Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-0227

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2005-0227
Last Modified 21 Aug 2010 12:25:41
Published 02 May 2005 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector LOCAL
Access Complexity LOW
Authentication SINGLE_INSTANCE

CVE-2005-0227

Summary

PostgreSQL (pgsql) 7.4.x, 7.2.x, and other versions allows local users to load arbitrary shared libraries and execute code via the LOAD extension.

Vulnerable Systems

Application

  • Postgresql 7.2.1

  • Postgresql 7.2.2

  • Postgresql 7.2.3

  • Postgresql 7.2.4

  • Postgresql 7.2.5

  • Postgresql 7.2.6

  • Postgresql 7.2.7

  • Postgresql 7.4.1

  • Postgresql 7.4.2

  • Postgresql 7.4.3

  • Postgresql 7.4.4

  • Postgresql 7.4.5

  • Postgresql 7.4.6

  • Postgresql 7.4.7


References

TRUSTIX - 2005-0003

REDHAT - RHSA-2005:150

REDHAT - RHSA-2005:138

DEBIAN - DSA-668

GENTOO - 200502-08

SECUNIA - 12948

BUGTRAQ - 20050201 [USN-71-1] PostgreSQL vulnerability

MLIST - [pgsql-announce] 20050201 PostgreSQL Security Release

BID - 12411

SUSE - SUSE-SA:2005:036

MANDRAKE - MDKSA-2005:040

MLIST - [pgsql-bugs] 20050121 Privilege escalation via LOAD


Last Updated: 27 May 2016 10:39:43