7.2

CVE-2007-6601

The DBLink module in PostgreSQL 8.2 before 8.2.6, 8.1 before 8.1.11, 8.0 before 8.0.15, 7.4 before 7.4.19, and 7.3 before 7.3.21, when local trust or ident authentication is used, allows remote attackers to gain privileges via unspecified vectors.  NOTE: this issue exists because of an incomplete fix for CVE-2007-3278.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
PostgresqlPostgresql Version >= 7.3.0 < 7.3.21
PostgresqlPostgresql Version >= 7.4.0 < 7.4.19
PostgresqlPostgresql Version >= 8.0.0 < 8.0.15
PostgresqlPostgresql Version >= 8.1.0 < 8.1.11
PostgresqlPostgresql Version >= 8.2.0 < 8.2.6
PostgresqlPostgresql Version8.2
DebianDebian Linux Version3.1
DebianDebian Linux Version4.0
FedoraprojectFedora Version7
FedoraprojectFedora Version8
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 1.57% 0.722
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.2 3.9 10
AV:L/AC:L/Au:N/C:C/I:C/A:C
CWE-287 Improper Authentication

When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.

http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01420154
Broken Link
http://secunia.com/advisories/28376
Not Applicable
http://secunia.com/advisories/28437
Not Applicable
http://secunia.com/advisories/28438
Not Applicable
http://secunia.com/advisories/28445
Not Applicable
http://secunia.com/advisories/28454
Not Applicable
http://secunia.com/advisories/28477
Not Applicable
http://secunia.com/advisories/28479
Not Applicable
http://secunia.com/advisories/28679
Not Applicable
http://secunia.com/advisories/29638
Not Applicable
http://security.gentoo.org/glsa/glsa-200801-15.xml
Third Party Advisory
http://sunsolve.sun.com/search/document.do?assetkey=1-26-103197-1
Broken Link
http://sunsolve.sun.com/search/document.do?assetkey=1-66-200559-1
Broken Link
http://www.debian.org/security/2008/dsa-1460
Third Party Advisory
http://www.debian.org/security/2008/dsa-1463
Third Party Advisory
http://www.redhat.com/support/errata/RHSA-2008-0038.html
Third Party Advisory
http://www.redhat.com/support/errata/RHSA-2008-0039.html
Third Party Advisory
http://www.redhat.com/support/errata/RHSA-2008-0040.html
Third Party Advisory
http://www.vupen.com/english/advisories/2008/0109
Third Party Advisory
Permissions Required
http://www.vupen.com/english/advisories/2008/1071/references
Permissions Required
https://usn.ubuntu.com/568-1/
Broken Link
http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00000.html
Broken Link
http://secunia.com/advisories/28359
Vendor Advisory
Not Applicable
http://secunia.com/advisories/28455
Not Applicable
http://secunia.com/advisories/28464
Not Applicable
http://secunia.com/advisories/28698
Not Applicable
http://securitytracker.com/id?1019157
Third Party Advisory
Broken Link
VDB Entry
http://www.mandriva.com/security/advisories?name=MDVSA-2008:004
Broken Link
http://www.postgresql.org/about/news.905
Broken Link
http://www.securityfocus.com/archive/1/485864/100/0/threaded
Third Party Advisory
VDB Entry
http://www.securityfocus.com/archive/1/486407/100/0/threaded
Third Party Advisory
VDB Entry
http://www.securityfocus.com/bid/27163
Patch
Third Party Advisory
VDB Entry
http://www.vupen.com/english/advisories/2008/0061
Permissions Required
https://issues.rpath.com/browse/RPL-1768
Broken Link
https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00397.html
Third Party Advisory
Mailing List
https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00469.html
Third Party Advisory
Mailing List
https://exchange.xforce.ibmcloud.com/vulnerabilities/39500
Third Party Advisory
VDB Entry
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11127
Broken Link