Internet threat level: 1
Home→Descriptions→SA37250
Sun Solaris PostgreSQL Privilege Escalation and Denial of Service
| Secunia ID | |
| CVE-ID | |
| Release Date |
04 Nov 2009 |
| Criticality | |
| Solution Status |
Vendor Patch |
| Where | |
| Impact |
DoS (Denial of Service)This includes vulnerabilities ranging from excessive resource consumption (e.g. causing a system to use a lot of memory) to crashing an application or an entire system. Privilege escalationThis covers vulnerabilities where a user is able to conduct certain tasks with the privileges of other users or administrative users. This typically includes cases where a local user on a client or server system can gain access to the administrator or root account thus taking full control of the system. |
| Description |
Sun has acknowledged some vulnerabilities in PostgreSQL in Solaris, which can be exploited by malicious users to gain escalated privileges and cause a DoS (Denial of Service). For more information: The vulnerabilities are reported in Solaris 10 and OpenSolaris on both the SPARC and x86 platforms. |
| Solution |
Apply patches. -- SPARC Platform -- Solaris 10 (6/06 or later) with PostgreSQL 8.1: Solaris 10 (8/07 or later) with PostgreSQL 8.2: Solaris 10 (10/08 or later) with PostgreSQL 8.3: OpenSolaris with PostgreSQL 8.2/8.3: -- x86 Platform -- Solaris 10 (6/06 or later) with PostgreSQL 8.1: Solaris 10 (8/07 or later) with PostgreSQL 8.2: Solaris 10 (10/08 or later) with PostgreSQL 8.3: OpenSolaris with PostgreSQL 8.2/8.3: |
| Original Advisory |
http://sunsolve.sun.com/search/document.do?assetkey=1-66-270408-1 |
© 1997-2012 Kaspersky Lab ZAO. All Rights Reserved.
Industry-leading Antivirus Software.
Registered trademarks and service marks are the property of their respective owners.