PostgreSQL 8.3 < 8.3.18 Multiple Vulnerabilities
Medium Nessus Plugin ID 63355
SynopsisThe remote database server is affected by multiple vulnerabilities.
DescriptionThe version of PostgreSQL installed on the remote host is 8.3.x prior to 8.3.18, and is, therefore, potentially affected by multiple vulnerabilities :
- Permissions on a function called by a trigger are not properly checked. (CVE-2012-0866)
- Line breaks in object names can be exploited to execute arbitrary SQL commands when reloading a pg_dump file.
SolutionUpgrade to PostgreSQL 8.3.18 or later.