(Conectiva Issues Fix) PostgreSQL Buffer Overflow in pg_to_ascii() May Let Remote Users Execute Arbitrary Code
|
|
SecurityTracker Alert ID: 1008186
|
|
CVE Reference: CAN-2003-0901
(Links to External Site)
|
Date: Nov 14 2003
|
Impact: Execution of arbitrary code via network, User access via network
|
Fix Available: Yes
Vendor Confirmed: Yes
|
Version(s): 7.2, 7.3
|
Description: Two buffer overflow vulnerabilities were reported in PostgreSQL. A remote user may be able to execute arbitrary code.
In July 2003, some buffer overflow vulnerabilities were reported in PostgreSQL in the pg_to_ascii() function in 'ascii.c'. A remote user may be able to connect to the database service and execute arbitrary code.
|
Impact: A remote user may be able to execute arbitrary code with the privileges of the postgresql service.
|
Solution: Conectiva has released a fix.
ftp://atualizacoes.conectiva.com.br/7.0/SRPMS/postgresql-7.1.3-1U70_4cl.src.rpm
ftp://atualizacoes.conectiva.com.br/7.0/RPMS/postgresql-7
.1.3-1U70_4cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/7.0/RPMS/postgresql-clients-7.1.3-1U70_4cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/7.0/RPMS/postgresql-c
lients-X11-7.1.3-1U70_4cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/7.0/RPMS/postgresql-contrib-7.1.3-1U70_4cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/7.0/RPMS/
postgresql-devel-7.1.3-1U70_4cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/7.0/RPMS/postgresql-devel-static-7.1.3-1U70_4cl.i386.rpm
ftp://atualizacoes.conectiva.com.b
r/7.0/RPMS/postgresql-doc-7.1.3-1U70_4cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/7.0/RPMS/postgresql-lib-7.1.3-1U70_4cl.i386.rpm
ftp://atualizacoes.conectiva.com.b
r/7.0/RPMS/postgresql-odbc-7.1.3-1U70_4cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/7.0/RPMS/postgresql-perl-7.1.3-1U70_4cl.i386.rpm
ftp://atualizacoes.conectiva.com
.br/7.0/RPMS/postgresql-python-7.1.3-1U70_4cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/7.0/RPMS/postgresql-tcl-7.1.3-1U70_4cl.i386.rpm
ftp://atualizacoes.conectiva.
com.br/7.0/RPMS/postgresql-test-7.1.3-1U70_4cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/8/SRPMS/postgresql-7.2.4-1U80_2cl.src.rpm
ftp://atualizacoes.conectiva.com.b
r/8/RPMS/postgresql-7.2.4-1U80_2cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/8/RPMS/postgresql-clients-7.2.4-1U80_2cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/8/
RPMS/postgresql-clients-X11-7.2.4-1U80_2cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/8/RPMS/postgresql-contrib-7.2.4-1U80_2cl.i386.rpm
ftp://atualizacoes.conectiva.c
om.br/8/RPMS/postgresql-devel-7.2.4-1U80_2cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/8/RPMS/postgresql-devel-static-7.2.4-1U80_2cl.i386.rpm
ftp://atualizacoes.cone
ctiva.com.br/8/RPMS/postgresql-doc-7.2.4-1U80_2cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/8/RPMS/postgresql-lib-7.2.4-1U80_2cl.i386.rpm
ftp://atualizacoes.conectiv
a.com.br/8/RPMS/postgresql-odbc-7.2.4-1U80_2cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/8/RPMS/postgresql-perl-7.2.4-1U80_2cl.i386.rpm
ftp://atualizacoes.conectiva.
com.br/8/RPMS/postgresql-python-7.2.4-1U80_2cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/8/RPMS/postgresql-tcl-7.2.4-1U80_2cl.i386.rpm
ftp://atualizacoes.conectiva.c
om.br/8/RPMS/postgresql-test-7.2.4-1U80_2cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/9/SRPMS/postgresql-7.3.2-27694U90_1cl.src.rpm
ftp://atualizacoes.conectiva.com.
br/9/RPMS/postgresql-7.3.2-27694U90_1cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/9/RPMS/postgresql-charset-addons-7.3.2-27694U90_1cl.i386.rpm
ftp://atualizacoes.con
ectiva.com.br/9/RPMS/postgresql-clients-7.3.2-27694U90_1cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/9/RPMS/postgresql-contrib-7.3.2-27694U90_1cl.i386.rpm
ftp://atua
lizacoes.conectiva.com.br/9/RPMS/postgresql-devel-7.3.2-27694U90_1cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/9/RPMS/postgresql-devel-static-7.3.2-27694U90_1cl.i386.
rpm
ftp://atualizacoes.conectiva.com.br/9/RPMS/postgresql-doc-7.3.2-27694U90_1cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/9/RPMS/postgresql-libecpg3.4-7.3.2-27694U9
0_1cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/9/RPMS/postgresql-libpq3-7.3.2-27694U90_1cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/9/RPMS/postgresql-perl-7.3.2
-27694U90_1cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/9/RPMS/postgresql-python-7.3.2-27694U90_1cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/9/RPMS/postgresql-tc
l-7.3.2-27694U90_1cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/9/RPMS/postgresql-test-7.3.2-27694U90_1cl.i386.rpm
|
Vendor URL: www.postgresql.org/ (Links to External Site)
|
Cause: Boundary error
|
Underlying OS: Linux (Conectiva)
|
Underlying OS Comments: 7.0, 8, 9
|
Reported By: Conectiva Updates <secure@conectiva.com.br>
|
Message History:
This archive entry is a follow-up to the message listed below.
|
Source Message Contents
|
Date: Thu, 13 Nov 2003 15:13:19 -0200
From: Conectiva Updates <secure@conectiva.com.br>
Subject: [conectiva-updates] [CLA-2003:784] Conectiva Security Announcement - postgresql
|
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
- --------------------------------------------------------------------------
CONECTIVA LINUX SECURITY ANNOUNCEMENT
- --------------------------------------------------------------------------
PACKAGE : postgresql
SUMMARY : Buffer overflow vulnerability
DATE : 2003-11-13 14:59:00
ID : CLA-2003:784
RELEVANT
RELEASES : 7.0, 8, 9
- -------------------------------------------------------------------------
DESCRIPTION
PostgreSQL[1] is a sophisticated relational database which supports
almost all SQL constructs, including subselects, transactions and
user-defined types and functions.
Guido Notari reported a buffer overflow vulnerability[2][3] in the
to_ascii() function that could possibly be used by attackers to
execute arbitrary code. This vulnerability was fixed by Tom Lane who,
later on, according to CVS changelogs[4], found another buffer
overflow problem in the same function which was also fixed.
SOLUTION
It is recommended that all PostgreSQL users upgrade their packages.
After the upgrade, it is necessary to manually restart the postgresql
service if it was already running. To do so, run the following
command as root:
/sbin/service postgresql restart
REFERENCES
1.http://www.postgresql.com/
2.http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0901
3.http://www.securityfocus.com/bid/8741
4.http://developer.postgresql.org/cvsweb.cgi/pgsql-server/src/backend/utils/adt/ascii.c
UPDATED PACKAGES
ftp://atualizacoes.conectiva.com.br/7.0/SRPMS/postgresql-7.1.3-1U70_4cl.src.rpm
ftp://atualizacoes.conectiva.com.br/7.0/RPMS/postgresql-7.1.3-1U70_4cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/7.0/RPMS/postgresql-clients-7.1.3-1U70_4cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/7.0/RPMS/postgresql-clients-X11-7.1.3-1U70_4cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/7.0/RPMS/postgresql-contrib-7.1.3-1U70_4cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/7.0/RPMS/postgresql-devel-7.1.3-1U70_4cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/7.0/RPMS/postgresql-devel-static-7.1.3-1U70_4cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/7.0/RPMS/postgresql-doc-7.1.3-1U70_4cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/7.0/RPMS/postgresql-lib-7.1.3-1U70_4cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/7.0/RPMS/postgresql-odbc-7.1.3-1U70_4cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/7.0/RPMS/postgresql-perl-7.1.3-1U70_4cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/7.0/RPMS/postgresql-python-7.1.3-1U70_4cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/7.0/RPMS/postgresql-tcl-7.1.3-1U70_4cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/7.0/RPMS/postgresql-test-7.1.3-1U70_4cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/8/SRPMS/postgresql-7.2.4-1U80_2cl.src.rpm
ftp://atualizacoes.conectiva.com.br/8/RPMS/postgresql-7.2.4-1U80_2cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/8/RPMS/postgresql-clients-7.2.4-1U80_2cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/8/RPMS/postgresql-clients-X11-7.2.4-1U80_2cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/8/RPMS/postgresql-contrib-7.2.4-1U80_2cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/8/RPMS/postgresql-devel-7.2.4-1U80_2cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/8/RPMS/postgresql-devel-static-7.2.4-1U80_2cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/8/RPMS/postgresql-doc-7.2.4-1U80_2cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/8/RPMS/postgresql-lib-7.2.4-1U80_2cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/8/RPMS/postgresql-odbc-7.2.4-1U80_2cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/8/RPMS/postgresql-perl-7.2.4-1U80_2cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/8/RPMS/postgresql-python-7.2.4-1U80_2cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/8/RPMS/postgresql-tcl-7.2.4-1U80_2cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/8/RPMS/postgresql-test-7.2.4-1U80_2cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/9/SRPMS/postgresql-7.3.2-27694U90_1cl.src.rpm
ftp://atualizacoes.conectiva.com.br/9/RPMS/postgresql-7.3.2-27694U90_1cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/9/RPMS/postgresql-charset-addons-7.3.2-27694U90_1cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/9/RPMS/postgresql-clients-7.3.2-27694U90_1cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/9/RPMS/postgresql-contrib-7.3.2-27694U90_1cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/9/RPMS/postgresql-devel-7.3.2-27694U90_1cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/9/RPMS/postgresql-devel-static-7.3.2-27694U90_1cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/9/RPMS/postgresql-doc-7.3.2-27694U90_1cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/9/RPMS/postgresql-libecpg3.4-7.3.2-27694U90_1cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/9/RPMS/postgresql-libpq3-7.3.2-27694U90_1cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/9/RPMS/postgresql-perl-7.3.2-27694U90_1cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/9/RPMS/postgresql-python-7.3.2-27694U90_1cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/9/RPMS/postgresql-tcl-7.3.2-27694U90_1cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/9/RPMS/postgresql-test-7.3.2-27694U90_1cl.i386.rpm
ADDITIONAL INSTRUCTIONS
The apt tool can be used to perform RPM packages upgrades:
- run: apt-get update
- after that, execute: apt-get upgrade
Detailed instructions reagarding the use of apt and upgrade examples
can be found at http://distro.conectiva.com.br/atualizacoes/#apt?idioma=en
- -------------------------------------------------------------------------
All packages are signed with Conectiva's GPG key. The key and instructions
on how to import it can be found at
http://distro.conectiva.com.br/seguranca/chave/?idioma=en
Instructions on how to check the signatures of the RPM packages can be
found at http://distro.conectiva.com.br/seguranca/politica/?idioma=en
- -------------------------------------------------------------------------
All our advisories and generic update instructions can be viewed at
http://distro.conectiva.com.br/atualizacoes/?idioma=en
- -------------------------------------------------------------------------
Copyright (c) 2003 Conectiva Inc.
http://www.conectiva.com
- -------------------------------------------------------------------------
subscribe: conectiva-updates-subscribe@papaleguas.conectiva.com.br
unsubscribe: conectiva-updates-unsubscribe@papaleguas.conectiva.com.br
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org
iD8DBQE/s7uu42jd0JmAcZARAnmkAKC0x4e7DRL+eaFCBBzdf/HRpXoCEACdHj0L
D1YG9i62q9TrQR3dfdCEtkU=
=iyfY
-----END PGP SIGNATURE-----
|
|
