[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Postgres buffer overflow in stable .

Jean-Francois Dive <jef@debian.org> writes:

> The bug 155419 opened 37 days old point to a serious security issue
> with postgres as i can lead to DOS from local users

You can't get rid of the authenticated user DoS easily, see 160673.
This requires the ability to execute arbitrary SQL statements, though,
so the path to attack is rather narrow.

Florian Weimer 	                  Weimer@CERT.Uni-Stuttgart.DE
University of Stuttgart           http://CERT.Uni-Stuttgart.DE/people/fw/
RUS-CERT                          fax +49-711-685-5898

Reply to: