This script is Copyright (C) 2012 Tenable Network Security, Inc.
The remote Scientific Linux host is missing one or more security
A stack-based buffer overflow flaw was found in the way PostgreSQL
processed certain tokens from an SQL query when the intarray module
was enabled on a particular database. An authenticated database user
running a specially-crafted SQL query could use this flaw to cause a
temporary denial of service (postgres daemon crash) or, potentially,
execute arbitrary code with the privileges of the database server.
These updated postgresql84 packages upgrade PostgreSQL to version
8.4.7. Refer to the PostgreSQL Release Notes for a full list of
If the postgresql service is running, it will be automatically
restarted after installing this update.
See also :
Update the affected packages.
Risk factor :
Medium / CVSS Base Score : 6.5
Family: Scientific Linux Local Security Checks
Nessus Plugin ID: 60950 ()
CVE ID: CVE-2010-4015