Red Hat Bugzilla – Bug 522092
CVE-2009-3229 postgresql: authenticated user server DoS via plugin re-LOAD-ing
Last modified: 2010-03-29 06:02:51 EDT
Quoting upstream PostgreSQL security page:
Authenticated non-superusers can shut down the backend server by
re-LOAD-ing libraries in $libdir/plugins, if any libraries are present
Affected versions: 8.4, 8.3, 8.2
Fixed in versions: 8.4.1, 8.3.8, 8.2.14
Severity: D - A vulnerability that is exploitable for denial-of-service, but requiring a valid prior login.
postgresql-8.3.8-1.fc11 has been submitted as an update for Fedora 11.
postgresql-8.3.8-1.fc10 has been submitted as an update for Fedora 10.
The Red Hat Security Response Team has rated this issue as having low security impact; a future update may address this flaw.
The LOAD support in PostgreSQL changed in version 8.2 where non-superuser users can use LOAD to load modules in the plugins subdirectory (prior to 8.2 this feature was only available to superusers). As a result, if a plugin causes a crash in pre-8.2 versions, it was not considered a security hole since only the database administrator could cause the crash, not just any user.
This also only causes a momentary denial of service during crash recovery. As well, Red Hat does not ship any plugins by default.
postgresql-8.3.8-1.fc11 has been pushed to the Fedora 11 stable repository. If problems still persist, please make note of it in this bug report.
postgresql-8.3.8-1.fc10 has been pushed to the Fedora 10 stable repository. If problems still persist, please make note of it in this bug report.
MITRE's CVE-2009-3229 record:
The core server component in PostgreSQL 8.4 before 8.4.1, 8.3 before
8.3.8, and 8.2 before 8.2.14 allows remote authenticated users to
cause a denial of service (backend shutdown) by "re-LOAD-ing"
libraries from a certain plugins directory.
This issue has been addressed in following products:
Red Hat Web Application Stack for RHEL 5
Via RHSA-2009:1461 https://rhn.redhat.com/errata/RHSA-2009-1461.html