CVE-2007-6601

The DBLink module in PostgreSQL 8.2 before 8.2.6, 8.1 before 8.1.11, 8.0 before 8.0.15, 7.4 before 7.4.19, and 7.3 before 7.3.21, when local trust or ident authentication is used, allows remote attackers to gain privileges via unspecified vectors. NOTE: this issue exists because of an incomplete fix for CVE-2007-3278.
References
Link Resource
http://www.postgresql.org/about/news.905 Broken Link
http://www.securityfocus.com/bid/27163 Patch Third Party Advisory
http://securitytracker.com/id?1019157 Broken Link Third Party Advisory
http://secunia.com/advisories/28359 Not Applicable Vendor Advisory
http://www.mandriva.com/security/advisories?name=MDVSA-2008:004 Broken Link
https://issues.rpath.com/browse/RPL-1768 Broken Link
http://www.debian.org/security/2008/dsa-1460 Third Party Advisory
http://www.debian.org/security/2008/dsa-1463 Third Party Advisory
https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00397.html Mailing List Third Party Advisory
https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00469.html Mailing List Third Party Advisory
http://www.redhat.com/support/errata/RHSA-2008-0038.html Third Party Advisory
http://www.redhat.com/support/errata/RHSA-2008-0039.html Third Party Advisory
http://sunsolve.sun.com/search/document.do?assetkey=1-26-103197-1 Broken Link
http://secunia.com/advisories/28376 Not Applicable
http://secunia.com/advisories/28438 Not Applicable
http://secunia.com/advisories/28445 Not Applicable
http://secunia.com/advisories/28437 Not Applicable
http://secunia.com/advisories/28454 Not Applicable
http://secunia.com/advisories/28464 Not Applicable
http://secunia.com/advisories/28477 Not Applicable
http://secunia.com/advisories/28479 Not Applicable
http://secunia.com/advisories/28455 Not Applicable
http://security.gentoo.org/glsa/glsa-200801-15.xml Third Party Advisory
http://secunia.com/advisories/28679 Not Applicable
http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00000.html Broken Link
http://secunia.com/advisories/28698 Not Applicable
http://www.redhat.com/support/errata/RHSA-2008-0040.html Third Party Advisory
http://sunsolve.sun.com/search/document.do?assetkey=1-66-200559-1 Broken Link
http://secunia.com/advisories/29638 Not Applicable
http://www.vupen.com/english/advisories/2008/1071/references Permissions Required
http://www.vupen.com/english/advisories/2008/0109 Permissions Required Third Party Advisory
http://www.vupen.com/english/advisories/2008/0061 Permissions Required
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01420154 Broken Link
https://exchange.xforce.ibmcloud.com/vulnerabilities/39500 Third Party Advisory VDB Entry
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11127 Broken Link
https://usn.ubuntu.com/568-1/ Broken Link
http://www.securityfocus.com/archive/1/486407/100/0/threaded Third Party Advisory VDB Entry
http://www.securityfocus.com/archive/1/485864/100/0/threaded Third Party Advisory VDB Entry
Configurations

Configuration 1

cpe:2.3:a:postgresql:postgresql:8.2:*:*:*:*:*:*:*
cpe:2.3:a:postgresql:postgresql:*:*:*:*:*:*:*:*
cpe:2.3:a:postgresql:postgresql:*:*:*:*:*:*:*:*
cpe:2.3:a:postgresql:postgresql:*:*:*:*:*:*:*:*
cpe:2.3:a:postgresql:postgresql:*:*:*:*:*:*:*:*
cpe:2.3:a:postgresql:postgresql:*:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:3.1:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:8:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:7:*:*:*:*:*:*:*

Information

Published : 2008-01-09 09:46

Updated : 2023-01-18 09:19


NVD link : CVE-2007-6601

Mitre link : CVE-2007-6601

Products Affected
No products.
CWE