CVE-2007-6601
Description
The DBLink module in PostgreSQL 8.2 before 8.2.6, 8.1 before 8.1.11, 8.0 before 8.0.15, 7.4 before 7.4.19, and 7.3 before 7.3.21, when local trust or ident authentication is used, allows remote attackers to gain privileges via unspecified vectors. NOTE: this issue exists because of an incomplete fix for CVE-2007-3278.
Risk Information
Base Score
8.4
MODERATE
Vector
AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
0.709
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Vulnerability CVE-2007-4769,CVE-2007-6067,CVE-2007-6601 are affected in Postgresql 8.2.4 | Windows |
| Vulnerabilities CVE-2007-6601,CVE-2007-6600,CVE-2007-4769 are fixed in PostgreSQL 8.2.6 | Windows |
| Vulnerabilities CVE-2007-6601,CVE-2007-6600,CVE-2007-4769 are fixed in PostgreSQL 8.1.11 | Windows |
| Vulnerabilities CVE-2007-6601,CVE-2007-6600,CVE-2007-4769 are fixed in PostgreSQL 8.0.15 | Windows |
| Vulnerabilities CVE-2007-6601,CVE-2007-6600,CVE-2007-4769 are fixed in PostgreSQL 7.4.19 | Windows |
| Vulnerabilities CVE-2007-6601,CVE-2007-6600 are fixed in PostgreSQL 7.3.21 | Windows |
| Vulnerability CVE-2007-4769,CVE-2007-6067,CVE-2007-6601 are affected in Postgresql 8.2.4 (For Linux) | Linux |
| Vulnerabilities CVE-2007-6601,CVE-2007-6600,CVE-2007-4769 are fixed in PostgreSQL 8.2.6 (For Linux) | Linux |
| Vulnerabilities CVE-2007-6601,CVE-2007-6600,CVE-2007-4769 are fixed in PostgreSQL 8.1.11 (For Linux) | Linux |
| Vulnerabilities CVE-2007-6601,CVE-2007-6600,CVE-2007-4769 are fixed in PostgreSQL 8.0.15 (For Linux) | Linux |
| Vulnerabilities CVE-2007-6601,CVE-2007-6600,CVE-2007-4769 are fixed in PostgreSQL 7.4.19 (For Linux) | Linux |
| Vulnerabilities CVE-2007-6601,CVE-2007-6600 are fixed in PostgreSQL 7.3.21 (For Linux) | Linux |
| Postgresql-server update (ELSA-2024-10882) postgresql-server-9.2.24-9.0.3.el7_9.x86_64.rpm | Linux |
| Postgresql-pltcl update (ELSA-2024-10882) postgresql-pltcl-9.2.24-9.0.3.el7_9.x86_64.rpm | Linux |
| Postgresql-plpython update (ELSA-2024-10882) postgresql-plpython-9.2.24-9.0.3.el7_9.x86_64.rpm | Linux |
| Postgresql-plperl update (ELSA-2024-10882) postgresql-plperl-9.2.24-9.0.3.el7_9.x86_64.rpm | Linux |
| Postgresql-libs update (ELSA-2024-10882) postgresql-libs-9.2.24-9.0.3.el7_9.x86_64.rpm | Linux |
| Postgresql-libs update (ELSA-2024-10882) postgresql-libs-9.2.24-9.0.3.el7_9.i686.rpm | Linux |
| Postgresql-docs update (ELSA-2024-10882) postgresql-docs-9.2.24-9.0.3.el7_9.x86_64.rpm | Linux |
| Postgresql-devel update (ELSA-2024-10882) postgresql-devel-9.2.24-9.0.3.el7_9.x86_64.rpm | Linux |
| Postgresql-devel update (ELSA-2024-10882) postgresql-devel-9.2.24-9.0.3.el7_9.i686.rpm | Linux |
| Postgresql-contrib update (ELSA-2024-10882) postgresql-contrib-9.2.24-9.0.3.el7_9.x86_64.rpm | Linux |
| Postgresql update (ELSA-2024-10882) postgresql-9.2.24-9.0.3.el7_9.x86_64.rpm | Linux |
| Postgresql update (ELSA-2024-10882) postgresql-9.2.24-9.0.3.el7_9.i686.rpm | Linux |
| Postgresql-test update (ELSA-2024-10882) postgresql-test-9.2.24-9.0.3.el7_9.x86_64.rpm | Linux |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234