| Name | CVE-2007-6601 |
| Description | The DBLink module in PostgreSQL 8.2 before 8.2.6, 8.1 before 8.1.11, 8.0 before 8.0.15, 7.4 before 7.4.19, and 7.3 before 7.3.21, when local trust or ident authentication is used, allows remote attackers to gain privileges via unspecified vectors. NOTE: this issue exists because of an incomplete fix for CVE-2007-3278. |
| Source | CVE (at NVD; CERT, LWN, oss-sec, fulldisc, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more) |
| References | DSA-1460-1, DSA-1463-1 |
The information below is based on the following data on fixed versions.
| Package | Type | Release | Fixed Version | Urgency | Origin | Debian Bugs |
|---|---|---|---|---|---|---|
| postgresql | source | sarge | 7.4.7-6sarge6 | DSA-1463-1 | ||
| postgresql-7.4 | source | etch | 7.4.19-0etch1 | DSA-1463-1 | ||
| postgresql-8.1 | source | etch | 8.1.11-0etch1 | DSA-1460-1 | ||
| postgresql-8.1 | source | (unstable) | 8.1.11-1 | |||
| postgresql-8.2 | source | (unstable) | 8.2.6-1 |