Vulnerabilities > CVE-2007-4772 - Resource Management Errors vulnerability in multiple products

047910
CVSS 4.0 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
SINGLE
Confidentiality impact
NONE
Integrity impact
NONE
Availability impact
PARTIAL
network
low complexity
postgresql
tcl
debian
canonical
CWE-399
nessus

Summary

The regular expression parser in TCL before 8.4.17, as used in PostgreSQL 8.2 before 8.2.6, 8.1 before 8.1.11, 8.0 before 8.0.15, and 7.4 before 7.4.19, allows context-dependent attackers to cause a denial of service (infinite loop) via a crafted regular expression.

Vulnerable Configurations

Part Description Count
Application
Postgresql
53
Application
Tcl
57
OS
Debian
1
OS
Canonical
4

Common Weakness Enumeration (CWE)

Nessus

  • NASL familyCentOS Local Security Checks
    NASL idCENTOS_RHSA-2008-0134.NASL
    descriptionUpdated tcltk packages that fix a security issue are now available for Red Hat Enterprise Linux 2.1, and 3. This update has been rated as having moderate security impact by the Red Hat Security Response Team. Tcl is a scripting language designed for embedding into other applications and for use with Tk, a widget set. An input validation flaw was discovered in Tk
    last seen2020-06-01
    modified2020-06-02
    plugin id31139
    published2008-02-25
    reporterThis script is Copyright (C) 2008-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/31139
    titleCentOS 3 : tcltk (CESA-2008:0134)
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2008-0134.NASL
    descriptionUpdated tcltk packages that fix a security issue are now available for Red Hat Enterprise Linux 2.1, and 3. This update has been rated as having moderate security impact by the Red Hat Security Response Team. Tcl is a scripting language designed for embedding into other applications and for use with Tk, a widget set. An input validation flaw was discovered in Tk
    last seen2020-06-01
    modified2020-06-02
    plugin id31160
    published2008-02-25
    reporterThis script is Copyright (C) 2008-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/31160
    titleRHEL 2.1 / 3 : tcltk (RHSA-2008:0134)
  • NASL familyFreeBSD Local Security Checks
    NASL idFREEBSD_PKG_51436B4C125011DDBAB70016179B2DD5.NASL
    descriptionThe PostgreSQL developers report : PostgreSQL allows users to create indexes on the results of user-defined functions, known as
    last seen2020-06-01
    modified2020-06-02
    plugin id32063
    published2008-04-28
    reporterThis script is Copyright (C) 2008-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/32063
    titleFreeBSD : postgresql -- multiple vulnerabilities (51436b4c-1250-11dd-bab7-0016179b2dd5)
  • NASL familyMandriva Local Security Checks
    NASL idMANDRIVA_MDVSA-2008-004.NASL
    descriptionIndex Functions Privilege Escalation (CVE-2007-6600): as a unique feature, PostgreSQL allows users to create indexes on the results of user-defined functions, known as expression indexes. This provided two vulnerabilities to privilege escalation: (1) index functions were executed as the superuser and not the table owner during VACUUM and ANALYZE, and (2) that SET ROLE and SET SESSION AUTHORIZATION were permitted within index functions. Regular Expression Denial-of-Service (CVE-2007-4772, CVE-2007-6067, CVE-2007-4769): three separate issues in the regular expression libraries used by PostgreSQL allowed malicious users to initiate a denial-of-service by passing certain regular expressions in SQL queries. First, users could create infinite loops using some specific regular expressions. Second, certain complex regular expressions could consume excessive amounts of memory. Third, out-of-range backref numbers could be used to crash the backend. DBLink Privilege Escalation (CVE-2007-6601): DBLink functions combined with local trust or ident authentication could be used by a malicious user to gain superuser privileges. This issue has been fixed, and does not affect users who have not installed DBLink (an optional module), or who are using password authentication for local access. This same problem was addressed in the previous release cycle (see CVE-2007-3278), but that patch failed to close all forms of the loophole. Updated packages fix these issues by upgrading to the latest maintenance versions of PostgreSQL.
    last seen2020-06-01
    modified2020-06-02
    plugin id38083
    published2009-04-23
    reporterThis script is Copyright (C) 2009-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/38083
    titleMandriva Linux Security Advisory : postgresql (MDVSA-2008:004)
  • NASL familyDebian Local Security Checks
    NASL idDEBIAN_DSA-1460.NASL
    descriptionSeveral local vulnerabilities have been discovered in PostgreSQL, an object-relational SQL database. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2007-3278 It was discovered that the DBLink module performed insufficient credential validation. This issue is also tracked as CVE-2007-6601, since the initial upstream fix was incomplete. - CVE-2007-4769 Tavis Ormandy and Will Drewry discovered that a bug in the handling of back-references inside the regular expressions engine could lead to an out of bounds read, resulting in a crash. This constitutes only a security problem if an application using PostgreSQL processes regular expressions from untrusted sources. - CVE-2007-4772 Tavis Ormandy and Will Drewry discovered that the optimizer for regular expression could be tricked into an infinite loop, resulting in denial of service. This constitutes only a security problem if an application using PostgreSQL processes regular expressions from untrusted sources. - CVE-2007-6067 Tavis Ormandy and Will Drewry discovered that the optimizer for regular expression could be tricked massive resource consumption. This constitutes only a security problem if an application using PostgreSQL processes regular expressions from untrusted sources. - CVE-2007-6600 Functions in index expressions could lead to privilege escalation. For a more in depth explanation please see the upstream announce available at http://www.postgresql.org/about/news.905.
    last seen2020-06-01
    modified2020-06-02
    plugin id29937
    published2008-01-14
    reporterThis script is Copyright (C) 2008-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/29937
    titleDebian DSA-1460-1 : postgresql-8.1 - several vulnerabilities
  • NASL familySuSE Local Security Checks
    NASL idSUSE_SU-2016-0539-1.NASL
    descriptionThis update for postgresql93 fixes the following issues : - Security and bugfix release 9.3.11 : - Fix infinite loops and buffer-overrun problems in regular expressions (CVE-2016-0773, bsc#966436). - Fix regular-expression compiler to handle loops of constraint arcs (CVE-2007-4772). - Prevent certain PL/Java parameters from being set by non-superusers (CVE-2016-0766, bsc#966435). - Fix many issues in pg_dump with specific object types - Prevent over-eager pushdown of HAVING clauses for GROUPING SETS - Fix deparsing error with ON CONFLICT ... WHERE clauses - Fix tableoid errors for postgres_fdw - Prevent floating-point exceptions in pgbench - Make \det search Foreign Table names consistently - Fix quoting of domain constraint names in pg_dump - Prevent putting expanded objects into Const nodes - Allow compile of PL/Java on Windows - Fix
    last seen2020-06-01
    modified2020-06-02
    plugin id88891
    published2016-02-23
    reporterThis script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/88891
    titleSUSE SLED12 / SLES12 Security Update : postgresql93 (SUSE-SU-2016:0539-1)
  • NASL familyDebian Local Security Checks
    NASL idDEBIAN_DSA-1463.NASL
    descriptionSeveral local vulnerabilities have been discovered in PostgreSQL, an object-relational SQL database. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2007-3278 It was discovered that the DBLink module performed insufficient credential validation. This issue is also tracked as CVE-2007-6601, since the initial upstream fix was incomplete. - CVE-2007-4769 Tavis Ormandy and Will Drewry discovered that a bug in the handling of back-references inside the regular expressions engine could lead to an out of bounds read, resulting in a crash. This constitutes only a security problem if an application using PostgreSQL processes regular expressions from untrusted sources. - CVE-2007-4772 Tavis Ormandy and Will Drewry discovered that the optimizer for regular expression could be tricked into an infinite loop, resulting in denial of service. This constitutes only a security problem if an application using PostgreSQL processes regular expressions from untrusted sources. - CVE-2007-6067 Tavis Ormandy and Will Drewry discovered that the optimizer for regular expression could be tricked massive resource consumption. This constitutes only a security problem if an application using PostgreSQL processes regular expressions from untrusted sources. - CVE-2007-6600 Functions in index expressions could lead to privilege escalation. For a more in depth explanation please see the upstream announce available at http://www.postgresql.org/about/news.905.
    last seen2020-06-01
    modified2020-06-02
    plugin id29968
    published2008-01-15
    reporterThis script is Copyright (C) 2008-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/29968
    titleDebian DSA-1463-1 : postgresql-7.4 - several vulnerabilities
  • NASL familyUbuntu Local Security Checks
    NASL idUBUNTU_USN-568-1.NASL
    descriptionNico Leidecker discovered that PostgreSQL did not properly restrict dblink functions. An authenticated user could exploit this flaw to access arbitrary accounts and execute arbitrary SQL queries. (CVE-2007-3278, CVE-2007-6601) It was discovered that the TCL regular expression parser used by PostgreSQL did not properly check its input. An attacker could send crafted regular expressions to PostgreSQL and cause a denial of service via resource exhaustion or database crash. (CVE-2007-4769, CVE-2007-4772, CVE-2007-6067) It was discovered that PostgreSQL executed VACUUM and ANALYZE operations within index functions with superuser privileges and also allowed SET ROLE and SET SESSION AUTHORIZATION within index functions. A remote authenticated user could exploit these flaws to gain privileges. (CVE-2007-6600). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id29978
    published2008-01-15
    reporterUbuntu Security Notice (C) 2008-2019 Canonical, Inc. / NASL script (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/29978
    titleUbuntu 6.06 LTS / 6.10 / 7.04 / 7.10 : postgresql vulnerabilities (USN-568-1)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_SU-2016-0555-1.NASL
    descriptionThis update for postgresql94 fixes the following issues : - Security and bugfix release 9.4.6 : - *** IMPORTANT *** Users of version 9.4 will need to reindex any jsonb_path_ops indexes they have created, in order to fix a persistent issue with missing index entries. - Fix infinite loops and buffer-overrun problems in regular expressions (CVE-2016-0773, bsc#966436). - Fix regular-expression compiler to handle loops of constraint arcs (CVE-2007-4772). - Prevent certain PL/Java parameters from being set by non-superusers (CVE-2016-0766, bsc#966435). - Fix many issues in pg_dump with specific object types - Prevent over-eager pushdown of HAVING clauses for GROUPING SETS - Fix deparsing error with ON CONFLICT ... WHERE clauses - Fix tableoid errors for postgres_fdw - Prevent floating-point exceptions in pgbench - Make \det search Foreign Table names consistently - Fix quoting of domain constraint names in pg_dump - Prevent putting expanded objects into Const nodes - Allow compile of PL/Java on Windows - Fix
    last seen2020-06-01
    modified2020-06-02
    plugin id88948
    published2016-02-25
    reporterThis script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/88948
    titleSUSE SLED12 / SLES12 Security Update : postgresql94 (SUSE-SU-2016:0555-1)
  • NASL familyScientific Linux Local Security Checks
    NASL idSL_20130108_TCL_ON_SL5_X.NASL
    descriptionTwo denial of service flaws were found in the Tcl regular expression handling engine. If Tcl or an application using Tcl processed a specially crafted regular expression, it would lead to excessive CPU and memory consumption. (CVE-2007-4772, CVE-2007-6067) This update also fixes the following bug : - Due to a suboptimal implementation of threading in the current version of the Tcl language interpreter, an attempt to use threads in combination with fork in a Tcl script could cause the script to stop responding. At the moment, it is not possible to rewrite the source code or drop support for threading entirely. Consequent to this, this update provides a version of Tcl without threading support in addition to the standard version with this support. Users who need to use fork in their Tcl scripts and do not require threading can now switch to the version without threading support by using the alternatives command.
    last seen2020-03-18
    modified2013-01-17
    plugin id63605
    published2013-01-17
    reporterThis script is Copyright (C) 2013-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/63605
    titleScientific Linux Security Update : tcl on SL5.x i386/x86_64 (20130108)
  • NASL familyOracle Linux Local Security Checks
    NASL idORACLELINUX_ELSA-2008-0134.NASL
    descriptionFrom Red Hat Security Advisory 2008:0134 : Updated tcltk packages that fix a security issue are now available for Red Hat Enterprise Linux 2.1, and 3. This update has been rated as having moderate security impact by the Red Hat Security Response Team. Tcl is a scripting language designed for embedding into other applications and for use with Tk, a widget set. An input validation flaw was discovered in Tk
    last seen2020-06-01
    modified2020-06-02
    plugin id67653
    published2013-07-12
    reporterThis script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/67653
    titleOracle Linux 3 : tcltk (ELSA-2008-0134)
  • NASL familyCentOS Local Security Checks
    NASL idCENTOS_RHSA-2013-0122.NASL
    descriptionUpdated tcl packages that fix two security issues and one bug are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. Tcl (Tool Command Language) provides a powerful platform for creating integration applications that tie together diverse applications, protocols, devices, and frameworks. When paired with the Tk toolkit, Tcl provides a fast and powerful way to create cross-platform GUI applications. Two denial of service flaws were found in the Tcl regular expression handling engine. If Tcl or an application using Tcl processed a specially crafted regular expression, it would lead to excessive CPU and memory consumption. (CVE-2007-4772, CVE-2007-6067) This update also fixes the following bug : * Due to a suboptimal implementation of threading in the current version of the Tcl language interpreter, an attempt to use threads in combination with fork in a Tcl script could cause the script to stop responding. At the moment, it is not possible to rewrite the source code or drop support for threading entirely. Consequent to this, this update provides a version of Tcl without threading support in addition to the standard version with this support. Users who need to use fork in their Tcl scripts and do not require threading can now switch to the version without threading support by using the alternatives command. (BZ#478961) All users of Tcl are advised to upgrade to these updated packages, which contain backported patches to correct these issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id63567
    published2013-01-17
    reporterThis script is Copyright (C) 2013-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/63567
    titleCentOS 5 : tcl (CESA-2013:0122)
  • NASL familyOracle Linux Local Security Checks
    NASL idORACLELINUX_ELSA-2013-0122.NASL
    descriptionFrom Red Hat Security Advisory 2013:0122 : Updated tcl packages that fix two security issues and one bug are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. Tcl (Tool Command Language) provides a powerful platform for creating integration applications that tie together diverse applications, protocols, devices, and frameworks. When paired with the Tk toolkit, Tcl provides a fast and powerful way to create cross-platform GUI applications. Two denial of service flaws were found in the Tcl regular expression handling engine. If Tcl or an application using Tcl processed a specially crafted regular expression, it would lead to excessive CPU and memory consumption. (CVE-2007-4772, CVE-2007-6067) This update also fixes the following bug : * Due to a suboptimal implementation of threading in the current version of the Tcl language interpreter, an attempt to use threads in combination with fork in a Tcl script could cause the script to stop responding. At the moment, it is not possible to rewrite the source code or drop support for threading entirely. Consequent to this, this update provides a version of Tcl without threading support in addition to the standard version with this support. Users who need to use fork in their Tcl scripts and do not require threading can now switch to the version without threading support by using the alternatives command. (BZ#478961) All users of Tcl are advised to upgrade to these updated packages, which contain backported patches to correct these issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id68693
    published2013-07-12
    reporterThis script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/68693
    titleOracle Linux 5 : tcl (ELSA-2013-0122)
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2008-0478.NASL
    description - Mon Jan 7 2008 Tom Lane <tgl at redhat.com> 8.2.6-1 - Update to PostgreSQL 8.2.6 to fix CVE-2007-4769, CVE-2007-4772, CVE-2007-6067, CVE-2007-6600, CVE-2007-6601 - Make initscript and pam config files be installed unconditionally; seems new buildroots don
    last seen2020-06-01
    modified2020-06-02
    plugin id29944
    published2008-01-14
    reporterThis script is Copyright (C) 2008-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/29944
    titleFedora 8 : postgresql-8.2.6-1.fc8 (2008-0478)
  • NASL familyCentOS Local Security Checks
    NASL idCENTOS_RHSA-2008-0038.NASL
    descriptionUpdated postgresql packages that fix several security issues are now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. PostgreSQL is an advanced Object-Relational database management system (DBMS). The postgresql packages include the client programs and libraries needed to access a PostgreSQL DBMS server. Will Drewry discovered multiple flaws in PostgreSQL
    last seen2020-06-01
    modified2020-06-02
    plugin id29933
    published2008-01-14
    reporterThis script is Copyright (C) 2008-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/29933
    titleCentOS 4 / 5 : postgresql (CESA-2008:0038)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_POSTGRESQL-4962.NASL
    descriptionThis version update to 7.4.19 fixes among other things several security issues : - Index Functions Privilege Escalation: CVE-2007-6600 - Regular Expression Denial-of-Service: CVE-2007-4772 / CVE-2007-6067 / CVE-2007-4769 - DBLink Privilege Escalation: CVE-2007-6601
    last seen2020-06-01
    modified2020-06-02
    plugin id30199
    published2008-02-06
    reporterThis script is Copyright (C) 2008-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/30199
    titleSuSE 10 Security Update : PostgreSQL (ZYPP Patch Number 4962)
  • NASL familyScientific Linux Local Security Checks
    NASL idSL_20080221_TCLTK_ON_SL3_X.NASL
    descriptionAn input validation flaw was discovered in Tk
    last seen2020-06-01
    modified2020-06-02
    plugin id60362
    published2012-08-01
    reporterThis script is Copyright (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/60362
    titleScientific Linux Security Update : tcltk on SL3.x i386/x86_64
  • NASL familySuSE Local Security Checks
    NASL idSUSE9_12065.NASL
    descriptionThis version update to 8.1.11 fixes among other things, several security issues : - Index Functions Privilege Escalation: CVE-2007-6600 - Regular Expression Denial-of-Service: CVE-2007-4772, CVE-2007-6067, CVE-2007-4769 - DBLink Privilege Escalation: CVE-2007-6601
    last seen2020-06-01
    modified2020-06-02
    plugin id41193
    published2009-09-24
    reporterThis script is Copyright (C) 2009-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/41193
    titleSuSE9 Security Update : postgresql (YOU Patch Number 12065)
  • NASL familyOracle Linux Local Security Checks
    NASL idORACLELINUX_ELSA-2008-0038.NASL
    descriptionFrom Red Hat Security Advisory 2008:0038 : Updated postgresql packages that fix several security issues are now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. PostgreSQL is an advanced Object-Relational database management system (DBMS). The postgresql packages include the client programs and libraries needed to access a PostgreSQL DBMS server. Will Drewry discovered multiple flaws in PostgreSQL
    last seen2020-06-01
    modified2020-06-02
    plugin id67638
    published2013-07-12
    reporterThis script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/67638
    titleOracle Linux 4 / 5 : postgresql (ELSA-2008-0038)
  • NASL familyVMware ESX Local Security Checks
    NASL idVMWARE_VMSA-2008-0009.NASL
    descriptiona. VMware Tools Local Privilege Escalation on Windows-based guest OS The VMware Tools Package provides support required for shared folders (HGFS) and other features. An input validation error is present in the Windows-based VMware HGFS.sys driver. Exploitation of this flaw might result in arbitrary code execution on the guest system by an unprivileged guest user. It doesn
    last seen2020-06-01
    modified2020-06-02
    plugin id40378
    published2009-07-27
    reporterThis script is Copyright (C) 2009-2018 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/40378
    titleVMSA-2008-0009 : Updates to VMware Workstation, VMware Player, VMware ACE, VMware Fusion, VMware Server, VMware VIX API, VMware ESX, VMware ESXi resolve critical security issues
  • NASL familySuSE Local Security Checks
    NASL idOPENSUSE-2016-271.NASL
    descriptionThis update for postgresql94 fixes the following issues : - Security and bugfix release 9.4.6 : - *** IMPORTANT *** Users of version 9.4 will need to reindex any jsonb_path_ops indexes they have created, in order to fix a persistent issue with missing index entries. - Fix infinite loops and buffer-overrun problems in regular expressions (CVE-2016-0773, bsc#966436). - Fix regular-expression compiler to handle loops of constraint arcs (CVE-2007-4772). - Prevent certain PL/Java parameters from being set by non-superusers (CVE-2016-0766, bsc#966435). - Fix many issues in pg_dump with specific object types - Prevent over-eager pushdown of HAVING clauses for GROUPING SETS - Fix deparsing error with ON CONFLICT ... WHERE clauses - Fix tableoid errors for postgres_fdw - Prevent floating-point exceptions in pgbench - Make \det search Foreign Table names consistently - Fix quoting of domain constraint names in pg_dump - Prevent putting expanded objects into Const nodes - Allow compile of PL/Java on Windows - Fix
    last seen2020-06-05
    modified2016-02-26
    plugin id88980
    published2016-02-26
    reporterThis script is Copyright (C) 2016-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/88980
    titleopenSUSE Security Update : postgresql94 (openSUSE-2016-271)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_POSTGRESQL-4955.NASL
    descriptionThis version update to 8.2.6 fixes among other things several security issues : - Index Functions Privilege Escalation: CVE-2007-6600 - Regular Expression Denial-of-Service: CVE-2007-4772, CVE-2007-6067, CVE-2007-4769 - DBLink Privilege Escalation: CVE-2007-6601
    last seen2020-06-01
    modified2020-06-02
    plugin id30251
    published2008-02-11
    reporterThis script is Copyright (C) 2008-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/30251
    titleopenSUSE 10 Security Update : postgresql (postgresql-4955)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_SU-2016-0677-1.NASL
    descriptionThis update for postgresql94 fixes the following issues : - Security and bugfix release 9.4.6 : - *** IMPORTANT *** Users of version 9.4 will need to reindex any jsonb_path_ops indexes they have created, in order to fix a persistent issue with missing index entries. - Fix infinite loops and buffer-overrun problems in regular expressions (CVE-2016-0773, bsc#966436). - Fix regular-expression compiler to handle loops of constraint arcs (CVE-2007-4772). - Prevent certain PL/Java parameters from being set by non-superusers (CVE-2016-0766, bsc#966435). - Fix many issues in pg_dump with specific object types - Prevent over-eager pushdown of HAVING clauses for GROUPING SETS - Fix deparsing error with ON CONFLICT ... WHERE clauses - Fix tableoid errors for postgres_fdw - Prevent floating-point exceptions in pgbench - Make \det search Foreign Table names consistently - Fix quoting of domain constraint names in pg_dump - Prevent putting expanded objects into Const nodes - Allow compile of PL/Java on Windows - Fix
    last seen2020-06-01
    modified2020-06-02
    plugin id89730
    published2016-03-08
    reporterThis script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/89730
    titleSUSE SLED11 / SLES11 Security Update : postgresql94 (SUSE-SU-2016:0677-1)
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2013-0122.NASL
    descriptionUpdated tcl packages that fix two security issues and one bug are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. Tcl (Tool Command Language) provides a powerful platform for creating integration applications that tie together diverse applications, protocols, devices, and frameworks. When paired with the Tk toolkit, Tcl provides a fast and powerful way to create cross-platform GUI applications. Two denial of service flaws were found in the Tcl regular expression handling engine. If Tcl or an application using Tcl processed a specially crafted regular expression, it would lead to excessive CPU and memory consumption. (CVE-2007-4772, CVE-2007-6067) This update also fixes the following bug : * Due to a suboptimal implementation of threading in the current version of the Tcl language interpreter, an attempt to use threads in combination with fork in a Tcl script could cause the script to stop responding. At the moment, it is not possible to rewrite the source code or drop support for threading entirely. Consequent to this, this update provides a version of Tcl without threading support in addition to the standard version with this support. Users who need to use fork in their Tcl scripts and do not require threading can now switch to the version without threading support by using the alternatives command. (BZ#478961) All users of Tcl are advised to upgrade to these updated packages, which contain backported patches to correct these issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id63405
    published2013-01-08
    reporterThis script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/63405
    titleRHEL 5 : tcl (RHSA-2013:0122)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_POSTGRESQL-4958.NASL
    descriptionThis version update to 8.1.11 fixes among other things several security issues : - Index Functions Privilege Escalation: CVE-2007-6600 - Regular Expression Denial-of-Service: CVE-2007-4772, CVE-2007-6067, CVE-2007-4769 - DBLink Privilege Escalation: CVE-2007-6601
    last seen2020-06-01
    modified2020-06-02
    plugin id30198
    published2008-02-06
    reporterThis script is Copyright (C) 2008-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/30198
    titleopenSUSE 10 Security Update : postgresql (postgresql-4958)
  • NASL familySuSE Local Security Checks
    NASL idOPENSUSE-2016-253.NASL
    descriptionThis update for postgresql93 fixes the following issues : - Security and bugfix release 9.3.11 : - Fix infinite loops and buffer-overrun problems in regular expressions (CVE-2016-0773, boo#966436). - Fix regular-expression compiler to handle loops of constraint arcs (CVE-2007-4772). - Prevent certain PL/Java parameters from being set by non-superusers (CVE-2016-0766, boo#966435). - Fix many issues in pg_dump with specific object types - Prevent over-eager pushdown of HAVING clauses for GROUPING SETS - Fix deparsing error with ON CONFLICT ... WHERE clauses - Fix tableoid errors for postgres_fdw - Prevent floating-point exceptions in pgbench - Make \det search Foreign Table names consistently - Fix quoting of domain constraint names in pg_dump - Prevent putting expanded objects into Const nodes - Allow compile of PL/Java on Windows - Fix
    last seen2020-06-05
    modified2016-02-24
    plugin id88926
    published2016-02-24
    reporterThis script is Copyright (C) 2016-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/88926
    titleopenSUSE Security Update : postgresql93 (openSUSE-2016-253)
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2008-0038.NASL
    descriptionUpdated postgresql packages that fix several security issues are now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. PostgreSQL is an advanced Object-Relational database management system (DBMS). The postgresql packages include the client programs and libraries needed to access a PostgreSQL DBMS server. Will Drewry discovered multiple flaws in PostgreSQL
    last seen2020-06-01
    modified2020-06-02
    plugin id29955
    published2008-01-14
    reporterThis script is Copyright (C) 2008-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/29955
    titleRHEL 4 / 5 : postgresql (RHSA-2008:0038)
  • NASL familyGentoo Local Security Checks
    NASL idGENTOO_GLSA-200801-15.NASL
    descriptionThe remote host is affected by the vulnerability described in GLSA-200801-15 (PostgreSQL: Multiple vulnerabilities) If using the
    last seen2020-06-01
    modified2020-06-02
    plugin id30120
    published2008-01-29
    reporterThis script is Copyright (C) 2008-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/30120
    titleGLSA-200801-15 : PostgreSQL: Multiple vulnerabilities
  • NASL familyMandriva Local Security Checks
    NASL idMANDRIVA_MDVSA-2008-059.NASL
    descriptionA flaw in the Tcl regular expression handling engine was originally discovered by Will Drewry in the PostgreSQL database server
    last seen2020-06-01
    modified2020-06-02
    plugin id36516
    published2009-04-23
    reporterThis script is Copyright (C) 2009-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/36516
    titleMandriva Linux Security Advisory : tcl (MDVSA-2008:059)
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2008-0552.NASL
    description - Mon Jan 7 2008 Tom Lane <tgl at redhat.com> 8.2.6-1 - Update to PostgreSQL 8.2.6 to fix CVE-2007-4769, CVE-2007-4772, CVE-2007-6067, CVE-2007-6600, CVE-2007-6601 - Make initscript and pam config files be installed unconditionally; seems new buildroots don
    last seen2020-06-01
    modified2020-06-02
    plugin id29948
    published2008-01-14
    reporterThis script is Copyright (C) 2008-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/29948
    titleFedora 7 : postgresql-8.2.6-1.fc7 (2008-0552)
  • NASL familyScientific Linux Local Security Checks
    NASL idSL_20080111_POSTGRESQL_ON_SL3_X.NASL
    descriptionWill Drewry discovered multiple flaws in PostgreSQL
    last seen2020-06-01
    modified2020-06-02
    plugin id60343
    published2012-08-01
    reporterThis script is Copyright (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/60343
    titleScientific Linux Security Update : postgresql on SL3.x, SL4.x, SL5.x i386/x86_64

Oval

accepted2013-04-29T04:14:44.715-04:00
classvulnerability
contributors
  • nameAharon Chernin
    organizationSCAP.com, LLC
  • nameDragos Prisaca
    organizationG2, Inc.
definition_extensions
  • commentThe operating system installed on the system is Red Hat Enterprise Linux 3
    ovaloval:org.mitre.oval:def:11782
  • commentCentOS Linux 3.x
    ovaloval:org.mitre.oval:def:16651
  • commentThe operating system installed on the system is Red Hat Enterprise Linux 4
    ovaloval:org.mitre.oval:def:11831
  • commentCentOS Linux 4.x
    ovaloval:org.mitre.oval:def:16636
  • commentOracle Linux 4.x
    ovaloval:org.mitre.oval:def:15990
  • commentThe operating system installed on the system is Red Hat Enterprise Linux 5
    ovaloval:org.mitre.oval:def:11414
  • commentThe operating system installed on the system is CentOS Linux 5.x
    ovaloval:org.mitre.oval:def:15802
  • commentOracle Linux 5.x
    ovaloval:org.mitre.oval:def:15459
descriptionThe regular expression parser in TCL before 8.4.17, as used in PostgreSQL 8.2 before 8.2.6, 8.1 before 8.1.11, 8.0 before 8.0.15, and 7.4 before 7.4.19, allows context-dependent attackers to cause a denial of service (infinite loop) via a crafted regular expression.
familyunix
idoval:org.mitre.oval:def:11569
statusaccepted
submitted2010-07-09T03:56:16-04:00
titleThe regular expression parser in TCL before 8.4.17, as used in PostgreSQL 8.2 before 8.2.6, 8.1 before 8.1.11, 8.0 before 8.0.15, and 7.4 before 7.4.19, allows context-dependent attackers to cause a denial of service (infinite loop) via a crafted regular expression.
version28

Redhat

advisories
  • rhsa
    idRHSA-2008:0038
  • rhsa
    idRHSA-2008:0040
  • rhsa
    idRHSA-2008:0134
  • rhsa
    idRHSA-2013:0122
rpms
  • postgresql-0:7.4.19-1.el4_6.1
  • postgresql-0:8.1.11-1.el5_1.1
  • postgresql-contrib-0:7.4.19-1.el4_6.1
  • postgresql-contrib-0:8.1.11-1.el5_1.1
  • postgresql-debuginfo-0:7.4.19-1.el4_6.1
  • postgresql-debuginfo-0:8.1.11-1.el5_1.1
  • postgresql-devel-0:7.4.19-1.el4_6.1
  • postgresql-devel-0:8.1.11-1.el5_1.1
  • postgresql-docs-0:7.4.19-1.el4_6.1
  • postgresql-docs-0:8.1.11-1.el5_1.1
  • postgresql-jdbc-0:7.4.19-1.el4_6.1
  • postgresql-libs-0:7.4.19-1.el4_6.1
  • postgresql-libs-0:8.1.11-1.el5_1.1
  • postgresql-pl-0:7.4.19-1.el4_6.1
  • postgresql-pl-0:8.1.11-1.el5_1.1
  • postgresql-python-0:7.4.19-1.el4_6.1
  • postgresql-python-0:8.1.11-1.el5_1.1
  • postgresql-server-0:7.4.19-1.el4_6.1
  • postgresql-server-0:8.1.11-1.el5_1.1
  • postgresql-tcl-0:7.4.19-1.el4_6.1
  • postgresql-tcl-0:8.1.11-1.el5_1.1
  • postgresql-test-0:7.4.19-1.el4_6.1
  • postgresql-test-0:8.1.11-1.el5_1.1
  • postgresql-0:8.1.11-1.el4s1.1
  • postgresql-0:8.2.6-1.el5s2
  • postgresql-contrib-0:8.1.11-1.el4s1.1
  • postgresql-contrib-0:8.2.6-1.el5s2
  • postgresql-debuginfo-0:8.1.11-1.el4s1.1
  • postgresql-debuginfo-0:8.2.6-1.el5s2
  • postgresql-devel-0:8.1.11-1.el4s1.1
  • postgresql-devel-0:8.2.6-1.el5s2
  • postgresql-docs-0:8.1.11-1.el4s1.1
  • postgresql-docs-0:8.2.6-1.el5s2
  • postgresql-libs-0:8.1.11-1.el4s1.1
  • postgresql-libs-0:8.2.6-1.el5s2
  • postgresql-pl-0:8.1.11-1.el4s1.1
  • postgresql-plperl-0:8.2.6-1.el5s2
  • postgresql-plpython-0:8.2.6-1.el5s2
  • postgresql-pltcl-0:8.2.6-1.el5s2
  • postgresql-python-0:8.1.11-1.el4s1.1
  • postgresql-python-0:8.2.6-1.el5s2
  • postgresql-server-0:8.1.11-1.el4s1.1
  • postgresql-server-0:8.2.6-1.el5s2
  • postgresql-tcl-0:8.1.11-1.el4s1.1
  • postgresql-tcl-0:8.2.6-1.el5s2
  • postgresql-test-0:8.1.11-1.el4s1.1
  • postgresql-test-0:8.2.6-1.el5s2
  • expect-0:5.38.0-75
  • expect-0:5.38.0-92.8
  • expect-devel-0:5.38.0-92.8
  • itcl-0:3.2-75
  • itcl-0:3.2-92.8
  • tcl-0:8.3.3-75
  • tcl-0:8.3.5-92.8
  • tcl-devel-0:8.3.5-92.8
  • tcllib-0:1.0-75
  • tcltk-debuginfo-0:8.3.5-92.8
  • tclx-0:8.3-75
  • tclx-0:8.3-92.8
  • tix-0:8.2.0b1-75
  • tix-1:8.1.4-92.8
  • tk-0:8.3.3-75
  • tk-0:8.3.5-92.8
  • tk-devel-0:8.3.5-92.8
  • tcl-0:8.4.13-6.el5
  • tcl-debuginfo-0:8.4.13-6.el5
  • tcl-devel-0:8.4.13-6.el5
  • tcl-html-0:8.4.13-6.el5

References