Summary
The remote host is missing an update to postgresql announced via advisory DSA 1261-1.
It was discovered that the PostgreSQL database performs insufficient type checking for SQL function arguments, which might lead to denial of service or information disclosure.
Solution
For the stable distribution (sarge) this problem has been fixed in version 7.4.7-6sarge4.
For the upcoming stable distribution (etch) this problem has been fixed in version 8.1.7-1 of the postgresql-8.1 package.
For the unstable distribution (sid) this problem has been fixed in version 8.1.7-1 of the postgresql-8.1 package.
We recommend that you upgrade your PostgreSQL packages.
https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201261-1
Severity
Classification
-
CVE CVE-2007-0555 -
CVSS Base Score: 8.5
AV:N/AC:L/Au:S/C:C/I:N/A:C
Related Vulnerabilities