Vulnerability Name:

CVE-2005-0247 (CCN-19375)

Assigned:2005-02-01
Published:2005-02-01
Updated:2017-10-11
Summary:Multiple buffer overflows in gram.y for PostgreSQL 8.0.1 and earlier may allow attackers to execute arbitrary code via (1) a large number of variables in a SQL statement being handled by the read_sql_construct function, (2) a large number of INTO variables in a SELECT statement being handled by the make_select_stmt function, (3) a large number of arbitrary variables in a SELECT statement being handled by the make_select_stmt function, and (4) a large number of INTO variables in a FETCH statement being handled by the make_fetch_stmt function, a different set of vulnerabilities than CVE-2005-0245.
CVSS v3 Severity:7.3 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): Low
Integrity (I): Low
Availibility (A): Low
CVSS v2 Severity:6.5 Medium (CVSS v2 Vector: AV:N/AC:L/Au:S/C:P/I:P/A:P)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Authentication (Au): Single_Instance
Impact Metrics:Confidentiality (C): Partial
Integrity (I): Partial
Availibility (A): Partial
7.5 High (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Athentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): Partial
Availibility (A): Partial
Vulnerability Type:CWE-119
Vulnerability Consequences:Gain Access
References:Source: CCN
Type: postgreSQL Mailing List, Mon, 7 Feb 2005 03:53:36 +0000 (GMT)
pgsql: Prevent 4 more buffer overruns in the PL/PgSQL parser

Source: MLIST
Type: Patch
[pgsql-committers] 20050207 pgsql: Prevent 4 more buffer overruns in the PL/PgSQL parser.

Source: MITRE
Type: CNA
CVE-2005-0247

Source: CCN
Type: Conectiva Linux Announcement CLSA-2005:1008
Fix for several PostgreSQL vulnerabilities

Source: BUGTRAQ
Type: UNKNOWN
20050210 [USN-79-1] PostgreSQL vulnerabilities

Source: CCN
Type: RHSA-2005-138
postgresql security update

Source: CCN
Type: RHSA-2005-141
rh-postgresql security update

Source: CCN
Type: RHSA-2005-150
postgresql security update

Source: CCN
Type: CIAC Information Bulletin: P-139
PostgreSQL Vulnerabilities

Source: DEBIAN
Type: UNKNOWN
DSA-683

Source: DEBIAN
Type: DSA-683
postgresql -- buffer overflows

Source: CCN
Type: GLSA-200502-19
PostgreSQL: Buffer overflows in PL/PgSQL parser

Source: GENTOO
Type: Patch, Vendor Advisory
GLSA-200502-19

Source: MANDRAKE
Type: UNKNOWN
MDKSA-2005:040

Source: SUSE
Type: Patch, Vendor Advisory
SUSE-SA:2005:027

Source: SUSE
Type: UNKNOWN
SUSE-SA:2005:036

Source: CCN
Type: postgreSQL Web site
postgreSQL

Source: REDHAT
Type: Patch, Vendor Advisory
RHSA-2005:138

Source: REDHAT
Type: Patch, Vendor Advisory
RHSA-2005:150

Source: BID
Type: UNKNOWN
12417

Source: CCN
Type: BID-12417
PostgreSQL Multiple Remote Vulnerabilities

Source: CCN
Type: TLSA-2005-38
Multiple vulnerabilities exist in Postgresql

Source: CCN
Type: USN-79-1
PostgreSQL vulnerabilities

Source: XF
Type: UNKNOWN
postgresql-readsqlconstruct-bo(19375)

Source: XF
Type: UNKNOWN
postgresql-readsqlconstruct-bo(19375)

Source: XF
Type: UNKNOWN
postgresql-makeselectstmt-input-bo(19376)

Source: XF
Type: UNKNOWN
postgresql-makeselectstmt-arbitrary-bo(19377)

Source: XF
Type: UNKNOWN
postgresql-fetch-makefetchstmt-bo(19378)

Source: OVAL
Type: UNKNOWN
oval:org.mitre.oval:def:9345

Source: SUSE
Type: SUSE-SA:2005:027
PostgreSQL: buffer overflow problems

Source: SUSE
Type: SUSE-SA:2005:036
sudo: race condition arbitrary code execution

Source: SUSE
Type: SUSE-SR:2005:005
SUSE Security Summary Report

Source: SUSE
Type: SUSE-SR:2005:006
SUSE Security Summary Report

Source: SUSE
Type: SUSE-SR:2005:007
SUSE Security Summary Report

Vulnerable Configuration:Configuration 1:
  • cpe:/a:postgresql:postgresql:7.2:*:*:*:*:*:*:*
  • OR cpe:/a:postgresql:postgresql:7.2.1:*:*:*:*:*:*:*
  • OR cpe:/a:postgresql:postgresql:7.2.2:*:*:*:*:*:*:*
  • OR cpe:/a:postgresql:postgresql:7.2.3:*:*:*:*:*:*:*
  • OR cpe:/a:postgresql:postgresql:7.2.4:*:*:*:*:*:*:*
  • OR cpe:/a:postgresql:postgresql:7.2.5:*:*:*:*:*:*:*
  • OR cpe:/a:postgresql:postgresql:7.2.6:*:*:*:*:*:*:*
  • OR cpe:/a:postgresql:postgresql:7.2.7:*:*:*:*:*:*:*
  • OR cpe:/a:postgresql:postgresql:7.3:*:*:*:*:*:*:*
  • OR cpe:/a:postgresql:postgresql:7.3.1:*:*:*:*:*:*:*
  • OR cpe:/a:postgresql:postgresql:7.3.2:*:*:*:*:*:*:*
  • OR cpe:/a:postgresql:postgresql:7.3.3:*:*:*:*:*:*:*
  • OR cpe:/a:postgresql:postgresql:7.3.4:*:*:*:*:*:*:*
  • OR cpe:/a:postgresql:postgresql:7.3.5:*:*:*:*:*:*:*
  • OR cpe:/a:postgresql:postgresql:7.3.6:*:*:*:*:*:*:*
  • OR cpe:/a:postgresql:postgresql:7.3.7:*:*:*:*:*:*:*
  • OR cpe:/a:postgresql:postgresql:7.3.8:*:*:*:*:*:*:*
  • OR cpe:/a:postgresql:postgresql:7.3.9:*:*:*:*:*:*:*
  • OR cpe:/a:postgresql:postgresql:7.4:*:*:*:*:*:*:*
  • OR cpe:/a:postgresql:postgresql:7.4.1:*:*:*:*:*:*:*
  • OR cpe:/a:postgresql:postgresql:7.4.2:*:*:*:*:*:*:*
  • OR cpe:/a:postgresql:postgresql:7.4.3:*:*:*:*:*:*:*
  • OR cpe:/a:postgresql:postgresql:7.4.4:*:*:*:*:*:*:*
  • OR cpe:/a:postgresql:postgresql:7.4.5:*:*:*:*:*:*:*
  • OR cpe:/a:postgresql:postgresql:7.4.6:*:*:*:*:*:*:*
  • OR cpe:/a:postgresql:postgresql:7.4.7:*:*:*:*:*:*:*
  • OR cpe:/a:postgresql:postgresql:8.0.0:*:*:*:*:*:*:*
  • OR cpe:/a:postgresql:postgresql:8.0.1:*:*:*:*:*:*:*

    • Configuration RedHat 1:
  • cpe:/o:redhat:enterprise_linux:*:*:*:*:*:*:*:*

    • Configuration CCN 1:
  • cpe:/a:postgresql:postgresql:7.2.1:*:*:*:*:*:*:*
  • OR cpe:/a:postgresql:postgresql:7.2.2:*:*:*:*:*:*:*
  • OR cpe:/a:postgresql:postgresql:7.2:*:*:*:*:*:*:*
  • OR cpe:/a:postgresql:postgresql:7.3:*:*:*:*:*:*:*
  • OR cpe:/a:postgresql:postgresql:7.4.3:*:*:*:*:*:*:*
  • OR cpe:/a:postgresql:postgresql:7.4:*:*:*:*:*:*:*
  • OR cpe:/a:postgresql:postgresql:7.2.3:*:*:*:*:*:*:*
  • OR cpe:/a:postgresql:postgresql:7.2.4:*:*:*:*:*:*:*
  • OR cpe:/a:postgresql:postgresql:7.3.1:*:*:*:*:*:*:*
  • OR cpe:/a:postgresql:postgresql:7.3.2:*:*:*:*:*:*:*
  • OR cpe:/a:postgresql:postgresql:7.3.3:*:*:*:*:*:*:*
  • OR cpe:/a:postgresql:postgresql:7.4.1:*:*:*:*:*:*:*
  • OR cpe:/a:postgresql:postgresql:7.4.2:*:*:*:*:*:*:*
  • OR cpe:/a:postgresql:postgresql:7.4.4:*:*:*:*:*:*:*
  • OR cpe:/a:postgresql:postgresql:7.4.5:*:*:*:*:*:*:*
  • OR cpe:/a:postgresql:postgresql:7.4.6:*:*:*:*:*:*:*
  • OR cpe:/a:postgresql:postgresql:7.4.7:*:*:*:*:*:*:*
  • OR cpe:/a:postgresql:postgresql:7.2.5:*:*:*:*:*:*:*
  • OR cpe:/a:postgresql:postgresql:7.2.6:*:*:*:*:*:*:*
  • OR cpe:/a:postgresql:postgresql:7.2.7:*:*:*:*:*:*:*
  • OR cpe:/a:postgresql:postgresql:8.0.0:*:*:*:*:*:*:*
  • OR cpe:/a:postgresql:postgresql:7.3.4:*:*:*:*:*:*:*
  • OR cpe:/a:postgresql:postgresql:7.3.5:*:*:*:*:*:*:*
  • OR cpe:/a:postgresql:postgresql:7.3.6:*:*:*:*:*:*:*
  • OR cpe:/a:postgresql:postgresql:7.3.7:*:*:*:*:*:*:*
  • OR cpe:/a:postgresql:postgresql:7.3.8:*:*:*:*:*:*:*
  • OR cpe:/a:postgresql:postgresql:7.3.9:*:*:*:*:*:*:*
  • OR cpe:/a:postgresql:postgresql:8.0.1:*:*:*:*:*:*:*
  • AND
  • cpe:/o:debian:debian_linux:3.0:*:*:*:*:*:*:*
  • OR cpe:/o:gentoo:linux:*:*:*:*:*:*:*:*
  • OR cpe:/o:suse:linux_enterprise_server:8:*:*:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:2.1:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:2.1:*:as:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:2.1:*:es:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:2.1:*:ws:*:*:*:*:*
  • OR cpe:/o:suse:suse_linux:8.2:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:2.1:*:aw:*:*:*:*:*
  • OR cpe:/o:suse:suse_linux:9.0:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:3::ws:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:3::es:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:3::as:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:10.0:*:*:*:*:*:*:*
  • OR cpe:/o:suse:suse_linux:9.1:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:3::desktop:*:*:*:*:*
  • OR cpe:/o:conectiva:linux:10:*:*:*:*:*:*:*
  • OR cpe:/o:suse:suse_linux:9.2:*:*:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:10.1:*:*:*:*:*:*:*
  • OR cpe:/o:suse:suse_linux:1.0:*:desktop:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:3.0:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:4::as:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:4::desktop:*:*:*:*:*
  • OR cpe:/o:novell:linux_desktop:9:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:4::es:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:4::ws:*:*:*:*:*
  • OR cpe:/o:redhat:linux_advanced_workstation:2.1:*:itanium:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:10.1:*:x86-64:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:3.0:*:x86_64:*:*:*:*:*
  • OR cpe:/o:turbolinux:turbolinux:*:*:home:*:*:*:*:*
  • OR cpe:/o:turbolinux:turbolinux_appliance:1.0:*:hosting:*:server:*:*:*
  • OR cpe:/o:turbolinux:turbolinux_appliance:1.0:*:workgroup:*:server:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:10.0:*:amd64:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:2.1:*:x86_64:*:*:*:*:*
  • OR cpe:/o:suse:suse_linux:9.3:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    Vulnerability Name:

    CVE-2005-0247 (CCN-19376)

    Assigned:2005-02-01
    Published:2005-02-01
    Updated:2005-02-16
    Summary:Multiple buffer overflows in gram.y for PostgreSQL 8.0.1 and earlier may allow attackers to execute arbitrary code via (1) a large number of variables in a SQL statement being handled by the read_sql_construct function, (2) a large number of INTO variables in a SELECT statement being handled by the make_select_stmt function, (3) a large number of arbitrary variables in a SELECT statement being handled by the make_select_stmt function, and (4) a large number of INTO variables in a FETCH statement being handled by the make_fetch_stmt function, a different set of vulnerabilities than CVE-2005-0245.
    CVSS v3 Severity:7.3 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)
    Exploitability Metrics:Attack Vector (AV): Network
    Attack Complexity (AC): Low
    Privileges Required (PR): None
    User Interaction (UI): None
    Scope:Scope (S): Unchanged
    Impact Metrics:Confidentiality (C): Low
    Integrity (I): Low
    Availibility (A): Low
    CVSS v2 Severity:6.5 Medium (CVSS v2 Vector: AV:N/AC:L/Au:S/C:P/I:P/A:P)
    Exploitability Metrics:Access Vector (AV): Network
    Access Complexity (AC): Low
    Authentication (Au): Single_Instance
    Impact Metrics:Confidentiality (C): Partial
    Integrity (I): Partial
    Availibility (A): Partial
    7.5 High (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P)
    Exploitability Metrics:Access Vector (AV): Network
    Access Complexity (AC): Low
    Athentication (Au): None
    Impact Metrics:Confidentiality (C): Partial
    Integrity (I): Partial
    Availibility (A): Partial
    Vulnerability Consequences:Gain Access
    References:Source: CCN
    Type: postgreSQL Mailing List, Mon, 7 Feb 2005 03:53:36 +0000 (GMT)
    pgsql: Prevent 4 more buffer overruns in the PL/PgSQL parser

    Source: MITRE
    Type: CNA
    CVE-2005-0247

    Source: CCN
    Type: Conectiva Linux Security Announcement CLSA-2005:1008
    Fix for several PostgreSQL vulnerabilities

    Source: CCN
    Type: RHSA-2005-138
    postgresql security update

    Source: CCN
    Type: RHSA-2005-141
    rh-postgresql security update

    Source: CCN
    Type: RHSA-2005-150
    postgresql security update

    Source: CCN
    Type: CIAC Information Bulletin: P-139
    PostgreSQL Vulnerabilities

    Source: DEBIAN
    Type: DSA-683
    postgresql -- buffer overflows

    Source: CCN
    Type: GLSA-200502-19
    PostgreSQL: Buffer overflows in PL/PgSQL parser

    Source: CCN
    Type: postgreSQL Web site
    postgreSQL

    Source: CCN
    Type: BID-12417
    PostgreSQL Multiple Remote Vulnerabilities

    Source: CCN
    Type: TLSA-2005-38
    Multiple vulnerabilities exist in Postgresql

    Source: CCN
    Type: USN-79-1
    PostgreSQL vulnerabilities

    Source: XF
    Type: UNKNOWN
    postgresql-makeselectstmt-input-bo(19376)

    Source: SUSE
    Type: SUSE-SA:2005:027
    PostgreSQL: buffer overflow problems

    Source: SUSE
    Type: SUSE-SA:2005:036
    sudo: race condition arbitrary code execution

    Source: SUSE
    Type: SUSE-SR:2005:005
    SUSE Security Summary Report

    Source: SUSE
    Type: SUSE-SR:2005:006
    SUSE Security Summary Report

    Source: SUSE
    Type: SUSE-SR:2005:007
    SUSE Security Summary Report

    Vulnerable Configuration:Configuration RedHat 1:
  • cpe:/o:redhat:enterprise_linux:*:*:*:*:*:*:*:*

    • Configuration CCN 1:
  • cpe:/a:postgresql:postgresql:7.2.1:*:*:*:*:*:*:*
  • OR cpe:/a:postgresql:postgresql:7.2.2:*:*:*:*:*:*:*
  • OR cpe:/a:postgresql:postgresql:7.2:*:*:*:*:*:*:*
  • OR cpe:/a:postgresql:postgresql:7.3:*:*:*:*:*:*:*
  • OR cpe:/a:postgresql:postgresql:7.4.3:*:*:*:*:*:*:*
  • OR cpe:/a:postgresql:postgresql:7.4:*:*:*:*:*:*:*
  • OR cpe:/a:postgresql:postgresql:7.2.3:*:*:*:*:*:*:*
  • OR cpe:/a:postgresql:postgresql:7.2.4:*:*:*:*:*:*:*
  • OR cpe:/a:postgresql:postgresql:7.3.1:*:*:*:*:*:*:*
  • OR cpe:/a:postgresql:postgresql:7.3.2:*:*:*:*:*:*:*
  • OR cpe:/a:postgresql:postgresql:7.3.3:*:*:*:*:*:*:*
  • OR cpe:/a:postgresql:postgresql:7.4.1:*:*:*:*:*:*:*
  • OR cpe:/a:postgresql:postgresql:7.4.2:*:*:*:*:*:*:*
  • OR cpe:/a:postgresql:postgresql:7.4.4:*:*:*:*:*:*:*
  • OR cpe:/a:postgresql:postgresql:7.4.5:*:*:*:*:*:*:*
  • OR cpe:/a:postgresql:postgresql:7.4.6:*:*:*:*:*:*:*
  • OR cpe:/a:postgresql:postgresql:7.4.7:*:*:*:*:*:*:*
  • OR cpe:/a:postgresql:postgresql:7.2.5:*:*:*:*:*:*:*
  • OR cpe:/a:postgresql:postgresql:7.2.6:*:*:*:*:*:*:*
  • OR cpe:/a:postgresql:postgresql:7.2.7:*:*:*:*:*:*:*
  • OR cpe:/a:postgresql:postgresql:8.0.0:*:*:*:*:*:*:*
  • OR cpe:/a:postgresql:postgresql:7.3.4:*:*:*:*:*:*:*
  • OR cpe:/a:postgresql:postgresql:7.3.5:*:*:*:*:*:*:*
  • OR cpe:/a:postgresql:postgresql:7.3.6:*:*:*:*:*:*:*
  • OR cpe:/a:postgresql:postgresql:7.3.7:*:*:*:*:*:*:*
  • OR cpe:/a:postgresql:postgresql:7.3.8:*:*:*:*:*:*:*
  • OR cpe:/a:postgresql:postgresql:7.3.9:*:*:*:*:*:*:*
  • OR cpe:/a:postgresql:postgresql:8.0.1:*:*:*:*:*:*:*
  • AND
  • cpe:/o:debian:debian_linux:3.0:*:*:*:*:*:*:*
  • OR cpe:/o:gentoo:linux:*:*:*:*:*:*:*:*
  • OR cpe:/o:suse:linux_enterprise_server:8:*:*:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:2.1:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:2.1:*:as:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:2.1:*:es:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:2.1:*:ws:*:*:*:*:*
  • OR cpe:/o:suse:suse_linux:8.2:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:2.1:*:aw:*:*:*:*:*
  • OR cpe:/o:suse:suse_linux:9.0:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:3::ws:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:3::es:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:3::as:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:10.0:*:*:*:*:*:*:*
  • OR cpe:/o:suse:suse_linux:9.1:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:3::desktop:*:*:*:*:*
  • OR cpe:/o:conectiva:linux:10:*:*:*:*:*:*:*
  • OR cpe:/o:suse:suse_linux:9.2:*:*:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:10.1:*:*:*:*:*:*:*
  • OR cpe:/o:suse:suse_linux:1.0:*:desktop:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:3.0:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:4::as:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:4::desktop:*:*:*:*:*
  • OR cpe:/o:novell:linux_desktop:9:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:4::es:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:4::ws:*:*:*:*:*
  • OR cpe:/o:redhat:linux_advanced_workstation:2.1:*:itanium:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:10.1:*:x86-64:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:3.0:*:x86_64:*:*:*:*:*
  • OR cpe:/o:turbolinux:turbolinux:*:*:home:*:*:*:*:*
  • OR cpe:/o:turbolinux:turbolinux_appliance:1.0:*:hosting:*:server:*:*:*
  • OR cpe:/o:turbolinux:turbolinux_appliance:1.0:*:workgroup:*:server:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:10.0:*:amd64:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:2.1:*:x86_64:*:*:*:*:*
  • OR cpe:/o:suse:suse_linux:9.3:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    Vulnerability Name:

    CVE-2005-0247 (CCN-19377)

    Assigned:2005-02-01
    Published:2005-02-01
    Updated:2005-02-16
    Summary:Multiple buffer overflows in gram.y for PostgreSQL 8.0.1 and earlier may allow attackers to execute arbitrary code via (1) a large number of variables in a SQL statement being handled by the read_sql_construct function, (2) a large number of INTO variables in a SELECT statement being handled by the make_select_stmt function, (3) a large number of arbitrary variables in a SELECT statement being handled by the make_select_stmt function, and (4) a large number of INTO variables in a FETCH statement being handled by the make_fetch_stmt function, a different set of vulnerabilities than CVE-2005-0245.
    CVSS v3 Severity:7.3 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)
    Exploitability Metrics:Attack Vector (AV): Network
    Attack Complexity (AC): Low
    Privileges Required (PR): None
    User Interaction (UI): None
    Scope:Scope (S): Unchanged
    Impact Metrics:Confidentiality (C): Low
    Integrity (I): Low
    Availibility (A): Low
    CVSS v2 Severity:6.5 Medium (CVSS v2 Vector: AV:N/AC:L/Au:S/C:P/I:P/A:P)
    Exploitability Metrics:Access Vector (AV): Network
    Access Complexity (AC): Low
    Authentication (Au): Single_Instance
    Impact Metrics:Confidentiality (C): Partial
    Integrity (I): Partial
    Availibility (A): Partial
    7.5 High (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P)
    Exploitability Metrics:Access Vector (AV): Network
    Access Complexity (AC): Low
    Athentication (Au): None
    Impact Metrics:Confidentiality (C): Partial
    Integrity (I): Partial
    Availibility (A): Partial
    Vulnerability Consequences:Gain Access
    References:Source: CCN
    Type: postgreSQL Mailing List, Mon, 7 Feb 2005 03:53:36 +0000 (GMT)
    pgsql: Prevent 4 more buffer overruns in the PL/PgSQL parser

    Source: MITRE
    Type: CNA
    CVE-2005-0247

    Source: CCN
    Type: Conectiva Linux Security Announcement CLSA-2005:1008
    Fix for several PostgreSQL vulnerabilities

    Source: CCN
    Type: RHSA-2005-138
    postgresql security update

    Source: CCN
    Type: RHSA-2005-141
    rh-postgresql security update

    Source: CCN
    Type: RHSA-2005-150
    postgresql security update

    Source: CCN
    Type: CIAC Information Bulletin: P-139
    PostgreSQL Vulnerabilities

    Source: DEBIAN
    Type: DSA-683
    postgresql -- buffer overflows

    Source: CCN
    Type: GLSA-200502-19
    PostgreSQL: Buffer overflows in PL/PgSQL parser

    Source: CCN
    Type: postgreSQL Web site
    postgreSQL

    Source: CCN
    Type: BID-12417
    PostgreSQL Multiple Remote Vulnerabilities

    Source: CCN
    Type: TLSA-2005-38
    Multiple vulnerabilities exist in Postgresql

    Source: CCN
    Type: USN-79-1
    PostgreSQL vulnerabilities

    Source: XF
    Type: UNKNOWN
    postgresql-makeselectstmt-arbitrary-bo(19377)

    Source: SUSE
    Type: SUSE-SA:2005:027
    PostgreSQL: buffer overflow problems

    Source: SUSE
    Type: SUSE-SA:2005:036
    sudo: race condition arbitrary code execution

    Source: SUSE
    Type: SUSE-SR:2005:005
    SUSE Security Summary Report

    Source: SUSE
    Type: SUSE-SR:2005:006
    SUSE Security Summary Report

    Source: SUSE
    Type: SUSE-SR:2005:007
    SUSE Security Summary Report

    Vulnerable Configuration:Configuration RedHat 1:
  • cpe:/o:redhat:enterprise_linux:*:*:*:*:*:*:*:*

    • Configuration CCN 1:
  • cpe:/a:postgresql:postgresql:7.2.1:*:*:*:*:*:*:*
  • OR cpe:/a:postgresql:postgresql:7.2.2:*:*:*:*:*:*:*
  • OR cpe:/a:postgresql:postgresql:7.2:*:*:*:*:*:*:*
  • OR cpe:/a:postgresql:postgresql:7.3:*:*:*:*:*:*:*
  • OR cpe:/a:postgresql:postgresql:7.4.3:*:*:*:*:*:*:*
  • OR cpe:/a:postgresql:postgresql:7.4:*:*:*:*:*:*:*
  • OR cpe:/a:postgresql:postgresql:7.2.3:*:*:*:*:*:*:*
  • OR cpe:/a:postgresql:postgresql:7.2.4:*:*:*:*:*:*:*
  • OR cpe:/a:postgresql:postgresql:7.3.1:*:*:*:*:*:*:*
  • OR cpe:/a:postgresql:postgresql:7.3.2:*:*:*:*:*:*:*
  • OR cpe:/a:postgresql:postgresql:7.3.3:*:*:*:*:*:*:*
  • OR cpe:/a:postgresql:postgresql:7.4.1:*:*:*:*:*:*:*
  • OR cpe:/a:postgresql:postgresql:7.4.2:*:*:*:*:*:*:*
  • OR cpe:/a:postgresql:postgresql:7.4.4:*:*:*:*:*:*:*
  • OR cpe:/a:postgresql:postgresql:7.4.5:*:*:*:*:*:*:*
  • OR cpe:/a:postgresql:postgresql:7.4.6:*:*:*:*:*:*:*
  • OR cpe:/a:postgresql:postgresql:7.4.7:*:*:*:*:*:*:*
  • OR cpe:/a:postgresql:postgresql:7.2.5:*:*:*:*:*:*:*
  • OR cpe:/a:postgresql:postgresql:7.2.6:*:*:*:*:*:*:*
  • OR cpe:/a:postgresql:postgresql:7.2.7:*:*:*:*:*:*:*
  • OR cpe:/a:postgresql:postgresql:8.0.0:*:*:*:*:*:*:*
  • OR cpe:/a:postgresql:postgresql:7.3.4:*:*:*:*:*:*:*
  • OR cpe:/a:postgresql:postgresql:7.3.5:*:*:*:*:*:*:*
  • OR cpe:/a:postgresql:postgresql:7.3.6:*:*:*:*:*:*:*
  • OR cpe:/a:postgresql:postgresql:7.3.7:*:*:*:*:*:*:*
  • OR cpe:/a:postgresql:postgresql:7.3.8:*:*:*:*:*:*:*
  • OR cpe:/a:postgresql:postgresql:7.3.9:*:*:*:*:*:*:*
  • OR cpe:/a:postgresql:postgresql:8.0.1:*:*:*:*:*:*:*
  • AND
  • cpe:/o:debian:debian_linux:3.0:*:*:*:*:*:*:*
  • OR cpe:/o:gentoo:linux:*:*:*:*:*:*:*:*
  • OR cpe:/o:suse:linux_enterprise_server:8:*:*:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:2.1:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:2.1:*:as:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:2.1:*:es:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:2.1:*:ws:*:*:*:*:*
  • OR cpe:/o:suse:suse_linux:8.2:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:2.1:*:aw:*:*:*:*:*
  • OR cpe:/o:suse:suse_linux:9.0:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:3::ws:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:3::es:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:3::as:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:10.0:*:*:*:*:*:*:*
  • OR cpe:/o:suse:suse_linux:9.1:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:3::desktop:*:*:*:*:*
  • OR cpe:/o:conectiva:linux:10:*:*:*:*:*:*:*
  • OR cpe:/o:microsoft:windows_2000:*:sp4:*:*:advanced_server:*:*:*
  • OR cpe:/o:suse:suse_linux:9.2:*:*:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:10.1:*:*:*:*:*:*:*
  • OR cpe:/o:suse:suse_linux:1.0:*:desktop:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:3.0:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:4::as:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:4::desktop:*:*:*:*:*
  • OR cpe:/o:novell:linux_desktop:9:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:4::es:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:4::ws:*:*:*:*:*
  • OR cpe:/o:redhat:linux_advanced_workstation:2.1:*:itanium:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:10.1:*:x86-64:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:3.0:*:x86_64:*:*:*:*:*
  • OR cpe:/o:turbolinux:turbolinux:*:*:home:*:*:*:*:*
  • OR cpe:/o:turbolinux:turbolinux_appliance:1.0:*:hosting:*:server:*:*:*
  • OR cpe:/o:turbolinux:turbolinux_appliance:1.0:*:workgroup:*:server:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:10.0:*:amd64:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:2.1:*:x86_64:*:*:*:*:*
  • OR cpe:/o:suse:suse_linux:9.3:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    Vulnerability Name:

    CVE-2005-0247 (CCN-19378)

    Assigned:2005-02-01
    Published:2005-02-01
    Updated:2017-10-11
    Summary:Multiple buffer overflows in gram.y for PostgreSQL 8.0.1 and earlier may allow attackers to execute arbitrary code via (1) a large number of variables in a SQL statement being handled by the read_sql_construct function, (2) a large number of INTO variables in a SELECT statement being handled by the make_select_stmt function, (3) a large number of arbitrary variables in a SELECT statement being handled by the make_select_stmt function, and (4) a large number of INTO variables in a FETCH statement being handled by the make_fetch_stmt function, a different set of vulnerabilities than CVE-2005-0245.
    CVSS v3 Severity:7.3 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)
    Exploitability Metrics:Attack Vector (AV): Network
    Attack Complexity (AC): Low
    Privileges Required (PR): None
    User Interaction (UI): None
    Scope:Scope (S): Unchanged
    Impact Metrics:Confidentiality (C): Low
    Integrity (I): Low
    Availibility (A): Low
    CVSS v2 Severity:6.5 Medium (CVSS v2 Vector: AV:N/AC:L/Au:S/C:P/I:P/A:P)
    Exploitability Metrics:Access Vector (AV): Network
    Access Complexity (AC): Low
    Authentication (Au): Single_Instance
    Impact Metrics:Confidentiality (C): Partial
    Integrity (I): Partial
    Availibility (A): Partial
    7.5 High (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P)
    Exploitability Metrics:Access Vector (AV): Network
    Access Complexity (AC): Low
    Athentication (Au): None
    Impact Metrics:Confidentiality (C): Partial
    Integrity (I): Partial
    Availibility (A): Partial
    Vulnerability Type:CWE-119
    Vulnerability Consequences:Gain Access
    References:Source: CCN
    Type: postgreSQL Mailing List, Mon, 7 Feb 2005 03:53:36 +0000 (GMT)
    pgsql: Prevent 4 more buffer overruns in the PL/PgSQL parser

    Source: MITRE
    Type: CNA
    CVE-2005-0247

    Source: CCN
    Type: Conectiva Linux Security Announcement CLSA-2005:1008
    Fix for several PostgreSQL vulnerabilities

    Source: CCN
    Type: RHSA-2005-138
    postgresql security update

    Source: CCN
    Type: RHSA-2005-141
    rh-postgresql security update

    Source: CCN
    Type: RHSA-2005-150
    postgresql security update

    Source: CCN
    Type: CIAC Information Bulletin: P-139
    PostgreSQL Vulnerabilities

    Source: DEBIAN
    Type: DSA-683
    postgresql -- buffer overflows

    Source: CCN
    Type: GLSA-200502-19
    PostgreSQL: Buffer overflows in PL/PgSQL parser

    Source: CCN
    Type: postgreSQL Web site
    postgreSQL

    Source: CCN
    Type: BID-12417
    PostgreSQL Multiple Remote Vulnerabilities

    Source: CCN
    Type: TLSA-2005-38
    Multiple vulnerabilities exist in Postgresql

    Source: CCN
    Type: USN-79-1
    PostgreSQL vulnerabilities

    Source: XF
    Type: UNKNOWN
    postgresql-fetch-makefetchstmt-bo(19378)

    Source: SUSE
    Type: SUSE-SA:2005:027
    PostgreSQL: buffer overflow problems

    Source: SUSE
    Type: SUSE-SA:2005:036
    sudo: race condition arbitrary code execution

    Source: SUSE
    Type: SUSE-SR:2005:005
    SUSE Security Summary Report

    Source: SUSE
    Type: SUSE-SR:2005:006
    SUSE Security Summary Report

    Source: SUSE
    Type: SUSE-SR:2005:007
    SUSE Security Summary Report

    Vulnerable Configuration:Configuration RedHat 1:
  • cpe:/o:redhat:enterprise_linux:*:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:org.opensuse.security:def:20050247
    V
    		CVE-2005-0247
    2015-11-16
    oval:org.mitre.oval:def:9345
    V
    		Buffer overflow in gram.y for PostgreSQL 8.0.0 and earlier may allow attackers to execute arbitrary code via a large number of arguments to a refcursor function (gram.y), which leads to a heap-based buffer overflow, a different vulnerability than CVE-2005-0247.
    2013-04-29
    oval:com.redhat.rhsa:def:20050138
    P
    		RHSA-2005:138: postgresql security update (Important)
    2005-02-15
    oval:org.debian:def:683
    V
    		buffer overflows
    2005-02-15
    oval:com.redhat.rhsa:def:20050141
    P
    		RHSA-2005:141: rh-postgresql security update (Important)
    2005-02-14
    BACK
    postgresql postgresql 7.2
    postgresql postgresql 7.2.1
    postgresql postgresql 7.2.2
    postgresql postgresql 7.2.3
    postgresql postgresql 7.2.4
    postgresql postgresql 7.2.5
    postgresql postgresql 7.2.6
    postgresql postgresql 7.2.7
    postgresql postgresql 7.3
    postgresql postgresql 7.3.1
    postgresql postgresql 7.3.2
    postgresql postgresql 7.3.3
    postgresql postgresql 7.3.4
    postgresql postgresql 7.3.5
    postgresql postgresql 7.3.6
    postgresql postgresql 7.3.7
    postgresql postgresql 7.3.8
    postgresql postgresql 7.3.9
    postgresql postgresql 7.4
    postgresql postgresql 7.4.1
    postgresql postgresql 7.4.2
    postgresql postgresql 7.4.3
    postgresql postgresql 7.4.4
    postgresql postgresql 7.4.5
    postgresql postgresql 7.4.6
    postgresql postgresql 7.4.7
    postgresql postgresql 8.0.0
    postgresql postgresql 8.0.1
    postgresql postgresql 7.2.1
    postgresql postgresql 7.2.2
    postgresql postgresql 7.2
    postgresql postgresql 7.3
    postgresql postgresql 7.4.3
    postgresql postgresql 7.4
    postgresql postgresql 7.2.3
    postgresql postgresql 7.2.4
    postgresql postgresql 7.3.1
    postgresql postgresql 7.3.2
    postgresql postgresql 7.3.3
    postgresql postgresql 7.4.1
    postgresql postgresql 7.4.2
    postgresql postgresql 7.4.4
    postgresql postgresql 7.4.5
    postgresql postgresql 7.4.6
    postgresql postgresql 7.4.7
    postgresql postgresql 7.2.5
    postgresql postgresql 7.2.6
    postgresql postgresql 7.2.7
    postgresql postgresql 8.0.0
    postgresql postgresql 7.3.4
    postgresql postgresql 7.3.5
    postgresql postgresql 7.3.6
    postgresql postgresql 7.3.7
    postgresql postgresql 7.3.8
    postgresql postgresql 7.3.9
    postgresql postgresql 8.0.1
    debian debian linux 3.0
    gentoo linux *
    suse linux enterprise server 8
    mandrakesoft mandrake linux corporate server 2.1
    redhat enterprise linux 2.1
    redhat enterprise linux 2.1
    redhat enterprise linux 2.1
    suse suse linux 8.2
    redhat enterprise linux 2.1
    suse suse linux 9.0
    redhat enterprise linux 3
    redhat enterprise linux 3
    redhat enterprise linux 3
    mandrakesoft mandrake linux 10.0
    suse suse linux 9.1
    redhat enterprise linux 3
    conectiva linux 10
    suse suse linux 9.2
    mandrakesoft mandrake linux 10.1
    suse suse linux 1.0
    mandrakesoft mandrake linux corporate server 3.0
    redhat enterprise linux 4
    redhat enterprise linux 4
    novell linux desktop 9
    redhat enterprise linux 4
    redhat enterprise linux 4
    redhat linux advanced workstation 2.1
    mandrakesoft mandrake linux 10.1
    mandrakesoft mandrake linux corporate server 3.0
    turbolinux turbolinux home *
    turbolinux turbolinux appliance server 1.0_hosting_edition
    turbolinux turbolinux appliance server 1.0_workgroup_edition
    mandrakesoft mandrake linux 10.0
    mandrakesoft mandrake linux corporate server 2.1
    suse suse linux 9.3
    postgresql postgresql 7.2.1
    postgresql postgresql 7.2.2
    postgresql postgresql 7.2
    postgresql postgresql 7.3
    postgresql postgresql 7.4.3
    postgresql postgresql 7.4
    postgresql postgresql 7.2.3
    postgresql postgresql 7.2.4
    postgresql postgresql 7.3.1
    postgresql postgresql 7.3.2
    postgresql postgresql 7.3.3
    postgresql postgresql 7.4.1
    postgresql postgresql 7.4.2
    postgresql postgresql 7.4.4
    postgresql postgresql 7.4.5
    postgresql postgresql 7.4.6
    postgresql postgresql 7.4.7
    postgresql postgresql 7.2.5
    postgresql postgresql 7.2.6
    postgresql postgresql 7.2.7
    postgresql postgresql 8.0.0
    postgresql postgresql 7.3.4
    postgresql postgresql 7.3.5
    postgresql postgresql 7.3.6
    postgresql postgresql 7.3.7
    postgresql postgresql 7.3.8
    postgresql postgresql 7.3.9
    postgresql postgresql 8.0.1
    debian debian linux 3.0
    gentoo linux *
    suse linux enterprise server 8
    mandrakesoft mandrake linux corporate server 2.1
    redhat enterprise linux 2.1
    redhat enterprise linux 2.1
    redhat enterprise linux 2.1
    suse suse linux 8.2
    redhat enterprise linux 2.1
    suse suse linux 9.0
    redhat enterprise linux 3
    redhat enterprise linux 3
    redhat enterprise linux 3
    mandrakesoft mandrake linux 10.0
    suse suse linux 9.1
    redhat enterprise linux 3
    conectiva linux 10
    suse suse linux 9.2
    mandrakesoft mandrake linux 10.1
    suse suse linux 1.0
    mandrakesoft mandrake linux corporate server 3.0
    redhat enterprise linux 4
    redhat enterprise linux 4
    novell linux desktop 9
    redhat enterprise linux 4
    redhat enterprise linux 4
    redhat linux advanced workstation 2.1
    mandrakesoft mandrake linux 10.1
    mandrakesoft mandrake linux corporate server 3.0
    turbolinux turbolinux home *
    turbolinux turbolinux appliance server 1.0_hosting_edition
    turbolinux turbolinux appliance server 1.0_workgroup_edition
    mandrakesoft mandrake linux 10.0
    mandrakesoft mandrake linux corporate server 2.1
    suse suse linux 9.3
    postgresql postgresql 7.2.1
    postgresql postgresql 7.2.2
    postgresql postgresql 7.2
    postgresql postgresql 7.3
    postgresql postgresql 7.4.3
    postgresql postgresql 7.4
    postgresql postgresql 7.2.3
    postgresql postgresql 7.2.4
    postgresql postgresql 7.3.1
    postgresql postgresql 7.3.2
    postgresql postgresql 7.3.3
    postgresql postgresql 7.4.1
    postgresql postgresql 7.4.2
    postgresql postgresql 7.4.4
    postgresql postgresql 7.4.5
    postgresql postgresql 7.4.6
    postgresql postgresql 7.4.7
    postgresql postgresql 7.2.5
    postgresql postgresql 7.2.6
    postgresql postgresql 7.2.7
    postgresql postgresql 8.0.0
    postgresql postgresql 7.3.4
    postgresql postgresql 7.3.5
    postgresql postgresql 7.3.6
    postgresql postgresql 7.3.7
    postgresql postgresql 7.3.8
    postgresql postgresql 7.3.9
    postgresql postgresql 8.0.1
    debian debian linux 3.0
    gentoo linux *
    suse linux enterprise server 8
    mandrakesoft mandrake linux corporate server 2.1
    redhat enterprise linux 2.1
    redhat enterprise linux 2.1
    redhat enterprise linux 2.1
    suse suse linux 8.2
    redhat enterprise linux 2.1
    suse suse linux 9.0
    redhat enterprise linux 3
    redhat enterprise linux 3
    redhat enterprise linux 3
    mandrakesoft mandrake linux 10.0
    suse suse linux 9.1
    redhat enterprise linux 3
    conectiva linux 10
    microsoft windows 2000 * sp4
    suse suse linux 9.2
    mandrakesoft mandrake linux 10.1
    suse suse linux 1.0
    mandrakesoft mandrake linux corporate server 3.0
    redhat enterprise linux 4
    redhat enterprise linux 4
    novell linux desktop 9
    redhat enterprise linux 4
    redhat enterprise linux 4
    redhat linux advanced workstation 2.1
    mandrakesoft mandrake linux 10.1
    mandrakesoft mandrake linux corporate server 3.0
    turbolinux turbolinux home *
    turbolinux turbolinux appliance server 1.0_hosting_edition
    turbolinux turbolinux appliance server 1.0_workgroup_edition
    mandrakesoft mandrake linux 10.0
    mandrakesoft mandrake linux corporate server 2.1
    suse suse linux 9.3