Vulnerability Scanning Solutions, LLC.
Home
Our Process
Residential
Corporate
What We Scan For
Sample Report
Client List
Terms
Contact Us
What We Scan For
Family: Gentoo Local Security Checks --> Category: infos

[GLSA-200502-19] PostgreSQL: Buffer overflows in PL/PgSQL parser Vulnerability Scan


Vulnerability Scan Summary
PostgreSQL: Buffer overflows in PL/PgSQL parser

Detailed Explanation for this Vulnerability Test
The remote host is affected by the vulnerability described in GLSA-200502-19
(PostgreSQL: Buffer overflows in PL/PgSQL parser)


PostgreSQL is vulnerable to several buffer overflows in the
PL/PgSQL parser.

Impact

A remote attacker could send a malicious query resulting in the
execution of arbitrary code with the permissions of the user running
PostgreSQL.

Workaround

There is no known workaround at this time.

References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0247


Solution:
All PostgreSQL users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=dev-db/postgresql-7.4.7-r1"


Threat Level: High


Click HERE for more information and discussions on this network vulnerability scan.

VSS, LLC.

P.O. Box 827051

Pembroke Pines, FL 33082-7051

Vulnerability Scanning Solutions, LLC.