FreeBSD : postgresql -- character conversion and tsearch2 vulnerabilities (486aff57-9ecd-11da-b410-000e0c2e438a)
High Nessus Plugin ID 21425
SynopsisThe remote FreeBSD host is missing one or more security-related updates.
DescriptionThe postgresql development team reports :
The more severe of the two errors is that the functions that support client-to-server character set conversion can be called from SQL commands by unprivileged users, but these functions are not designed to be safe against malicious choices of argument values. This problem exists in PostgreSQL 7.3.* through 8.0.*. The recommended fix is to disable public EXECUTE access for these functions. This does not affect normal usage of the functions for character set conversion, but it will prevent misuse.
The other error is that the contrib/tsearch2 module misdeclares several functions as returning type 'internal' when they do not have any 'internal' argument. This breaks the type safety of 'internal' by allowing users to construct SQL commands that invoke other functions accepting 'internal' arguments. The consequences of this have not been investigated in detail, but it is certainly at least possible to crash the backend.
SolutionUpdate the affected packages.