Mandrake Local Security Checks : Mandrake Security Advisory MDVSA-2009:079 (postgresql)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 146377 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.63650

Categoría: Mandrake Local Security Checks

Título: Mandrake Security Advisory MDVSA-2009:079 (postgresql)

Resumen: The remote host is missing an update to postgresql;announced via advisory MDVSA-2009:079.

Descripción: Summary:
The remote host is missing an update to postgresql
announced via advisory MDVSA-2009:079.

Vulnerability Insight:
PostgreSQL before 8.3.7, 8.2.13, 8.1.17, 8.0.21, and 7.4.25 allows
remote authenticated users to cause a denial of service (stack
consumption and crash) by triggering a failure in the conversion of a
localized error message to a client-specified encoding, as demonstrated
using mismatched encoding conversion requests (CVE-2009-0922).

This update provides a fix for this vulnerability.

Affected: 2008.0, 2008.1, 2009.0, Corporate 3.0, Corporate 4.0

Solution:
To upgrade automatically use MandrakeUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.

CVSS Score:
4.0

CVSS Vector:
AV:N/AC:L/Au:S/C:N/I:N/A:P

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2009-0922
BugTraq ID: 34090
http://www.securityfocus.com/bid/34090
Bugtraq: 20090519 rPSA-2009-0086-1 postgresql postgresql-contrib postgresql-server (Google Search)
http://www.securityfocus.com/archive/1/503598/100/0/threaded
https://www.redhat.com/archives/fedora-package-announce/2009-March/msg00810.html
https://www.redhat.com/archives/fedora-package-announce/2009-March/msg00843.html
HPdes Security Advisory: HPSBMU02781
http://marc.info/?l=bugtraq&m=134124585221119&w=2
HPdes Security Advisory: SSRT100617
http://www.mandriva.com/security/advisories?name=MDVSA-2009:079
http://www.openwall.com/lists/oss-security/2009/03/11/4
http://archives.postgresql.org/pgsql-bugs/2009-02/msg00172.php
http://archives.postgresql.org//pgsql-bugs/2009-02/msg00176.php
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10874
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6252
http://www.redhat.com/support/errata/RHSA-2009-1067.html
http://www.securitytracker.com/id?1021860
http://secunia.com/advisories/34453
http://secunia.com/advisories/35100
http://sunsolve.sun.com/search/document.do?assetkey=1-77-1020455.1-1
http://sunsolve.sun.com/search/document.do?assetkey=1-66-258808-1
SuSE Security Announcement: SUSE-SR:2009:009 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00010.html
http://www.vupen.com/english/advisories/2009/0767
http://www.vupen.com/english/advisories/2009/1316

Copyright Copyright (C) 2009 E-Soft Inc.

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.63650
Categoría:	Mandrake Local Security Checks
Título:	Mandrake Security Advisory MDVSA-2009:079 (postgresql)
Resumen:	The remote host is missing an update to postgresql;announced via advisory MDVSA-2009:079.
Descripción:	Summary: The remote host is missing an update to postgresql announced via advisory MDVSA-2009:079. Vulnerability Insight: PostgreSQL before 8.3.7, 8.2.13, 8.1.17, 8.0.21, and 7.4.25 allows remote authenticated users to cause a denial of service (stack consumption and crash) by triggering a failure in the conversion of a localized error message to a client-specified encoding, as demonstrated using mismatched encoding conversion requests (CVE-2009-0922). This update provides a fix for this vulnerability. Affected: 2008.0, 2008.1, 2009.0, Corporate 3.0, Corporate 4.0 Solution: To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. CVSS Score: 4.0 CVSS Vector: AV:N/AC:L/Au:S/C:N/I:N/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2009-0922 BugTraq ID: 34090 http://www.securityfocus.com/bid/34090 Bugtraq: 20090519 rPSA-2009-0086-1 postgresql postgresql-contrib postgresql-server (Google Search) http://www.securityfocus.com/archive/1/503598/100/0/threaded https://www.redhat.com/archives/fedora-package-announce/2009-March/msg00810.html https://www.redhat.com/archives/fedora-package-announce/2009-March/msg00843.html HPdes Security Advisory: HPSBMU02781 http://marc.info/?l=bugtraq&m=134124585221119&w=2 HPdes Security Advisory: SSRT100617 http://www.mandriva.com/security/advisories?name=MDVSA-2009:079 http://www.openwall.com/lists/oss-security/2009/03/11/4 http://archives.postgresql.org/pgsql-bugs/2009-02/msg00172.php http://archives.postgresql.org//pgsql-bugs/2009-02/msg00176.php https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10874 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6252 http://www.redhat.com/support/errata/RHSA-2009-1067.html http://www.securitytracker.com/id?1021860 http://secunia.com/advisories/34453 http://secunia.com/advisories/35100 http://sunsolve.sun.com/search/document.do?assetkey=1-77-1020455.1-1 http://sunsolve.sun.com/search/document.do?assetkey=1-66-258808-1 SuSE Security Announcement: SUSE-SR:2009:009 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00010.html http://www.vupen.com/english/advisories/2009/0767 http://www.vupen.com/english/advisories/2009/1316
Copyright	Copyright (C) 2009 E-Soft Inc.