Rapid7 Vulnerability & Exploit Database

RHSA-2003:001: Updated PostgreSQL packages fix security issues and bugs

Back to Search

RHSA-2003:001: Updated PostgreSQL packages fix security issues and bugs

Severity
8
CVSS
(AV:N/AC:L/Au:N/C:P/I:P/A:P)
Published
01/17/2003
Created
07/25/2018
Added
10/28/2005
Modified
07/04/2017

Description

Updated PostgreSQL packages are available for Red Hat Linux 7.3 and 8.0. These packages correct several security and other bugs. A separate advisory deals with updated PostgreSQL packages for Red Hat Linux 6.2, 7, 7.1, and 7.2.

PostgreSQL is an advanced Object-Relational database management system. Red Hat Linux 7.3 shipped with PostgreSQL version 7.2.1. Red Hat Linux 8.0 shipped with PostgreSQL version 7.2.2. PostgreSQL versions 7.2.1 and 7.2.2 contain a serious issue with the VACUUM command when it is run by a non-superuser. It is possible for the system to prematurely remove old transaction log data (pg_clog files), which can result in unrecoverable data loss. A number of minor security issues affect the PostgreSQL 7.2.1 packages shipped with Red Hat Linux 7.3 only: 1. Buffer overflows in PostgreSQL 7.2 allow attackers to cause a denial of service and possibly execute arbitrary code via long arguments to the lpad or rpad functions. CAN-2002-0972 2. Buffer overflow in the cash_words() function allows local users to cause a denial of service and possibly execute arbitrary code via a malformed argument. CAN-2002-1397 3. Buffer overflow in the date parser allows attackers to cause a denial of service and possibly execute arbitrary code via a long date string, also known as a vulnerability "in handling long datetime input." CAN-2002-1398 4. Heap-based buffer overflow in the repeat() function allows attackers to execute arbitrary code by causing repeat() to generate a large string. CAN-2002-1400 5. Buffer overflows in the TZ and SET TIME ZONE enivronment variables allow local users to cause a denial of service and possibly execute arbitrary code. CAN-2002-1402 Additionally, buffer overflows in circle_poly, path_encode and path_add allow attackers to cause a denial of service and possibly execute arbitrary code. Note that these overflows have been fixed in our erratum packages and in PostgreSQL CVS, but are not fixed in the released versions of PostgreSQL version 7.2.3. CAN-2002-1401 The above vulnerabilities are only critical on open or shared systems because connecting to the database is required before the vulnerabilities can be exploited. This update also contains fixes for several other PostgreSQL bugs, including handling of pre-1970 date values in newer versions of glibc, possible server shutdown hangs, spinlock hangs on SMP PPC machines, and pg_dump improperly dumping with the FULL JOIN USING clauses. All users of PostgreSQL should upgrade to these errata packages containing PostgreSQL 7.2.3 with additional patches to correct all these issues. Note that running initdb is not necessary when upgrading from 7.2.1 or 7.2.2 to the packages contained in this errata.

Solution(s)

  • redhat-upgrade-postgresql
  • redhat-upgrade-postgresql-contrib
  • redhat-upgrade-postgresql-devel
  • redhat-upgrade-postgresql-docs
  • redhat-upgrade-postgresql-jdbc
  • redhat-upgrade-postgresql-libs
  • redhat-upgrade-postgresql-odbc
  • redhat-upgrade-postgresql-perl
  • redhat-upgrade-postgresql-python
  • redhat-upgrade-postgresql-server
  • redhat-upgrade-postgresql-tcl
  • redhat-upgrade-postgresql-test
  • redhat-upgrade-postgresql-tk

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;