Immunix Secured OS 7+ PostgreSQL update

From: WireX Security (securityat_private)
Date: Wed Apr 09 2003 - 21:35:25 PDT

Next message: Ahmet Sabri ALPER: "[ARL03-A16] Multiple Security Issues in phPay"

Previous message: mattmurphyat_private: "Exploit Code Released for Apache 2.x Memory Leak"
Next in thread: WireX Security Team: "Immunix Secured OS 7+ PostgreSQL update"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

-----------------------------------------------------------------------
	Immunix Secured OS Security Advisory

Packages updated:	postgresql
Affected products:	Immunix 7.0, 7+
Bugs fixed:		CAN-2002-0972
			CAN-2002-1397
			CAN-2002-1398
			CAN-2002-1400
			CAN-2002-1401
			CAN-2002-1402
Date:			Tue Apr  8 2003
Advisory ID:		IMNX-2003-7+-005-01
Author:			Alan Olsen <alanat_private>
-----------------------------------------------------------------------

Description:
  Multiple vulnerabilities have been discovered in PostgreSQL.

  CAN-2002-0972
  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-0972
  Buffer overflows in PostgreSQL 7.2 allow attackers to cause a denial of 
  service and possibly execute arbitrary code via long arguments to the 
  functions (1) lpad or (2) rpad.

  CAN-2002-1397
  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-1397
  Vulnerability in the cash_words() function for PostgreSQL 7.2 and earlier 
  allows local users to cause a denial of service and possibly execute 
  arbitrary code via a large negative argument, possibly triggering an 
  integer signedness error or buffer overflow.

  CAN-2002-1398
  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-1398
  Buffer overflow in the date parser for PostgreSQL before 7.2.2 allows 
  attackers to cause a denial of service and possibly execute arbitrary code 
  via a long date string, aka a vulnerability "in handling long datetime 
  input."

  CAN-2002-1400
  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-1400
  Heap-based buffer overflow in the repeat() function for PostgreSQL before 
  7.2.2 allows attackers to execute arbitrary code by causing repeat() to 
  generate a large string.

  CAN-2002-1401
  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-1401
  Buffer overflows in (1) circle_poly, (2) path_encode and (3) path_add 
  (also incorrectly identified as path_addr) for PostgreSQL 7.2.3 and 
  earlier allow attackers to cause a denial of service and possibly execute 
  arbitrary code, possibly as a result of an integer overflow.

  CAN-2002-1402
  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-1402
  Buffer overflows in the (1) TZ and (2) SET TIME ZONE enivronment variables 
  for PostgreSQL 7.2.1 and earlier allow local users to cause a denial of 
  service and possibly execute arbitrary code.

Package names and locations:
  Precompiled binary packages for Immunix 7+ are available at:

  http://download.immunix.org/ImmunixOS/7+/Updates/RPMS/postgresql-7.0.2-18.2_imnx_1.i386.rpm
  http://download.immunix.org/ImmunixOS/7+/Updates/RPMS/postgresql-devel-7.0.2-18.2_imnx_1.i386.rpm
  http://download.immunix.org/ImmunixOS/7+/Updates/RPMS/postgresql-jdbc-7.0.2-18.2_imnx_1.i386.rpm
  http://download.immunix.org/ImmunixOS/7+/Updates/RPMS/postgresql-odbc-7.0.2-18.2_imnx_1.i386.rpm
  http://download.immunix.org/ImmunixOS/7+/Updates/RPMS/postgresql-perl-7.0.2-18.2_imnx_1.i386.rpm
  http://download.immunix.org/ImmunixOS/7+/Updates/RPMS/postgresql-python-7.0.2-18.2_imnx_1.i386.rpm
  http://download.immunix.org/ImmunixOS/7+/Updates/RPMS/postgresql-server-7.0.2-18.2_imnx_1.i386.rpm
  http://download.immunix.org/ImmunixOS/7+/Updates/RPMS/postgresql-tcl-7.0.2-18.2_imnx_1.i386.rpm
  http://download.immunix.org/ImmunixOS/7+/Updates/RPMS/postgresql-tk-7.0.2-18.2_imnx_1.i386.rpm  

Immunix OS 7+ md5sums:

  93baa0d9c42efabf50eacc52b4842977  postgresql-7.0.2-18.2_imnx_1.i386.rpm
  f3932ce27a695a5e5568b927994dc8be  postgresql-devel-7.0.2-18.2_imnx_1.i386.rpm
  1c21fa51b3e24242bc5c9651fb8e1805  postgresql-jdbc-7.0.2-18.2_imnx_1.i386.rpm
  8cc120126c031b47068ae2d6d673976c  postgresql-odbc-7.0.2-18.2_imnx_1.i386.rpm
  6e12763d405762a6874f0ff2f2a03154  postgresql-perl-7.0.2-18.2_imnx_1.i386.rpm
  a8504feff58d0c0adb771e5cce733302  postgresql-python-7.0.2-18.2_imnx_1.i386.rpm
  ecd038e70c31a72bbfd682d6ae172a01  postgresql-server-7.0.2-18.2_imnx_1.i386.rpm
  600f102d0bd36e876b05e65e2b2398e8  postgresql-tcl-7.0.2-18.2_imnx_1.i386.rpm
  f59244858a7992beead0ce789985a0f7  postgresql-tk-7.0.2-18.2_imnx_1.i386.rpm

GPG verification:                                                               
  Our public key is available at <http://wirex.com/security/GPG_KEY>.           

NOTE:
  Ibiblio is graciously mirroring our updates, so if the links above are
  slow, please try:
    ftp://ftp.ibiblio.org/pub/Linux/distributions/immunix/
  or one of the many mirrors available at:
    http://www.ibiblio.org/pub/Linux/MIRRORS.html

  ImmunixOS 6.2 is no longer officially supported.
  ImmunixOS 7.0 is no longer officially supported.

Contact information:
  To report vulnerabilities, please contact securityat_private WireX 
  attempts to conform to the RFP vulnerability disclosure protocol
  <http://www.wiretrip.net/rfp/policy.html>.

application/pgp-signature attachment: This is a digitally signed message part

Next message: Ahmet Sabri ALPER: "[ARL03-A16] Multiple Security Issues in phPay"
Previous message: mattmurphyat_private: "Exploit Code Released for Apache 2.x Memory Leak"
Next in thread: WireX Security Team: "Immunix Secured OS 7+ PostgreSQL update"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Wed Apr 09 2003 - 20:31:34 PDT