Bug 522085 (CVE-2009-3230)
Summary: | CVE-2009-3230 postgresql: SQL privilege escalation, incomplete fix for CVE-2007-6600 | ||
---|---|---|---|
Product: | [Other] Security Response | Reporter: | Tomas Hoger <thoger> |
Component: | vulnerability | Assignee: | Red Hat Product Security <security-response-team> |
Status: | CLOSED ERRATA | QA Contact: | |
Severity: | medium | Docs Contact: | |
Priority: | medium | ||
Version: | unspecified | CC: | devrim, jlieskov, kaigai, kreilly, kseifried, kvolny, ldimaggi, pasteur, tgl, vdanen |
Target Milestone: | --- | Keywords: | Security |
Target Release: | --- | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | Bug Fix | |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2011-10-25 18:51:04 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: | |||
Bug Depends On: | 522222, 525282, 525283, 525284, 525285, 525322, 812238 | ||
Bug Blocks: |
Description
Tomas Hoger
2009-09-09 13:10:30 UTC
The above is incorrect --- the related prior CVE is CVE-2007-6600. CVE-2007-6600 was bug #427127 https://www.redhat.com/security/data/cve/CVE-2007-6600.html Is upstream already correcting this? (In reply to comment #2) > Is upstream already correcting this? http://archives.postgresql.org/pgsql-www/2009-09/msg00023.php I'm told it is fixed, just hasn't propagated yet. postgresql-8.3.8-1.fc11 has been submitted as an update for Fedora 11. http://admin.fedoraproject.org/updates/postgresql-8.3.8-1.fc11 postgresql-8.3.8-1.fc10 has been submitted as an update for Fedora 10. http://admin.fedoraproject.org/updates/postgresql-8.3.8-1.fc10 *** Bug 522822 has been marked as a duplicate of this bug. *** postgresql-8.3.8-1.fc11 has been pushed to the Fedora 11 stable repository. If problems still persist, please make note of it in this bug report. postgresql-8.3.8-1.fc10 has been pushed to the Fedora 10 stable repository. If problems still persist, please make note of it in this bug report. MITRE's CVE-2009-3230 record: ----------------------------- The core server component in PostgreSQL 8.4 before 8.4.1, 8.3 before 8.3.8, 8.2 before 8.2.14, 8.1 before 8.1.18, 8.0 before 8.0.22, and 7.4 before 7.4.26 does not use the appropriate privileges for the (1) RESET ROLE and (2) RESET SESSION AUTHORIZATION operations, which allows remote authenticated users to gain privileges. NOTE: this is due to an incomplete fix for CVE-2007-6600. References: ----------- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3230 http://archives.postgresql.org/pgsql-www/2009-09/msg00024.php http://www.postgresql.org/docs/8.3/static/release-8-3-8.html http://www.postgresql.org/support/security.html https://bugzilla.redhat.com/show_bug.cgi?id=522085 https://www.redhat.com/archives/fedora-package-announce/2009-September/msg00305.html https://www.redhat.com/archives/fedora-package-announce/2009-September/msg00307.html http://www.securityfocus.com/bid/36314 http://secunia.com/advisories/36660 http://secunia.com/advisories/36695 http://secunia.com/advisories/36727 http://www.vupen.com/english/advisories/2009/2602 This issue has been addressed in following products: Red Hat Web Application Stack for RHEL 5 Via RHSA-2009:1461 https://rhn.redhat.com/errata/RHSA-2009-1461.html This issue has been addressed in following products: Red Hat Enterprise Linux 4 Red Hat Enterprise Linux 5 Via RHSA-2009:1484 https://rhn.redhat.com/errata/RHSA-2009-1484.html This issue has been addressed in following products: Red Hat Enterprise Linux 3 Via RHSA-2009:1485 https://rhn.redhat.com/errata/RHSA-2009-1485.html This issue has been addressed in the following RHSAs: Red Hat Application Stack v2 for Enterprise Linux (v.5) RHSA-2009:1461 Red Hat Enterprise Linux version 4 (postgresql) RHSA-2009:1484 Red Hat Enterprise Linux version 5 (postgresql) RHSA-2009:1484 Red Hat Enterprise Linux version 3 (rh-postgresql) RHSA-2009:1485 |