Login
Newsletter
Werbung

Sicherheit: Ausführen beliebiger Kommandos in postgresql
Aktuelle Meldungen Distributionen
Name: Ausführen beliebiger Kommandos in postgresql
ID: TLSA-2006-10
Distribution: TurboLinux
Plattformen: Turbolinux 10 Server, Turbolinux 10 Server x64 Edition, Turbolinux Appliance Server 2.0, Turbolinux 10 Desktop, Turbolinux 10 F..., Turbolinux 7 Server, Turbolinux 8 Server, Turbolinux 8 Workstation, Turbolinux Home, Turbolinux Multimedia, Turbolinux Personal, Turbolinux Appliance Server 1.0 Hosting Edition, Turbolinux Appliance Server 1.0 Workgroup Edition
Datum: Mi, 2. August 2006, 03:50
Referenzen: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2313
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2314
Applikationen: PostgreSQL

Originalnachricht

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

--------------------------------------------------------------------------
Turbolinux Security Advisory TLSA-2006-10
http://www.turbolinux.co.jp/security/
security-team@turbolinux.co.jp
--------------------------------------------------------------------------

Original released date: 06 Jul 2006
Last revised: 19 Jul 2006

Package: postgresql

Summary: SQL injection

More information:
PostgreSQL is an advanced Object-Relational database management system
(DBMS) that supports almost all SQL constructs
SQL injection vulnerabilities exist in postgresql.

Impact:
This vulnerability may allow remote attackers to execute arbitrary code.

Affected Products:
- Turbolinux Appliance Server 2.0
- Turbolinux 10 Server x64 Edition
- Turbolinux Appliance Server 1.0 Hosting Edition
- Turbolinux Appliance Server 1.0 Workgroup Edition
- Turbolinux 10 Server
- Turbolinux Home
- Turbolinux 10 F...
- Turbolinux 10 Desktop
- Turbolinux Multimedia
- Turbolinux Personal
- Turbolinux 8 Server
- Turbolinux 8 Workstation
- Turbolinux 7 Server


<Turbolinux Appliance Server 2.0>

Source Packages
Size: MD5

postgresql-7.4.13-2.src.rpm
14254469 9e27e1a0a810f96f0c31fe558e495851

Binary Packages
Size: MD5

postgresql-7.4.13-2.i586.rpm
1318151 54534e205d9fdbfde24c1ab11268b571
postgresql-contrib-7.4.13-2.i586.rpm
3746452 9d8ab59ed796eb4e354c4b6c761e6354
postgresql-devel-7.4.13-2.i586.rpm
859568 a247e45ce88c81032b0996be732917e4
postgresql-jdbc-7.4.13-2.i586.rpm
695640 db43fa65f85f0eb24c775bc17e3e16e6
postgresql-libs-7.4.13-2.i586.rpm
123345 3b62a1dcec1cad0fc1bb2c31eca16029
postgresql-odbc-7.4.13-2.i586.rpm
138554 ebe4d9f2f7bfc16abb641d18f517c447
postgresql-perl-7.4.13-2.i586.rpm
610544 63e3096b6f2a6adf35b19b590eb3e804
postgresql-python-7.4.13-2.i586.rpm
414262 25534a9fb50a377974bc2c54dbcf477b
postgresql-server-7.4.13-2.i586.rpm
2448243 4800e31be1ae66ec2bb0e522bf30be39
postgresql-tcl-7.4.13-2.i586.rpm
52610 8a8983b11fda467af813a055d4416ae2
postgresql-tk-7.4.13-2.i586.rpm
23909 d19617520ee18d5051a8b07abc52a46c

<Turbolinux 10 Server x64 Edition>

Source Packages
Size: MD5

postgresql-8.0.8-1.src.rpm
15668650 af1618c27a36559f778d5aaf671c2d62

Binary Packages
Size: MD5

postgresql-8.0.8-1.x86_64.rpm
617615 979a609a57e49c768524a50375b8a51c
postgresql-contrib-8.0.8-1.x86_64.rpm
4503530 fb6a71a925bb7a2098a26d18517a28b0
postgresql-devel-8.0.8-1.x86_64.rpm
674820 8103d2aca09a80e672783f8aa60b2760
postgresql-docs-8.0.8-1.x86_64.rpm
1261098 f887c18413c52690a7de0e57f23f6ede
postgresql-jdbc-8.0.8-1.x86_64.rpm
869728 707b5954d425d0e32a0af8058c53b4b3
postgresql-libs-8.0.8-1.x86_64.rpm
2825052 973d697ed5b6a5b140f654358e59638d
postgresql-odbc-8.0.8-1.x86_64.rpm
170773 20563ff9bf77e188de767e38832cf080
postgresql-perl-8.0.8-1.x86_64.rpm
624905 61a01e0b820e6696958fecb070ee08f5
postgresql-python-8.0.8-1.x86_64.rpm
469431 cf39ad358a3b9b72b8ff485158978fca
postgresql-server-8.0.8-1.x86_64.rpm
2906933 e2a312f1e8d51faad136d366b00ba112
postgresql-tcl-8.0.8-1.x86_64.rpm
39506 c56c58f3417654f8ad15ec03599f08ba
postgresql-test-8.0.8-1.x86_64.rpm
998923 bda957d1ff9593b3a7a3a3ea7e519497
postgresql-tk-8.0.8-1.x86_64.rpm
20505 1dbaf0a0871a43406c49ca29930cd6cc

<Turbolinux Appliance Server 1.0 Hosting Edition>

Source Packages
Size: MD5

postgresql-7.2.2-10.src.rpm
9631536 bb8152f54807f4c317d9c3992fd2bb35

Binary Packages
Size: MD5

postgresql-7.2.2-10.i586.rpm
1072564 3602832347753547bfc3326121de5d59
postgresql-contrib-7.2.2-10.i586.rpm
985956 de68a62d55c366e8db824c363008725d
postgresql-devel-7.2.2-10.i586.rpm
581724 fa1d883fc5b0aa7a059d3ca7eef42963
postgresql-docs-7.2.2-10.i586.rpm
947247 7387230700e9540d4ee9bedb22aaa74f
postgresql-jdbc-7.2.2-10.i586.rpm
378903 eb4128125b3648d66abbba5dff3bdd72
postgresql-libs-7.2.2-10.i586.rpm
88407 a3539467650138f886c3bff0c6388b97
postgresql-odbc-7.2.2-10.i586.rpm
109977 0fa4412c2606a404e42bd2a45f1011b6
postgresql-perl-7.2.2-10.i586.rpm
59735 4f1095daddfca20f92e1d6d633e14b47
postgresql-python-7.2.2-10.i586.rpm
67435 db3f95f75bf30ef8e8702ec52ad55846
postgresql-server-7.2.2-10.i586.rpm
1392185 05eeed87d7490e37bb59ca0a751933b3
postgresql-test-7.2.2-10.i586.rpm
864015 593650c751f503af10caed2a44cfa700

<Turbolinux Appliance Server 1.0 Workgroup Edition>

Source Packages
Size: MD5

postgresql-7.2.2-10.src.rpm
9631536 35c3c38ae67fba8a3eb2676d8b363772

Binary Packages
Size: MD5

postgresql-7.2.2-10.i586.rpm
1072151 5915157585c95f532cc86b22d43ddefb
postgresql-contrib-7.2.2-10.i586.rpm
985989 127492d81e7b0b6d3dba75640802be73
postgresql-devel-7.2.2-10.i586.rpm
581843 f3881f7ce63cf07b17cb2de5acb2704b
postgresql-docs-7.2.2-10.i586.rpm
947404 8e0afb9aa636d8a2f80a506d2d603799
postgresql-jdbc-7.2.2-10.i586.rpm
378857 d6ab62de5f45c2ce957a4f0b4ac101bd
postgresql-libs-7.2.2-10.i586.rpm
88620 12f36e44f8fcb52a792bf1153f994e33
postgresql-odbc-7.2.2-10.i586.rpm
110106 58bfcfe54079ce9bd05459c491fff518
postgresql-perl-7.2.2-10.i586.rpm
59938 5e19ca1b59711933b84e220a59fa5600
postgresql-python-7.2.2-10.i586.rpm
67684 8ae8abb890c1ff3f508c3c790bb4f385
postgresql-server-7.2.2-10.i586.rpm
1392280 b2a760c5ab6be20bde6d77a8df8f5f77
postgresql-test-7.2.2-10.i586.rpm
864138 21765ec19484ea9243c820a03a154b33

<Turbolinux 10 Server>

Source Packages
Size: MD5

postgresql-7.4.13-2.src.rpm
14254469 9e27e1a0a810f96f0c31fe558e495851

Binary Packages
Size: MD5

postgresql-7.4.13-2.i586.rpm
1318151 54534e205d9fdbfde24c1ab11268b571
postgresql-contrib-7.4.13-2.i586.rpm
3746452 9d8ab59ed796eb4e354c4b6c761e6354
postgresql-devel-7.4.13-2.i586.rpm
859568 a247e45ce88c81032b0996be732917e4
postgresql-jdbc-7.4.13-2.i586.rpm
695640 db43fa65f85f0eb24c775bc17e3e16e6
postgresql-libs-7.4.13-2.i586.rpm
123345 3b62a1dcec1cad0fc1bb2c31eca16029
postgresql-odbc-7.4.13-2.i586.rpm
138554 ebe4d9f2f7bfc16abb641d18f517c447
postgresql-perl-7.4.13-2.i586.rpm
610544 63e3096b6f2a6adf35b19b590eb3e804
postgresql-python-7.4.13-2.i586.rpm
414262 25534a9fb50a377974bc2c54dbcf477b
postgresql-server-7.4.13-2.i586.rpm
2448243 4800e31be1ae66ec2bb0e522bf30be39
postgresql-tcl-7.4.13-2.i586.rpm
52610 8a8983b11fda467af813a055d4416ae2
postgresql-tk-7.4.13-2.i586.rpm
23909 d19617520ee18d5051a8b07abc52a46c

<Turbolinux 10 Desktop, Turbolinux 10 F..., Turbolinux Home, Turbolinux
Multimedia, Turbolinux Personal>

Source Packages
Size: MD5

postgresql-7.3-17.src.rpm
11300509 11424336ffed468bb2c04aa513412976

Binary Packages
Size: MD5

postgresql-7.3-17.i586.rpm
1227593 42c8c01d3b8f932a430fae5540558926
postgresql-contrib-7.3-17.i586.rpm
687639 bf154c2f686efb3b391b1b293a9c32ee
postgresql-devel-7.3-17.i586.rpm
576187 659e2f5bf90fc06f188745ab83253363
postgresql-docs-7.3-17.i586.rpm
1075693 9c3e0e90733da127a7abff38b05f1f75
postgresql-libs-7.3-17.i586.rpm
117658 46d5bc3764c087fb787d39b56801c72f
postgresql-odbc-7.3-17.i586.rpm
131937 746d092e750f6c199db71d3775134e29
postgresql-perl-7.3-17.i586.rpm
3019812 95bed709a124bac33299f128f49a4346
postgresql-python-7.3-17.i586.rpm
58683 0241f57837e2a78374cc2ad5b021e803
postgresql-server-7.3-17.i586.rpm
2271522 04ea68d9100e6ec01a4cc54c25cbcd89
postgresql-tcl-7.3-17.i586.rpm
50195 c0db0241dfdca3b33ad0a9cd584e9ee2
postgresql-test-7.3-17.i586.rpm
908815 81d6227678957302ab5db8f2dce54df5
postgresql-tk-7.3-17.i586.rpm
22538 650282c02090db085d420a82c307b2d9

<Turbolinux 8 Server>

Source Packages
Size: MD5

postgresql-7.2.2-10.src.rpm
9631536 0377b564d6965eb45af93a6c48c08ff2

Binary Packages
Size: MD5

postgresql-7.2.2-10.i586.rpm
1073235 4c116f2e5c3a0db84910302bddd97785
postgresql-contrib-7.2.2-10.i586.rpm
988332 18b10e8a26fd0694684d5607721b77c7
postgresql-devel-7.2.2-10.i586.rpm
582286 63704b26879a52de84c928de2ac82713
postgresql-docs-7.2.2-10.i586.rpm
948016 6706a9b4a015372ff1576ab5c7be4eff
postgresql-jdbc-7.2.2-10.i586.rpm
378854 f45ef678d18a680920a7fdeb0e98d097
postgresql-libs-7.2.2-10.i586.rpm
88607 179e3b0723b2e8376e41dbd7484ab463
postgresql-odbc-7.2.2-10.i586.rpm
110139 137e7e9b8a79fd3ddff57e543ea4b46c
postgresql-perl-7.2.2-10.i586.rpm
59921 604980bc99ff7f15bc9effc53544a864
postgresql-python-7.2.2-10.i586.rpm
67697 21d1048b078f66ab53fe22fc0f045302
postgresql-server-7.2.2-10.i586.rpm
1393113 9594705e4755e81c013c7ae6dd4dec00
postgresql-tcl-7.2.2-10.i586.rpm
51030 5363bee41665673e75f372230c0360d5
postgresql-test-7.2.2-10.i586.rpm
863936 0aa85e61f5b40480a7bd80e0684fd4d8
postgresql-tk-7.2.2-10.i586.rpm
424942 7bd967e1f18f4f76809f04ba08bf9b92

<Turbolinux 8 Workstation>

Source Packages
Size: MD5

postgresql-7.2.2-10.src.rpm
9631536 b81febed0e0db59b0a23fa90fde4ecaa

Binary Packages
Size: MD5

postgresql-7.2.2-10.i586.rpm
1072189 43184dea34fa216d90a53c07bc572284
postgresql-contrib-7.2.2-10.i586.rpm
988367 7313714d991c29289a2049d5ae22a62f
postgresql-devel-7.2.2-10.i586.rpm
581811 7c23847da229d6d2f286adb92175351d
postgresql-docs-7.2.2-10.i586.rpm
947568 47eff49cc1af3cbe4d83d5da43243476
postgresql-jdbc-7.2.2-10.i586.rpm
378933 03fca297f38e995c85abb40f38274817
postgresql-libs-7.2.2-10.i586.rpm
88622 b0e1cdabb33f70ab6c1187e7e5bb21dc
postgresql-odbc-7.2.2-10.i586.rpm
110107 6dc04b6b218bd0e4fc49472d34dc3245
postgresql-perl-7.2.2-10.i586.rpm
59954 228668202114f9c7d100a80d8ac2dd8e
postgresql-python-7.2.2-10.i586.rpm
67609 c02b5b5ee8880e0d5f7d8b54b2718391
postgresql-server-7.2.2-10.i586.rpm
1393047 3f3cbf468073aa196120aaaa8e3406b1
postgresql-tcl-7.2.2-10.i586.rpm
51035 29d2f93769957e4c7a8367da157630e9
postgresql-test-7.2.2-10.i586.rpm
864031 6ec443b6a368f41bc4f5748ac83330f9
postgresql-tk-7.2.2-10.i586.rpm
424709 f770f6605a1cf4ceb1ea5d90314b4fba

<Turbolinux 7 Server>

Source Packages
Size: MD5

postgresql-7.2.2-10.src.rpm
9631536 eb52d5c6b6741764977db8c9dd6fea54

Binary Packages
Size: MD5

postgresql-7.2.2-10.i586.rpm
1067800 c6f782f107fc7c89e7a08b25e9c1db10
postgresql-contrib-7.2.2-10.i586.rpm
979697 de7ee22e84cc386dc8bd74b2d1d9443a
postgresql-devel-7.2.2-10.i586.rpm
570132 9e535676b72541f772d991cfe701cf1c
postgresql-docs-7.2.2-10.i586.rpm
947474 c118f57ea7258f662bdc2ebe26ff69e4
postgresql-jdbc-7.2.2-10.i586.rpm
378899 3e8795d2df8a1110209e1f045c5d95ce
postgresql-libs-7.2.2-10.i586.rpm
86656 85f0b423e52ce1ef397e96be49e1262b
postgresql-odbc-7.2.2-10.i586.rpm
107779 dded3165c8a33872db0b552dfe3e262f
postgresql-perl-7.2.2-10.i586.rpm
87689 fbb55c775e2041463e1e5673de99a5f5
postgresql-python-7.2.2-10.i586.rpm
66730 fe60862c571dea83bcfe1c2924993938
postgresql-server-7.2.2-10.i586.rpm
1368949 6fdf8d2798fae5da3a5e59a711ec86e0
postgresql-tcl-7.2.2-10.i586.rpm
51373 a27f83aca091afe00d1380ef7ac6f801
postgresql-test-7.2.2-10.i586.rpm
863693 c0e9586245ab578f37d150880475926b
postgresql-tk-7.2.2-10.i586.rpm
424756 6615027ebcd1663a16df463dda89f7c8


References:

CVE
[CAN-2006-2313]
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2006-2313
[CAN-2006-2314]
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2006-2314

--------------------------------------------------------------------------
Revision History
06 Jul 2006 Initial release
19 Jul 2006 Added Turbolinux Appliance Server 2.0, Turbolinux 10 Server x64
Edition
Turbolinux 10 Server, Turbolinux 10 Desktop
--------------------------------------------------------------------------

Copyright(C) 2006 Turbolinux, Inc. All rights reserved.

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.0 (GNU/Linux)

iD8DBQFEveviK0LzjOqIJMwRAieEAJ9KL6+c8EgQyABiwf6ZfTmwIwbLcQCgrGd+
otOTEEMTXr+SygnQtmf8Wss=
=1jBC
-----END PGP SIGNATURE-----
Pro-Linux
Pro-Linux @Facebook
Neue Nachrichten
Werbung