LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Syndicated Linux News (https://www.linuxquestions.org/questions/syndicated-linux-news-67/)
-   -   LXer: Postgresql Privilege Escalation and Denial of Service ... (https://www.linuxquestions.org/questions/syndicated-linux-news-67/lxer-postgresql-privilege-escalation-and-denial-of-service-415988/)

LXer 02-16-2006 02:01 AM
LXer: Postgresql Privilege Escalation and Denial of Service ...
 
Published at LXer:

Two vulnerabilities were identified in PostgreSQL, which could be exploited by malicious users to cause a denial of service or obtain elevated privileges. The first flaw is due to an error in the "SET ROLE" command when restoring the previous role setting after an error, which could be exploited by malicious authenticated users to gain superuser privileges. The second issue is due to an error in the "SET SESSION AUTHORIZATION" command when the application has been compiled with Asserts enabled, which could be exploited by malicious users to cause a denial of service.

Read More...


All times are GMT -5. The time now is 09:34 AM.