Detections
Analytics

FreeBSD : postgresql -- character conversion and tsearch2 vulnerabilities (486aff57-9ecd-11da-b410-000e0c2e438a)

high Nessus Plugin ID 21425

Synopsis

The remote FreeBSD host is missing one or more security-related updates.

Description

The postgresql development team reports :

The more severe of the two errors is that the functions that support client-to-server character set conversion can be called from SQL commands by unprivileged users, but these functions are not designed to be safe against malicious choices of argument values. This problem exists in PostgreSQL 7.3.* through 8.0.*. The recommended fix is to disable public EXECUTE access for these functions. This does not affect normal usage of the functions for character set conversion, but it will prevent misuse.

The other error is that the contrib/tsearch2 module misdeclares several functions as returning type 'internal' when they do not have any 'internal' argument. This breaks the type safety of 'internal' by allowing users to construct SQL commands that invoke other functions accepting 'internal' arguments. The consequences of this have not been investigated in detail, but it is certainly at least possible to crash the backend.

Solution

Update the affected packages.

See Also

https://www.postgresql.org/about/news.315/

http://www.nessus.org/u?6f3f6664

Plugin Details

Severity: High

ID: 21425

File Name: freebsd_pkg_486aff579ecd11dab410000e0c2e438a.nasl

Version: 1.13

Type: local

Published: 5/13/2006

Updated: 1/6/2021

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 5.8

CVSS v2

Risk Factor: High

Base Score: 7.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Vulnerability Information

CPE: p-cpe:/a:freebsd:freebsd:postgresql, cpe:/o:freebsd:freebsd

Required KB Items: Host/local_checks_enabled, Host/FreeBSD/release, Host/FreeBSD/pkg_info

Patch Publication Date: 2/16/2006

Vulnerability Publication Date: 5/2/2005

Reference Information

CVE: CVE-2005-1409, CVE-2005-1410