Vigil@nce - PostgreSQL: five vulnerabilities
May 2010 by Vigil@nce
This bulletin was written by Vigil@nce : http://vigilance.fr/
SYNTHESIS OF THE VULNERABILITY
An attacker can use five vulnerabilities of PostgreSQL, in order
to execute code or to generate a denial of service.
Severity: 2/4
Creation date: 18/05/2010
Revision date: 21/05/2010
DESCRIPTION OF THE VULNERABILITY
Five vulnerabilities were announced in PostgreSQL.
An attacker can define methods or overload operators, in order to
bypass restrictions imposed by the Safe.pm module of Perl. This
vulnerability is a variant of VIGILANCE-VUL-9657
(https://vigilance.fr/tree/1/9657)/CVE-2010-1168. [severity:2/4;
CVE-2010-1169]
An attacker can use a reference on a subroutine, in order to
bypass restrictions imposed by the Safe.pm module of Perl
(VIGILANCE-VUL-9658 (https://vigilance.fr/tree/1/9658)).
[severity:2/4; BID-40305, CVE-2010-1447]
When the Procedure Language PL/tcl is installed, a local attacker
can store malicious data using autoload() in the pltcl_modules
table in order to execute code. [severity:2/4; CVE-2010-1170]
When a Warm Standby slave database is used by PostgreSQL 8.4, the
WAL (Write-Ahead Logging) data for "ALTER table SET TABLESPACE" is
invalid, so the slave database is corrupted. An attacker can
therefore use this command, in order to generate a denial of
service. [severity:1/4]
An attacker can use RESET ALL in order to reset some privileged
fields of one of his databases, or of his record in the USER
database. [severity:1/4; BID-40304, CVE-2010-1975]
ACCESS TO THE COMPLETE VIGIL@NCE BULLETIN
http://vigilance.fr/vulnerability/PostgreSQL-five-vulnerabilities-9647