CVE-2002-1402

Name of the Vulnerable Software and Affected Versions PostgreSQL versions 7.2.1 and earlier ecpg (affected versions not specified)

Description The issue concerns multiple vulnerabilities in the ecpg package of Debian GNU/Linux and buffer overflows in PostgreSQL. These vulnerabilities can be exploited remotely, potentially leading to breaches of confidentiality, integrity, and availability of protected information. Specifically, buffer overflows in the TZ and SET TIME ZONE environment variables can cause a denial of service and possibly allow the execution of arbitrary code.

Recommendations For PostgreSQL versions 7.2.1 and earlier: update to a version later than 7.2.1 to resolve the buffer overflow issues in the TZ and SET TIME ZONE environment variables. For ecpg: At the moment, there is no information about a newer version that contains a fix for this vulnerability.