Vulnerability Name:

CVE-2006-2314 (CCN-26628)

Assigned:2005-05-23
Published:2005-05-23
Updated:2018-10-18
Summary:PostgreSQL 8.1.x before 8.1.4, 8.0.x before 8.0.8, 7.4.x before 7.4.13, 7.3.x before 7.3.15, and earlier versions allows context-dependent attackers to bypass SQL injection protection methods in applications that use multibyte encodings that allow the "\" (backslash) byte 0x5c to be the trailing byte of a multibyte character, such as SJIS, BIG5, GBK, GB18030, and UHC, which cannot be handled correctly by a client that does not understand multibyte encodings, aka a second variant of "Encoding-Based SQL Injection."
Note: it could be argued that this is a class of issue related to interaction errors between the client and PostgreSQL, but a CVE has been assigned since PostgreSQL is treating this as a preventative measure against this class of problem.
CVSS v3 Severity:7.3 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): Low
Integrity (I): Low
Availibility (A): Low
CVSS v2 Severity:7.5 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): Partial
Availibility (A): Partial
7.5 High (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Athentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): Partial
Availibility (A): Partial
Vulnerability Type:CWE-Other
Vulnerability Consequences:Data Manipulation
References:Source: SGI
Type: UNKNOWN
20060602-01-U

Source: CCN
Type: BugTraq Mailing List, Tue May 23 2006 - 12:47:42 CDT
PostgreSQL security releases 8.1.4, 8.0.8, 7.4.13, 7.3.15

Source: CCN
Type: Full-Disclosure Mailing List, Wed May 24 2006 - 16:05:56 CDT
rPSA-2006-0080-1 postgresql postgresql-server

Source: CCN
Type: pgsql-announce Mailing List, Tue, 23 May 2006 08:30:21 -0700
Security Releases for All Active Versions

Source: MLIST
Type: Patch
[pgsql-announce] 20060523 Security Releases for All Active Versions

Source: MITRE
Type: CNA
CVE-2006-2314

Source: MITRE
Type: CNA
CVE-2006-2824

Source: SUSE
Type: UNKNOWN
SUSE-SA:2006:030

Source: CCN
Type: RHSA-2006-0526
postgresql security update

Source: CCN
Type: SA20231
PostgreSQL Encoding-Based SQL Injection Vulnerability

Source: SECUNIA
Type: UNKNOWN
20231

Source: SECUNIA
Type: UNKNOWN
20232

Source: CCN
Type: SA20303
MailManager PostgreSQL Encoding-Based SQL Injection

Source: SECUNIA
Type: UNKNOWN
20314

Source: SECUNIA
Type: UNKNOWN
20435

Source: SECUNIA
Type: UNKNOWN
20451

Source: SECUNIA
Type: UNKNOWN
20503

Source: SECUNIA
Type: UNKNOWN
20555

Source: CCN
Type: SA20653
Avaya Products PostgreSQL Multiple Vulnerabilities

Source: SECUNIA
Type: UNKNOWN
20653

Source: SECUNIA
Type: UNKNOWN
20782

Source: SECUNIA
Type: UNKNOWN
21001

Source: SECUNIA
Type: UNKNOWN
21749

Source: GENTOO
Type: UNKNOWN
GLSA-200607-04

Source: CCN
Type: SECTRACK ID: 1016142
PostgreSQL Encoding Processes May Let Remote Users Inject SQL Commands

Source: SECTRACK
Type: UNKNOWN
1016142

Source: CONFIRM
Type: UNKNOWN
http://support.avaya.com/elmodocs2/security/ASA-2006-113.htm

Source: CCN
Type: ASA-2006-113
postgresql security update (RHSA-2006-0526)

Source: DEBIAN
Type: UNKNOWN
DSA-1087

Source: DEBIAN
Type: DSA-1087
postgresql -- programming error

Source: CCN
Type: GLSA-200607-04
PostgreSQL: SQL injection

Source: CCN
Type: MailManager Web site
Logicalware Products: MailManager

Source: MANDRIVA
Type: UNKNOWN
MDKSA-2006:098

Source: SUSE
Type: UNKNOWN
SUSE-SR:2006:021

Source: OSVDB
Type: UNKNOWN
25731

Source: CCN
Type: OSVDB ID: 25731
PostgreSQL Single Quote Escaping Filter Bypass

Source: CCN
Type: PostgreSQL Web site
Technical Information on Encoding-Based SQL Injection Exploit

Source: CONFIRM
Type: UNKNOWN
http://www.postgresql.org/docs/techdocs.50

Source: REDHAT
Type: UNKNOWN
RHSA-2006:0526

Source: BUGTRAQ
Type: UNKNOWN
20060523 PostgreSQL security releases 8.1.4, 8.0.8, 7.4.13, 7.3.15

Source: BUGTRAQ
Type: UNKNOWN
20060524 rPSA-2006-0080-1 postgresql postgresql-server

Source: BID
Type: UNKNOWN
18092

Source: CCN
Type: BID-18092
PostgreSQL Multibyte Character Encoding SQL Injection Vulnerabilities

Source: TRUSTIX
Type: UNKNOWN
2006-0032

Source: CCN
Type: TLSA-2006-10
SQL injection

Source: CCN
Type: USN-288-1
PostgreSQL server/client vulnerabilities

Source: CCN
Type: USN-288-2
PostgreSQL server/client vulnerabilities

Source: UBUNTU
Type: UNKNOWN
USN-288-2

Source: CCN
Type: USN-288-3
PostgreSQL client vulnerabilities

Source: UBUNTU
Type: UNKNOWN
USN-288-3

Source: CCN
Type: USN-288-4
dovecot regression fix

Source: VUPEN
Type: UNKNOWN
ADV-2006-1941

Source: XF
Type: UNKNOWN
postgresql-multibyte-sql-injection(26627)

Source: XF
Type: UNKNOWN
postgresql-ascii-sql-injection(26628)

Source: XF
Type: UNKNOWN
postgresql-ascii-sql-injection(26628)

Source: OVAL
Type: UNKNOWN
oval:org.mitre.oval:def:9947

Source: UBUNTU
Type: UNKNOWN
USN-288-1

Source: SUSE
Type: SUSE-SA:2006:030
PostgreSQL SQL injection attacks

Source: SUSE
Type: SUSE-SR:2006:021
SUSE Security Summary Report

Vulnerable Configuration:Configuration 1:
  • cpe:/a:postgresql:postgresql:7.3:*:*:*:*:*:*:*
  • OR cpe:/a:postgresql:postgresql:7.3.1:*:*:*:*:*:*:*
  • OR cpe:/a:postgresql:postgresql:7.3.2:*:*:*:*:*:*:*
  • OR cpe:/a:postgresql:postgresql:7.3.3:*:*:*:*:*:*:*
  • OR cpe:/a:postgresql:postgresql:7.3.4:*:*:*:*:*:*:*
  • OR cpe:/a:postgresql:postgresql:7.3.5:*:*:*:*:*:*:*
  • OR cpe:/a:postgresql:postgresql:7.3.6:*:*:*:*:*:*:*
  • OR cpe:/a:postgresql:postgresql:7.3.7:*:*:*:*:*:*:*
  • OR cpe:/a:postgresql:postgresql:7.3.8:*:*:*:*:*:*:*
  • OR cpe:/a:postgresql:postgresql:7.3.9:*:*:*:*:*:*:*
  • OR cpe:/a:postgresql:postgresql:7.3.10:*:*:*:*:*:*:*
  • OR cpe:/a:postgresql:postgresql:7.3.11:*:*:*:*:*:*:*
  • OR cpe:/a:postgresql:postgresql:7.3.12:*:*:*:*:*:*:*
  • OR cpe:/a:postgresql:postgresql:7.3.13:*:*:*:*:*:*:*
  • OR cpe:/a:postgresql:postgresql:7.3.14:*:*:*:*:*:*:*
  • OR cpe:/a:postgresql:postgresql:7.4:*:*:*:*:*:*:*
  • OR cpe:/a:postgresql:postgresql:7.4.1:*:*:*:*:*:*:*
  • OR cpe:/a:postgresql:postgresql:7.4.2:*:*:*:*:*:*:*
  • OR cpe:/a:postgresql:postgresql:7.4.3:*:*:*:*:*:*:*
  • OR cpe:/a:postgresql:postgresql:7.4.4:*:*:*:*:*:*:*
  • OR cpe:/a:postgresql:postgresql:7.4.5:*:*:*:*:*:*:*
  • OR cpe:/a:postgresql:postgresql:7.4.6:*:*:*:*:*:*:*
  • OR cpe:/a:postgresql:postgresql:7.4.7:*:*:*:*:*:*:*
  • OR cpe:/a:postgresql:postgresql:7.4.8:*:*:*:*:*:*:*
  • OR cpe:/a:postgresql:postgresql:7.4.9:*:*:*:*:*:*:*
  • OR cpe:/a:postgresql:postgresql:7.4.10:*:*:*:*:*:*:*
  • OR cpe:/a:postgresql:postgresql:7.4.11:*:*:*:*:*:*:*
  • OR cpe:/a:postgresql:postgresql:7.4.12:*:*:*:*:*:*:*
  • OR cpe:/a:postgresql:postgresql:8.0:*:*:*:*:*:*:*
  • OR cpe:/a:postgresql:postgresql:8.0.1:*:*:*:*:*:*:*
  • OR cpe:/a:postgresql:postgresql:8.0.2:*:*:*:*:*:*:*
  • OR cpe:/a:postgresql:postgresql:8.0.3:*:*:*:*:*:*:*
  • OR cpe:/a:postgresql:postgresql:8.0.4:*:*:*:*:*:*:*
  • OR cpe:/a:postgresql:postgresql:8.0.5:*:*:*:*:*:*:*
  • OR cpe:/a:postgresql:postgresql:8.0.6:*:*:*:*:*:*:*
  • OR cpe:/a:postgresql:postgresql:8.0.7:*:*:*:*:*:*:*
  • OR cpe:/a:postgresql:postgresql:8.1:*:*:*:*:*:*:*
  • OR cpe:/a:postgresql:postgresql:8.1.1:*:*:*:*:*:*:*
  • OR cpe:/a:postgresql:postgresql:8.1.2:*:*:*:*:*:*:*
  • OR cpe:/a:postgresql:postgresql:8.1.3:*:*:*:*:*:*:*

    • Configuration RedHat 1:
  • cpe:/o:redhat:enterprise_linux:4:*:*:*:*:*:*:*

    • Configuration RedHat 2:
  • cpe:/o:redhat:enterprise_linux:4::as:*:*:*:*:*

    • Configuration RedHat 3:
  • cpe:/o:redhat:enterprise_linux:4::desktop:*:*:*:*:*

    • Configuration RedHat 4:
  • cpe:/o:redhat:enterprise_linux:4::es:*:*:*:*:*

    • Configuration RedHat 5:
  • cpe:/o:redhat:enterprise_linux:4::ws:*:*:*:*:*

    • Configuration CCN 1:
  • cpe:/a:postgresql:postgresql:7.3:*:*:*:*:*:*:*
  • OR cpe:/a:postgresql:postgresql:7.4.3:*:*:*:*:*:*:*
  • OR cpe:/a:postgresql:postgresql:8.0:*:*:*:*:*:*:*
  • OR cpe:/a:postgresql:postgresql:8.1:*:*:*:*:*:*:*
  • OR cpe:/a:postgresql:postgresql:7.4:*:*:*:*:*:*:*
  • OR cpe:/a:postgresql:postgresql:7.3.1:*:*:*:*:*:*:*
  • OR cpe:/a:postgresql:postgresql:7.3.2:*:*:*:*:*:*:*
  • OR cpe:/a:postgresql:postgresql:7.3.3:*:*:*:*:*:*:*
  • OR cpe:/a:postgresql:postgresql:7.4.1:*:*:*:*:*:*:*
  • OR cpe:/a:postgresql:postgresql:7.4.2:*:*:*:*:*:*:*
  • OR cpe:/a:postgresql:postgresql:7.4.4:*:*:*:*:*:*:*
  • OR cpe:/a:postgresql:postgresql:7.4.5:*:*:*:*:*:*:*
  • OR cpe:/a:postgresql:postgresql:7.4.6:*:*:*:*:*:*:*
  • OR cpe:/a:postgresql:postgresql:7.4.7:*:*:*:*:*:*:*
  • OR cpe:/a:postgresql:postgresql:7.3.4:*:*:*:*:*:*:*
  • OR cpe:/a:postgresql:postgresql:7.3.5:*:*:*:*:*:*:*
  • OR cpe:/a:postgresql:postgresql:7.3.6:*:*:*:*:*:*:*
  • OR cpe:/a:postgresql:postgresql:7.3.7:*:*:*:*:*:*:*
  • OR cpe:/a:postgresql:postgresql:7.3.8:*:*:*:*:*:*:*
  • OR cpe:/a:postgresql:postgresql:7.3.9:*:*:*:*:*:*:*
  • OR cpe:/a:postgresql:postgresql:8.0.1:*:*:*:*:*:*:*
  • OR cpe:/a:postgresql:postgresql:8.0.2:*:*:*:*:*:*:*
  • OR cpe:/a:postgresql:postgresql:8.0.5:*:*:*:*:*:*:*
  • OR cpe:/a:postgresql:postgresql:8.0.4:*:*:*:*:*:*:*
  • OR cpe:/a:postgresql:postgresql:8.0.3:*:*:*:*:*:*:*
  • OR cpe:/a:postgresql:postgresql:8.1.1:*:*:*:*:*:*:*
  • OR cpe:/a:postgresql:postgresql:8.1.2:*:*:*:*:*:*:*
  • OR cpe:/a:postgresql:postgresql:8.0.6:*:*:*:*:*:*:*
  • OR cpe:/a:postgresql:postgresql:7.4.11:*:*:*:*:*:*:*
  • OR cpe:/a:postgresql:postgresql:7.4.10:*:*:*:*:*:*:*
  • OR cpe:/a:postgresql:postgresql:7.4.9:*:*:*:*:*:*:*
  • OR cpe:/a:postgresql:postgresql:7.4.8:*:*:*:*:*:*:*
  • OR cpe:/a:postgresql:postgresql:7.3.13:*:*:*:*:*:*:*
  • OR cpe:/a:postgresql:postgresql:7.3.12:*:*:*:*:*:*:*
  • OR cpe:/a:postgresql:postgresql:7.3.11:*:*:*:*:*:*:*
  • OR cpe:/a:postgresql:postgresql:7.3.10:*:*:*:*:*:*:*
  • OR cpe:/a:postgresql:postgresql:8.1.3:*:*:*:*:*:*:*
  • OR cpe:/a:postgresql:postgresql:8.0.7:*:*:*:*:*:*:*
  • OR cpe:/a:postgresql:postgresql:7.3.14:*:*:*:*:*:*:*
  • OR cpe:/a:postgresql:postgresql:7.4.12:*:*:*:*:*:*:*
  • AND
  • cpe:/o:gentoo:linux:*:*:*:*:*:*:*:*
  • OR cpe:/o:suse:linux_enterprise_server:8:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:3::ws:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:3::es:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:3::as:*:*:*:*:*
  • OR cpe:/o:suse:suse_linux:9.1:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:3::desktop:*:*:*:*:*
  • OR cpe:/o:suse:suse_linux:9.2:*:*:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:3.0:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:4::as:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:4::desktop:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:4::es:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:4::ws:*:*:*:*:*
  • OR cpe:/o:debian:debian_linux:3.1:*:*:*:*:*:*:*
  • OR cpe:/o:suse:suse_linux:10.0::oss:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:2006:*:*:*:*:*:*:*
  • OR cpe:/o:canonical:ubuntu:6.06::lts:*:*:*:*:*
  • OR cpe:/o:suse:suse_linux:10.1::personal:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:2006::x86-64:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:3.0::x86_64:*:*:*:*:*
  • OR cpe:/o:turbolinux:turbolinux:*:*:personal:*:*:*:*:*
  • OR cpe:/o:turbolinux:turbolinux:*:*:home:*:*:*:*:*
  • OR cpe:/o:turbolinux:turbolinux:*:*:multimedia:*:*:*:*:*
  • OR cpe:/o:suse:suse_linux:9.3:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:org.mitre.oval:def:9947
    V
    		PostgreSQL 8.1.x before 8.1.4, 8.0.x before 8.0.8, 7.4.x before 7.4.13, 7.3.x before 7.3.15, and earlier versions allows context-dependent attackers to bypass SQL injection protection methods in applications that use multibyte encodings that allow the "\" (backslash) byte 0x5c to be the trailing byte of a multibyte character, such as SJIS, BIG5, GBK, GB18030, and UHC, which cannot be handled correctly by a client that does not understand multibyte encodings, aka a second variant of "Encoding-Based SQL Injection." NOTE: it could be argued that this is a class of issue related to interaction errors between the client and PostgreSQL, but a CVE has been assigned since PostgreSQL is treating this as a preventative measure against this class of problem.
    2013-04-29
    oval:org.opensuse.security:def:20062314
    V
    		CVE-2006-2314
    2012-08-30
    oval:org.debian:def:1087
    V
    		programming error
    2006-06-03
    oval:com.redhat.rhsa:def:20060526
    P
    		RHSA-2006:0526: postgresql security update (Important)
    2006-05-23
    BACK
    postgresql postgresql 7.3
    postgresql postgresql 7.3.1
    postgresql postgresql 7.3.2
    postgresql postgresql 7.3.3
    postgresql postgresql 7.3.4
    postgresql postgresql 7.3.5
    postgresql postgresql 7.3.6
    postgresql postgresql 7.3.7
    postgresql postgresql 7.3.8
    postgresql postgresql 7.3.9
    postgresql postgresql 7.3.10
    postgresql postgresql 7.3.11
    postgresql postgresql 7.3.12
    postgresql postgresql 7.3.13
    postgresql postgresql 7.3.14
    postgresql postgresql 7.4
    postgresql postgresql 7.4.1
    postgresql postgresql 7.4.2
    postgresql postgresql 7.4.3
    postgresql postgresql 7.4.4
    postgresql postgresql 7.4.5
    postgresql postgresql 7.4.6
    postgresql postgresql 7.4.7
    postgresql postgresql 7.4.8
    postgresql postgresql 7.4.9
    postgresql postgresql 7.4.10
    postgresql postgresql 7.4.11
    postgresql postgresql 7.4.12
    postgresql postgresql 8.0
    postgresql postgresql 8.0.1
    postgresql postgresql 8.0.2
    postgresql postgresql 8.0.3
    postgresql postgresql 8.0.4
    postgresql postgresql 8.0.5
    postgresql postgresql 8.0.6
    postgresql postgresql 8.0.7
    postgresql postgresql 8.1
    postgresql postgresql 8.1.1
    postgresql postgresql 8.1.2
    postgresql postgresql 8.1.3
    postgresql postgresql 7.3
    postgresql postgresql 7.4.3
    postgresql postgresql 8.0
    postgresql postgresql 8.1
    postgresql postgresql 7.4
    postgresql postgresql 7.3.1
    postgresql postgresql 7.3.2
    postgresql postgresql 7.3.3
    postgresql postgresql 7.4.1
    postgresql postgresql 7.4.2
    postgresql postgresql 7.4.4
    postgresql postgresql 7.4.5
    postgresql postgresql 7.4.6
    postgresql postgresql 7.4.7
    postgresql postgresql 7.3.4
    postgresql postgresql 7.3.5
    postgresql postgresql 7.3.6
    postgresql postgresql 7.3.7
    postgresql postgresql 7.3.8
    postgresql postgresql 7.3.9
    postgresql postgresql 8.0.1
    postgresql postgresql 8.0.2
    postgresql postgresql 8.0.5
    postgresql postgresql 8.0.4
    postgresql postgresql 8.0.3
    postgresql postgresql 8.1.1
    postgresql postgresql 8.1.2
    postgresql postgresql 8.0.6
    postgresql postgresql 7.4.11
    postgresql postgresql 7.4.10
    postgresql postgresql 7.4.9
    postgresql postgresql 7.4.8
    postgresql postgresql 7.3.13
    postgresql postgresql 7.3.12
    postgresql postgresql 7.3.11
    postgresql postgresql 7.3.10
    postgresql postgresql 8.1.3
    postgresql postgresql 8.0.7
    postgresql postgresql 7.3.14
    postgresql postgresql 7.4.12
    gentoo linux *
    suse linux enterprise server 8
    redhat enterprise linux 3
    redhat enterprise linux 3
    redhat enterprise linux 3
    suse suse linux 9.1
    redhat enterprise linux 3
    suse suse linux 9.2
    mandrakesoft mandrake linux corporate server 3.0
    redhat enterprise linux 4
    redhat enterprise linux 4
    redhat enterprise linux 4
    redhat enterprise linux 4
    debian debian linux 3.1
    suse suse linux 10.0
    mandrakesoft mandrake linux 2006
    canonical ubuntu 6.06
    suse suse linux 10.1
    mandrakesoft mandrake linux 2006
    mandrakesoft mandrake linux corporate server 3.0
    turbolinux turbolinux personal *
    turbolinux turbolinux home *
    turbolinux turbolinux multimedia *
    suse suse linux 9.3