USN-71-1: PostgreSQL vulnerability
Publication date
1 February 2005
Overview
PostgreSQL vulnerability
Releases
Details
John Heasman discovered a local privilege escalation in the PostgreSQL
server. Any user could use the LOAD extension to load any shared
library into the PostgreSQL server; the library's initialisation
function was then executed with the permissions of the server.
Now the use of LOAD is restricted to the database superuser (usually
'postgres').
Note: Since there is no way for normal database users to create
arbitrary files, this vulnerability is not exploitable remotely, e. g.
by uploading a shared library in the form of a Binary Large Object
(BLOB) to a public web server.
John Heasman discovered a local privilege escalation in the PostgreSQL
server. Any user could use the LOAD extension to load any shared
library into the PostgreSQL server; the library's initialisation
function was then executed with the permissions of the server.
Now the use of LOAD is restricted to the database superuser (usually
'postgres').
Note: Since there is no way for normal database users to create
arbitrary files, this vulnerability is not exploitable remotely, e. g.
by uploading a shared library in the form of a Binary Large Object
(BLOB) to a public web server.
Update instructions
In general, a standard system update will make all the necessary changes.
Learn more about how to get the fixes.The problem can be corrected by updating your system to the following package versions:
| Ubuntu Release | Package Version | ||
|---|---|---|---|
| 4.10 warty | postgresql – | ||
Reduce your security exposure
Ubuntu Pro provides ten-year security coverage to 25,000+ packages in Main and Universe repositories, and it is free for up to five machines.