New Search

PostgreSQL 8.1 and probably later versions when local trust authentication is enabled and the Database Link library (dblink) is installed allows remote attackers to access arbitrary accounts and execute arbitrary SQL queries via a dblink host parameter that proxies the connection from 127.0.0.1.

oval:org.mitre.oval:def:10334

PostgreSQL 8.1 and probably later versions when local trust authentication is enabled and the Database Link library (dblink) is installed allows remote attackers to access arbitrary accounts and execute arbitrary SQL queries via a dblink host parameter that proxies the connection from 127.0.0.1.

Family:
unix
Status:
ACCEPTED
Platform(s):
  • Oracle Linux 4
  • Oracle Linux 5
  • Red Hat Enterprise Linux 4
  • CentOS Linux 3
  • CentOS Linux 4
  • CentOS Linux 5
  • Red Hat Enterprise Linux 3
  • Red Hat Enterprise Linux 5
Class:
vulnerability
Reference(s):
  • CVE-2007-3278
Product(s):