NI3
11-08-2003, 10:26 AM
Test ID: 11916
Category: Gain a shell remotely
Title: PostgreSQL to_ascii() overflow
Summary: Attempts to log into the remote PostgreSQL daemon
Description:
The remote PostgreSQL server, according to its version number,
is vulnerable to a buffer overflow in the to_ascii() function,
which may allow an attacker who has the rights to query the remote
database to obtain a shell on this host.
Solution : Upgrade to postgresql 7.3.4 or newer
Risk factor : High
Copyright: This script is Copyright (C) 2003 Renaud Deraison
Cross-Ref: BugTraq ID: 8741
Category: Gain a shell remotely
Title: PostgreSQL to_ascii() overflow
Summary: Attempts to log into the remote PostgreSQL daemon
Description:
The remote PostgreSQL server, according to its version number,
is vulnerable to a buffer overflow in the to_ascii() function,
which may allow an attacker who has the rights to query the remote
database to obtain a shell on this host.
Solution : Upgrade to postgresql 7.3.4 or newer
Risk factor : High
Copyright: This script is Copyright (C) 2003 Renaud Deraison
Cross-Ref: BugTraq ID: 8741