ID de Prueba:	1.3.6.1.4.1.25623.1.0.68861
Categoría:	Mandrake Local Security Checks
Título:	Mandriva Security Advisory MDVSA-2011:021 (postgresql)
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is missing an update to postgresql announced via advisory MDVSA-2011:021. A vulnerability was discovered and corrected in postgresql: Buffer overflow in the gettoken function in contrib/intarray/_int_bool.c in the intarray array module in PostgreSQL 9.0.x before 9.0.3, 8.4.x before 8.4.7, 8.3.x before 8.3.14, and 8.2.x before 8.2.20 allows remote authenticated users to cause a denial of service (crash) and possibly execute arbitrary code via integers with a large number of digits to unspecified functions (CVE-2010-4015). Packages for 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more: http://store.mandriva.com/product_info.php?cPath=149&products_id=490 This update provides a solution to this vulnerability. Affected: 2009.0, 2010.0, 2010.1, Corporate 4.0, Enterprise Server 5.0 Solution: To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. https://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2011:021 http://www.postgresql.org/support/security Risk factor : High CVSS Score: 6.5
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2010-4015 BugTraq ID: 46084 http://www.securityfocus.com/bid/46084 Debian Security Information: DSA-2157 (Google Search) http://www.debian.org/security/2011/dsa-2157 http://lists.fedoraproject.org/pipermail/package-announce/2011-February/053888.html http://lists.fedoraproject.org/pipermail/package-announce/2011-February/053817.html HPdes Security Advisory: HPSBMU02781 http://marc.info/?l=bugtraq&m=134124585221119&w=2 HPdes Security Advisory: SSRT100617 http://www.mandriva.com/security/advisories?name=MDVSA-2011:021 http://osvdb.org/70740 http://www.redhat.com/support/errata/RHSA-2011-0197.html http://www.redhat.com/support/errata/RHSA-2011-0198.html http://secunia.com/advisories/43144 http://secunia.com/advisories/43154 http://secunia.com/advisories/43155 http://secunia.com/advisories/43187 http://secunia.com/advisories/43188 http://secunia.com/advisories/43240 SuSE Security Announcement: SUSE-SR:2011:005 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2011-04/msg00000.html http://www.ubuntu.com/usn/USN-1058-1 http://www.vupen.com/english/advisories/2011/0262 http://www.vupen.com/english/advisories/2011/0278 http://www.vupen.com/english/advisories/2011/0283 http://www.vupen.com/english/advisories/2011/0287 http://www.vupen.com/english/advisories/2011/0299 http://www.vupen.com/english/advisories/2011/0303 http://www.vupen.com/english/advisories/2011/0349 XForce ISS Database: postgresql-gettoken-buffer-overflow(65060) https://exchange.xforce.ibmcloud.com/vulnerabilities/65060
Copyright	Copyright (c) 2011 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.