| VID |
25113 |
| Severity |
30 |
| Port |
5432 |
| Protocol |
TCP |
| Class |
DB |
| Detailed Description |
The PostgreSQL server, according to its version number, has a bit substring buffer overflow vulnerability.PostgreSQL is a Object-Relational database management system (DBMS) that supports an extended subset of SQL. The version of PostgreSQL running on the remote host has a bit substring buffer overflow vulnerability. The bitsubstr function in backend/utils/adt/varbit.c in PostgreSQL 8.0.23, 8.1.11, and 8.3.8 allows remote authenticated users to cause a denial of service (daemon crash) or have unspecified other impact via vectors involving a negative integer in the third argument, as demonstrated by a SELECT statement that contains a call to the substring function for a bit string, related to an "overflow."
ex) testdb=# select substring(B'10101010101010101010101010101010101010101010101',33,-15);
* Note: This check solely relied on the version number of the remote PostgreSQL server to assess this vulnerability, so this might be a false positive.
* References:
http://archives.postgresql.org/pgsql-hackers/2010-01/msg00634.php
http://downloads.avaya.com/css/P8/documents/100088368
http://downloads.avaya.com/css/P8/documents/100092667
* Platforms Affected:
PostgreSQL version 8.0.23/8.1.11/8.3.8
Any operating system Any version |
| Recommendation |
Upgrade Upgrade to the latest version of PostgreSQL (8.0.23/8.1.11/8.3.8 later), available from the PostgreSQL FTP Web page at http://wwwmaster.postgresql.org/ftp/ |
| Related URL |
CVE-2010-0442 (CVE) |
| Related URL |
37973 (SecurityFocus) |
| Related URL |
(ISS) |
|
