Launchpad.net

CVE 2007-6601

The DBLink module in PostgreSQL 8.2 before 8.2.6, 8.1 before 8.1.11, 8.0 before 8.0.15, 7.4 before 7.4.19, and 7.3 before 7.3.21, when local trust or ident authentication is used, allows remote attackers to gain privileges via unspecified vectors. NOTE: this issue exists because of an incomplete fix for CVE-2007-3278.

Related bugs and status

CVE-2007-6601 (Candidate) is related to these bugs:

Bug #181720: [postgresql] multiple vulnerabilities

		In	Importance	Status
181720	[postgresql] multiple vulnerabilities	postgresql (Ubuntu)	High	Fix Released
181720	[postgresql] multiple vulnerabilities	postgresql (Ubuntu Dapper)	Undecided	Fix Released
181720	[postgresql] multiple vulnerabilities	postgresql (Ubuntu Edgy)	Undecided	Fix Released
181720	[postgresql] multiple vulnerabilities	postgresql (Ubuntu Feisty)	Undecided	Fix Released
181720	[postgresql] multiple vulnerabilities	postgresql (Ubuntu Gutsy)	Undecided	Fix Released

See the

CVE page on Mitre.org for more details.

References

CONFIRM: http://www.postgresql....
MANDRIVA: MDVSA-2008:004
BID: 27163
SECTRACK: 1019157
SECUNIA: 28359
DEBIAN: DSA-1460
FEDORA: FEDORA-2008-0478
FEDORA: FEDORA-2008-0552
REDHAT: RHSA-2008:0038
REDHAT: RHSA-2008:0039
SUNALERT: 103197
SECUNIA: 28376
SECUNIA: 28438
SECUNIA: 28445
SECUNIA: 28437
SECUNIA: 28454
SECUNIA: 28464
CONFIRM: https://issues.rpath.c...
DEBIAN: DSA-1463
SECUNIA: 28477
SECUNIA: 28479
SECUNIA: 28455
GENTOO: GLSA-200801-15
SECUNIA: 28679
SUSE: SUSE-SA:2008:005
SECUNIA: 28698
REDHAT: RHSA-2008:0040
SUNALERT: 200559
HP: HPSBTU02325
HP: SSRT080006
SECUNIA: 29638
VUPEN: ADV-2008-0061
VUPEN: ADV-2008-0109
VUPEN: ADV-2008-1071
XF: postgresql-dblink-priv...
OVAL: oval:org.mitre.oval:de...
UBUNTU: USN-568-1
BUGTRAQ: 20080107 PostgreSQL 20...
BUGTRAQ: 20080115 rPSA-2008-001...