CVE-2007-6067
postgresql: tempory DoS caused by slow regex NFA cleanup
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
1Exploited in Wild
-Decision
Descriptions
Algorithmic complexity vulnerability in the regular expression parser in TCL before 8.4.17, as used in PostgreSQL 8.2 before 8.2.6, 8.1 before 8.1.11, 8.0 before 8.0.15, and 7.4 before 7.4.19, allows remote authenticated users to cause a denial of service (memory consumption) via a crafted "complex" regular expression with doubly-nested states.
Vulnerabilidad de complejidad algorítmica en el analizador de la expresión regular en TCL en versiones anteriores a 8.4.17, tal como se utiliza en PostgreSQL 8.2 en versiones anteriores a 8.2.6, 8.1 en versiones anteriores a 8.1.11, 8.0 en versiones anteriores a 8.0.15 y 7.4 en versiones anteriores a 7.4.19, permite a usuarios remotos autenticados provocar una denegación de servicio (consumo de memoria) a través de una expresión regular "compleja" manipulada con estados doblemente anidados.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2007-11-21 CVE Reserved
- 2008-01-09 CVE Published
- 2024-08-07 CVE Updated
- 2024-08-07 First Exploit
- 2024-10-05 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-189: Numeric Errors
CAPEC
References (42)
URL | Date | SRC |
---|---|---|
http://sourceforge.net/tracker/index.php?func=detail&aid=1810264&group_id=10894&atid=110894 | 2024-08-07 |
URL | Date | SRC |
---|---|---|
http://www.securityfocus.com/bid/27163 | 2018-10-15 |
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Postgresql Search vendor "Postgresql" | Postgresql Search vendor "Postgresql" for product "Postgresql" | 7.3 Search vendor "Postgresql" for product "Postgresql" and version "7.3" | - |
Affected
| ||||||
Postgresql Search vendor "Postgresql" | Postgresql Search vendor "Postgresql" for product "Postgresql" | 7.3.1 Search vendor "Postgresql" for product "Postgresql" and version "7.3.1" | - |
Affected
| ||||||
Postgresql Search vendor "Postgresql" | Postgresql Search vendor "Postgresql" for product "Postgresql" | 7.3.2 Search vendor "Postgresql" for product "Postgresql" and version "7.3.2" | - |
Affected
| ||||||
Postgresql Search vendor "Postgresql" | Postgresql Search vendor "Postgresql" for product "Postgresql" | 7.3.3 Search vendor "Postgresql" for product "Postgresql" and version "7.3.3" | - |
Affected
| ||||||
Postgresql Search vendor "Postgresql" | Postgresql Search vendor "Postgresql" for product "Postgresql" | 7.3.4 Search vendor "Postgresql" for product "Postgresql" and version "7.3.4" | - |
Affected
| ||||||
Postgresql Search vendor "Postgresql" | Postgresql Search vendor "Postgresql" for product "Postgresql" | 7.3.6 Search vendor "Postgresql" for product "Postgresql" and version "7.3.6" | - |
Affected
| ||||||
Postgresql Search vendor "Postgresql" | Postgresql Search vendor "Postgresql" for product "Postgresql" | 7.3.8 Search vendor "Postgresql" for product "Postgresql" and version "7.3.8" | - |
Affected
| ||||||
Postgresql Search vendor "Postgresql" | Postgresql Search vendor "Postgresql" for product "Postgresql" | 7.3.9 Search vendor "Postgresql" for product "Postgresql" and version "7.3.9" | - |
Affected
| ||||||
Postgresql Search vendor "Postgresql" | Postgresql Search vendor "Postgresql" for product "Postgresql" | 7.3.10 Search vendor "Postgresql" for product "Postgresql" and version "7.3.10" | - |
Affected
| ||||||
Postgresql Search vendor "Postgresql" | Postgresql Search vendor "Postgresql" for product "Postgresql" | 7.3.11 Search vendor "Postgresql" for product "Postgresql" and version "7.3.11" | - |
Affected
| ||||||
Postgresql Search vendor "Postgresql" | Postgresql Search vendor "Postgresql" for product "Postgresql" | 7.3.12 Search vendor "Postgresql" for product "Postgresql" and version "7.3.12" | - |
Affected
| ||||||
Postgresql Search vendor "Postgresql" | Postgresql Search vendor "Postgresql" for product "Postgresql" | 7.3.13 Search vendor "Postgresql" for product "Postgresql" and version "7.3.13" | - |
Affected
| ||||||
Postgresql Search vendor "Postgresql" | Postgresql Search vendor "Postgresql" for product "Postgresql" | 7.3.14 Search vendor "Postgresql" for product "Postgresql" and version "7.3.14" | - |
Affected
| ||||||
Postgresql Search vendor "Postgresql" | Postgresql Search vendor "Postgresql" for product "Postgresql" | 7.3.15 Search vendor "Postgresql" for product "Postgresql" and version "7.3.15" | - |
Affected
| ||||||
Postgresql Search vendor "Postgresql" | Postgresql Search vendor "Postgresql" for product "Postgresql" | 7.3.16 Search vendor "Postgresql" for product "Postgresql" and version "7.3.16" | - |
Affected
| ||||||
Postgresql Search vendor "Postgresql" | Postgresql Search vendor "Postgresql" for product "Postgresql" | 7.3.19 Search vendor "Postgresql" for product "Postgresql" and version "7.3.19" | - |
Affected
| ||||||
Postgresql Search vendor "Postgresql" | Postgresql Search vendor "Postgresql" for product "Postgresql" | 7.4 Search vendor "Postgresql" for product "Postgresql" and version "7.4" | - |
Affected
| ||||||
Postgresql Search vendor "Postgresql" | Postgresql Search vendor "Postgresql" for product "Postgresql" | 7.4.1 Search vendor "Postgresql" for product "Postgresql" and version "7.4.1" | - |
Affected
| ||||||
Postgresql Search vendor "Postgresql" | Postgresql Search vendor "Postgresql" for product "Postgresql" | 7.4.2 Search vendor "Postgresql" for product "Postgresql" and version "7.4.2" | - |
Affected
| ||||||
Postgresql Search vendor "Postgresql" | Postgresql Search vendor "Postgresql" for product "Postgresql" | 7.4.3 Search vendor "Postgresql" for product "Postgresql" and version "7.4.3" | - |
Affected
| ||||||
Postgresql Search vendor "Postgresql" | Postgresql Search vendor "Postgresql" for product "Postgresql" | 7.4.4 Search vendor "Postgresql" for product "Postgresql" and version "7.4.4" | - |
Affected
| ||||||
Postgresql Search vendor "Postgresql" | Postgresql Search vendor "Postgresql" for product "Postgresql" | 7.4.5 Search vendor "Postgresql" for product "Postgresql" and version "7.4.5" | - |
Affected
| ||||||
Postgresql Search vendor "Postgresql" | Postgresql Search vendor "Postgresql" for product "Postgresql" | 7.4.6 Search vendor "Postgresql" for product "Postgresql" and version "7.4.6" | - |
Affected
| ||||||
Postgresql Search vendor "Postgresql" | Postgresql Search vendor "Postgresql" for product "Postgresql" | 7.4.7 Search vendor "Postgresql" for product "Postgresql" and version "7.4.7" | - |
Affected
| ||||||
Postgresql Search vendor "Postgresql" | Postgresql Search vendor "Postgresql" for product "Postgresql" | 7.4.8 Search vendor "Postgresql" for product "Postgresql" and version "7.4.8" | - |
Affected
| ||||||
Postgresql Search vendor "Postgresql" | Postgresql Search vendor "Postgresql" for product "Postgresql" | 7.4.9 Search vendor "Postgresql" for product "Postgresql" and version "7.4.9" | - |
Affected
| ||||||
Postgresql Search vendor "Postgresql" | Postgresql Search vendor "Postgresql" for product "Postgresql" | 7.4.10 Search vendor "Postgresql" for product "Postgresql" and version "7.4.10" | - |
Affected
| ||||||
Postgresql Search vendor "Postgresql" | Postgresql Search vendor "Postgresql" for product "Postgresql" | 7.4.11 Search vendor "Postgresql" for product "Postgresql" and version "7.4.11" | - |
Affected
| ||||||
Postgresql Search vendor "Postgresql" | Postgresql Search vendor "Postgresql" for product "Postgresql" | 7.4.12 Search vendor "Postgresql" for product "Postgresql" and version "7.4.12" | - |
Affected
| ||||||
Postgresql Search vendor "Postgresql" | Postgresql Search vendor "Postgresql" for product "Postgresql" | 7.4.13 Search vendor "Postgresql" for product "Postgresql" and version "7.4.13" | - |
Affected
| ||||||
Postgresql Search vendor "Postgresql" | Postgresql Search vendor "Postgresql" for product "Postgresql" | 7.4.14 Search vendor "Postgresql" for product "Postgresql" and version "7.4.14" | - |
Affected
| ||||||
Postgresql Search vendor "Postgresql" | Postgresql Search vendor "Postgresql" for product "Postgresql" | 7.4.16 Search vendor "Postgresql" for product "Postgresql" and version "7.4.16" | - |
Affected
| ||||||
Postgresql Search vendor "Postgresql" | Postgresql Search vendor "Postgresql" for product "Postgresql" | 7.4.17 Search vendor "Postgresql" for product "Postgresql" and version "7.4.17" | - |
Affected
| ||||||
Postgresql Search vendor "Postgresql" | Postgresql Search vendor "Postgresql" for product "Postgresql" | 8.0 Search vendor "Postgresql" for product "Postgresql" and version "8.0" | - |
Affected
| ||||||
Postgresql Search vendor "Postgresql" | Postgresql Search vendor "Postgresql" for product "Postgresql" | 8.0.1 Search vendor "Postgresql" for product "Postgresql" and version "8.0.1" | - |
Affected
| ||||||
Postgresql Search vendor "Postgresql" | Postgresql Search vendor "Postgresql" for product "Postgresql" | 8.0.2 Search vendor "Postgresql" for product "Postgresql" and version "8.0.2" | - |
Affected
| ||||||
Postgresql Search vendor "Postgresql" | Postgresql Search vendor "Postgresql" for product "Postgresql" | 8.0.3 Search vendor "Postgresql" for product "Postgresql" and version "8.0.3" | - |
Affected
| ||||||
Postgresql Search vendor "Postgresql" | Postgresql Search vendor "Postgresql" for product "Postgresql" | 8.0.4 Search vendor "Postgresql" for product "Postgresql" and version "8.0.4" | - |
Affected
| ||||||
Postgresql Search vendor "Postgresql" | Postgresql Search vendor "Postgresql" for product "Postgresql" | 8.0.5 Search vendor "Postgresql" for product "Postgresql" and version "8.0.5" | - |
Affected
| ||||||
Postgresql Search vendor "Postgresql" | Postgresql Search vendor "Postgresql" for product "Postgresql" | 8.0.7 Search vendor "Postgresql" for product "Postgresql" and version "8.0.7" | - |
Affected
| ||||||
Postgresql Search vendor "Postgresql" | Postgresql Search vendor "Postgresql" for product "Postgresql" | 8.0.8 Search vendor "Postgresql" for product "Postgresql" and version "8.0.8" | - |
Affected
| ||||||
Postgresql Search vendor "Postgresql" | Postgresql Search vendor "Postgresql" for product "Postgresql" | 8.0.9 Search vendor "Postgresql" for product "Postgresql" and version "8.0.9" | - |
Affected
| ||||||
Postgresql Search vendor "Postgresql" | Postgresql Search vendor "Postgresql" for product "Postgresql" | 8.0.11 Search vendor "Postgresql" for product "Postgresql" and version "8.0.11" | - |
Affected
| ||||||
Postgresql Search vendor "Postgresql" | Postgresql Search vendor "Postgresql" for product "Postgresql" | 8.0.13 Search vendor "Postgresql" for product "Postgresql" and version "8.0.13" | - |
Affected
| ||||||
Postgresql Search vendor "Postgresql" | Postgresql Search vendor "Postgresql" for product "Postgresql" | 8.0.317 Search vendor "Postgresql" for product "Postgresql" and version "8.0.317" | - |
Affected
| ||||||
Postgresql Search vendor "Postgresql" | Postgresql Search vendor "Postgresql" for product "Postgresql" | 8.1.1 Search vendor "Postgresql" for product "Postgresql" and version "8.1.1" | - |
Affected
| ||||||
Postgresql Search vendor "Postgresql" | Postgresql Search vendor "Postgresql" for product "Postgresql" | 8.1.3 Search vendor "Postgresql" for product "Postgresql" and version "8.1.3" | - |
Affected
| ||||||
Postgresql Search vendor "Postgresql" | Postgresql Search vendor "Postgresql" for product "Postgresql" | 8.1.4 Search vendor "Postgresql" for product "Postgresql" and version "8.1.4" | - |
Affected
| ||||||
Postgresql Search vendor "Postgresql" | Postgresql Search vendor "Postgresql" for product "Postgresql" | 8.1.5 Search vendor "Postgresql" for product "Postgresql" and version "8.1.5" | - |
Affected
| ||||||
Postgresql Search vendor "Postgresql" | Postgresql Search vendor "Postgresql" for product "Postgresql" | 8.1.7 Search vendor "Postgresql" for product "Postgresql" and version "8.1.7" | - |
Affected
| ||||||
Postgresql Search vendor "Postgresql" | Postgresql Search vendor "Postgresql" for product "Postgresql" | 8.1.8 Search vendor "Postgresql" for product "Postgresql" and version "8.1.8" | - |
Affected
| ||||||
Postgresql Search vendor "Postgresql" | Postgresql Search vendor "Postgresql" for product "Postgresql" | 8.1.9 Search vendor "Postgresql" for product "Postgresql" and version "8.1.9" | - |
Affected
| ||||||
Postgresql Search vendor "Postgresql" | Postgresql Search vendor "Postgresql" for product "Postgresql" | 8.2 Search vendor "Postgresql" for product "Postgresql" and version "8.2" | - |
Affected
| ||||||
Postgresql Search vendor "Postgresql" | Postgresql Search vendor "Postgresql" for product "Postgresql" | 8.2.2 Search vendor "Postgresql" for product "Postgresql" and version "8.2.2" | - |
Affected
| ||||||
Postgresql Search vendor "Postgresql" | Postgresql Search vendor "Postgresql" for product "Postgresql" | 8.2.3 Search vendor "Postgresql" for product "Postgresql" and version "8.2.3" | - |
Affected
| ||||||
Postgresql Search vendor "Postgresql" | Postgresql Search vendor "Postgresql" for product "Postgresql" | 8.2.4 Search vendor "Postgresql" for product "Postgresql" and version "8.2.4" | - |
Affected
| ||||||
Tcl Tk Search vendor "Tcl Tk" | Tcl Tk Search vendor "Tcl Tk" for product "Tcl Tk" | <= 8.4.16 Search vendor "Tcl Tk" for product "Tcl Tk" and version " <= 8.4.16" | - |
Affected
|