I am sure the Security team is already on this....but an FYI. ----- Forwarded message from Sir Mordred The Traitor <[EMAIL PROTECTED]> -----
Envelope-to: [EMAIL PROTECTED] Delivery-date: Mon, 19 Aug 2002 12:35:47 -0400 Mailing-List: contact [EMAIL PROTECTED]; run by ezmlm Precedence: bulk List-Id: <bugtraq.list-id.securityfocus.com> List-Post: <mailto:bugtraq@securityfocus.com> List-Help: <mailto:[EMAIL PROTECTED]> List-Unsubscribe: <mailto:[EMAIL PROTECTED]> List-Subscribe: <mailto:[EMAIL PROTECTED]> Delivered-To: mailing list bugtraq@securityfocus.com Delivered-To: moderator for bugtraq@securityfocus.com Date: Mon, 19 Aug 2002 15:40:28 +0000 From: Sir Mordred The Traitor <[EMAIL PROTECTED]> To: bugtraq@securityfocus.com Subject: @(#) Mordred Labs advisory 0x0001: Buffer overflow in PostgreSQL // @(#) Mordred Labs Advisory 0x0001 Release data: 19/08/02 Name: Buffer overflow in PostgreSQL Versions affected: <= 7.2 Risk: average --[ Description: PostgreSQL is an advanced object-relational database management system that supports an extended subset of the SQL standard, including transactions, foreign keys, subqueries, triggers, user-defined types and functions. There exists a stack based buffer overflow in cash_words() function, that potentially allows an attacker to execute malicious code. --[ How to reproduce: psql> select cash_words('-700000000000000000000000000000'); pgReadData() -- backend closed the channel unexpectedly. .... .... The connection to the server was lost... --[ Solution: Upgrade to version 7.2.1. ________________________________________________________________________ This letter has been delivered unencrypted. We'd like to remind you that the full protection of e-mail correspondence is provided by S-mail encryption mechanisms if only both, Sender and Recipient use S-mail. Register at S-mail.com: http://www.s-mail.com/inf/en ----- End forwarded message ----- -- Phil PGP/GPG Key: http://www.zionlth.org/~plhofmei/ wget -O - http://www.zionlth.org/~plhofmei/ | gpg --import