CVE-2010-1169

HIGH

Description

PostgreSQL 7.4 before 7.4.29, 8.0 before 8.0.25, 8.1 before 8.1.21, 8.2 before 8.2.17, 8.3 before 8.3.11, 8.4 before 8.4.4, and 9.0 Beta before 9.0 Beta 2 does not properly restrict PL/perl procedures, which allows remote authenticated users, with database-creation privileges, to execute arbitrary Perl code via a crafted script, related to the Safe module (aka Safe.pm) for Perl. NOTE: some sources report that this issue is the same as CVE-2010-1447.

ID	Name	Product	Family	Severity
69872	Juniper NSM Servers < 2012.1 Multiple Vulnerabilities	Nessus	Misc.	high
68045	Oracle Linux 5 : postgresql84 (ELSA-2010-0430)	Nessus	Oracle Linux Local Security Checks	high
68044	Oracle Linux 5 : postgresql (ELSA-2010-0429)	Nessus	Oracle Linux Local Security Checks	high
68043	Oracle Linux 4 : postgresql (ELSA-2010-0428)	Nessus	Oracle Linux Local Security Checks	high
68042	Oracle Linux 3 : postgresql (ELSA-2010-0427)	Nessus	Oracle Linux Local Security Checks	high
63349	PostgreSQL 7.4 < 7.4.29 / 8.0 < 8.0.25 / 8.1 < 8.1.21 / 8.2 < 8.2.17 / 8.3 < 8.3.11 / 8.4 < 8.4.4 Multiple Vulnerabilities	Nessus	Databases	high
60795	Scientific Linux Security Update : postgresql on SL3.x, SL4.x, SL5.x i386/x86_64	Nessus	Scientific Linux Local Security Checks	high
60794	Scientific Linux Security Update : postgresql84 on SL5.x i386/x86_64	Nessus	Scientific Linux Local Security Checks	high
56626	GLSA-201110-22 : PostgreSQL: Multiple vulnerabilities	Nessus	Gentoo Local Security Checks	high
50958	SuSE 11 / 11.1 Security Update : postgresql (SAT Patch Numbers 2457 / 2458)	Nessus	SuSE Local Security Checks	high
50390	Fedora 14 : sepostgresql-9.0.1-20101007.fc14 (2010-15870)	Nessus	Fedora Local Security Checks	high
50355	Fedora 13 : sepostgresql-9.0.1-20101007.fc13 (2010-16004)	Nessus	Fedora Local Security Checks	high
49921	SuSE 10 Security Update : postgresql (ZYPP Patch Number 7053)	Nessus	SuSE Local Security Checks	high
47733	openSUSE Security Update : postgresql (openSUSE-SU-2010:0371-1)	Nessus	SuSE Local Security Checks	high
47730	openSUSE Security Update : postgresql (openSUSE-SU-2010:0371-1)	Nessus	SuSE Local Security Checks	high
47727	openSUSE Security Update : postgresql (openSUSE-SU-2010:0371-1)	Nessus	SuSE Local Security Checks	high
47508	Fedora 11 : postgresql-8.3.11-1.fc11 (2010-8723)	Nessus	Fedora Local Security Checks	high
47507	Fedora 12 : postgresql-8.4.4-1.fc12 (2010-8715)	Nessus	Fedora Local Security Checks	high
47506	Fedora 13 : postgresql-8.4.4-1.fc13 (2010-8696)	Nessus	Fedora Local Security Checks	high
46762	CentOS 5 : postgresql84 (CESA-2010:0430)	Nessus	CentOS Local Security Checks	high
46761	CentOS 5 : postgresql (CESA-2010:0429)	Nessus	CentOS Local Security Checks	high
46710	Debian DSA-2051-1 : postgresql-8.3 - several vulnerabilities	Nessus	Debian Local Security Checks	high
46700	Ubuntu 6.06 LTS / 8.04 LTS / 9.04 / 9.10 / 10.04 LTS : postgresql-8.1, postgresql-8.3, postgresql-8.4 vulnerabilities (USN-942-1)	Nessus	Ubuntu Local Security Checks	high
46696	CentOS 4 : postgresql (CESA-2010:0428)	Nessus	CentOS Local Security Checks	high
46695	CentOS 3 : postgresql (CESA-2010:0427)	Nessus	CentOS Local Security Checks	high
46690	Mandriva Linux Security Advisory : postgresql (MDVSA-2010:103)	Nessus	Mandriva Local Security Checks	high
46684	RHEL 5 : postgresql84 (RHSA-2010:0430)	Nessus	Red Hat Local Security Checks	high
46683	RHEL 5 : postgresql (RHSA-2010:0429)	Nessus	Red Hat Local Security Checks	high
46682	RHEL 4 : postgresql (RHSA-2010:0428)	Nessus	Red Hat Local Security Checks	high
46681	RHEL 3 : postgresql (RHSA-2010:0427)	Nessus	Red Hat Local Security Checks	high
5546	PostgreSQL < 8.4.4/8.3.11/8.2.17/8.1.21/8.0.25/7.4.29 Multiple Vulnerabilities	Nessus Network Monitor	Database	medium

CVE-2010-1169

Description

References

Details

Risk Information

CVSS v2.0