CVE-2005-0244

Published: May 2, 2005Modified: Apr 16, 2026

6.5

Vector

AV:N/AC:L/Au:S/C:P/I:P/A:P

Exploitability: 8.0 / Impact: 6.4

Source: NVD

Description

PostgreSQL 8.0.0 and earlier allows local users to bypass the EXECUTE permission check for functions by using the CREATE AGGREGATE command.

Affected (27)

Products: Postgresql: Postgresql

1 product

Configuration A

27 vulnerable

Vulnerable Software	Affected Versions
Postgresql Postgresql	Version 7.2.1
Postgresql Postgresql	Version 7.2.2
Postgresql Postgresql	Version 7.2.3
Postgresql Postgresql	Version 7.2.4
Postgresql Postgresql	Version 7.2.5
Postgresql Postgresql	Version 7.2.6
Postgresql Postgresql	Version 7.2.7
Postgresql Postgresql	Version 7.2
Postgresql Postgresql	Version 7.3.1
Postgresql Postgresql	Version 7.3.2
Postgresql Postgresql	Version 7.3.3
Postgresql Postgresql	Version 7.3.4
Postgresql Postgresql	Version 7.3.5
Postgresql Postgresql	Version 7.3.6
Postgresql Postgresql	Version 7.3.7
Postgresql Postgresql	Version 7.3.8
Postgresql Postgresql	Version 7.3.9
Postgresql Postgresql	Version 7.3
Postgresql Postgresql	Version 7.4.1
Postgresql Postgresql	Version 7.4.2
Postgresql Postgresql	Version 7.4.3
Postgresql Postgresql	Version 7.4.4
Postgresql Postgresql	Version 7.4.5
Postgresql Postgresql	Version 7.4.6
Postgresql Postgresql	Version 7.4.7
Postgresql Postgresql	Version 7.4
Postgresql Postgresql	Version 8.0.0

Related CWEs

References (18)

http://archives.postgresql.org/pgsql-hackers/2005-01/msg00922.php

Source: secalert@redhat.com

Vendor Advisory

http://marc.info/?l=bugtraq&m=110806034116082&w=2

Source: secalert@redhat.com

http://secunia.com/advisories/12948

Source: secalert@redhat.com

PatchVendor Advisory

http://www.mandriva.com/security/advisories?name=MDKSA-2005:040

Source: secalert@redhat.com

http://www.novell.com/linux/security/advisories/2005_36_sudo.html

Source: secalert@redhat.com

http://www.redhat.com/support/errata/RHSA-2005-138.html

Source: secalert@redhat.com

PatchVendor Advisory

http://www.securityfocus.com/bid/12417

Source: secalert@redhat.com

https://exchange.xforce.ibmcloud.com/vulnerabilities/19184

Source: secalert@redhat.com

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10927

Source: secalert@redhat.com

http://archives.postgresql.org/pgsql-hackers/2005-01/msg00922.php

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://marc.info/?l=bugtraq&m=110806034116082&w=2

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/12948

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

http://www.mandriva.com/security/advisories?name=MDKSA-2005:040

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.novell.com/linux/security/advisories/2005_36_sudo.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.redhat.com/support/errata/RHSA-2005-138.html

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

http://www.securityfocus.com/bid/12417

Source: af854a3a-2127-422b-91ae-364da2661108

https://exchange.xforce.ibmcloud.com/vulnerabilities/19184

Source: af854a3a-2127-422b-91ae-364da2661108

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10927

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.