Red Hat Security Advisory 2012-0677-01

newsbot

newsbot

RSS Feed
Red Hat Security Advisory 2012-0677-01 - PostgreSQL is an advanced object-relational database management system. The pg_dump utility inserted object names literally into comments in the SQL script it produces. An unprivileged database user could create an object whose name includes a newline followed by an SQL command. This SQL command might then be executed by a privileged user during later restore of the backup dump, allowing privilege escalation. CREATE TRIGGER did not do a permissions check on the trigger function to be called. This could possibly allow an authenticated database user to call a privileged trigger function on data of their choosing.

Weiterlesen...
 

Ähnliche Themen

Zugriff Ubuntu 16.04. auf Freigabe 18.04. LTS nicht möglich

Red Hat Security Advisory 2012-0678-01

Red Hat Security Advisory 2012-1462-01

Red Hat Security Advisory 2012-1551-01

Red Hat Security Advisory 2013-0154-01

Zurück
Oben