Test ID:	1.3.6.1.4.1.25623.1.0.51713
Category:	Mandrake Local Security Checks
Title:	Mandrake Security Advisory MDKSA-2005:040 (postgresql)
Summary:	NOSUMMARY
Description:	Description: The remote host is missing an update to postgresql announced via advisory MDKSA-2005:040. A number of vulnerabilities were found and corrected in the PostgreSQL DBMS: A flaw in the LOAD command could be abused by a local user to load arbitrary shared libraries and as a result execute arbitrary code with the privileges of the user running the postgresql server (CVE-2005-0227). A permission checking flaw was found where a local user could bypass the EXECUTE permission check for functions using the CREATE AGGREGATE command (CVE-2005-0244). Multiple bufffer overflows were discovered in PL/PgSQL. A database user with permission to create plpgsql functions could trigger these flaws which could then lead to arbitrary code execution with the privileges of the user running the postgresql server (CVE-2005-0245 and CVE-2005-0247). Finally, a flaw in the integer aggregator (intagg) contrib module was found. A user could create carefully crafted arrays and crash the server, causing a Denial of Service (CVE-2005-0246). The updated packages have been patched to correct these problems. Affected versions: 10.0, 10.1, Corporate 3.0, Corporate Server 2.1 Solution: To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. https://secure1.securityspace.com/smysecure/catid.html?in=MDKSA-2005:040 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0227 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0244 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0245 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0246 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0247 Risk factor : High CVSS Score: 7.5
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2005-0227 BugTraq ID: 12411 http://www.securityfocus.com/bid/12411 Bugtraq: 20050201 [USN-71-1] PostgreSQL vulnerability (Google Search) http://marc.info/?l=bugtraq&m=110726899107148&w=2 Debian Security Information: DSA-668 (Google Search) http://www.debian.org/security/2005/dsa-668 http://security.gentoo.org/glsa/glsa-200502-08.xml http://www.mandriva.com/security/advisories?name=MDKSA-2005:040 http://archives.postgresql.org/pgsql-announce/2005-02/msg00000.php http://archives.postgresql.org/pgsql-bugs/2005-01/msg00269.php https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10234 http://www.redhat.com/support/errata/RHSA-2005-138.html http://www.redhat.com/support/errata/RHSA-2005-150.html http://secunia.com/advisories/12948 SuSE Security Announcement: SUSE-SA:2005:036 (Google Search) http://www.novell.com/linux/security/advisories/2005_36_sudo.html http://www.trustix.org/errata/2005/0003/ Common Vulnerability Exposure (CVE) ID: CVE-2005-0244 12417 http://www.securityfocus.com/bid/12417 12948 20050210 [USN-79-1] PostgreSQL vulnerabilities http://marc.info/?l=bugtraq&m=110806034116082&w=2 MDKSA-2005:040 RHSA-2005:138 SUSE-SA:2005:036 [pgsql-hackers] 20050127 Permissions on aggregate component functions http://archives.postgresql.org/pgsql-hackers/2005-01/msg00922.php oval:org.mitre.oval:def:10927 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10927 postgresql-security-bypass(19184) https://exchange.xforce.ibmcloud.com/vulnerabilities/19184 Common Vulnerability Exposure (CVE) ID: CVE-2005-0245 DSA-683 http://www.debian.org/security/2005/dsa-683 RHSA-2005:150 [pgsql-committers] 20050121 pgsql: Prevent overrunning a heap-allocated buffer is more than 1024 http://archives.postgresql.org/pgsql-committers/2005-01/msg00298.php [pgsql-committers] 20050207 pgsql: Prevent 4 more buffer overruns in the PL/PgSQL parser. http://archives.postgresql.org/pgsql-committers/2005-02/msg00049.php [pgsql-patches] 20050120 Re: WIP: pl/pgsql cleanup http://archives.postgresql.org/pgsql-patches/2005-01/msg00216.php oval:org.mitre.oval:def:10175 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10175 postgresql-cursor-bo(19188) https://exchange.xforce.ibmcloud.com/vulnerabilities/19188 Common Vulnerability Exposure (CVE) ID: CVE-2005-0247 GLSA-200502-19 http://www.gentoo.org/security/en/glsa/glsa-200502-19.xml SUSE-SA:2005:027 http://www.novell.com/linux/security/advisories/2005_27_postgresql.html oval:org.mitre.oval:def:9345 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9345 postgresql-fetch-makefetchstmt-bo(19378) https://exchange.xforce.ibmcloud.com/vulnerabilities/19378 postgresql-makeselectstmt-arbitrary-bo(19377) https://exchange.xforce.ibmcloud.com/vulnerabilities/19377 postgresql-makeselectstmt-input-bo(19376) https://exchange.xforce.ibmcloud.com/vulnerabilities/19376 postgresql-readsqlconstruct-bo(19375) https://exchange.xforce.ibmcloud.com/vulnerabilities/19375 Common Vulnerability Exposure (CVE) ID: CVE-2005-0246 [pgsql-committers] 20050127 pgsql: Fix security and 64-bit issues in contrib/intagg. http://archives.postgresql.org/pgsql-committers/2005-01/msg00401.php oval:org.mitre.oval:def:10148 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10148 postgresql-contribintagg-dos(19185) https://exchange.xforce.ibmcloud.com/vulnerabilities/19185
Copyright	Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com

This is only one of 146377 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.