drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Ausführen beliebiger Kommandos in postgresql
Name: |
Ausführen beliebiger Kommandos in postgresql |
|
ID: |
TLSA-2006-10 |
|
Distribution: |
TurboLinux |
|
Plattformen: |
Turbolinux 10 Server, Turbolinux 10 Server x64 Edition, Turbolinux Appliance Server 2.0, Turbolinux 10 Desktop, Turbolinux 10 F..., Turbolinux 7 Server, Turbolinux 8 Server, Turbolinux 8 Workstation, Turbolinux Home, Turbolinux Multimedia, Turbolinux Personal, Turbolinux Appliance Server 1.0 Hosting Edition, Turbolinux Appliance Server 1.0 Workgroup Edition |
|
Datum: |
Mi, 2. August 2006, 03:50 |
|
Referenzen: |
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2313
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2314 |
|
Applikationen: |
PostgreSQL |
|
Originalnachricht |
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
-------------------------------------------------------------------------- Turbolinux Security Advisory TLSA-2006-10 http://www.turbolinux.co.jp/security/ security-team@turbolinux.co.jp --------------------------------------------------------------------------
Original released date: 06 Jul 2006 Last revised: 19 Jul 2006
Package: postgresql
Summary: SQL injection
More information: PostgreSQL is an advanced Object-Relational database management system (DBMS) that supports almost all SQL constructs SQL injection vulnerabilities exist in postgresql.
Impact: This vulnerability may allow remote attackers to execute arbitrary code.
Affected Products: - Turbolinux Appliance Server 2.0 - Turbolinux 10 Server x64 Edition - Turbolinux Appliance Server 1.0 Hosting Edition - Turbolinux Appliance Server 1.0 Workgroup Edition - Turbolinux 10 Server - Turbolinux Home - Turbolinux 10 F... - Turbolinux 10 Desktop - Turbolinux Multimedia - Turbolinux Personal - Turbolinux 8 Server - Turbolinux 8 Workstation - Turbolinux 7 Server
<Turbolinux Appliance Server 2.0>
Source Packages Size: MD5
postgresql-7.4.13-2.src.rpm 14254469 9e27e1a0a810f96f0c31fe558e495851
Binary Packages Size: MD5
postgresql-7.4.13-2.i586.rpm 1318151 54534e205d9fdbfde24c1ab11268b571 postgresql-contrib-7.4.13-2.i586.rpm 3746452 9d8ab59ed796eb4e354c4b6c761e6354 postgresql-devel-7.4.13-2.i586.rpm 859568 a247e45ce88c81032b0996be732917e4 postgresql-jdbc-7.4.13-2.i586.rpm 695640 db43fa65f85f0eb24c775bc17e3e16e6 postgresql-libs-7.4.13-2.i586.rpm 123345 3b62a1dcec1cad0fc1bb2c31eca16029 postgresql-odbc-7.4.13-2.i586.rpm 138554 ebe4d9f2f7bfc16abb641d18f517c447 postgresql-perl-7.4.13-2.i586.rpm 610544 63e3096b6f2a6adf35b19b590eb3e804 postgresql-python-7.4.13-2.i586.rpm 414262 25534a9fb50a377974bc2c54dbcf477b postgresql-server-7.4.13-2.i586.rpm 2448243 4800e31be1ae66ec2bb0e522bf30be39 postgresql-tcl-7.4.13-2.i586.rpm 52610 8a8983b11fda467af813a055d4416ae2 postgresql-tk-7.4.13-2.i586.rpm 23909 d19617520ee18d5051a8b07abc52a46c
<Turbolinux 10 Server x64 Edition>
Source Packages Size: MD5
postgresql-8.0.8-1.src.rpm 15668650 af1618c27a36559f778d5aaf671c2d62
Binary Packages Size: MD5
postgresql-8.0.8-1.x86_64.rpm 617615 979a609a57e49c768524a50375b8a51c postgresql-contrib-8.0.8-1.x86_64.rpm 4503530 fb6a71a925bb7a2098a26d18517a28b0 postgresql-devel-8.0.8-1.x86_64.rpm 674820 8103d2aca09a80e672783f8aa60b2760 postgresql-docs-8.0.8-1.x86_64.rpm 1261098 f887c18413c52690a7de0e57f23f6ede postgresql-jdbc-8.0.8-1.x86_64.rpm 869728 707b5954d425d0e32a0af8058c53b4b3 postgresql-libs-8.0.8-1.x86_64.rpm 2825052 973d697ed5b6a5b140f654358e59638d postgresql-odbc-8.0.8-1.x86_64.rpm 170773 20563ff9bf77e188de767e38832cf080 postgresql-perl-8.0.8-1.x86_64.rpm 624905 61a01e0b820e6696958fecb070ee08f5 postgresql-python-8.0.8-1.x86_64.rpm 469431 cf39ad358a3b9b72b8ff485158978fca postgresql-server-8.0.8-1.x86_64.rpm 2906933 e2a312f1e8d51faad136d366b00ba112 postgresql-tcl-8.0.8-1.x86_64.rpm 39506 c56c58f3417654f8ad15ec03599f08ba postgresql-test-8.0.8-1.x86_64.rpm 998923 bda957d1ff9593b3a7a3a3ea7e519497 postgresql-tk-8.0.8-1.x86_64.rpm 20505 1dbaf0a0871a43406c49ca29930cd6cc
<Turbolinux Appliance Server 1.0 Hosting Edition>
Source Packages Size: MD5
postgresql-7.2.2-10.src.rpm 9631536 bb8152f54807f4c317d9c3992fd2bb35
Binary Packages Size: MD5
postgresql-7.2.2-10.i586.rpm 1072564 3602832347753547bfc3326121de5d59 postgresql-contrib-7.2.2-10.i586.rpm 985956 de68a62d55c366e8db824c363008725d postgresql-devel-7.2.2-10.i586.rpm 581724 fa1d883fc5b0aa7a059d3ca7eef42963 postgresql-docs-7.2.2-10.i586.rpm 947247 7387230700e9540d4ee9bedb22aaa74f postgresql-jdbc-7.2.2-10.i586.rpm 378903 eb4128125b3648d66abbba5dff3bdd72 postgresql-libs-7.2.2-10.i586.rpm 88407 a3539467650138f886c3bff0c6388b97 postgresql-odbc-7.2.2-10.i586.rpm 109977 0fa4412c2606a404e42bd2a45f1011b6 postgresql-perl-7.2.2-10.i586.rpm 59735 4f1095daddfca20f92e1d6d633e14b47 postgresql-python-7.2.2-10.i586.rpm 67435 db3f95f75bf30ef8e8702ec52ad55846 postgresql-server-7.2.2-10.i586.rpm 1392185 05eeed87d7490e37bb59ca0a751933b3 postgresql-test-7.2.2-10.i586.rpm 864015 593650c751f503af10caed2a44cfa700
<Turbolinux Appliance Server 1.0 Workgroup Edition>
Source Packages Size: MD5
postgresql-7.2.2-10.src.rpm 9631536 35c3c38ae67fba8a3eb2676d8b363772
Binary Packages Size: MD5
postgresql-7.2.2-10.i586.rpm 1072151 5915157585c95f532cc86b22d43ddefb postgresql-contrib-7.2.2-10.i586.rpm 985989 127492d81e7b0b6d3dba75640802be73 postgresql-devel-7.2.2-10.i586.rpm 581843 f3881f7ce63cf07b17cb2de5acb2704b postgresql-docs-7.2.2-10.i586.rpm 947404 8e0afb9aa636d8a2f80a506d2d603799 postgresql-jdbc-7.2.2-10.i586.rpm 378857 d6ab62de5f45c2ce957a4f0b4ac101bd postgresql-libs-7.2.2-10.i586.rpm 88620 12f36e44f8fcb52a792bf1153f994e33 postgresql-odbc-7.2.2-10.i586.rpm 110106 58bfcfe54079ce9bd05459c491fff518 postgresql-perl-7.2.2-10.i586.rpm 59938 5e19ca1b59711933b84e220a59fa5600 postgresql-python-7.2.2-10.i586.rpm 67684 8ae8abb890c1ff3f508c3c790bb4f385 postgresql-server-7.2.2-10.i586.rpm 1392280 b2a760c5ab6be20bde6d77a8df8f5f77 postgresql-test-7.2.2-10.i586.rpm 864138 21765ec19484ea9243c820a03a154b33
<Turbolinux 10 Server>
Source Packages Size: MD5
postgresql-7.4.13-2.src.rpm 14254469 9e27e1a0a810f96f0c31fe558e495851
Binary Packages Size: MD5
postgresql-7.4.13-2.i586.rpm 1318151 54534e205d9fdbfde24c1ab11268b571 postgresql-contrib-7.4.13-2.i586.rpm 3746452 9d8ab59ed796eb4e354c4b6c761e6354 postgresql-devel-7.4.13-2.i586.rpm 859568 a247e45ce88c81032b0996be732917e4 postgresql-jdbc-7.4.13-2.i586.rpm 695640 db43fa65f85f0eb24c775bc17e3e16e6 postgresql-libs-7.4.13-2.i586.rpm 123345 3b62a1dcec1cad0fc1bb2c31eca16029 postgresql-odbc-7.4.13-2.i586.rpm 138554 ebe4d9f2f7bfc16abb641d18f517c447 postgresql-perl-7.4.13-2.i586.rpm 610544 63e3096b6f2a6adf35b19b590eb3e804 postgresql-python-7.4.13-2.i586.rpm 414262 25534a9fb50a377974bc2c54dbcf477b postgresql-server-7.4.13-2.i586.rpm 2448243 4800e31be1ae66ec2bb0e522bf30be39 postgresql-tcl-7.4.13-2.i586.rpm 52610 8a8983b11fda467af813a055d4416ae2 postgresql-tk-7.4.13-2.i586.rpm 23909 d19617520ee18d5051a8b07abc52a46c
<Turbolinux 10 Desktop, Turbolinux 10 F..., Turbolinux Home, Turbolinux Multimedia, Turbolinux Personal>
Source Packages Size: MD5
postgresql-7.3-17.src.rpm 11300509 11424336ffed468bb2c04aa513412976
Binary Packages Size: MD5
postgresql-7.3-17.i586.rpm 1227593 42c8c01d3b8f932a430fae5540558926 postgresql-contrib-7.3-17.i586.rpm 687639 bf154c2f686efb3b391b1b293a9c32ee postgresql-devel-7.3-17.i586.rpm 576187 659e2f5bf90fc06f188745ab83253363 postgresql-docs-7.3-17.i586.rpm 1075693 9c3e0e90733da127a7abff38b05f1f75 postgresql-libs-7.3-17.i586.rpm 117658 46d5bc3764c087fb787d39b56801c72f postgresql-odbc-7.3-17.i586.rpm 131937 746d092e750f6c199db71d3775134e29 postgresql-perl-7.3-17.i586.rpm 3019812 95bed709a124bac33299f128f49a4346 postgresql-python-7.3-17.i586.rpm 58683 0241f57837e2a78374cc2ad5b021e803 postgresql-server-7.3-17.i586.rpm 2271522 04ea68d9100e6ec01a4cc54c25cbcd89 postgresql-tcl-7.3-17.i586.rpm 50195 c0db0241dfdca3b33ad0a9cd584e9ee2 postgresql-test-7.3-17.i586.rpm 908815 81d6227678957302ab5db8f2dce54df5 postgresql-tk-7.3-17.i586.rpm 22538 650282c02090db085d420a82c307b2d9
<Turbolinux 8 Server>
Source Packages Size: MD5
postgresql-7.2.2-10.src.rpm 9631536 0377b564d6965eb45af93a6c48c08ff2
Binary Packages Size: MD5
postgresql-7.2.2-10.i586.rpm 1073235 4c116f2e5c3a0db84910302bddd97785 postgresql-contrib-7.2.2-10.i586.rpm 988332 18b10e8a26fd0694684d5607721b77c7 postgresql-devel-7.2.2-10.i586.rpm 582286 63704b26879a52de84c928de2ac82713 postgresql-docs-7.2.2-10.i586.rpm 948016 6706a9b4a015372ff1576ab5c7be4eff postgresql-jdbc-7.2.2-10.i586.rpm 378854 f45ef678d18a680920a7fdeb0e98d097 postgresql-libs-7.2.2-10.i586.rpm 88607 179e3b0723b2e8376e41dbd7484ab463 postgresql-odbc-7.2.2-10.i586.rpm 110139 137e7e9b8a79fd3ddff57e543ea4b46c postgresql-perl-7.2.2-10.i586.rpm 59921 604980bc99ff7f15bc9effc53544a864 postgresql-python-7.2.2-10.i586.rpm 67697 21d1048b078f66ab53fe22fc0f045302 postgresql-server-7.2.2-10.i586.rpm 1393113 9594705e4755e81c013c7ae6dd4dec00 postgresql-tcl-7.2.2-10.i586.rpm 51030 5363bee41665673e75f372230c0360d5 postgresql-test-7.2.2-10.i586.rpm 863936 0aa85e61f5b40480a7bd80e0684fd4d8 postgresql-tk-7.2.2-10.i586.rpm 424942 7bd967e1f18f4f76809f04ba08bf9b92
<Turbolinux 8 Workstation>
Source Packages Size: MD5
postgresql-7.2.2-10.src.rpm 9631536 b81febed0e0db59b0a23fa90fde4ecaa
Binary Packages Size: MD5
postgresql-7.2.2-10.i586.rpm 1072189 43184dea34fa216d90a53c07bc572284 postgresql-contrib-7.2.2-10.i586.rpm 988367 7313714d991c29289a2049d5ae22a62f postgresql-devel-7.2.2-10.i586.rpm 581811 7c23847da229d6d2f286adb92175351d postgresql-docs-7.2.2-10.i586.rpm 947568 47eff49cc1af3cbe4d83d5da43243476 postgresql-jdbc-7.2.2-10.i586.rpm 378933 03fca297f38e995c85abb40f38274817 postgresql-libs-7.2.2-10.i586.rpm 88622 b0e1cdabb33f70ab6c1187e7e5bb21dc postgresql-odbc-7.2.2-10.i586.rpm 110107 6dc04b6b218bd0e4fc49472d34dc3245 postgresql-perl-7.2.2-10.i586.rpm 59954 228668202114f9c7d100a80d8ac2dd8e postgresql-python-7.2.2-10.i586.rpm 67609 c02b5b5ee8880e0d5f7d8b54b2718391 postgresql-server-7.2.2-10.i586.rpm 1393047 3f3cbf468073aa196120aaaa8e3406b1 postgresql-tcl-7.2.2-10.i586.rpm 51035 29d2f93769957e4c7a8367da157630e9 postgresql-test-7.2.2-10.i586.rpm 864031 6ec443b6a368f41bc4f5748ac83330f9 postgresql-tk-7.2.2-10.i586.rpm 424709 f770f6605a1cf4ceb1ea5d90314b4fba
<Turbolinux 7 Server>
Source Packages Size: MD5
postgresql-7.2.2-10.src.rpm 9631536 eb52d5c6b6741764977db8c9dd6fea54
Binary Packages Size: MD5
postgresql-7.2.2-10.i586.rpm 1067800 c6f782f107fc7c89e7a08b25e9c1db10 postgresql-contrib-7.2.2-10.i586.rpm 979697 de7ee22e84cc386dc8bd74b2d1d9443a postgresql-devel-7.2.2-10.i586.rpm 570132 9e535676b72541f772d991cfe701cf1c postgresql-docs-7.2.2-10.i586.rpm 947474 c118f57ea7258f662bdc2ebe26ff69e4 postgresql-jdbc-7.2.2-10.i586.rpm 378899 3e8795d2df8a1110209e1f045c5d95ce postgresql-libs-7.2.2-10.i586.rpm 86656 85f0b423e52ce1ef397e96be49e1262b postgresql-odbc-7.2.2-10.i586.rpm 107779 dded3165c8a33872db0b552dfe3e262f postgresql-perl-7.2.2-10.i586.rpm 87689 fbb55c775e2041463e1e5673de99a5f5 postgresql-python-7.2.2-10.i586.rpm 66730 fe60862c571dea83bcfe1c2924993938 postgresql-server-7.2.2-10.i586.rpm 1368949 6fdf8d2798fae5da3a5e59a711ec86e0 postgresql-tcl-7.2.2-10.i586.rpm 51373 a27f83aca091afe00d1380ef7ac6f801 postgresql-test-7.2.2-10.i586.rpm 863693 c0e9586245ab578f37d150880475926b postgresql-tk-7.2.2-10.i586.rpm 424756 6615027ebcd1663a16df463dda89f7c8
References:
CVE [CAN-2006-2313] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2006-2313 [CAN-2006-2314] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2006-2314
-------------------------------------------------------------------------- Revision History 06 Jul 2006 Initial release 19 Jul 2006 Added Turbolinux Appliance Server 2.0, Turbolinux 10 Server x64 Edition Turbolinux 10 Server, Turbolinux 10 Desktop --------------------------------------------------------------------------
Copyright(C) 2006 Turbolinux, Inc. All rights reserved.
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.0 (GNU/Linux)
iD8DBQFEveviK0LzjOqIJMwRAieEAJ9KL6+c8EgQyABiwf6ZfTmwIwbLcQCgrGd+ otOTEEMTXr+SygnQtmf8Wss= =1jBC -----END PGP SIGNATURE-----
|
|
|
|