PostgreSQL PL/Perl And PL/Tcl Local Privilege Escalation Vulnerability Network Vulnerability

Summary

PostgreSQL is prone to a local privilege-escalation vulnerability. Exploiting this issue allows local attackers to gain elevated privileges and execute arbitrary commands with the privileges of the victim. Versions prior to PostgreSQL 9.0.1 are vulnerable.

Solution

Updates are available. Please see the references for more information.

References

http://www.postgresql.org
http://www.postgresql.org/docs/9.0/static/release-9-0-1.html
http://www.postgresql.org/support/security
https://www.securityfocus.com/bid/43747

Updated on 2015-03-25

Severity

Classification

CVE CVE-2010-3433
CVSS Base Score: 6.0
AV:N/AC:M/Au:S/C:P/I:P/A:P

Related Vulnerabilities

IBM DB2 db2pd Denial Of Service Vulnerability (Win)
Oracle MySQL Multiple Unspecified vulnerabilities - 03 Jan14 (Windows)
MySQL 'Gis_line_string::init_from_wkb()' DOS Vulnerability
Sybase ASA Ping
MySQL Unspecified vulnerability-04 July-2013 (Windows)

PostgreSQL PL/Perl and PL/Tcl Local Privilege Escalation Vulnerability

Take action and discover your vulnerabilities