Red Hat Security Advisory 2012-0677-01

Diskutiere Red Hat Security Advisory 2012-0677-01 im Security News Forum im Bereich Security Talk; Red Hat Security Advisory 2012-0677-01 - PostgreSQL is an advanced object-relational database management system. The pg_dump utility inserted...

  1. #1 newsbot, 22.05.2012
    newsbot

    newsbot Foren Gott

    Dabei seit:
    26.11.2007
    Beiträge:
    9.920
    Zustimmungen:
    1
    Red Hat Security Advisory 2012-0677-01 - PostgreSQL is an advanced object-relational database management system. The pg_dump utility inserted object names literally into comments in the SQL script it produces. An unprivileged database user could create an object whose name includes a newline followed by an SQL command. This SQL command might then be executed by a privileged user during later restore of the backup dump, allowing privilege escalation. CREATE TRIGGER did not do a permissions check on the trigger function to be called. This could possibly allow an authenticated database user to call a privileged trigger function on data of their choosing.

    Weiterlesen...
     
Thema:

Red Hat Security Advisory 2012-0677-01

Die Seite wird geladen...

Red Hat Security Advisory 2012-0677-01 - Ähnliche Themen

  1. Debian Security Advisory 2603-1

    Debian Security Advisory 2603-1: Debian Linux Security Advisory 2603-1 - Paul Ling discovered that Emacs insufficiently restricted the evaluation of Lisp code if...
  2. Debian Security Advisory 2604-1

    Debian Security Advisory 2604-1: Debian Linux Security Advisory 2604-1 - It was discovered that Rails, the Ruby web application development framework, performed insufficient...
  3. Red Hat Security Advisory 2013-0150-01

    Red Hat Security Advisory 2013-0150-01: Red Hat Security Advisory 2013-0150-01 - Adobe Reader allows users to view and print documents in Portable Document Format. This update fixes...
  4. Mandriva Linux Security Advisory 2013-002

    Mandriva Linux Security Advisory 2013-002: Mandriva Linux Security Advisory 2013-002 - Google reported to Mozilla that TURKTRUST, a certificate authority in Mozillas root program, had...
  5. Mandriva Linux Security Advisory 2013-003

    Mandriva Linux Security Advisory 2013-003: Mandriva Linux Security Advisory 2013-003 - Google reported to Mozilla that TURKTRUST, a certificate authority in Mozillas root program, had...