Mandrake Linux Security Advisory : postgresql (MDKSA-2007:188)

This script is Copyright (C) 2007-2013 Tenable Network Security, Inc.


Synopsis :

The remote Mandrake Linux host is missing one or more security
updates.

Description :

PostgreSQL 8.1 and probably later and earlier versions, when local
trust authentication is enabled and the Database Link library (dblink)
is installed, allows remote attackers to access arbitrary accounts and
execute arbitrary SQL queries via a dblink host parameter that proxies
the connection from 127.0.0.1. (CVE-2007-3278)

PostgreSQL 8.1 and probably later and earlier versions, when the
PL/pgSQL (plpgsql) language has been created, grants certain plpgsql
privileges to the PUBLIC domain, which allows remote attackers to
create and execute functions, as demonstrated by functions that
perform local brute-force password guessing attacks, which may evade
intrusion detection. (CVE-2007-3279)

The Database Link library (dblink) in PostgreSQL 8.1 implements
functions via CREATE statements that map to arbitrary libraries based
on the C programming language, which allows remote authenticated
superusers to map and execute a function from any library, as
demonstrated by using the system function in libc.so.6 to gain shell
access. (CVE-2007-3280)

Updated packages fix these issues, by requiring non-superusers who use
/contrib/dblink to use only password authentication.

Solution :

Update the affected packages.

Risk factor :

Critical / CVSS Base Score : 10.0
(CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)

Family: Mandriva Local Security Checks

Nessus Plugin ID: 26188 (mandrake_MDKSA-2007-188.nasl)

Bugtraq ID:

CVE ID: CVE-2007-3278
CVE-2007-3279
CVE-2007-3280

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now