag++; if (rpm_check(release:"EL4", cpu:"x86_64", reference:"postgresql-python-7.4.16-1.RHEL4.1")) flag++; if (rpm_check(release:"EL4", cpu:"i386", reference:"postgresql-server-7.4.16-1.RHEL4.1")) flag++; if (rpm_check(release:"EL4", cpu:"x86_64", reference:"postgresql-server-7.4.16-1.RHEL4.1")) flag++; if (rpm_check(release:"EL4", cpu:"i386", reference:"postgresql-tcl-7.4.16-1.RHEL4.1")) flag++; if (rpm_check(release:"EL4", cpu:"x86_64", reference:"postgresql-tcl-7.4.16-1.RHEL4.1")) flag++; if (rpm_check(release:"EL4", cpu:"i386", reference:"postgresql-test-7.4.16-1.RHEL4.1")) flag++; if (rpm_check(release:"EL4", cpu:"x86_64", reference:"postgresql-test-7.4.16-1.RHEL4.1")) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get()); else security_hole(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "postgresql / postgresql-contrib / postgresql-devel / etc"); }NASL family Mandriva Local Security Checks NASL id MANDRAKE_MDKSA-2006-194.NASL description A vulnerability in PostgreSQL 8.1.x allowed remote authenticated users to cause a Denial of Service (daemon crash) via certain aggregate functions in an UPDATE statement which were not handled correctly (CVE-2006-5540). Another DoS issue in PostgreSQL 7.4.x, 8.0.x, and 8.1.x allowed remote authenticated users to crash the daemon via a coercion of an unknown element to ANYARRAY (CVE-2006-5541). Finally, another vulnerability in 8.1.x could allow a remote authenticated user to cause a DoS related to duration logging of V3-protocol Execute message for COMMIT and ROLLBACK statements (CVE-2006-5542). This updated provides the latest 8.0.x and 8.1.x PostgreSQL versions and patches the version of PostgreSQL shipped with Corporate 3.0. After installing this upgrade, you will need to execute last seen 2020-06-01 modified 2020-06-02 plugin id 24579 published 2007-02-18 reporter This script is Copyright (C) 2007-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/24579 title Mandrake Linux Security Advisory : postgresql (MDKSA-2006:194) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Mandrake Linux Security Advisory MDKSA-2006:194. # The text itself is copyright (C) Mandriva S.A. # include("compat.inc"); if (description) { script_id(24579); script_version ("1.15"); script_cvs_date("Date: 2019/08/02 13:32:48"); script_cve_id("CVE-2006-5540", "CVE-2006-5541", "CVE-2006-5542"); script_xref(name:"MDKSA", value:"2006:194"); script_name(english:"Mandrake Linux Security Advisory : postgresql (MDKSA-2006:194)"); script_summary(english:"Checks rpm output for the updated packages"); script_set_attribute( attribute:"synopsis", value: "The remote Mandrake Linux host is missing one or more security updates." ); script_set_attribute( attribute:"description", value: "A vulnerability in PostgreSQL 8.1.x allowed remote authenticated users to cause a Denial of Service (daemon crash) via certain aggregate functions in an UPDATE statement which were not handled correctly (CVE-2006-5540). Another DoS issue in PostgreSQL 7.4.x, 8.0.x, and 8.1.x allowed remote authenticated users to crash the daemon via a coercion of an unknown element to ANYARRAY (CVE-2006-5541). Finally, another vulnerability in 8.1.x could allow a remote authenticated user to cause a DoS related to duration logging of V3-protocol Execute message for COMMIT and ROLLBACK statements (CVE-2006-5542). This updated provides the latest 8.0.x and 8.1.x PostgreSQL versions and patches the version of PostgreSQL shipped with Corporate 3.0. After installing this upgrade, you will need to execute 'service postgresql restart' for it to take effect." ); script_set_attribute(attribute:"solution", value:"Update the affected packages."); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:S/C:N/I:N/A:P"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64ecpg5"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64ecpg5-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64pq4"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64pq4-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:libecpg5"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:libecpg5-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:libpq4"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:libpq4-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:postgresql"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:postgresql-contrib"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:postgresql-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:postgresql-docs"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:postgresql-jdbc"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:postgresql-pl"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:postgresql-plperl"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:postgresql-plpgsql"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:postgresql-plpython"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:postgresql-pltcl"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:postgresql-server"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:postgresql-test"); script_set_attribute(attribute:"cpe", value:"cpe:/o:mandriva:linux:2006"); script_set_attribute(attribute:"cpe", value:"cpe:/o:mandriva:linux:2007"); script_set_attribute(attribute:"patch_publication_date", value:"2006/10/30"); script_set_attribute(attribute:"plugin_publication_date", value:"2007/02/18"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2007-2019 Tenable Network Security, Inc."); script_family(english:"Mandriva Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/Mandrake/release", "Host/Mandrake/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); if (!get_kb_item("Host/Mandrake/release")) audit(AUDIT_OS_NOT, "Mandriva / Mandake Linux"); if (!get_kb_item("Host/Mandrake/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if (cpu !~ "^(amd64|i[3-6]86|x86_64)$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Mandriva / Mandrake Linux", cpu); flag = 0; if (rpm_check(release:"MDK2006.0", cpu:"x86_64", reference:"lib64ecpg5-8.0.9-0.1.20060mdk", yank:"mdk")) flag++; if (rpm_check(release:"MDK2006.0", cpu:"x86_64", reference:"lib64ecpg5-devel-8.0.9-0.1.20060mdk", yank:"mdk")) flag++; if (rpm_check(release:"MDK2006.0", cpu:"x86_64", reference:"lib64pq4-8.0.9-0.1.20060mdk", yank:"mdk")) flag++; if (rpm_check(release:"MDK2006.0", cpu:"x86_64", reference:"lib64pq4-devel-8.0.9-0.1.20060mdk", yank:"mdk")) flag++; if (rpm_check(release:"MDK2006.0", cpu:"i386", reference:"libecpg5-8.0.9-0.1.20060mdk", yank:"mdk")) flag++; if (rpm_check(release:"MDK2006.0", cpu:"i386", reference:"libecpg5-devel-8.0.9-0.1.20060mdk", yank:"mdk")) flag++; if (rpm_check(release:"MDK2006.0", cpu:"i386", reference:"libpq4-8.0.9-0.1.20060mdk", yank:"mdk")) flag++; if (rpm_check(release:"MDK2006.0", cpu:"i386", reference:"libpq4-devel-8.0.9-0.1.20060mdk", yank:"mdk")) flag++; if (rpm_check(release:"MDK2006.0", reference:"postgresql-8.0.9-0.1.20060mdk", yank:"mdk")) flag++; if (rpm_check(release:"MDK2006.0", reference:"postgresql-contrib-8.0.9-0.1.20060mdk", yank:"mdk")) flag++; if (rpm_check(release:"MDK2006.0", reference:"postgresql-devel-8.0.9-0.1.20060mdk", yank:"mdk")) flag++; if (rpm_check(release:"MDK2006.0", reference:"postgresql-docs-8.0.9-0.1.20060mdk", yank:"mdk")) flag++; if (rpm_check(release:"MDK2006.0", reference:"postgresql-jdbc-8.0.9-0.1.20060mdk", yank:"mdk")) flag++; if (rpm_check(release:"MDK2006.0", reference:"postgresql-pl-8.0.9-0.1.20060mdk", yank:"mdk")) flag++; if (rpm_check(release:"MDK2006.0", reference:"postgresql-plperl-8.0.9-0.1.20060mdk", yank:"mdk")) flag++; if (rpm_check(release:"MDK2006.0", reference:"postgresql-plpgsql-8.0.9-0.1.20060mdk", yank:"mdk")) flag++; if (rpm_check(release:"MDK2006.0", reference:"postgresql-plpython-8.0.9-0.1.20060mdk", yank:"mdk")) flag++; if (rpm_check(release:"MDK2006.0", reference:"postgresql-pltcl-8.0.9-0.1.20060mdk", yank:"mdk")) flag++; if (rpm_check(release:"MDK2006.0", reference:"postgresql-server-8.0.9-0.1.20060mdk", yank:"mdk")) flag++; if (rpm_check(release:"MDK2006.0", reference:"postgresql-test-8.0.9-0.1.20060mdk", yank:"mdk")) flag++; if (rpm_check(release:"MDK2007.0", cpu:"x86_64", reference:"lib64ecpg5-8.1.5-1.1mdv2007.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2007.0", cpu:"x86_64", reference:"lib64ecpg5-devel-8.1.5-1.1mdv2007.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2007.0", cpu:"x86_64", reference:"lib64pq4-8.1.5-1.1mdv2007.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2007.0", cpu:"x86_64", reference:"lib64pq4-devel-8.1.5-1.1mdv2007.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2007.0", cpu:"i386", reference:"libecpg5-8.1.5-1.1mdv2007.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2007.0", cpu:"i386", reference:"libecpg5-devel-8.1.5-1.1mdv2007.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2007.0", cpu:"i386", reference:"libpq4-8.1.5-1.1mdv2007.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2007.0", cpu:"i386", reference:"libpq4-devel-8.1.5-1.1mdv2007.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2007.0", reference:"postgresql-8.1.5-1.1mdv2007.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2007.0", reference:"postgresql-contrib-8.1.5-1.1mdv2007.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2007.0", reference:"postgresql-devel-8.1.5-1.1mdv2007.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2007.0", reference:"postgresql-docs-8.1.5-1.1mdv2007.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2007.0", reference:"postgresql-pl-8.1.5-1.1mdv2007.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2007.0", reference:"postgresql-plperl-8.1.5-1.1mdv2007.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2007.0", reference:"postgresql-plpgsql-8.1.5-1.1mdv2007.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2007.0", reference:"postgresql-plpython-8.1.5-1.1mdv2007.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2007.0", reference:"postgresql-pltcl-8.1.5-1.1mdv2007.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2007.0", reference:"postgresql-server-8.1.5-1.1mdv2007.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2007.0", reference:"postgresql-test-8.1.5-1.1mdv2007.0", yank:"mdv")) flag++; if (flag) { if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get()); else security_warning(0); exit(0); } else audit(AUDIT_HOST_NOT, "affected");NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2007-0064.NASL description Updated postgresql packages that fix two security issues are now available for Red Hat Enterprise Linux 3 and 4. This update has been rated as having moderate security impact by the Red Hat Security Response Team. PostgreSQL is an advanced Object-Relational database management system (DBMS). A flaw was found in the way the PostgreSQL server handles certain SQL-language functions. An authenticated user could execute a sequence of commands which could crash the PostgreSQL server or possibly read from arbitrary memory locations. A user would need to have permissions to drop and add database tables to be able to exploit this issue (CVE-2007-0555). A denial of service flaw was found affecting the PostgreSQL server running on Red Hat Enterprise Linux 4 systems. An authenticated user could execute a SQL command which could crash the PostgreSQL server. (CVE-2006-5540) Users of PostgreSQL should upgrade to these updated packages containing PostgreSQL version 7.4.16 or 7.3.18, which correct these issues. last seen 2020-06-01 modified 2020-06-02 plugin id 24319 published 2007-02-09 reporter This script is Copyright (C) 2007-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/24319 title RHEL 3 / 4 : postgresql (RHSA-2007:0064) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Red Hat Security Advisory RHSA-2007:0064. The text # itself is copyright (C) Red Hat, Inc. # include("compat.inc"); if (description) { script_id(24319); script_version ("1.25"); script_cvs_date("Date: 2019/10/25 13:36:12"); script_cve_id("CVE-2006-5540", "CVE-2007-0555"); script_bugtraq_id(22387); script_xref(name:"RHSA", value:"2007:0064"); script_name(english:"RHEL 3 / 4 : postgresql (RHSA-2007:0064)"); script_summary(english:"Checks the rpm output for the updated packages"); script_set_attribute( attribute:"synopsis", value:"The remote Red Hat host is missing one or more security updates." ); script_set_attribute( attribute:"description", value: "Updated postgresql packages that fix two security issues are now available for Red Hat Enterprise Linux 3 and 4. This update has been rated as having moderate security impact by the Red Hat Security Response Team. PostgreSQL is an advanced Object-Relational database management system (DBMS). A flaw was found in the way the PostgreSQL server handles certain SQL-language functions. An authenticated user could execute a sequence of commands which could crash the PostgreSQL server or possibly read from arbitrary memory locations. A user would need to have permissions to drop and add database tables to be able to exploit this issue (CVE-2007-0555). A denial of service flaw was found affecting the PostgreSQL server running on Red Hat Enterprise Linux 4 systems. An authenticated user could execute a SQL command which could crash the PostgreSQL server. (CVE-2006-5540) Users of PostgreSQL should upgrade to these updated packages containing PostgreSQL version 7.4.16 or 7.3.18, which correct these issues." ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2006-5540" ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2007-0555" ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2007:0064" ); script_set_attribute(attribute:"solution", value:"Update the affected packages."); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:S/C:C/I:N/A:C"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"exploit_available", value:"false"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:postgresql"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:postgresql-contrib"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:postgresql-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:postgresql-docs"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:postgresql-jdbc"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:postgresql-libs"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:postgresql-pl"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:postgresql-python"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:postgresql-server"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:postgresql-tcl"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:postgresql-test"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:rh-postgresql"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:rh-postgresql-contrib"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:rh-postgresql-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:rh-postgresql-docs"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:rh-postgresql-jdbc"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:rh-postgresql-libs"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:rh-postgresql-pl"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:rh-postgresql-python"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:rh-postgresql-server"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:rh-postgresql-tcl"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:rh-postgresql-test"); script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:3"); script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:4"); script_set_attribute(attribute:"vuln_publication_date", value:"2006/10/26"); script_set_attribute(attribute:"patch_publication_date", value:"2007/02/07"); script_set_attribute(attribute:"plugin_publication_date", value:"2007/02/09"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2007-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Red Hat Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list", "Host/cpu"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("misc_func.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/RedHat/release"); if (isnull(release) || "Red Hat" >!< release) audit(AUDIT_OS_NOT, "Red Hat"); os_ver = pregmatch(pattern: "Red Hat Enterprise Linux.*release ([0-9]+(\.[0-9]+)?)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Red Hat"); os_ver = os_ver[1]; if (! preg(pattern:"^(3|4)([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Red Hat 3.x / 4.x", "Red Hat " + os_ver); if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "s390" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Red Hat", cpu); yum_updateinfo = get_kb_item("Host/RedHat/yum-updateinfo"); if (!empty_or_null(yum_updateinfo)) { rhsa = "RHSA-2007:0064"; yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa); if (!empty_or_null(yum_report)) { security_report_v4( port : 0, severity : SECURITY_HOLE, extra : yum_report ); exit(0); } else { audit_message = "affected by Red Hat security advisory " + rhsa; audit(AUDIT_OS_NOT, audit_message); } } else { flag = 0; if (rpm_check(release:"RHEL3", reference:"rh-postgresql-7.3.18-1")) flag++; if (rpm_check(release:"RHEL3", reference:"rh-postgresql-contrib-7.3.18-1")) flag++; if (rpm_check(release:"RHEL3", reference:"rh-postgresql-devel-7.3.18-1")) flag++; if (rpm_check(release:"RHEL3", reference:"rh-postgresql-docs-7.3.18-1")) flag++; if (rpm_check(release:"RHEL3", reference:"rh-postgresql-jdbc-7.3.18-1")) flag++; if (rpm_check(release:"RHEL3", reference:"rh-postgresql-libs-7.3.18-1")) flag++; if (rpm_check(release:"RHEL3", reference:"rh-postgresql-pl-7.3.18-1")) flag++; if (rpm_check(release:"RHEL3", reference:"rh-postgresql-python-7.3.18-1")) flag++; if (rpm_check(release:"RHEL3", reference:"rh-postgresql-server-7.3.18-1")) flag++; if (rpm_check(release:"RHEL3", reference:"rh-postgresql-tcl-7.3.18-1")) flag++; if (rpm_check(release:"RHEL3", reference:"rh-postgresql-test-7.3.18-1")) flag++; if (rpm_check(release:"RHEL4", reference:"postgresql-7.4.16-1.RHEL4.1")) flag++; if (rpm_check(release:"RHEL4", reference:"postgresql-contrib-7.4.16-1.RHEL4.1")) flag++; if (rpm_check(release:"RHEL4", reference:"postgresql-devel-7.4.16-1.RHEL4.1")) flag++; if (rpm_check(release:"RHEL4", reference:"postgresql-docs-7.4.16-1.RHEL4.1")) flag++; if (rpm_check(release:"RHEL4", reference:"postgresql-jdbc-7.4.16-1.RHEL4.1")) flag++; if (rpm_check(release:"RHEL4", reference:"postgresql-libs-7.4.16-1.RHEL4.1")) flag++; if (rpm_check(release:"RHEL4", reference:"postgresql-pl-7.4.16-1.RHEL4.1")) flag++; if (rpm_check(release:"RHEL4", reference:"postgresql-python-7.4.16-1.RHEL4.1")) flag++; if (rpm_check(release:"RHEL4", reference:"postgresql-server-7.4.16-1.RHEL4.1")) flag++; if (rpm_check(release:"RHEL4", reference:"postgresql-tcl-7.4.16-1.RHEL4.1")) flag++; if (rpm_check(release:"RHEL4", reference:"postgresql-test-7.4.16-1.RHEL4.1")) flag++; if (flag) { security_report_v4( port : 0, severity : SECURITY_HOLE, extra : rpm_report_get() + redhat_report_package_caveat() ); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "postgresql / postgresql-contrib / postgresql-devel / etc"); } }NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2007-0068.NASL description Updated postgresql packages that fix several security issues are now available for Red Hat Enterprise Linux 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. PostgreSQL is an advanced Object-Relational database management system (DBMS). Two flaws were found in the way the PostgreSQL server handles certain SQL-language functions. An authenticated user could execute a sequence of commands which could crash the PostgreSQL server or possibly read from arbitrary memory locations. A user would need to have permissions to drop and add database tables to be able to exploit these issues (CVE-2007-0555, CVE-2007-0556). Several denial of service flaws were found in the PostgreSQL server. An authenticated user could execute certain SQL commands which could crash the PostgreSQL server (CVE-2006-5540, CVE-2006-5541, CVE-2006-5542). Users of PostgreSQL should upgrade to these updated packages containing PostgreSQL version 8.1.8 which corrects these issues. last seen 2020-06-01 modified 2020-06-02 plugin id 25315 published 2007-05-25 reporter This script is Copyright (C) 2007-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/25315 title RHEL 5 : postgresql (RHSA-2007:0068) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Red Hat Security Advisory RHSA-2007:0068. The text # itself is copyright (C) Red Hat, Inc. # include("compat.inc"); if (description) { script_id(25315); script_version ("1.23"); script_cvs_date("Date: 2019/10/25 13:36:12"); script_cve_id("CVE-2006-5540", "CVE-2006-5541", "CVE-2006-5542", "CVE-2007-0555", "CVE-2007-0556"); script_bugtraq_id(22387); script_xref(name:"RHSA", value:"2007:0068"); script_name(english:"RHEL 5 : postgresql (RHSA-2007:0068)"); script_summary(english:"Checks the rpm output for the updated packages"); script_set_attribute( attribute:"synopsis", value:"The remote Red Hat host is missing one or more security updates." ); script_set_attribute( attribute:"description", value: "Updated postgresql packages that fix several security issues are now available for Red Hat Enterprise Linux 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. PostgreSQL is an advanced Object-Relational database management system (DBMS). Two flaws were found in the way the PostgreSQL server handles certain SQL-language functions. An authenticated user could execute a sequence of commands which could crash the PostgreSQL server or possibly read from arbitrary memory locations. A user would need to have permissions to drop and add database tables to be able to exploit these issues (CVE-2007-0555, CVE-2007-0556). Several denial of service flaws were found in the PostgreSQL server. An authenticated user could execute certain SQL commands which could crash the PostgreSQL server (CVE-2006-5540, CVE-2006-5541, CVE-2006-5542). Users of PostgreSQL should upgrade to these updated packages containing PostgreSQL version 8.1.8 which corrects these issues." ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2006-5540" ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2006-5541" ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2006-5542" ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2007-0555" ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2007-0556" ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2007:0068" ); script_set_attribute(attribute:"solution", value:"Update the affected packages."); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:S/C:C/I:N/A:C"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"exploit_available", value:"false"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:postgresql"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:postgresql-contrib"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:postgresql-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:postgresql-docs"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:postgresql-libs"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:postgresql-pl"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:postgresql-python"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:postgresql-server"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:postgresql-tcl"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:postgresql-test"); script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:5"); script_set_attribute(attribute:"vuln_publication_date", value:"2006/10/26"); script_set_attribute(attribute:"patch_publication_date", value:"2007/03/14"); script_set_attribute(attribute:"plugin_publication_date", value:"2007/05/25"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2007-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Red Hat Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list", "Host/cpu"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("misc_func.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/RedHat/release"); if (isnull(release) || "Red Hat" >!< release) audit(AUDIT_OS_NOT, "Red Hat"); os_ver = pregmatch(pattern: "Red Hat Enterprise Linux.*release ([0-9]+(\.[0-9]+)?)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Red Hat"); os_ver = os_ver[1]; if (! preg(pattern:"^5([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Red Hat 5.x", "Red Hat " + os_ver); if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "s390" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Red Hat", cpu); yum_updateinfo = get_kb_item("Host/RedHat/yum-updateinfo"); if (!empty_or_null(yum_updateinfo)) { rhsa = "RHSA-2007:0068"; yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa); if (!empty_or_null(yum_report)) { security_report_v4( port : 0, severity : SECURITY_HOLE, extra : yum_report ); exit(0); } else { audit_message = "affected by Red Hat security advisory " + rhsa; audit(AUDIT_OS_NOT, audit_message); } } else { flag = 0; if (rpm_check(release:"RHEL5", cpu:"i386", reference:"postgresql-8.1.8-1.el5")) flag++; if (rpm_check(release:"RHEL5", cpu:"s390x", reference:"postgresql-8.1.8-1.el5")) flag++; if (rpm_check(release:"RHEL5", cpu:"x86_64", reference:"postgresql-8.1.8-1.el5")) flag++; if (rpm_check(release:"RHEL5", cpu:"i386", reference:"postgresql-contrib-8.1.8-1.el5")) flag++; if (rpm_check(release:"RHEL5", cpu:"s390x", reference:"postgresql-contrib-8.1.8-1.el5")) flag++; if (rpm_check(release:"RHEL5", cpu:"x86_64", reference:"postgresql-contrib-8.1.8-1.el5")) flag++; if (rpm_check(release:"RHEL5", reference:"postgresql-devel-8.1.8-1.el5")) flag++; if (rpm_check(release:"RHEL5", cpu:"i386", reference:"postgresql-docs-8.1.8-1.el5")) flag++; if (rpm_check(release:"RHEL5", cpu:"s390x", reference:"postgresql-docs-8.1.8-1.el5")) flag++; if (rpm_check(release:"RHEL5", cpu:"x86_64", reference:"postgresql-docs-8.1.8-1.el5")) flag++; if (rpm_check(release:"RHEL5", reference:"postgresql-libs-8.1.8-1.el5")) flag++; if (rpm_check(release:"RHEL5", cpu:"i386", reference:"postgresql-pl-8.1.8-1.el5")) flag++; if (rpm_check(release:"RHEL5", cpu:"s390x", reference:"postgresql-pl-8.1.8-1.el5")) flag++; if (rpm_check(release:"RHEL5", cpu:"x86_64", reference:"postgresql-pl-8.1.8-1.el5")) flag++; if (rpm_check(release:"RHEL5", cpu:"i386", reference:"postgresql-python-8.1.8-1.el5")) flag++; if (rpm_check(release:"RHEL5", cpu:"s390x", reference:"postgresql-python-8.1.8-1.el5")) flag++; if (rpm_check(release:"RHEL5", cpu:"x86_64", reference:"postgresql-python-8.1.8-1.el5")) flag++; if (rpm_check(release:"RHEL5", cpu:"i386", reference:"postgresql-server-8.1.8-1.el5")) flag++; if (rpm_check(release:"RHEL5", cpu:"s390x", reference:"postgresql-server-8.1.8-1.el5")) flag++; if (rpm_check(release:"RHEL5", cpu:"x86_64", reference:"postgresql-server-8.1.8-1.el5")) flag++; if (rpm_check(release:"RHEL5", cpu:"i386", reference:"postgresql-tcl-8.1.8-1.el5")) flag++; if (rpm_check(release:"RHEL5", cpu:"s390x", reference:"postgresql-tcl-8.1.8-1.el5")) flag++; if (rpm_check(release:"RHEL5", cpu:"x86_64", reference:"postgresql-tcl-8.1.8-1.el5")) flag++; if (rpm_check(release:"RHEL5", cpu:"i386", reference:"postgresql-test-8.1.8-1.el5")) flag++; if (rpm_check(release:"RHEL5", cpu:"s390x", reference:"postgresql-test-8.1.8-1.el5")) flag++; if (rpm_check(release:"RHEL5", cpu:"x86_64", reference:"postgresql-test-8.1.8-1.el5")) flag++; if (flag) { security_report_v4( port : 0, severity : SECURITY_HOLE, extra : rpm_report_get() + redhat_report_package_caveat() ); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "postgresql / postgresql-contrib / postgresql-devel / etc"); } }NASL family Ubuntu Local Security Checks NASL id UBUNTU_USN-369-1.NASL description Michael Fuhr discovered an incorrect type check when handling unknown literals. By attempting to coerce such a literal to the ANYARRAY type, a local authenticated attacker could cause a server crash. Josh Drake and Alvaro Herrera reported a crash when using aggregate functions in UPDATE statements. A local authenticated attacker could exploit this to crash the server backend. This update disables this construct, since it is not very well defined and forbidden by the SQL standard. Sergey Koposov discovered a flaw in the duration logging. This could cause a server crash under certain circumstances. Please note that these flaws can usually not be exploited through web and other applications that use a database and are exposed to untrusted input, so these flaws do not pose a threat in usual setups. Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 27949 published 2007-11-10 reporter Ubuntu Security Notice (C) 2007-2019 Canonical, Inc. / NASL script (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/27949 title Ubuntu 6.06 LTS : postgresql-8.1 vulnerabilities (USN-369-1) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Ubuntu Security Notice USN-369-1. The text # itself is copyright (C) Canonical, Inc. See # <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered # trademark of Canonical, Inc. # include("compat.inc"); if (description) { script_id(27949); script_version("1.14"); script_cvs_date("Date: 2019/08/02 13:33:01"); script_cve_id("CVE-2006-5540", "CVE-2006-5541", "CVE-2006-5542"); script_xref(name:"USN", value:"369-1"); script_name(english:"Ubuntu 6.06 LTS : postgresql-8.1 vulnerabilities (USN-369-1)"); script_summary(english:"Checks dpkg output for updated packages."); script_set_attribute( attribute:"synopsis", value: "The remote Ubuntu host is missing one or more security-related patches." ); script_set_attribute( attribute:"description", value: "Michael Fuhr discovered an incorrect type check when handling unknown literals. By attempting to coerce such a literal to the ANYARRAY type, a local authenticated attacker could cause a server crash. Josh Drake and Alvaro Herrera reported a crash when using aggregate functions in UPDATE statements. A local authenticated attacker could exploit this to crash the server backend. This update disables this construct, since it is not very well defined and forbidden by the SQL standard. Sergey Koposov discovered a flaw in the duration logging. This could cause a server crash under certain circumstances. Please note that these flaws can usually not be exploited through web and other applications that use a database and are exposed to untrusted input, so these flaws do not pose a threat in usual setups. Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues." ); script_set_attribute( attribute:"see_also", value:"https://usn.ubuntu.com/369-1/" ); script_set_attribute(attribute:"solution", value:"Update the affected packages."); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:S/C:N/I:N/A:P"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libecpg-compat2"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libecpg-dev"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libecpg5"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libpgtypes2"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libpq-dev"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libpq4"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:postgresql-8.1"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:postgresql-client-8.1"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:postgresql-contrib-8.1"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:postgresql-doc-8.1"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:postgresql-plperl-8.1"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:postgresql-plpython-8.1"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:postgresql-pltcl-8.1"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:postgresql-server-dev-8.1"); script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:6.06:-:lts"); script_set_attribute(attribute:"patch_publication_date", value:"2006/10/24"); script_set_attribute(attribute:"plugin_publication_date", value:"2007/11/10"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"Ubuntu Security Notice (C) 2007-2019 Canonical, Inc. / NASL script (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Ubuntu Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/cpu", "Host/Ubuntu", "Host/Ubuntu/release", "Host/Debian/dpkg-l"); exit(0); } include("audit.inc"); include("ubuntu.inc"); include("misc_func.inc"); if ( ! get_kb_item("Host/local_checks_enabled") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/Ubuntu/release"); if ( isnull(release) ) audit(AUDIT_OS_NOT, "Ubuntu"); release = chomp(release); if (! ereg(pattern:"^(6\.06)$", string:release)) audit(AUDIT_OS_NOT, "Ubuntu 6.06", "Ubuntu " + release); if ( ! get_kb_item("Host/Debian/dpkg-l") ) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Ubuntu", cpu); flag = 0; if (ubuntu_check(osver:"6.06", pkgname:"libecpg-compat2", pkgver:"8.1.4-0ubuntu1.1")) flag++; if (ubuntu_check(osver:"6.06", pkgname:"libecpg-dev", pkgver:"8.1.4-0ubuntu1.1")) flag++; if (ubuntu_check(osver:"6.06", pkgname:"libecpg5", pkgver:"8.1.4-0ubuntu1.1")) flag++; if (ubuntu_check(osver:"6.06", pkgname:"libpgtypes2", pkgver:"8.1.4-0ubuntu1.1")) flag++; if (ubuntu_check(osver:"6.06", pkgname:"libpq-dev", pkgver:"8.1.4-0ubuntu1.1")) flag++; if (ubuntu_check(osver:"6.06", pkgname:"libpq4", pkgver:"8.1.4-0ubuntu1.1")) flag++; if (ubuntu_check(osver:"6.06", pkgname:"postgresql-8.1", pkgver:"8.1.4-0ubuntu1.1")) flag++; if (ubuntu_check(osver:"6.06", pkgname:"postgresql-client-8.1", pkgver:"8.1.4-0ubuntu1.1")) flag++; if (ubuntu_check(osver:"6.06", pkgname:"postgresql-contrib-8.1", pkgver:"8.1.4-0ubuntu1.1")) flag++; if (ubuntu_check(osver:"6.06", pkgname:"postgresql-doc-8.1", pkgver:"8.1.4-0ubuntu1.1")) flag++; if (ubuntu_check(osver:"6.06", pkgname:"postgresql-plperl-8.1", pkgver:"8.1.4-0ubuntu1.1")) flag++; if (ubuntu_check(osver:"6.06", pkgname:"postgresql-plpython-8.1", pkgver:"8.1.4-0ubuntu1.1")) flag++; if (ubuntu_check(osver:"6.06", pkgname:"postgresql-pltcl-8.1", pkgver:"8.1.4-0ubuntu1.1")) flag++; if (ubuntu_check(osver:"6.06", pkgname:"postgresql-server-dev-8.1", pkgver:"8.1.4-0ubuntu1.1")) flag++; if (flag) { security_report_v4( port : 0, severity : SECURITY_WARNING, extra : ubuntu_report_get() ); exit(0); } else { tested = ubuntu_pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "libecpg-compat2 / libecpg-dev / libecpg5 / libpgtypes2 / libpq-dev / etc"); }NASL family Ubuntu Local Security Checks NASL id UBUNTU_USN-369-2.NASL description USN-369-1 fixed three minor PostgreSQL 8.1 vulnerabilities for Ubuntu 6.06 LTS. This update provides the corresponding update for Ubuntu 6.10. Michael Fuhr discovered an incorrect type check when handling unknown literals. By attempting to coerce such a literal to the ANYARRAY type, a local authenticated attacker could cause a server crash. (CVE-2006-5541) Josh Drake and Alvaro Herrera reported a crash when using aggregate functions in UPDATE statements. A local authenticated attacker could exploit this to crash the server backend. This update disables this construct, since it is not very well defined and forbidden by the SQL standard. (CVE-2006-5540) Sergey Koposov discovered a flaw in the duration logging. This could cause a server crash under certain circumstances. (CVE-2006-5542) Please note that these flaws can usually not be exploited through web and other applications that use a database and are exposed to untrusted input, so these flaws do not pose a threat in usual setups. Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 27950 published 2007-11-10 reporter Ubuntu Security Notice (C) 2007-2019 Canonical, Inc. / NASL script (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/27950 title Ubuntu 6.10 : postgresql-8.1 vulnerabilities (USN-369-2) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Ubuntu Security Notice USN-369-2. The text # itself is copyright (C) Canonical, Inc. See # <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered # trademark of Canonical, Inc. # include("compat.inc"); if (description) { script_id(27950); script_version("1.14"); script_cvs_date("Date: 2019/08/02 13:33:01"); script_cve_id("CVE-2006-5540", "CVE-2006-5541", "CVE-2006-5542"); script_xref(name:"USN", value:"369-2"); script_name(english:"Ubuntu 6.10 : postgresql-8.1 vulnerabilities (USN-369-2)"); script_summary(english:"Checks dpkg output for updated packages."); script_set_attribute( attribute:"synopsis", value: "The remote Ubuntu host is missing one or more security-related patches." ); script_set_attribute( attribute:"description", value: "USN-369-1 fixed three minor PostgreSQL 8.1 vulnerabilities for Ubuntu 6.06 LTS. This update provides the corresponding update for Ubuntu 6.10. Michael Fuhr discovered an incorrect type check when handling unknown literals. By attempting to coerce such a literal to the ANYARRAY type, a local authenticated attacker could cause a server crash. (CVE-2006-5541) Josh Drake and Alvaro Herrera reported a crash when using aggregate functions in UPDATE statements. A local authenticated attacker could exploit this to crash the server backend. This update disables this construct, since it is not very well defined and forbidden by the SQL standard. (CVE-2006-5540) Sergey Koposov discovered a flaw in the duration logging. This could cause a server crash under certain circumstances. (CVE-2006-5542) Please note that these flaws can usually not be exploited through web and other applications that use a database and are exposed to untrusted input, so these flaws do not pose a threat in usual setups. Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues." ); script_set_attribute( attribute:"see_also", value:"https://usn.ubuntu.com/369-2/" ); script_set_attribute(attribute:"solution", value:"Update the affected packages."); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:S/C:N/I:N/A:P"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libecpg-compat2"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libecpg-dev"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libecpg5"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libpgtypes2"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libpq-dev"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libpq4"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:postgresql-8.1"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:postgresql-client-8.1"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:postgresql-contrib-8.1"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:postgresql-doc-8.1"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:postgresql-plperl-8.1"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:postgresql-plpython-8.1"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:postgresql-pltcl-8.1"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:postgresql-server-dev-8.1"); script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:6.10"); script_set_attribute(attribute:"patch_publication_date", value:"2006/11/01"); script_set_attribute(attribute:"plugin_publication_date", value:"2007/11/10"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"Ubuntu Security Notice (C) 2007-2019 Canonical, Inc. / NASL script (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Ubuntu Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/cpu", "Host/Ubuntu", "Host/Ubuntu/release", "Host/Debian/dpkg-l"); exit(0); } include("audit.inc"); include("ubuntu.inc"); include("misc_func.inc"); if ( ! get_kb_item("Host/local_checks_enabled") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/Ubuntu/release"); if ( isnull(release) ) audit(AUDIT_OS_NOT, "Ubuntu"); release = chomp(release); if (! ereg(pattern:"^(6\.10)$", string:release)) audit(AUDIT_OS_NOT, "Ubuntu 6.10", "Ubuntu " + release); if ( ! get_kb_item("Host/Debian/dpkg-l") ) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Ubuntu", cpu); flag = 0; if (ubuntu_check(osver:"6.10", pkgname:"libecpg-compat2", pkgver:"8.1.4-7ubuntu0.1")) flag++; if (ubuntu_check(osver:"6.10", pkgname:"libecpg-dev", pkgver:"8.1.4-7ubuntu0.1")) flag++; if (ubuntu_check(osver:"6.10", pkgname:"libecpg5", pkgver:"8.1.4-7ubuntu0.1")) flag++; if (ubuntu_check(osver:"6.10", pkgname:"libpgtypes2", pkgver:"8.1.4-7ubuntu0.1")) flag++; if (ubuntu_check(osver:"6.10", pkgname:"libpq-dev", pkgver:"8.1.4-7ubuntu0.1")) flag++; if (ubuntu_check(osver:"6.10", pkgname:"libpq4", pkgver:"8.1.4-7ubuntu0.1")) flag++; if (ubuntu_check(osver:"6.10", pkgname:"postgresql-8.1", pkgver:"8.1.4-7ubuntu0.1")) flag++; if (ubuntu_check(osver:"6.10", pkgname:"postgresql-client-8.1", pkgver:"8.1.4-7ubuntu0.1")) flag++; if (ubuntu_check(osver:"6.10", pkgname:"postgresql-contrib-8.1", pkgver:"8.1.4-7ubuntu0.1")) flag++; if (ubuntu_check(osver:"6.10", pkgname:"postgresql-doc-8.1", pkgver:"8.1.4-7ubuntu0.1")) flag++; if (ubuntu_check(osver:"6.10", pkgname:"postgresql-plperl-8.1", pkgver:"8.1.4-7ubuntu0.1")) flag++; if (ubuntu_check(osver:"6.10", pkgname:"postgresql-plpython-8.1", pkgver:"8.1.4-7ubuntu0.1")) flag++; if (ubuntu_check(osver:"6.10", pkgname:"postgresql-pltcl-8.1", pkgver:"8.1.4-7ubuntu0.1")) flag++; if (ubuntu_check(osver:"6.10", pkgname:"postgresql-server-dev-8.1", pkgver:"8.1.4-7ubuntu0.1")) flag++; if (flag) { security_report_v4( port : 0, severity : SECURITY_WARNING, extra : ubuntu_report_get() ); exit(0); } else { tested = ubuntu_pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "libecpg-compat2 / libecpg-dev / libecpg5 / libpgtypes2 / libpq-dev / etc"); }NASL family SuSE Local Security Checks NASL id SUSE_POSTGRESQL-2276.NASL description The SQL Server PostgreSQL has been updated to fix the following security problems : - backend/parser/analyze.c in PostgreSQL 8.1.x allowed remote authenticated users to cause a denial of service (daemon crash) via certain aggregate functions in an UPDATE statement, which are not properly handled during a last seen 2020-06-01 modified 2020-06-02 plugin id 29557 published 2007-12-13 reporter This script is Copyright (C) 2007-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/29557 title SuSE 10 Security Update : PostgreSQL (ZYPP Patch Number 2276) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The text description of this plugin is (C) Novell, Inc. # include("compat.inc"); if (description) { script_id(29557); script_version ("1.14"); script_cvs_date("Date: 2019/10/25 13:36:28"); script_cve_id("CVE-2006-5540", "CVE-2006-5541", "CVE-2006-5542"); script_name(english:"SuSE 10 Security Update : PostgreSQL (ZYPP Patch Number 2276)"); script_summary(english:"Checks rpm output for the updated packages"); script_set_attribute( attribute:"synopsis", value:"The remote SuSE 10 host is missing a security-related patch." ); script_set_attribute( attribute:"description", value: "The SQL Server PostgreSQL has been updated to fix the following security problems : - backend/parser/analyze.c in PostgreSQL 8.1.x allowed remote authenticated users to cause a denial of service (daemon crash) via certain aggregate functions in an UPDATE statement, which are not properly handled during a 'MIN/MAX index optimization.'. (CVE-2006-5540) - backend/parser/parse_coerce.c in PostgreSQL 7.4.1 through 7.4.14, 8.0.x before 8.0.9, and 8.1.x before 8.1.5 allows remote authenticated users to cause a denial of service (daemon crash) via a coercion of an unknown element to ANYARRAY. (CVE-2006-5541) - backend/tcop/postgres.c in PostgreSQL 8.1.x before 8.1.5 allows remote authenticated users to cause a denial of service (daemon crash) related to duration logging of V3-protocol Execute messages for (1) COMMIT and (2) ROLLBACK SQL statements. (CVE-2006-5542)" ); script_set_attribute( attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2006-5540.html" ); script_set_attribute( attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2006-5541.html" ); script_set_attribute( attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2006-5542.html" ); script_set_attribute(attribute:"solution", value:"Apply ZYPP patch number 2276."); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:S/C:N/I:N/A:P"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"cpe:/o:suse:suse_linux"); script_set_attribute(attribute:"patch_publication_date", value:"2006/11/15"); script_set_attribute(attribute:"plugin_publication_date", value:"2007/12/13"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2007-2019 Tenable Network Security, Inc."); script_family(english:"SuSE Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list"); exit(0); } include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) exit(0, "Local checks are not enabled."); if (!get_kb_item("Host/SuSE/release")) exit(0, "The host is not running SuSE."); if (!get_kb_item("Host/SuSE/rpm-list")) exit(1, "Could not obtain the list of installed packages."); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) exit(1, "Failed to determine the architecture type."); if (cpu >!< "x86_64" && cpu !~ "^i[3-6]86$") exit(1, "Local checks for SuSE 10 on the '"+cpu+"' architecture have not been implemented."); flag = 0; if (rpm_check(release:"SLED10", sp:0, reference:"postgresql-devel-8.1.4-1.6")) flag++; if (rpm_check(release:"SLED10", sp:0, reference:"postgresql-libs-8.1.4-1.6")) flag++; if (rpm_check(release:"SLED10", sp:0, cpu:"x86_64", reference:"postgresql-libs-32bit-8.1.4-1.6")) flag++; if (rpm_check(release:"SLES10", sp:0, reference:"postgresql-8.1.4-1.6")) flag++; if (rpm_check(release:"SLES10", sp:0, reference:"postgresql-contrib-8.1.4-1.6")) flag++; if (rpm_check(release:"SLES10", sp:0, reference:"postgresql-devel-8.1.4-1.6")) flag++; if (rpm_check(release:"SLES10", sp:0, reference:"postgresql-docs-8.1.4-1.6")) flag++; if (rpm_check(release:"SLES10", sp:0, reference:"postgresql-libs-8.1.4-1.6")) flag++; if (rpm_check(release:"SLES10", sp:0, reference:"postgresql-pl-8.1.4-1.6")) flag++; if (rpm_check(release:"SLES10", sp:0, reference:"postgresql-server-8.1.4-1.6")) flag++; if (rpm_check(release:"SLES10", sp:0, cpu:"x86_64", reference:"postgresql-libs-32bit-8.1.4-1.6")) flag++; if (flag) { if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get()); else security_warning(0); exit(0); } else exit(0, "The host is not affected.");NASL family CentOS Local Security Checks NASL id CENTOS_RHSA-2007-0064.NASL description Updated postgresql packages that fix two security issues are now available for Red Hat Enterprise Linux 3 and 4. This update has been rated as having moderate security impact by the Red Hat Security Response Team. PostgreSQL is an advanced Object-Relational database management system (DBMS). A flaw was found in the way the PostgreSQL server handles certain SQL-language functions. An authenticated user could execute a sequence of commands which could crash the PostgreSQL server or possibly read from arbitrary memory locations. A user would need to have permissions to drop and add database tables to be able to exploit this issue (CVE-2007-0555). A denial of service flaw was found affecting the PostgreSQL server running on Red Hat Enterprise Linux 4 systems. An authenticated user could execute a SQL command which could crash the PostgreSQL server. (CVE-2006-5540) Users of PostgreSQL should upgrade to these updated packages containing PostgreSQL version 7.4.16 or 7.3.18, which correct these issues. last seen 2020-06-01 modified 2020-06-02 plugin id 24290 published 2007-02-09 reporter This script is Copyright (C) 2007-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/24290 title CentOS 3 / 4 : postgresql (CESA-2007:0064) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Red Hat Security Advisory RHSA-2007:0064 and # CentOS Errata and Security Advisory 2007:0064 respectively. # include("compat.inc"); if (description) { script_id(24290); script_version("1.16"); script_cvs_date("Date: 2019/10/25 13:36:03"); script_cve_id("CVE-2006-5540", "CVE-2007-0555"); script_bugtraq_id(22387); script_xref(name:"RHSA", value:"2007:0064"); script_name(english:"CentOS 3 / 4 : postgresql (CESA-2007:0064)"); script_summary(english:"Checks rpm output for the updated packages"); script_set_attribute( attribute:"synopsis", value:"The remote CentOS host is missing one or more security updates." ); script_set_attribute( attribute:"description", value: "Updated postgresql packages that fix two security issues are now available for Red Hat Enterprise Linux 3 and 4. This update has been rated as having moderate security impact by the Red Hat Security Response Team. PostgreSQL is an advanced Object-Relational database management system (DBMS). A flaw was found in the way the PostgreSQL server handles certain SQL-language functions. An authenticated user could execute a sequence of commands which could crash the PostgreSQL server or possibly read from arbitrary memory locations. A user would need to have permissions to drop and add database tables to be able to exploit this issue (CVE-2007-0555). A denial of service flaw was found affecting the PostgreSQL server running on Red Hat Enterprise Linux 4 systems. An authenticated user could execute a SQL command which could crash the PostgreSQL server. (CVE-2006-5540) Users of PostgreSQL should upgrade to these updated packages containing PostgreSQL version 7.4.16 or 7.3.18, which correct these issues." ); # https://lists.centos.org/pipermail/centos-announce/2007-February/013509.html script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?1b259e7c" ); # https://lists.centos.org/pipermail/centos-announce/2007-February/013510.html script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?d826beb2" ); # https://lists.centos.org/pipermail/centos-announce/2007-February/013512.html script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?294b2bff" ); # https://lists.centos.org/pipermail/centos-announce/2007-February/013514.html script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?8e935b23" ); # https://lists.centos.org/pipermail/centos-announce/2007-February/013519.html script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?68a7d011" ); # https://lists.centos.org/pipermail/centos-announce/2007-February/013520.html script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?184cfa4b" ); script_set_attribute( attribute:"solution", value:"Update the affected postgresql packages." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:S/C:C/I:N/A:C"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"exploit_available", value:"false"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:postgresql"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:postgresql-contrib"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:postgresql-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:postgresql-docs"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:postgresql-jdbc"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:postgresql-libs"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:postgresql-pl"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:postgresql-python"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:postgresql-server"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:postgresql-tcl"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:postgresql-test"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:rh-postgresql"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:rh-postgresql-contrib"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:rh-postgresql-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:rh-postgresql-docs"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:rh-postgresql-jdbc"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:rh-postgresql-libs"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:rh-postgresql-pl"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:rh-postgresql-python"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:rh-postgresql-server"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:rh-postgresql-tcl"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:rh-postgresql-test"); script_set_attribute(attribute:"cpe", value:"cpe:/o:centos:centos:3"); script_set_attribute(attribute:"cpe", value:"cpe:/o:centos:centos:4"); script_set_attribute(attribute:"vuln_publication_date", value:"2006/10/26"); script_set_attribute(attribute:"patch_publication_date", value:"2007/02/07"); script_set_attribute(attribute:"plugin_publication_date", value:"2007/02/09"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2007-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"CentOS Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/CentOS/release", "Host/CentOS/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/CentOS/release"); if (isnull(release) || "CentOS" >!< release) audit(AUDIT_OS_NOT, "CentOS"); os_ver = pregmatch(pattern: "CentOS(?: Linux)? release ([0-9]+)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "CentOS"); os_ver = os_ver[1]; if (! preg(pattern:"^(3|4)([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "CentOS 3.x / 4.x", "CentOS " + os_ver); if (!get_kb_item("Host/CentOS/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && "ia64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "CentOS", cpu); flag = 0; if (rpm_check(release:"CentOS-3", reference:"rh-postgresql-7.3.18-1")) flag++; if (rpm_check(release:"CentOS-3", reference:"rh-postgresql-contrib-7.3.18-1")) flag++; if (rpm_check(release:"CentOS-3", reference:"rh-postgresql-devel-7.3.18-1")) flag++; if (rpm_check(release:"CentOS-3", reference:"rh-postgresql-docs-7.3.18-1")) flag++; if (rpm_check(release:"CentOS-3", reference:"rh-postgresql-jdbc-7.3.18-1")) flag++; if (rpm_check(release:"CentOS-3", reference:"rh-postgresql-libs-7.3.18-1")) flag++; if (rpm_check(release:"CentOS-3", reference:"rh-postgresql-pl-7.3.18-1")) flag++; if (rpm_check(release:"CentOS-3", reference:"rh-postgresql-python-7.3.18-1")) flag++; if (rpm_check(release:"CentOS-3", reference:"rh-postgresql-server-7.3.18-1")) flag++; if (rpm_check(release:"CentOS-3", reference:"rh-postgresql-tcl-7.3.18-1")) flag++; if (rpm_check(release:"CentOS-3", reference:"rh-postgresql-test-7.3.18-1")) flag++; if (rpm_check(release:"CentOS-4", reference:"postgresql-7.4.16-1.RHEL4.1")) flag++; if (rpm_check(release:"CentOS-4", reference:"postgresql-contrib-7.4.16-1.RHEL4.1")) flag++; if (rpm_check(release:"CentOS-4", reference:"postgresql-devel-7.4.16-1.RHEL4.1")) flag++; if (rpm_check(release:"CentOS-4", reference:"postgresql-docs-7.4.16-1.RHEL4.1")) flag++; if (rpm_check(release:"CentOS-4", reference:"postgresql-jdbc-7.4.16-1.RHEL4.1")) flag++; if (rpm_check(release:"CentOS-4", reference:"postgresql-libs-7.4.16-1.RHEL4.1")) flag++; if (rpm_check(release:"CentOS-4", reference:"postgresql-pl-7.4.16-1.RHEL4.1")) flag++; if (rpm_check(release:"CentOS-4", reference:"postgresql-python-7.4.16-1.RHEL4.1")) flag++; if (rpm_check(release:"CentOS-4", reference:"postgresql-server-7.4.16-1.RHEL4.1")) flag++; if (rpm_check(release:"CentOS-4", reference:"postgresql-tcl-7.4.16-1.RHEL4.1")) flag++; if (rpm_check(release:"CentOS-4", reference:"postgresql-test-7.4.16-1.RHEL4.1")) flag++; if (flag) { security_report_v4( port : 0, severity : SECURITY_HOLE, extra : rpm_report_get() ); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "postgresql / postgresql-contrib / postgresql-devel / etc"); }
Oval
| accepted | 2013-04-29T04:13:58.930-04:00 | ||||||||||||||||||||||||||||||||
| class | vulnerability | ||||||||||||||||||||||||||||||||
| contributors |
| ||||||||||||||||||||||||||||||||
| definition_extensions |
| ||||||||||||||||||||||||||||||||
| description | backend/parser/analyze.c in PostgreSQL 8.1.x before 8.1.5 allows remote authenticated users to cause a denial of service (daemon crash) via certain aggregate functions in an UPDATE statement, which are not properly handled during a "MIN/MAX index optimization." | ||||||||||||||||||||||||||||||||
| family | unix | ||||||||||||||||||||||||||||||||
| id | oval:org.mitre.oval:def:11425 | ||||||||||||||||||||||||||||||||
| status | accepted | ||||||||||||||||||||||||||||||||
| submitted | 2010-07-09T03:56:16-04:00 | ||||||||||||||||||||||||||||||||
| title | backend/parser/analyze.c in PostgreSQL 8.1.x before 8.1.5 allows remote authenticated users to cause a denial of service (daemon crash) via certain aggregate functions in an UPDATE statement, which are not properly handled during a "MIN/MAX index optimization." | ||||||||||||||||||||||||||||||||
| version | 27 |
Redhat
| advisories |
| ||||||||||||
| rpms |
|
References
- http://projects.commandprompt.com/public/pgsql/changeset/25504
- http://www.postgresql.org/about/news.664
- http://www.ubuntu.com/usn/usn-369-1
- http://www.securityfocus.com/bid/20717
- http://secunia.com/advisories/22562
- http://secunia.com/advisories/22584
- http://www.trustix.org/errata/2006/0059/
- http://securitytracker.com/id?1017115
- http://secunia.com/advisories/22636
- http://secunia.com/advisories/22606
- http://www.ubuntu.com/usn/usn-369-2
- http://support.novell.com/techcenter/psdb/59650c03a8bc5ae310cd7898bd106ad2.html
- http://www.novell.com/linux/security/advisories/2006_27_sr.html
- http://secunia.com/advisories/23048
- http://secunia.com/advisories/23132
- http://support.avaya.com/elmodocs2/security/ASA-2007-117.htm
- http://www.redhat.com/support/errata/RHSA-2007-0064.html
- http://www.redhat.com/support/errata/RHSA-2007-0067.html
- http://www.redhat.com/support/errata/RHSA-2007-0068.html
- http://secunia.com/advisories/24094
- http://secunia.com/advisories/24577
- http://www.mandriva.com/security/advisories?name=MDKSA-2006:194
- ftp://patches.sgi.com/support/free/security/advisories/20070201-01-P.asc
- http://secunia.com/advisories/24284
- http://www.vupen.com/english/advisories/2006/4182
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11425