This script is Copyright (C) 2005-2010 Tenable Network Security, Inc.
The remote host is missing a vendor-supplied security patch
The remote host is missing the patch for the advisory SUSE-SA:2005:027 (postgresql).
Several problems were identified and fixed in the PostgreSQL
Multiple buffer overflows in the low level parsing routines may
allow attackers to execute arbitrary code via:
(1) a large number of variables in a SQL statement being handled by
the read_sql_construct() function,
(2) a large number of INTO variables in a SELECT statement being
handled by the make_select_stmt function,
(3) a large number of arbitrary variables in a SELECT statement being
handled by the make_select_stmt function, and
(4) a large number of INTO variables in a FETCH statement being
handled by the make_fetch_stmt function.
This is tracked by the Mitre CVE ID CVE-2005-0247.
Risk factor :
Medium / CVSS Base Score : 6.5