Debian Security Advisory DSA 397-1 (postgresql) Network Vulnerability

Summary

The remote host is missing an update to postgresql announced via advisory DSA 397-1.

Solution

https://secure1.securityspace.com/smysecure/catid.html?in=DSA%20397-1

Insight

Tom Lane discovered a buffer overflow in the to_ascii function in PostgreSQL. This allows remote attackers to execute arbitrary code on the host running the database. For the stable distribution (woody) this problem has been fixed in version 7.2.1-2woody4. The unstable distribution (sid) does not contain this problem. We recommend that you upgrade your postgresql package.

Severity

Classification

CVE CVE-2003-0901

CVSS	Base Score: 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P

Related Vulnerabilities

Debian Security Advisory DSA 060-1 (fetchmail)
Debian Security Advisory DSA 070-1 (netkit-telnet)
Debian Security Advisory DSA 034-1 (ePerl)
Debian Security Advisory DSA 1037-1 (zgv)
Debian Security Advisory DSA 1017-1 (kernel-source-2.6.8)

Take action and discover your vulnerabilities