Here's yet another. He claims malicious code can be run on the server with this one.
Vince. -- ========================================================================== Vince Vielhaber -- KA8CSH email: [EMAIL PROTECTED] http://www.pop4.net 56K Nationwide Dialup from $16.00/mo at Pop4 Networking http://www.camping-usa.com http://www.cloudninegifts.com http://www.meanstreamradio.com http://www.unknown-artists.com ========================================================================== ---------- Forwarded message ---------- Date: Tue, 20 Aug 2002 14:28:49 +0000 From: Sir Mordred The Traitor <[EMAIL PROTECTED]> To: [EMAIL PROTECTED] Subject: @(#)Mordred Labs advisory 0x0003: Buffer overflow in PostgreSQL //@(#)Mordred Labs advisory 0x0003 Release data: 20/08/02 Name: Buffer overflow in PostgreSQL Versions affected: all versions Risk: high --[ Description: ...PostgreSQL is a sophisticated Object-Relational DBMS, supporting almost all SQL constructs, including subselects, transactions, and user-defined types and functions. It is the most advanced open-source database available anywhere...blah...blah... For more info check out this link: http://www.postgresql.org/idocs/index.php?preface.html#INTRO-WHATIS There exists a heap buffer overflow in a repeat(text, integer) function, which allows an attacker to execute malicious code. --[ Details: Upon invoking a repeat() function, a src/backend/utils/adt/oracle_compat.c::repeat() function will gets called which suffers from a buffer overflow. --[ How to reproduce: psql> select repeat('xxx',1431655765); pqReadData() -- backend closed the channel unexpectedly. This probably means the backend terminated abnormally before or while processing the request. The connection to the server was lost. Attempting reset: Failed. --[ Solution Do you still running postgresql? ...Can't believe that... If so, execute the following command as a root: "killall -9 postmaster", and wait until the patch will be available. ________________________________________________________________________ This letter has been delivered unencrypted. We'd like to remind you that the full protection of e-mail correspondence is provided by S-mail encryption mechanisms if only both, Sender and Recipient use S-mail. Register at S-mail.com: http://www.s-mail.com/inf/en ---------------------------(end of broadcast)--------------------------- TIP 1: subscribe and unsubscribe commands go to [EMAIL PROTECTED]
