PT-2006-6257 · Postgresql+1 · Postgresql+1

Sergey Koposov

Published

2006-10-26

Updated

2017-10-11

CVE-2006-5542

CVSS v2.0

4.0

Medium

Vector

AV:N/AC:L/Au:S/C:N/I:N/A:P

Name of the Vulnerable Software and Affected Versions PostgreSQL versions 8.1.x through 8.1.4

Description The issue is related to duration logging of V3-protocol Execute messages for SQL statements, specifically COMMIT and ROLLBACK. A bug in the logging of V3 protocol messages can cause a denial of service. A valid login is required to exploit this issue.

Recommendations For PostgreSQL versions 8.1.x through 8.1.4, update to version 8.1.5 or later to resolve the issue.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2006-5542

RHSA-2007:0067

RHSA-2007:0068

RHSA-2007_0068

Affected Products

Postgresql

Red Hat

PT-2006-6257 · Postgresql+1 · Postgresql+1

CVE-2006-5542

Related Identifiers

Affected Products

References · 33