CVE-2007-6601

NameCVE-2007-6601
DescriptionThe DBLink module in PostgreSQL 8.2 before 8.2.6, 8.1 before 8.1.11, 8.0 before 8.0.15, 7.4 before 7.4.19, and 7.3 before 7.3.21, when local trust or ident authentication is used, allows remote attackers to gain privileges via unspecified vectors. NOTE: this issue exists because of an incomplete fix for CVE-2007-3278.
SourceCVE (at NVD; oss-sec, fulldisc, OSVDB, EDB, Metasploit, Red Hat, Ubuntu, Gentoo, SuSE, Mageia, more)
ReferencesDSA-1460-1, DSA-1463-1
NVD severityhigh (attack range: local)
Debian/oldoldstablenot known to be vulnerable.
Debian/oldstablenot known to be vulnerable.
Debian/stablenot known to be vulnerable.
Debian/testingnot known to be vulnerable.
Debian/unstablenot known to be vulnerable.

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
postgresqlsourcesarge7.4.7-6sarge6highDSA-1463-1
postgresql-7.4sourceetch7.4.19-0etch1highDSA-1463-1
postgresql-8.1source(unstable)8.1.11-1high
postgresql-8.1sourceetch8.1.11-0etch1highDSA-1460-1
postgresql-8.2source(unstable)8.2.6-1high

Search for package or bug name: Reporting problems