Oval Definition:oval:org.opensuse.security:def:20093230
Revision Date:2022-05-20Version:1
Title:CVE-2009-3230
Description:

The core server component in PostgreSQL 8.4 before 8.4.1, 8.3 before 8.3.8, 8.2 before 8.2.14, 8.1 before 8.1.18, 8.0 before 8.0.22, and 7.4 before 7.4.26 does not use the appropriate privileges for the (1) RESET ROLE and (2) RESET SESSION AUTHORIZATION operations, which allows remote authenticated users to gain privileges. NOTE: this is due to an incomplete fix for CVE-2007-6600.
Family:unixClass:vulnerability
Status:Reference(s):CVE-2009-3230
Mitre CVE-2009-3230
SUSE CVE-2009-3230
SUSE-SR:2009:016
SUSE-SR:2009:016
SUSE-SR:2009:017
SUSE-SR:2009:017
Platform(s):Novell Linux Desktop 9 for x86
Novell Linux Desktop 9 for x86_64
Open Enterprise Server
openSUSE 10.3
openSUSE 11.0
openSUSE 11.1
SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T
SUSE Linux Enterprise Desktop 10 SP3 for x86
SUSE Linux Enterprise Desktop 11 GA
SUSE Linux Enterprise SDK 10 SP2
SUSE Linux Enterprise SDK 10 SP3
SUSE Linux Enterprise SDK 11 GA
SUSE Linux Enterprise Server 10 SP3
SUSE Linux Enterprise Server 11
SUSE Linux Enterprise Server 11 GA
SUSE Linux Enterprise Server for SAP Applications 11
Product(s):
Definition Synopsis
  • Release Information
  • sles10-sp3 is installed
  • postgresql-contrib less than 8.1.18-0.5.1
  • OR postgresql-devel less than 8.1.18-0.5.1
  • OR postgresql-docs less than 8.1.18-0.5.1
  • OR postgresql-libs-32bit less than 8.1.18-0.5.1
  • OR postgresql-libs-64bit less than 8.1.18-0.5.1
  • OR postgresql-libs-x86 less than 8.1.18-0.5.1
  • OR postgresql-libs less than 8.1.18-0.5.1
  • OR postgresql-pl less than 8.1.18-0.5.2
  • OR postgresql-server less than 8.1.18-0.5.1
  • OR postgresql less than 8.1.18-0.5.1
  • OR
  • sles10-sp3-sdk is installed
  • postgresql-contrib less than 8.1.18-0.5.1
  • OR postgresql-devel less than 8.1.18-0.5.1
  • OR postgresql-docs less than 8.1.18-0.5.1
  • OR postgresql-pl less than 8.1.18-0.5.2
  • OR postgresql-server less than 8.1.18-0.5.1
  • OR postgresql less than 8.1.18-0.5.1
  • OR Package Information
  • sles10-sp2-sdk is installed
  • AND
  • postgresql-contrib less than 8.1.18-0.3
  • OR postgresql-devel less than 8.1.18-0.3
  • OR postgresql-docs less than 8.1.18-0.3
  • OR postgresql-pl less than 8.1.18-0.3
  • OR postgresql-server less than 8.1.18-0.3
  • OR postgresql less than 8.1.18-0.3
  • Definition Synopsis
  • SUSE Linux Enterprise Server 11 is installed
  • AND Package Information
  • postgresql-8.3.8-0.1 is installed
  • OR postgresql-contrib-8.3.8-0.1 is installed
  • OR postgresql-docs-8.3.8-0.1 is installed
  • OR postgresql-libs-8.3.8-0.1 is installed
  • OR postgresql-libs-32bit-8.3.8-0.1 is installed
  • OR postgresql-libs-x86-8.3.7-0.1 is installed
  • OR postgresql-server-8.3.8-0.1 is installed
  • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise Server 11 is installed
  • OR SUSE Linux Enterprise Server for SAP Applications 11 is installed
  • AND Package Information
  • postgresql-8.3.8-0.1.1 is installed
  • OR postgresql-contrib-8.3.8-0.1.1 is installed
  • OR postgresql-docs-8.3.8-0.1.1 is installed
  • OR postgresql-libs-8.3.8-0.1.1 is installed
  • OR postgresql-libs-32bit-8.3.8-0.1.1 is installed
  • OR postgresql-libs-x86-8.3.8-0.1.1 is installed
  • OR postgresql-server-8.3.8-0.1.1 is installed
  • BACK