// For flags

CVE-2007-0555

Ubuntu Security Notice 417-1

Severity Score

6.5
*CVSS v3

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

PostgreSQL 7.3 before 7.3.13, 7.4 before 7.4.16, 8.0 before 8.0.11, 8.1 before 8.1.7, and 8.2 before 8.2.2 allows attackers to disable certain checks for the data types of SQL function arguments, which allows remote authenticated users to cause a denial of service (server crash) and possibly access database content.

PostgreSQL 7.3 anterior a 7.3.13, 7.4 anterior a 7.4.16, 8.0 anterior a 8.0.11, 8.1 anterior a 8.1.7, y 8.2 anterior a 8.2.2 permite a los atacantes desactivar determinadas comprobaciones de los tipos de datos de los argumentos de funciones SQL, lo cual permite a usuarios autenticados remotamente provocar una denegación de servicio (caída del servidor) y posiblemente acceder a contenido de la base de datos.

Jeff Trout discovered that the PostgreSQL server did not sufficiently check data types of SQL function arguments in some cases. A user could then exploit this to crash the database server or read out arbitrary locations of the server's memory, which could be used to retrieve database contents that the user should not be able to see. Note that a user must be authenticated in order to exploit this. As well, Jeff Trout also discovered that the query planner did not verify that a table was still compatible with a previously-generated query plan, which could be exploited to read out arbitrary locations of the server's memory by using ALTER COLUMN TYPE during query execution. Again, a user must be authenticated in order to exploit this.

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
High
Attack Vector
Network
Attack Complexity
Low
Authentication
Single
Confidentiality
Complete
Integrity
None
Availability
Complete
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2007-01-29 CVE Reserved
  • 2007-02-06 CVE Published
  • 2024-08-07 CVE Updated
  • 2025-03-30 EPSS Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
CAPEC
References (42)
URL Tag Source
http://lists.rpath.com/pipermail/security-announce/2007-February/000141.html Broken Link
http://osvdb.org/33087 Broken Link
http://secunia.com/advisories/24028 Broken Link
http://secunia.com/advisories/24033 Broken Link
http://secunia.com/advisories/24042 Broken Link
http://secunia.com/advisories/24050 Broken Link
http://secunia.com/advisories/24057 Broken Link
http://secunia.com/advisories/24094 Broken Link
http://secunia.com/advisories/24151 Broken Link
http://secunia.com/advisories/24158 Broken Link
http://secunia.com/advisories/24284 Broken Link
http://secunia.com/advisories/24315 Broken Link
http://secunia.com/advisories/24513 Broken Link
http://secunia.com/advisories/24577 Broken Link
http://secunia.com/advisories/25220 Broken Link
http://securitytracker.com/id?1017597 Third Party Advisory
http://support.avaya.com/elmodocs2/security/ASA-2007-117.htm Third Party Advisory
http://www.securityfocus.com/archive/1/459280/100/0/threaded Mailing List
http://www.securityfocus.com/archive/1/459448/100/0/threaded Mailing List
http://www.securityfocus.com/bid/22387 Third Party Advisory
http://www.vupen.com/english/advisories/2007/0478 Third Party Advisory
http://www.vupen.com/english/advisories/2007/0774 Third Party Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/32195 Third Party Advisory
https://issues.rpath.com/browse/RPL-1025 Broken Link
https://issues.rpath.com/browse/RPL-830 Broken Link
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9739 Signature
URL Date SRC
URL Date SRC
URL Date SRC
ftp://patches.sgi.com/support/free/security/advisories/20070201-01-P.asc 2023-01-19
http://fedoranews.org/cms/node/2554 2023-01-19
http://security.gentoo.org/glsa/glsa-200703-15.xml 2023-01-19
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102825-1 2023-01-19
http://www.debian.org/security/2007/dsa-1261 2023-01-19
http://www.mandriva.com/security/advisories?name=MDKSA-2007:037 2023-01-19
http://www.novell.com/linux/security/advisories/2007_10_sr.html 2023-01-19
http://www.postgresql.org/support/security 2023-01-19
http://www.redhat.com/support/errata/RHSA-2007-0064.html 2023-01-19
http://www.redhat.com/support/errata/RHSA-2007-0067.html 2023-01-19
http://www.redhat.com/support/errata/RHSA-2007-0068.html 2023-01-19
http://www.trustix.org/errata/2007/0007 2023-01-19
http://www.ubuntu.com/usn/usn-417-2 2023-01-19
https://usn.ubuntu.com/417-1 2023-01-19
https://access.redhat.com/security/cve/CVE-2007-0555 2007-03-14
https://bugzilla.redhat.com/show_bug.cgi?id=1618367 2007-03-14
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Postgresql
Search vendor "Postgresql"
 Postgresql
Search vendor "Postgresql" for product "Postgresql"
 >= 7.3 < 7.3.18
Search vendor "Postgresql" for product "Postgresql" and version " >= 7.3 < 7.3.18"
-
Affected
Postgresql
Search vendor "Postgresql"
 Postgresql
Search vendor "Postgresql" for product "Postgresql"
 >= 7.4 < 7.4.16
Search vendor "Postgresql" for product "Postgresql" and version " >= 7.4 < 7.4.16"
-
Affected
Postgresql
Search vendor "Postgresql"
 Postgresql
Search vendor "Postgresql" for product "Postgresql"
 >= 8.0 < 8.0.11
Search vendor "Postgresql" for product "Postgresql" and version " >= 8.0 < 8.0.11"
-
Affected
Postgresql
Search vendor "Postgresql"
 Postgresql
Search vendor "Postgresql" for product "Postgresql"
 >= 8.1 < 8.1.7
Search vendor "Postgresql" for product "Postgresql" and version " >= 8.1 < 8.1.7"
-
Affected
Postgresql
Search vendor "Postgresql"
 Postgresql
Search vendor "Postgresql" for product "Postgresql"
 >= 8.2 < 8.2.2
Search vendor "Postgresql" for product "Postgresql" and version " >= 8.2 < 8.2.2"
-
Affected