Vulnerability Note VU#567452
PostgreSQL database privilege escalation vulnerability
PostgreSQL fails to properly recover from errors. This may allow an authenticated attacker to gain elevated privileges on a PostgreSQL database.
PostgreSQL is an open source database management system.
This issue only exists in PostgreSQL versions 8.1.0 to 8.1.2. An attacker must have valid credentials to exploit this vulnerability.
An authenticated attacker may be able to gain elevated privileges on a PostgreSQL database.
This issue has been corrected in PostgreSQL version 8.1.3.
Systems Affected (Learn More)
|Vendor||Status||Date Notified||Date Updated|
|PostgreSQL||Affected||-||27 Feb 2006|
|Red Hat, Inc.||Unknown||-||17 May 2006|
CVSS Metrics (Learn More)
This issue was reported in the release notes for PostgreSQL 8.1.3. PostgreSQL credits Akio Ishida with providing information regarding this issue.
This document was written by Jeff Gennari.
- CVE IDs: CVE-2006-0553
- Date Public: 14 Feb 2006
- Date First Published: 27 Feb 2006
- Date Last Updated: 17 May 2006
- Severity Metric: 2.55
- Document Revision: 17
If you have feedback, comments, or additional information about this vulnerability, please send us email.