Oval Definition:	oval:org.mitre.oval:def:13259
Revision Date: 2014-07-07 Version: 19 Title: USN-876-1 -- postgresql-8.1, postgresql-8.3, postgresql-8.4 vulnerabilities Description: It was discovered that PostgreSQL did not properly handle certificates with NULL characters in the Common Name field of X.509 certificates. An attacker could exploit this to perform a man in the middle attack to view sensitive information or alter encrypted communications. It was discovered that PostgreSQL did not properly manage session-local state. A remote authenticated user could exploit this to escalate priviliges within PostgreSQL Family: unix Class: patch Status: ACCEPTED Reference(s): CVE-2009-4034 CVE-2009-4136 USN-876-1 USN-876-1 Platform(s): Ubuntu 6.06 Ubuntu 8.04 Ubuntu 8.10 Ubuntu 9.04 Ubuntu 9.10 Product(s): postgresql-8.1 postgresql-8.3 postgresql-8.4 Definition Synopsis Release section Ubuntu 8.04 is installed AND Architecture section Architecture independet section Installed architecture is all AND Packages section postgresql-doc-8.3 DPKG is earlier than 8.3.9-0ubuntu8.04 OR postgresql-doc DPKG is earlier than 8.3.9-0ubuntu8.04 OR postgresql-client DPKG is earlier than 8.3.9-0ubuntu8.04 OR postgresql-contrib DPKG is earlier than 8.3.9-0ubuntu8.04 OR postgresql DPKG is earlier than 8.3.9-0ubuntu8.04 OR Architecture depended section Supported architectures section Installed architecture is amd64 OR Installed architecture is i386 OR Installed architecture is powerpc OR Installed architecture is sparc OR Installed architecture is lpia AND Packages section postgresql-client-8.3 DPKG is earlier than 8.3.9-0ubuntu8.04 OR postgresql-8.3 DPKG is earlier than 8.3.9-0ubuntu8.04 OR libecpg6 DPKG is earlier than 8.3.9-0ubuntu8.04 OR libpq-dev DPKG is earlier than 8.3.9-0ubuntu8.04 OR postgresql-plpython-8.3 DPKG is earlier than 8.3.9-0ubuntu8.04 OR postgresql-contrib-8.3 DPKG is earlier than 8.3.9-0ubuntu8.04 OR postgresql-server-dev-8.3 DPKG is earlier than 8.3.9-0ubuntu8.04 OR libpgtypes3 DPKG is earlier than 8.3.9-0ubuntu8.04 OR libecpg-dev DPKG is earlier than 8.3.9-0ubuntu8.04 OR postgresql-pltcl-8.3 DPKG is earlier than 8.3.9-0ubuntu8.04 OR libpq5 DPKG is earlier than 8.3.9-0ubuntu8.04 OR postgresql-plperl-8.3 DPKG is earlier than 8.3.9-0ubuntu8.04 OR libecpg-compat3 DPKG is earlier than 8.3.9-0ubuntu8.04 OR Release section Ubuntu 8.10 is installed AND Architecture section Architecture independet section Installed architecture is all AND Packages section postgresql-doc-8.3 DPKG is earlier than 8.3.9-0ubuntu8.10 OR postgresql-doc DPKG is earlier than 8.3.9-0ubuntu8.10 OR postgresql-client DPKG is earlier than 8.3.9-0ubuntu8.10 OR postgresql-contrib DPKG is earlier than 8.3.9-0ubuntu8.10 OR postgresql DPKG is earlier than 8.3.9-0ubuntu8.10 OR Architecture depended section Supported architectures section Installed architecture is amd64 OR Installed architecture is i386 OR Installed architecture is powerpc OR Installed architecture is sparc OR Installed architecture is lpia AND Packages section postgresql-client-8.3 DPKG is earlier than 8.3.9-0ubuntu8.10 OR postgresql-8.3 DPKG is earlier than 8.3.9-0ubuntu8.10 OR libecpg6 DPKG is earlier than 8.3.9-0ubuntu8.10 OR libpq-dev DPKG is earlier than 8.3.9-0ubuntu8.10 OR postgresql-plpython-8.3 DPKG is earlier than 8.3.9-0ubuntu8.10 OR postgresql-contrib-8.3 DPKG is earlier than 8.3.9-0ubuntu8.10 OR postgresql-server-dev-8.3 DPKG is earlier than 8.3.9-0ubuntu8.10 OR libpgtypes3 DPKG is earlier than 8.3.9-0ubuntu8.10 OR libecpg-dev DPKG is earlier than 8.3.9-0ubuntu8.10 OR postgresql-pltcl-8.3 DPKG is earlier than 8.3.9-0ubuntu8.10 OR libpq5 DPKG is earlier than 8.3.9-0ubuntu8.10 OR postgresql-plperl-8.3 DPKG is earlier than 8.3.9-0ubuntu8.10 OR libecpg-compat3 DPKG is earlier than 8.3.9-0ubuntu8.10 OR Release section Ubuntu 9.10 is installed AND Architecture section Architecture independet section Installed architecture is all AND Packages section postgresql-doc-8.4 DPKG is earlier than 8.4.2-0ubuntu9.10 OR postgresql-client DPKG is earlier than 8.4.2-0ubuntu9.10 OR postgresql-contrib DPKG is earlier than 8.4.2-0ubuntu9.10 OR postgresql DPKG is earlier than 8.4.2-0ubuntu9.10 OR postgresql-doc DPKG is earlier than 8.4.2-0ubuntu9.10 OR Architecture depended section Supported architectures section Installed architecture is amd64 OR Installed architecture is i386 OR Installed architecture is powerpc OR Installed architecture is sparc OR Installed architecture is lpia AND Packages section postgresql-8.4 DPKG is earlier than 8.4.2-0ubuntu9.10 OR postgresql-contrib-8.4 DPKG is earlier than 8.4.2-0ubuntu9.10 OR postgresql-client-8.4 DPKG is earlier than 8.4.2-0ubuntu9.10 OR libecpg6 DPKG is earlier than 8.4.2-0ubuntu9.10 OR postgresql-pltcl-8.4 DPKG is earlier than 8.4.2-0ubuntu9.10 OR postgresql-plpython-8.4 DPKG is earlier than 8.4.2-0ubuntu9.10 OR libpq-dev DPKG is earlier than 8.4.2-0ubuntu9.10 OR postgresql-server-dev-8.4 DPKG is earlier than 8.4.2-0ubuntu9.10 OR libecpg-dev DPKG is earlier than 8.4.2-0ubuntu9.10 OR libpq5 DPKG is earlier than 8.4.2-0ubuntu9.10 OR libpgtypes3 DPKG is earlier than 8.4.2-0ubuntu9.10 OR postgresql-plperl-8.4 DPKG is earlier than 8.4.2-0ubuntu9.10 OR libecpg-compat3 DPKG is earlier than 8.4.2-0ubuntu9.10 OR Release section Ubuntu 6.06 is installed AND Architecture section Architecture independet section Installed architecture is all AND postgresql-doc-8.1 DPKG is earlier than 8.1.19-0ubuntu0.6.06 OR Architecture depended section Supported architectures section Installed architecture is sparc OR Installed architecture is powerpc OR Installed architecture is amd64 OR Installed architecture is i386 AND Packages section postgresql-client-8.1 DPKG is earlier than 8.1.19-0ubuntu0.6.06 OR postgresql-8.1 DPKG is earlier than 8.1.19-0ubuntu0.6.06 OR postgresql-contrib-8.1 DPKG is earlier than 8.1.19-0ubuntu0.6.06 OR libecpg5 DPKG is earlier than 8.1.19-0ubuntu0.6.06 OR postgresql-pltcl-8.1 DPKG is earlier than 8.1.19-0ubuntu0.6.06 OR postgresql-server-dev-8.1 DPKG is earlier than 8.1.19-0ubuntu0.6.06 OR libpgtypes2 DPKG is earlier than 8.1.19-0ubuntu0.6.06 OR libecpg-dev DPKG is earlier than 8.1.19-0ubuntu0.6.06 OR postgresql-plpython-8.1 DPKG is earlier than 8.1.19-0ubuntu0.6.06 OR libpq4 DPKG is earlier than 8.1.19-0ubuntu0.6.06 OR libpq-dev DPKG is earlier than 8.1.19-0ubuntu0.6.06 OR postgresql-plperl-8.1 DPKG is earlier than 8.1.19-0ubuntu0.6.06 OR libecpg-compat2 DPKG is earlier than 8.1.19-0ubuntu0.6.06 OR Release section Ubuntu 9.04 is installed AND Architecture section Architecture independet section Installed architecture is all AND Packages section postgresql-doc-8.3 DPKG is earlier than 8.3.9-0ubuntu9.04 OR postgresql-doc DPKG is earlier than 8.3.9-0ubuntu9.04 OR postgresql-client DPKG is earlier than 8.3.9-0ubuntu9.04 OR postgresql-contrib DPKG is earlier than 8.3.9-0ubuntu9.04 OR postgresql DPKG is earlier than 8.3.9-0ubuntu9.04 OR Architecture depended section Supported architectures section Installed architecture is amd64 OR Installed architecture is i386 OR Installed architecture is powerpc OR Installed architecture is sparc OR Installed architecture is lpia AND Packages section postgresql-client-8.3 DPKG is earlier than 8.3.9-0ubuntu9.04 OR postgresql-plperl-8.3 DPKG is earlier than 8.3.9-0ubuntu9.04 OR postgresql-8.3 DPKG is earlier than 8.3.9-0ubuntu9.04 OR libecpg6 DPKG is earlier than 8.3.9-0ubuntu9.04 OR libpq-dev DPKG is earlier than 8.3.9-0ubuntu9.04 OR postgresql-plpython-8.3 DPKG is earlier than 8.3.9-0ubuntu9.04 OR postgresql-contrib-8.3 DPKG is earlier than 8.3.9-0ubuntu9.04 OR postgresql-server-dev-8.3 DPKG is earlier than 8.3.9-0ubuntu9.04 OR libecpg-dev DPKG is earlier than 8.3.9-0ubuntu9.04 OR postgresql-pltcl-8.3 DPKG is earlier than 8.3.9-0ubuntu9.04 OR libpq5 DPKG is earlier than 8.3.9-0ubuntu9.04 OR libpgtypes3 DPKG is earlier than 8.3.9-0ubuntu9.04 OR libecpg-compat3 DPKG is earlier than 8.3.9-0ubuntu9.04
BACK