Recent Posts
- SnortReport nmap.php target Parameter Arbitrary Command Execution
- Privacy in iTunes Ping
- Mandriva: 2010:170: wget
- New Bento 3 Project Manager
- Gentoo: 201009-01: wxGTK: User-assisted execution of arbitrary code
Categories
- Apple Security Updates
- CVE Vulnerabilities
- Debian Advisories
- Fedora Advisories
- Foresight Advisories
- FreeBSD Advisories
- Gentoo Advisories
- Linux Vulnerabilities
- Mandriva Advisories
- Microsoft Security Response Center
- Microsoft Vulnerabilities
- Nessus Plugin Updates
- Product Updates
- Red Hat Advisories
- Slackware Advisories
- Suse Advisories
- Ubuntu Advisories
USN876-1 : postgresql-8.1, postgresql-8.3, postgresql-8.4 vulnerabilities
Synopsis : These remote packages are missing security patches : – libecpg-compat2 – libecpg-compat3 – libecpg-dev – libecpg5 – libecpg6 – libpgtypes2 – libpgtypes3 – libpq-dev – libpq4 – libpq5 – postgresql – postgresql-8.1 – postgresql-8.3 – postgresql-8.4 – postgresql-client – postgresql-client-8.1 – postgresql-client-8.3 – postgresql-client-8.4 – postgresql-contrib – postgresql-contrib-8.1 – postgresql-contrib-8.3 – postgresql-contrib-8.4 – postgresql-doc – postgresql-doc-8.1 – postgresql-d Description : It was discovered that PostgreSQL did not properly handle certificates with NULL characters in the Common Name field of X.509 certificates. An attacker could exploit this to perform a man in the middle attack to view sensitive information or alter encrypted communications. (CVE-2009-4034) It was discovered that PostgreSQL did not properly manage session-local state
Continue reading here:
USN876-1 : postgresql-8.1, postgresql-8.3, postgresql-8.4 vulnerabilities
Leave a Comment