7.2
CVE-2007-6601
- EPSS 1.57%
- Veröffentlicht 09.01.2008 21:46:00
- Zuletzt bearbeitet 16.06.2026 22:48:24
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
The DBLink module in PostgreSQL 8.2 before 8.2.6, 8.1 before 8.1.11, 8.0 before 8.0.15, 7.4 before 7.4.19, and 7.3 before 7.3.21, when local trust or ident authentication is used, allows remote attackers to gain privileges via unspecified vectors. NOTE: this issue exists because of an incomplete fix for CVE-2007-3278.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Postgresql ≫ Postgresql Version >= 7.3.0 < 7.3.21
Postgresql ≫ Postgresql Version >= 7.4.0 < 7.4.19
Postgresql ≫ Postgresql Version >= 8.0.0 < 8.0.15
Postgresql ≫ Postgresql Version >= 8.1.0 < 8.1.11
Postgresql ≫ Postgresql Version >= 8.2.0 < 8.2.6
Postgresql ≫ Postgresql Version8.2
Debian ≫ Debian Linux Version3.1
Debian ≫ Debian Linux Version4.0
Fedoraproject ≫ Fedora Version7
Fedoraproject ≫ Fedora Version8
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 1.57% | 0.722 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.2 | 3.9 | 10 |
AV:L/AC:L/Au:N/C:C/I:C/A:C
|
CWE-287 Improper Authentication
When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01420154
http://secunia.com/advisories/28376
http://secunia.com/advisories/28437
http://secunia.com/advisories/28438
http://secunia.com/advisories/28445
http://secunia.com/advisories/28454
http://secunia.com/advisories/28477
http://secunia.com/advisories/28479
http://secunia.com/advisories/28679
http://secunia.com/advisories/29638
http://security.gentoo.org/glsa/glsa-200801-15.xml
http://sunsolve.sun.com/search/document.do?assetkey=1-26-103197-1
http://sunsolve.sun.com/search/document.do?assetkey=1-66-200559-1
http://www.debian.org/security/2008/dsa-1460
http://www.debian.org/security/2008/dsa-1463
http://www.redhat.com/support/errata/RHSA-2008-0038.html
http://www.redhat.com/support/errata/RHSA-2008-0039.html
http://www.redhat.com/support/errata/RHSA-2008-0040.html
http://www.vupen.com/english/advisories/2008/0109
http://www.vupen.com/english/advisories/2008/1071/references
https://usn.ubuntu.com/568-1/
http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00000.html
http://secunia.com/advisories/28359
http://secunia.com/advisories/28455
http://secunia.com/advisories/28464
http://secunia.com/advisories/28698
http://securitytracker.com/id?1019157
http://www.mandriva.com/security/advisories?name=MDVSA-2008:004
http://www.postgresql.org/about/news.905
http://www.securityfocus.com/archive/1/485864/100/0/threaded
http://www.securityfocus.com/archive/1/486407/100/0/threaded
http://www.securityfocus.com/bid/27163
http://www.vupen.com/english/advisories/2008/0061
https://issues.rpath.com/browse/RPL-1768
https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00397.html
https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00469.html
https://exchange.xforce.ibmcloud.com/vulnerabilities/39500
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11127