Vulnerabilities > CVE-2007-4772 - Resource Management Errors vulnerability in multiple products
Attack vector
NETWORK Attack complexity
LOW Privileges required
SINGLE Confidentiality impact
NONE Integrity impact
NONE Availability impact
PARTIAL Summary
The regular expression parser in TCL before 8.4.17, as used in PostgreSQL 8.2 before 8.2.6, 8.1 before 8.1.11, 8.0 before 8.0.15, and 7.4 before 7.4.19, allows context-dependent attackers to cause a denial of service (infinite loop) via a crafted regular expression.
Vulnerable Configurations
Common Weakness Enumeration (CWE)
Nessus
NASL family CentOS Local Security Checks NASL id CENTOS_RHSA-2008-0134.NASL description Updated tcltk packages that fix a security issue are now available for Red Hat Enterprise Linux 2.1, and 3. This update has been rated as having moderate security impact by the Red Hat Security Response Team. Tcl is a scripting language designed for embedding into other applications and for use with Tk, a widget set. An input validation flaw was discovered in Tk last seen 2020-06-01 modified 2020-06-02 plugin id 31139 published 2008-02-25 reporter This script is Copyright (C) 2008-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/31139 title CentOS 3 : tcltk (CESA-2008:0134) NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2008-0134.NASL description Updated tcltk packages that fix a security issue are now available for Red Hat Enterprise Linux 2.1, and 3. This update has been rated as having moderate security impact by the Red Hat Security Response Team. Tcl is a scripting language designed for embedding into other applications and for use with Tk, a widget set. An input validation flaw was discovered in Tk last seen 2020-06-01 modified 2020-06-02 plugin id 31160 published 2008-02-25 reporter This script is Copyright (C) 2008-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/31160 title RHEL 2.1 / 3 : tcltk (RHSA-2008:0134) NASL family FreeBSD Local Security Checks NASL id FREEBSD_PKG_51436B4C125011DDBAB70016179B2DD5.NASL description The PostgreSQL developers report : PostgreSQL allows users to create indexes on the results of user-defined functions, known as last seen 2020-06-01 modified 2020-06-02 plugin id 32063 published 2008-04-28 reporter This script is Copyright (C) 2008-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/32063 title FreeBSD : postgresql -- multiple vulnerabilities (51436b4c-1250-11dd-bab7-0016179b2dd5) NASL family Mandriva Local Security Checks NASL id MANDRIVA_MDVSA-2008-004.NASL description Index Functions Privilege Escalation (CVE-2007-6600): as a unique feature, PostgreSQL allows users to create indexes on the results of user-defined functions, known as expression indexes. This provided two vulnerabilities to privilege escalation: (1) index functions were executed as the superuser and not the table owner during VACUUM and ANALYZE, and (2) that SET ROLE and SET SESSION AUTHORIZATION were permitted within index functions. Regular Expression Denial-of-Service (CVE-2007-4772, CVE-2007-6067, CVE-2007-4769): three separate issues in the regular expression libraries used by PostgreSQL allowed malicious users to initiate a denial-of-service by passing certain regular expressions in SQL queries. First, users could create infinite loops using some specific regular expressions. Second, certain complex regular expressions could consume excessive amounts of memory. Third, out-of-range backref numbers could be used to crash the backend. DBLink Privilege Escalation (CVE-2007-6601): DBLink functions combined with local trust or ident authentication could be used by a malicious user to gain superuser privileges. This issue has been fixed, and does not affect users who have not installed DBLink (an optional module), or who are using password authentication for local access. This same problem was addressed in the previous release cycle (see CVE-2007-3278), but that patch failed to close all forms of the loophole. Updated packages fix these issues by upgrading to the latest maintenance versions of PostgreSQL. last seen 2020-06-01 modified 2020-06-02 plugin id 38083 published 2009-04-23 reporter This script is Copyright (C) 2009-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/38083 title Mandriva Linux Security Advisory : postgresql (MDVSA-2008:004) NASL family Debian Local Security Checks NASL id DEBIAN_DSA-1460.NASL description Several local vulnerabilities have been discovered in PostgreSQL, an object-relational SQL database. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2007-3278 It was discovered that the DBLink module performed insufficient credential validation. This issue is also tracked as CVE-2007-6601, since the initial upstream fix was incomplete. - CVE-2007-4769 Tavis Ormandy and Will Drewry discovered that a bug in the handling of back-references inside the regular expressions engine could lead to an out of bounds read, resulting in a crash. This constitutes only a security problem if an application using PostgreSQL processes regular expressions from untrusted sources. - CVE-2007-4772 Tavis Ormandy and Will Drewry discovered that the optimizer for regular expression could be tricked into an infinite loop, resulting in denial of service. This constitutes only a security problem if an application using PostgreSQL processes regular expressions from untrusted sources. - CVE-2007-6067 Tavis Ormandy and Will Drewry discovered that the optimizer for regular expression could be tricked massive resource consumption. This constitutes only a security problem if an application using PostgreSQL processes regular expressions from untrusted sources. - CVE-2007-6600 Functions in index expressions could lead to privilege escalation. For a more in depth explanation please see the upstream announce available at http://www.postgresql.org/about/news.905. last seen 2020-06-01 modified 2020-06-02 plugin id 29937 published 2008-01-14 reporter This script is Copyright (C) 2008-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/29937 title Debian DSA-1460-1 : postgresql-8.1 - several vulnerabilities NASL family SuSE Local Security Checks NASL id SUSE_SU-2016-0539-1.NASL description This update for postgresql93 fixes the following issues : - Security and bugfix release 9.3.11 : - Fix infinite loops and buffer-overrun problems in regular expressions (CVE-2016-0773, bsc#966436). - Fix regular-expression compiler to handle loops of constraint arcs (CVE-2007-4772). - Prevent certain PL/Java parameters from being set by non-superusers (CVE-2016-0766, bsc#966435). - Fix many issues in pg_dump with specific object types - Prevent over-eager pushdown of HAVING clauses for GROUPING SETS - Fix deparsing error with ON CONFLICT ... WHERE clauses - Fix tableoid errors for postgres_fdw - Prevent floating-point exceptions in pgbench - Make \det search Foreign Table names consistently - Fix quoting of domain constraint names in pg_dump - Prevent putting expanded objects into Const nodes - Allow compile of PL/Java on Windows - Fix last seen 2020-06-01 modified 2020-06-02 plugin id 88891 published 2016-02-23 reporter This script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/88891 title SUSE SLED12 / SLES12 Security Update : postgresql93 (SUSE-SU-2016:0539-1) NASL family Debian Local Security Checks NASL id DEBIAN_DSA-1463.NASL description Several local vulnerabilities have been discovered in PostgreSQL, an object-relational SQL database. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2007-3278 It was discovered that the DBLink module performed insufficient credential validation. This issue is also tracked as CVE-2007-6601, since the initial upstream fix was incomplete. - CVE-2007-4769 Tavis Ormandy and Will Drewry discovered that a bug in the handling of back-references inside the regular expressions engine could lead to an out of bounds read, resulting in a crash. This constitutes only a security problem if an application using PostgreSQL processes regular expressions from untrusted sources. - CVE-2007-4772 Tavis Ormandy and Will Drewry discovered that the optimizer for regular expression could be tricked into an infinite loop, resulting in denial of service. This constitutes only a security problem if an application using PostgreSQL processes regular expressions from untrusted sources. - CVE-2007-6067 Tavis Ormandy and Will Drewry discovered that the optimizer for regular expression could be tricked massive resource consumption. This constitutes only a security problem if an application using PostgreSQL processes regular expressions from untrusted sources. - CVE-2007-6600 Functions in index expressions could lead to privilege escalation. For a more in depth explanation please see the upstream announce available at http://www.postgresql.org/about/news.905. last seen 2020-06-01 modified 2020-06-02 plugin id 29968 published 2008-01-15 reporter This script is Copyright (C) 2008-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/29968 title Debian DSA-1463-1 : postgresql-7.4 - several vulnerabilities NASL family Ubuntu Local Security Checks NASL id UBUNTU_USN-568-1.NASL description Nico Leidecker discovered that PostgreSQL did not properly restrict dblink functions. An authenticated user could exploit this flaw to access arbitrary accounts and execute arbitrary SQL queries. (CVE-2007-3278, CVE-2007-6601) It was discovered that the TCL regular expression parser used by PostgreSQL did not properly check its input. An attacker could send crafted regular expressions to PostgreSQL and cause a denial of service via resource exhaustion or database crash. (CVE-2007-4769, CVE-2007-4772, CVE-2007-6067) It was discovered that PostgreSQL executed VACUUM and ANALYZE operations within index functions with superuser privileges and also allowed SET ROLE and SET SESSION AUTHORIZATION within index functions. A remote authenticated user could exploit these flaws to gain privileges. (CVE-2007-6600). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 29978 published 2008-01-15 reporter Ubuntu Security Notice (C) 2008-2019 Canonical, Inc. / NASL script (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/29978 title Ubuntu 6.06 LTS / 6.10 / 7.04 / 7.10 : postgresql vulnerabilities (USN-568-1) NASL family SuSE Local Security Checks NASL id SUSE_SU-2016-0555-1.NASL description This update for postgresql94 fixes the following issues : - Security and bugfix release 9.4.6 : - *** IMPORTANT *** Users of version 9.4 will need to reindex any jsonb_path_ops indexes they have created, in order to fix a persistent issue with missing index entries. - Fix infinite loops and buffer-overrun problems in regular expressions (CVE-2016-0773, bsc#966436). - Fix regular-expression compiler to handle loops of constraint arcs (CVE-2007-4772). - Prevent certain PL/Java parameters from being set by non-superusers (CVE-2016-0766, bsc#966435). - Fix many issues in pg_dump with specific object types - Prevent over-eager pushdown of HAVING clauses for GROUPING SETS - Fix deparsing error with ON CONFLICT ... WHERE clauses - Fix tableoid errors for postgres_fdw - Prevent floating-point exceptions in pgbench - Make \det search Foreign Table names consistently - Fix quoting of domain constraint names in pg_dump - Prevent putting expanded objects into Const nodes - Allow compile of PL/Java on Windows - Fix last seen 2020-06-01 modified 2020-06-02 plugin id 88948 published 2016-02-25 reporter This script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/88948 title SUSE SLED12 / SLES12 Security Update : postgresql94 (SUSE-SU-2016:0555-1) NASL family Scientific Linux Local Security Checks NASL id SL_20130108_TCL_ON_SL5_X.NASL description Two denial of service flaws were found in the Tcl regular expression handling engine. If Tcl or an application using Tcl processed a specially crafted regular expression, it would lead to excessive CPU and memory consumption. (CVE-2007-4772, CVE-2007-6067) This update also fixes the following bug : - Due to a suboptimal implementation of threading in the current version of the Tcl language interpreter, an attempt to use threads in combination with fork in a Tcl script could cause the script to stop responding. At the moment, it is not possible to rewrite the source code or drop support for threading entirely. Consequent to this, this update provides a version of Tcl without threading support in addition to the standard version with this support. Users who need to use fork in their Tcl scripts and do not require threading can now switch to the version without threading support by using the alternatives command. last seen 2020-03-18 modified 2013-01-17 plugin id 63605 published 2013-01-17 reporter This script is Copyright (C) 2013-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/63605 title Scientific Linux Security Update : tcl on SL5.x i386/x86_64 (20130108) NASL family Oracle Linux Local Security Checks NASL id ORACLELINUX_ELSA-2008-0134.NASL description From Red Hat Security Advisory 2008:0134 : Updated tcltk packages that fix a security issue are now available for Red Hat Enterprise Linux 2.1, and 3. This update has been rated as having moderate security impact by the Red Hat Security Response Team. Tcl is a scripting language designed for embedding into other applications and for use with Tk, a widget set. An input validation flaw was discovered in Tk last seen 2020-06-01 modified 2020-06-02 plugin id 67653 published 2013-07-12 reporter This script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/67653 title Oracle Linux 3 : tcltk (ELSA-2008-0134) NASL family CentOS Local Security Checks NASL id CENTOS_RHSA-2013-0122.NASL description Updated tcl packages that fix two security issues and one bug are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. Tcl (Tool Command Language) provides a powerful platform for creating integration applications that tie together diverse applications, protocols, devices, and frameworks. When paired with the Tk toolkit, Tcl provides a fast and powerful way to create cross-platform GUI applications. Two denial of service flaws were found in the Tcl regular expression handling engine. If Tcl or an application using Tcl processed a specially crafted regular expression, it would lead to excessive CPU and memory consumption. (CVE-2007-4772, CVE-2007-6067) This update also fixes the following bug : * Due to a suboptimal implementation of threading in the current version of the Tcl language interpreter, an attempt to use threads in combination with fork in a Tcl script could cause the script to stop responding. At the moment, it is not possible to rewrite the source code or drop support for threading entirely. Consequent to this, this update provides a version of Tcl without threading support in addition to the standard version with this support. Users who need to use fork in their Tcl scripts and do not require threading can now switch to the version without threading support by using the alternatives command. (BZ#478961) All users of Tcl are advised to upgrade to these updated packages, which contain backported patches to correct these issues. last seen 2020-06-01 modified 2020-06-02 plugin id 63567 published 2013-01-17 reporter This script is Copyright (C) 2013-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/63567 title CentOS 5 : tcl (CESA-2013:0122) NASL family Oracle Linux Local Security Checks NASL id ORACLELINUX_ELSA-2013-0122.NASL description From Red Hat Security Advisory 2013:0122 : Updated tcl packages that fix two security issues and one bug are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. Tcl (Tool Command Language) provides a powerful platform for creating integration applications that tie together diverse applications, protocols, devices, and frameworks. When paired with the Tk toolkit, Tcl provides a fast and powerful way to create cross-platform GUI applications. Two denial of service flaws were found in the Tcl regular expression handling engine. If Tcl or an application using Tcl processed a specially crafted regular expression, it would lead to excessive CPU and memory consumption. (CVE-2007-4772, CVE-2007-6067) This update also fixes the following bug : * Due to a suboptimal implementation of threading in the current version of the Tcl language interpreter, an attempt to use threads in combination with fork in a Tcl script could cause the script to stop responding. At the moment, it is not possible to rewrite the source code or drop support for threading entirely. Consequent to this, this update provides a version of Tcl without threading support in addition to the standard version with this support. Users who need to use fork in their Tcl scripts and do not require threading can now switch to the version without threading support by using the alternatives command. (BZ#478961) All users of Tcl are advised to upgrade to these updated packages, which contain backported patches to correct these issues. last seen 2020-06-01 modified 2020-06-02 plugin id 68693 published 2013-07-12 reporter This script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/68693 title Oracle Linux 5 : tcl (ELSA-2013-0122) NASL family Fedora Local Security Checks NASL id FEDORA_2008-0478.NASL description - Mon Jan 7 2008 Tom Lane <tgl at redhat.com> 8.2.6-1 - Update to PostgreSQL 8.2.6 to fix CVE-2007-4769, CVE-2007-4772, CVE-2007-6067, CVE-2007-6600, CVE-2007-6601 - Make initscript and pam config files be installed unconditionally; seems new buildroots don last seen 2020-06-01 modified 2020-06-02 plugin id 29944 published 2008-01-14 reporter This script is Copyright (C) 2008-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/29944 title Fedora 8 : postgresql-8.2.6-1.fc8 (2008-0478) NASL family CentOS Local Security Checks NASL id CENTOS_RHSA-2008-0038.NASL description Updated postgresql packages that fix several security issues are now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. PostgreSQL is an advanced Object-Relational database management system (DBMS). The postgresql packages include the client programs and libraries needed to access a PostgreSQL DBMS server. Will Drewry discovered multiple flaws in PostgreSQL last seen 2020-06-01 modified 2020-06-02 plugin id 29933 published 2008-01-14 reporter This script is Copyright (C) 2008-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/29933 title CentOS 4 / 5 : postgresql (CESA-2008:0038) NASL family SuSE Local Security Checks NASL id SUSE_POSTGRESQL-4962.NASL description This version update to 7.4.19 fixes among other things several security issues : - Index Functions Privilege Escalation: CVE-2007-6600 - Regular Expression Denial-of-Service: CVE-2007-4772 / CVE-2007-6067 / CVE-2007-4769 - DBLink Privilege Escalation: CVE-2007-6601 last seen 2020-06-01 modified 2020-06-02 plugin id 30199 published 2008-02-06 reporter This script is Copyright (C) 2008-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/30199 title SuSE 10 Security Update : PostgreSQL (ZYPP Patch Number 4962) NASL family Scientific Linux Local Security Checks NASL id SL_20080221_TCLTK_ON_SL3_X.NASL description An input validation flaw was discovered in Tk last seen 2020-06-01 modified 2020-06-02 plugin id 60362 published 2012-08-01 reporter This script is Copyright (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/60362 title Scientific Linux Security Update : tcltk on SL3.x i386/x86_64 NASL family SuSE Local Security Checks NASL id SUSE9_12065.NASL description This version update to 8.1.11 fixes among other things, several security issues : - Index Functions Privilege Escalation: CVE-2007-6600 - Regular Expression Denial-of-Service: CVE-2007-4772, CVE-2007-6067, CVE-2007-4769 - DBLink Privilege Escalation: CVE-2007-6601 last seen 2020-06-01 modified 2020-06-02 plugin id 41193 published 2009-09-24 reporter This script is Copyright (C) 2009-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/41193 title SuSE9 Security Update : postgresql (YOU Patch Number 12065) NASL family Oracle Linux Local Security Checks NASL id ORACLELINUX_ELSA-2008-0038.NASL description From Red Hat Security Advisory 2008:0038 : Updated postgresql packages that fix several security issues are now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. PostgreSQL is an advanced Object-Relational database management system (DBMS). The postgresql packages include the client programs and libraries needed to access a PostgreSQL DBMS server. Will Drewry discovered multiple flaws in PostgreSQL last seen 2020-06-01 modified 2020-06-02 plugin id 67638 published 2013-07-12 reporter This script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/67638 title Oracle Linux 4 / 5 : postgresql (ELSA-2008-0038) NASL family VMware ESX Local Security Checks NASL id VMWARE_VMSA-2008-0009.NASL description a. VMware Tools Local Privilege Escalation on Windows-based guest OS The VMware Tools Package provides support required for shared folders (HGFS) and other features. An input validation error is present in the Windows-based VMware HGFS.sys driver. Exploitation of this flaw might result in arbitrary code execution on the guest system by an unprivileged guest user. It doesn last seen 2020-06-01 modified 2020-06-02 plugin id 40378 published 2009-07-27 reporter This script is Copyright (C) 2009-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/40378 title VMSA-2008-0009 : Updates to VMware Workstation, VMware Player, VMware ACE, VMware Fusion, VMware Server, VMware VIX API, VMware ESX, VMware ESXi resolve critical security issues NASL family SuSE Local Security Checks NASL id OPENSUSE-2016-271.NASL description This update for postgresql94 fixes the following issues : - Security and bugfix release 9.4.6 : - *** IMPORTANT *** Users of version 9.4 will need to reindex any jsonb_path_ops indexes they have created, in order to fix a persistent issue with missing index entries. - Fix infinite loops and buffer-overrun problems in regular expressions (CVE-2016-0773, bsc#966436). - Fix regular-expression compiler to handle loops of constraint arcs (CVE-2007-4772). - Prevent certain PL/Java parameters from being set by non-superusers (CVE-2016-0766, bsc#966435). - Fix many issues in pg_dump with specific object types - Prevent over-eager pushdown of HAVING clauses for GROUPING SETS - Fix deparsing error with ON CONFLICT ... WHERE clauses - Fix tableoid errors for postgres_fdw - Prevent floating-point exceptions in pgbench - Make \det search Foreign Table names consistently - Fix quoting of domain constraint names in pg_dump - Prevent putting expanded objects into Const nodes - Allow compile of PL/Java on Windows - Fix last seen 2020-06-05 modified 2016-02-26 plugin id 88980 published 2016-02-26 reporter This script is Copyright (C) 2016-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/88980 title openSUSE Security Update : postgresql94 (openSUSE-2016-271) NASL family SuSE Local Security Checks NASL id SUSE_POSTGRESQL-4955.NASL description This version update to 8.2.6 fixes among other things several security issues : - Index Functions Privilege Escalation: CVE-2007-6600 - Regular Expression Denial-of-Service: CVE-2007-4772, CVE-2007-6067, CVE-2007-4769 - DBLink Privilege Escalation: CVE-2007-6601 last seen 2020-06-01 modified 2020-06-02 plugin id 30251 published 2008-02-11 reporter This script is Copyright (C) 2008-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/30251 title openSUSE 10 Security Update : postgresql (postgresql-4955) NASL family SuSE Local Security Checks NASL id SUSE_SU-2016-0677-1.NASL description This update for postgresql94 fixes the following issues : - Security and bugfix release 9.4.6 : - *** IMPORTANT *** Users of version 9.4 will need to reindex any jsonb_path_ops indexes they have created, in order to fix a persistent issue with missing index entries. - Fix infinite loops and buffer-overrun problems in regular expressions (CVE-2016-0773, bsc#966436). - Fix regular-expression compiler to handle loops of constraint arcs (CVE-2007-4772). - Prevent certain PL/Java parameters from being set by non-superusers (CVE-2016-0766, bsc#966435). - Fix many issues in pg_dump with specific object types - Prevent over-eager pushdown of HAVING clauses for GROUPING SETS - Fix deparsing error with ON CONFLICT ... WHERE clauses - Fix tableoid errors for postgres_fdw - Prevent floating-point exceptions in pgbench - Make \det search Foreign Table names consistently - Fix quoting of domain constraint names in pg_dump - Prevent putting expanded objects into Const nodes - Allow compile of PL/Java on Windows - Fix last seen 2020-06-01 modified 2020-06-02 plugin id 89730 published 2016-03-08 reporter This script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/89730 title SUSE SLED11 / SLES11 Security Update : postgresql94 (SUSE-SU-2016:0677-1) NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2013-0122.NASL description Updated tcl packages that fix two security issues and one bug are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. Tcl (Tool Command Language) provides a powerful platform for creating integration applications that tie together diverse applications, protocols, devices, and frameworks. When paired with the Tk toolkit, Tcl provides a fast and powerful way to create cross-platform GUI applications. Two denial of service flaws were found in the Tcl regular expression handling engine. If Tcl or an application using Tcl processed a specially crafted regular expression, it would lead to excessive CPU and memory consumption. (CVE-2007-4772, CVE-2007-6067) This update also fixes the following bug : * Due to a suboptimal implementation of threading in the current version of the Tcl language interpreter, an attempt to use threads in combination with fork in a Tcl script could cause the script to stop responding. At the moment, it is not possible to rewrite the source code or drop support for threading entirely. Consequent to this, this update provides a version of Tcl without threading support in addition to the standard version with this support. Users who need to use fork in their Tcl scripts and do not require threading can now switch to the version without threading support by using the alternatives command. (BZ#478961) All users of Tcl are advised to upgrade to these updated packages, which contain backported patches to correct these issues. last seen 2020-06-01 modified 2020-06-02 plugin id 63405 published 2013-01-08 reporter This script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/63405 title RHEL 5 : tcl (RHSA-2013:0122) NASL family SuSE Local Security Checks NASL id SUSE_POSTGRESQL-4958.NASL description This version update to 8.1.11 fixes among other things several security issues : - Index Functions Privilege Escalation: CVE-2007-6600 - Regular Expression Denial-of-Service: CVE-2007-4772, CVE-2007-6067, CVE-2007-4769 - DBLink Privilege Escalation: CVE-2007-6601 last seen 2020-06-01 modified 2020-06-02 plugin id 30198 published 2008-02-06 reporter This script is Copyright (C) 2008-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/30198 title openSUSE 10 Security Update : postgresql (postgresql-4958) NASL family SuSE Local Security Checks NASL id OPENSUSE-2016-253.NASL description This update for postgresql93 fixes the following issues : - Security and bugfix release 9.3.11 : - Fix infinite loops and buffer-overrun problems in regular expressions (CVE-2016-0773, boo#966436). - Fix regular-expression compiler to handle loops of constraint arcs (CVE-2007-4772). - Prevent certain PL/Java parameters from being set by non-superusers (CVE-2016-0766, boo#966435). - Fix many issues in pg_dump with specific object types - Prevent over-eager pushdown of HAVING clauses for GROUPING SETS - Fix deparsing error with ON CONFLICT ... WHERE clauses - Fix tableoid errors for postgres_fdw - Prevent floating-point exceptions in pgbench - Make \det search Foreign Table names consistently - Fix quoting of domain constraint names in pg_dump - Prevent putting expanded objects into Const nodes - Allow compile of PL/Java on Windows - Fix last seen 2020-06-05 modified 2016-02-24 plugin id 88926 published 2016-02-24 reporter This script is Copyright (C) 2016-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/88926 title openSUSE Security Update : postgresql93 (openSUSE-2016-253) NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2008-0038.NASL description Updated postgresql packages that fix several security issues are now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. PostgreSQL is an advanced Object-Relational database management system (DBMS). The postgresql packages include the client programs and libraries needed to access a PostgreSQL DBMS server. Will Drewry discovered multiple flaws in PostgreSQL last seen 2020-06-01 modified 2020-06-02 plugin id 29955 published 2008-01-14 reporter This script is Copyright (C) 2008-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/29955 title RHEL 4 / 5 : postgresql (RHSA-2008:0038) NASL family Gentoo Local Security Checks NASL id GENTOO_GLSA-200801-15.NASL description The remote host is affected by the vulnerability described in GLSA-200801-15 (PostgreSQL: Multiple vulnerabilities) If using the last seen 2020-06-01 modified 2020-06-02 plugin id 30120 published 2008-01-29 reporter This script is Copyright (C) 2008-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/30120 title GLSA-200801-15 : PostgreSQL: Multiple vulnerabilities NASL family Mandriva Local Security Checks NASL id MANDRIVA_MDVSA-2008-059.NASL description A flaw in the Tcl regular expression handling engine was originally discovered by Will Drewry in the PostgreSQL database server last seen 2020-06-01 modified 2020-06-02 plugin id 36516 published 2009-04-23 reporter This script is Copyright (C) 2009-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/36516 title Mandriva Linux Security Advisory : tcl (MDVSA-2008:059) NASL family Fedora Local Security Checks NASL id FEDORA_2008-0552.NASL description - Mon Jan 7 2008 Tom Lane <tgl at redhat.com> 8.2.6-1 - Update to PostgreSQL 8.2.6 to fix CVE-2007-4769, CVE-2007-4772, CVE-2007-6067, CVE-2007-6600, CVE-2007-6601 - Make initscript and pam config files be installed unconditionally; seems new buildroots don last seen 2020-06-01 modified 2020-06-02 plugin id 29948 published 2008-01-14 reporter This script is Copyright (C) 2008-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/29948 title Fedora 7 : postgresql-8.2.6-1.fc7 (2008-0552) NASL family Scientific Linux Local Security Checks NASL id SL_20080111_POSTGRESQL_ON_SL3_X.NASL description Will Drewry discovered multiple flaws in PostgreSQL last seen 2020-06-01 modified 2020-06-02 plugin id 60343 published 2012-08-01 reporter This script is Copyright (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/60343 title Scientific Linux Security Update : postgresql on SL3.x, SL4.x, SL5.x i386/x86_64
Oval
accepted | 2013-04-29T04:14:44.715-04:00 | ||||||||||||||||||||||||||||||||
class | vulnerability | ||||||||||||||||||||||||||||||||
contributors |
| ||||||||||||||||||||||||||||||||
definition_extensions |
| ||||||||||||||||||||||||||||||||
description | The regular expression parser in TCL before 8.4.17, as used in PostgreSQL 8.2 before 8.2.6, 8.1 before 8.1.11, 8.0 before 8.0.15, and 7.4 before 7.4.19, allows context-dependent attackers to cause a denial of service (infinite loop) via a crafted regular expression. | ||||||||||||||||||||||||||||||||
family | unix | ||||||||||||||||||||||||||||||||
id | oval:org.mitre.oval:def:11569 | ||||||||||||||||||||||||||||||||
status | accepted | ||||||||||||||||||||||||||||||||
submitted | 2010-07-09T03:56:16-04:00 | ||||||||||||||||||||||||||||||||
title | The regular expression parser in TCL before 8.4.17, as used in PostgreSQL 8.2 before 8.2.6, 8.1 before 8.1.11, 8.0 before 8.0.15, and 7.4 before 7.4.19, allows context-dependent attackers to cause a denial of service (infinite loop) via a crafted regular expression. | ||||||||||||||||||||||||||||||||
version | 28 |
Redhat
advisories |
| ||||||||||||||||
rpms |
|
References
- http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01420154
- http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705
- http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00000.html
- http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00049.html
- http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00052.html
- http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00054.html
- http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00056.html
- http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00016.html
- http://rhn.redhat.com/errata/RHSA-2013-0122.html
- http://secunia.com/advisories/28359
- http://secunia.com/advisories/28376
- http://secunia.com/advisories/28437
- http://secunia.com/advisories/28438
- http://secunia.com/advisories/28454
- http://secunia.com/advisories/28455
- http://secunia.com/advisories/28464
- http://secunia.com/advisories/28477
- http://secunia.com/advisories/28479
- http://secunia.com/advisories/28679
- http://secunia.com/advisories/28698
- http://secunia.com/advisories/29070
- http://secunia.com/advisories/29248
- http://secunia.com/advisories/29638
- http://secunia.com/advisories/30535
- http://security.gentoo.org/glsa/glsa-200801-15.xml
- http://securitytracker.com/id?1019157
- http://sourceforge.net/project/shownotes.php?release_id=565440&group_id=10894
- http://sourceforge.net/tracker/index.php?func=detail&aid=1810264&group_id=10894&atid=110894
- http://sunsolve.sun.com/search/document.do?assetkey=1-26-103197-1
- http://sunsolve.sun.com/search/document.do?assetkey=1-66-200559-1
- http://www.debian.org/security/2008/dsa-1460
- http://www.debian.org/security/2008/dsa-1463
- http://www.mandriva.com/security/advisories?name=MDVSA-2008:004
- http://www.mandriva.com/security/advisories?name=MDVSA-2008:059
- http://www.postgresql.org/about/news.905
- http://www.redhat.com/support/errata/RHSA-2008-0038.html
- http://www.redhat.com/support/errata/RHSA-2008-0040.html
- http://www.redhat.com/support/errata/RHSA-2008-0134.html
- http://www.securityfocus.com/archive/1/485864/100/0/threaded
- http://www.securityfocus.com/archive/1/486407/100/0/threaded
- http://www.securityfocus.com/archive/1/493080/100/0/threaded
- http://www.securityfocus.com/bid/27163
- http://www.vmware.com/security/advisories/VMSA-2008-0009.html
- http://www.vupen.com/english/advisories/2008/0061
- http://www.vupen.com/english/advisories/2008/0109
- http://www.vupen.com/english/advisories/2008/1071/references
- http://www.vupen.com/english/advisories/2008/1744
- https://exchange.xforce.ibmcloud.com/vulnerabilities/39497
- https://issues.rpath.com/browse/RPL-1768
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11569
- https://usn.ubuntu.com/568-1/
- https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00397.html
- https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00469.html