PT-2006-6255 · Postgresql+1 · Postgresql+1

Published

2006-10-26

Updated

2017-10-11

CVE-2006-5540

CVSS v2.0

4.0

Medium

Vector

AV:N/AC:L/Au:S/C:N/I:N/A:P

Name of the Vulnerable Software and Affected Versions PostgreSQL versions 8.1.x through 8.1.4

Description The issue allows remote authenticated users to cause a denial of service, resulting in a daemon crash. This occurs when certain aggregate functions in an UPDATE statement are not properly handled during a "MIN/MAX index optimization." A valid login is required to exploit this issue.

Recommendations For PostgreSQL versions 8.1.x through 8.1.4, update to version 8.1.5 or later to resolve the issue.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2006-5540

RHSA-2007:0064

RHSA-2007:0067

RHSA-2007:0068

RHSA-2007_0064

RHSA-2007_0068

Affected Products

Postgresql

Red Hat

PT-2006-6255 · Postgresql+1 · Postgresql+1

CVE-2006-5540

Related Identifiers

Affected Products

References · 38