Oval Definition:oval:org.mitre.oval:def:13647
Revision Date:2014-06-30Version:20
Title:USN-834-1 -- postgresql-8.1, postgresql-8.3 vulnerabilities
Description:It was discovered that PostgreSQL could be made to unload and reload an already loaded module by using the LOAD command. A remote authenticated attacker could exploit this to cause a denial of service. This issue did not affect Ubuntu 6.06 LTS. Due to an incomplete fix for CVE-2007-6600, RESET ROLE and RESET SESSION AUTHORIZATION operations were allowed inside security-definer functions. A remote authenticated attacker could exploit this to escalate privileges within PostgreSQL. It was discovered that PostgreSQL did not properly perform LDAP authentication under certain circumstances. When configured to use LDAP with anonymous binds, a remote attacker could bypass authentication by supplying an empty password. This issue did not affect Ubuntu 6.06 LTS
Family:unixClass:patch
Status:ACCEPTEDReference(s):CVE-2007-6600
CVE-2009-3229
CVE-2009-3230
CVE-2009-3231
USN-834-1
USN-834-1
Platform(s):Ubuntu 6.06
Ubuntu 8.04
Ubuntu 8.10
Ubuntu 9.04
Product(s):postgresql-8.1
postgresql-8.3
Definition Synopsis
  • Release section
  • Ubuntu 8.04 is installed
  • AND Architecture section
  • Architecture independent section
  • Installed architecture is all
  • AND Packages section
  • postgresql-doc-8.3 DPKG is earlier than 8.3.8-0ubuntu8.04
  • OR postgresql-doc DPKG is earlier than 8.3.8-0ubuntu8.04
  • OR postgresql-client DPKG is earlier than 8.3.8-0ubuntu8.04
  • OR postgresql-contrib DPKG is earlier than 8.3.8-0ubuntu8.04
  • OR postgresql DPKG is earlier than 8.3.8-0ubuntu8.04
  • OR Architecture depended section
  • Supported architectures section
  • Installed architecture is amd64
  • OR Installed architecture is i386
  • OR Installed architecture is powerpc
  • OR Installed architecture is sparc
  • OR Installed architecture is lpia
  • AND Packages section
  • postgresql-client-8.3 DPKG is earlier than 8.3.8-0ubuntu8.04
  • OR postgresql-8.3 DPKG is earlier than 8.3.8-0ubuntu8.04
  • OR libecpg6 DPKG is earlier than 8.3.8-0ubuntu8.04
  • OR libpq-dev DPKG is earlier than 8.3.8-0ubuntu8.04
  • OR postgresql-plpython-8.3 DPKG is earlier than 8.3.8-0ubuntu8.04
  • OR postgresql-contrib-8.3 DPKG is earlier than 8.3.8-0ubuntu8.04
  • OR postgresql-server-dev-8.3 DPKG is earlier than 8.3.8-0ubuntu8.04
  • OR libpgtypes3 DPKG is earlier than 8.3.8-0ubuntu8.04
  • OR libecpg-dev DPKG is earlier than 8.3.8-0ubuntu8.04
  • OR postgresql-pltcl-8.3 DPKG is earlier than 8.3.8-0ubuntu8.04
  • OR libpq5 DPKG is earlier than 8.3.8-0ubuntu8.04
  • OR postgresql-plperl-8.3 DPKG is earlier than 8.3.8-0ubuntu8.04
  • OR libecpg-compat3 DPKG is earlier than 8.3.8-0ubuntu8.04
  • OR Release section
  • Ubuntu 9.04 is installed
  • AND Architecture section
  • Architecture independent section
  • Installed architecture is all
  • AND Packages section
  • postgresql-doc-8.3 DPKG is earlier than 8.3.8-0ubuntu9.04
  • OR postgresql-doc DPKG is earlier than 8.3.8-0ubuntu9.04
  • OR postgresql-client DPKG is earlier than 8.3.8-0ubuntu9.04
  • OR postgresql-contrib DPKG is earlier than 8.3.8-0ubuntu9.04
  • OR postgresql DPKG is earlier than 8.3.8-0ubuntu9.04
  • OR Architecture depended section
  • Supported architectures section
  • Installed architecture is amd64
  • OR Installed architecture is i386
  • OR Installed architecture is powerpc
  • OR Installed architecture is sparc
  • OR Installed architecture is lpia
  • AND Packages section
  • postgresql-client-8.3 DPKG is earlier than 8.3.8-0ubuntu9.04
  • OR postgresql-plperl-8.3 DPKG is earlier than 8.3.8-0ubuntu9.04
  • OR postgresql-8.3 DPKG is earlier than 8.3.8-0ubuntu9.04
  • OR libecpg6 DPKG is earlier than 8.3.8-0ubuntu9.04
  • OR libpq-dev DPKG is earlier than 8.3.8-0ubuntu9.04
  • OR postgresql-plpython-8.3 DPKG is earlier than 8.3.8-0ubuntu9.04
  • OR postgresql-contrib-8.3 DPKG is earlier than 8.3.8-0ubuntu9.04
  • OR postgresql-server-dev-8.3 DPKG is earlier than 8.3.8-0ubuntu9.04
  • OR libecpg-dev DPKG is earlier than 8.3.8-0ubuntu9.04
  • OR postgresql-pltcl-8.3 DPKG is earlier than 8.3.8-0ubuntu9.04
  • OR libpq5 DPKG is earlier than 8.3.8-0ubuntu9.04
  • OR libpgtypes3 DPKG is earlier than 8.3.8-0ubuntu9.04
  • OR libecpg-compat3 DPKG is earlier than 8.3.8-0ubuntu9.04
  • OR Release section
  • Ubuntu 6.06 is installed
  • AND Architecture section
  • Architecture independent section
  • Installed architecture is all
  • AND postgresql-doc-8.1 DPKG is earlier than 8.1.18-0ubuntu0.6.06
  • OR Architecture depended section
  • Supported architectures section
  • Installed architecture is sparc
  • OR Installed architecture is powerpc
  • OR Installed architecture is amd64
  • OR Installed architecture is i386
  • AND Packages section
  • postgresql-client-8.1 DPKG is earlier than 8.1.18-0ubuntu0.6.06
  • OR postgresql-8.1 DPKG is earlier than 8.1.18-0ubuntu0.6.06
  • OR postgresql-contrib-8.1 DPKG is earlier than 8.1.18-0ubuntu0.6.06
  • OR libecpg5 DPKG is earlier than 8.1.18-0ubuntu0.6.06
  • OR postgresql-pltcl-8.1 DPKG is earlier than 8.1.18-0ubuntu0.6.06
  • OR postgresql-server-dev-8.1 DPKG is earlier than 8.1.18-0ubuntu0.6.06
  • OR libpgtypes2 DPKG is earlier than 8.1.18-0ubuntu0.6.06
  • OR libecpg-dev DPKG is earlier than 8.1.18-0ubuntu0.6.06
  • OR postgresql-plpython-8.1 DPKG is earlier than 8.1.18-0ubuntu0.6.06
  • OR libpq4 DPKG is earlier than 8.1.18-0ubuntu0.6.06
  • OR libpq-dev DPKG is earlier than 8.1.18-0ubuntu0.6.06
  • OR postgresql-plperl-8.1 DPKG is earlier than 8.1.18-0ubuntu0.6.06
  • OR libecpg-compat2 DPKG is earlier than 8.1.18-0ubuntu0.6.06
  • OR Release section
  • Ubuntu 8.10 is installed
  • AND Architecture section
  • Architecture independent section
  • Installed architecture is all
  • AND Packages section
  • postgresql-doc-8.3 DPKG is earlier than 8.3.8-0ubuntu8.10
  • OR postgresql-doc DPKG is earlier than 8.3.8-0ubuntu8.10
  • OR postgresql-client DPKG is earlier than 8.3.8-0ubuntu8.10
  • OR postgresql-contrib DPKG is earlier than 8.3.8-0ubuntu8.10
  • OR postgresql DPKG is earlier than 8.3.8-0ubuntu8.10
  • OR Architecture depended section
  • Supported architectures section
  • Installed architecture is amd64
  • OR Installed architecture is i386
  • OR Installed architecture is powerpc
  • OR Installed architecture is sparc
  • OR Installed architecture is lpia
  • AND Packages section
  • postgresql-client-8.3 DPKG is earlier than 8.3.8-0ubuntu8.10
  • OR postgresql-8.3 DPKG is earlier than 8.3.8-0ubuntu8.10
  • OR libecpg6 DPKG is earlier than 8.3.8-0ubuntu8.10
  • OR libpq-dev DPKG is earlier than 8.3.8-0ubuntu8.10
  • OR postgresql-plpython-8.3 DPKG is earlier than 8.3.8-0ubuntu8.10
  • OR postgresql-contrib-8.3 DPKG is earlier than 8.3.8-0ubuntu8.10
  • OR postgresql-server-dev-8.3 DPKG is earlier than 8.3.8-0ubuntu8.10
  • OR libpgtypes3 DPKG is earlier than 8.3.8-0ubuntu8.10
  • OR libecpg-dev DPKG is earlier than 8.3.8-0ubuntu8.10
  • OR postgresql-pltcl-8.3 DPKG is earlier than 8.3.8-0ubuntu8.10
  • OR libpq5 DPKG is earlier than 8.3.8-0ubuntu8.10
  • OR postgresql-plperl-8.3 DPKG is earlier than 8.3.8-0ubuntu8.10
  • OR libecpg-compat3 DPKG is earlier than 8.3.8-0ubuntu8.10
    • BACK