Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-0678

Overview

Vulnerability Score 1.5 1.5
CVE Id CVE-2006-0678
Last Modified 07 Mar 2011 09:30:35
Published 14 Feb 2006 02:06:00
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact PARTIAL PARTIAL
Access Vector LOCAL
Access Complexity MEDIUM
Authentication SINGLE_INSTANCE

CVE-2006-0678

Summary

PostgreSQL 7.3.x before 7.3.14, 7.4.x before 7.4.12, 8.0.x before 8.0.7, and 8.1.x before 8.1.3, when compiled with Asserts enabled, allows local users to cause a denial of service (server crash) via a crafted SET SESSION AUTHORIZATION command, a different vulnerability than CVE-2006-0553.

Vulnerable Systems

Application

  • Postgresql 7.3

  • Postgresql 7.3.1

  • Postgresql 7.3.10

  • Postgresql 7.3.11

  • Postgresql 7.3.12

  • Postgresql 7.3.13

  • Postgresql 7.3.2

  • Postgresql 7.3.3

  • Postgresql 7.3.4

  • Postgresql 7.3.5

  • Postgresql 7.3.6

  • Postgresql 7.3.7

  • Postgresql 7.3.8

  • Postgresql 7.3.9

  • Postgresql 7.4

  • Postgresql 7.4.1

  • Postgresql 7.4.10

  • Postgresql 7.4.11

  • Postgresql 7.4.2

  • Postgresql 7.4.3

  • Postgresql 7.4.4

  • Postgresql 7.4.5

  • Postgresql 7.4.6

  • Postgresql 7.4.7

  • Postgresql 7.4.8

  • Postgresql 7.4.9

  • Postgresql 8.0

  • Postgresql 8.0.1

  • Postgresql 8.0.2

  • Postgresql 8.0.3

  • Postgresql 8.0.4

  • Postgresql 8.0.5

  • Postgresql 8.0.6

  • Postgresql 8.1

  • Postgresql 8.1.1

  • Postgresql 8.1.2


References

SECUNIA - 18890

XF - postgresql-setsessionauth-dos(24719)

VUPEN - ADV-2006-0605

UBUNTU - USN-258-1

TRUSTIX - 2006-0008

BID - 16650

SECTRACK - 1015636

CONFIRM - http://www.postgresql.org/docs/8.1/static/release.html#RELEASE-8-1-3

OPENPKG - OpenPKG-SA-2006.004

SREASON - 498

SECUNIA - 19035

SECUNIA - 19015


Last Updated: 27 May 2016 10:41:45