SB2005050301 - Multiple vulnerabilities in PostgreSQL

Description

This security bulletin contains information about 2 secuirty vulnerabilities.

1) Input validation error (CVE-ID: CVE-2005-1409)

The vulnerability allows a remote non-authenticated attacker to read and manipulate data.

PostgreSQL 7.3.x through 8.0.x gives public EXECUTE access to certain character conversion functions, which allows unprivileged users to call those functions with malicious values, with unknown impact, aka the "Character conversion vulnerability."

2) Input validation error (CVE-ID: CVE-2005-1410)

The vulnerability allows a local user to perform service disruption.

The tsearch2 module in PostgreSQL 7.4 through 8.0.x declares the (1) dex_init, (2) snb_en_init, (3) snb_ru_init, (4) spell_init, and (5) syn_init functions as "internal" even when they do not take an internal argument, which allows attackers to cause a denial of service (application crash) and possibly have other impacts via SQL commands that call other functions that accept internal arguments.

Remediation

Install update from vendor's website.

References

• http://archives.postgresql.org/pgsql-announce/2005-05/msg00001.php
• http://www.novell.com/linux/security/advisories/2005_36_sudo.html
• http://www.postgresql.org/about/news.315
• http://www.redhat.com/support/errata/RHSA-2005-433.html
• http://www.securityfocus.com/archive/1/426302/30/6680/threaded
• http://www.securityfocus.com/bid/13476
• http://www.vupen.com/english/advisories/2005/0453
• https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10050
• https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A676
• http://www.securityfocus.com/bid/13475
• https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1086
• https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9343