4

CVE-2009-0922

Exploit
PostgreSQL before 8.3.7, 8.2.13, 8.1.17, 8.0.21, and 7.4.25 allows remote authenticated users to cause a denial of service (stack consumption and crash) by triggering a failure in the conversion of a localized error message to a client-specified encoding, as demonstrated using mismatched encoding conversion requests.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
PostgresqlPostgresql Version7.4.24
PostgresqlPostgresql Version8.0.20
PostgresqlPostgresql Version8.1.16
PostgresqlPostgresql Version8.2.12
PostgresqlPostgresql Version8.3.6
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 10.24% 0.951
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 4 8 2.9
AV:N/AC:L/Au:S/C:N/I:N/A:P
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://www.redhat.com/support/errata/RHSA-2009-1067.html
http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00010.html
http://archives.postgresql.org//pgsql-bugs/2009-02/msg00176.php
Exploit
http://archives.postgresql.org/pgsql-bugs/2009-02/msg00172.php
Exploit
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=517405
http://marc.info/?l=bugtraq&m=134124585221119&w=2
http://secunia.com/advisories/34453
Vendor Advisory
http://secunia.com/advisories/35100
Vendor Advisory
http://sunsolve.sun.com/search/document.do?assetkey=1-66-258808-1
http://sunsolve.sun.com/search/document.do?assetkey=1-77-1020455.1-1
http://wiki.rpath.com/Advisories:rPSA-2009-0086
http://www.mandriva.com/security/advisories?name=MDVSA-2009:079
http://www.openwall.com/lists/oss-security/2009/03/11/4
http://www.postgresql.org/about/news.1065
Patch
Vendor Advisory
http://www.securityfocus.com/archive/1/503598/100/0/threaded
http://www.securityfocus.com/bid/34090
Patch
Exploit
http://www.securitytracker.com/id?1021860
http://www.vupen.com/english/advisories/2009/0767
Patch
Vendor Advisory
http://www.vupen.com/english/advisories/2009/1316
Patch
Vendor Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=488156
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10874
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6252
https://www.redhat.com/archives/fedora-package-announce/2009-March/msg00810.html
https://www.redhat.com/archives/fedora-package-announce/2009-March/msg00843.html