Monday, October 18, 2010

New postgresql-8.3 packages: fix privilege escalation

Users of postgresql-8.3 please be advised of a New packages fix privilege escalation vulnerability that has been identified.

To view this vulnerability, possible remedies, and others please check out the Security Advisories at Critical Watch (http://criticalwatch.com/support/security-advisories.aspx)

Amplify’d from www.criticalwatch.com
DSA 2120-1: [DSA 2120-1] New postgresql-8.3 packages fix privilege escalation
Vulnerability : privilege escalation
Tim Bunce discovered that PostgreSQL, a database server software, does

not properly separate interpreters for server-side stored procedures

which run in different security contexts. As a result, non-privileged

authenticated database users might gain additional privileges.
Read more at www.criticalwatch.com
 

No comments:

Post a Comment