CVE
- Id
- 5360
- CVE No.
- CVE-2002-0972
- Status
- Candidate
- Description
- Buffer overflows in PostgreSQL 7.2 allow attackers to cause a denial of service and possibly execute arbitrary code via long arguments to the functions (1) lpad or (2) rpad.
- Phase
- Modified (20071113)
- Votes
- MODIFY(1) Frech | NOOP(6) Armstrong, Christey, Cole, Cox, Foat, Wall
- Comments
- Christey> SUSE:SuSE-SA:2002:039 | Christey> There are numerous PostgreSQL issues that were reported around | the same time frame. Need to make sure that they are all | properly identified. | Christey> CONFIRM:http://marc.theaimsgroup.com/?l=postgresql-announce&m=103062536330644 | CONFIRM:http://archives.postgresql.org/pgsql-announce/2002-08/msg00004.php | CONECTIVA:CLA-2002:524 | URL:http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000524 | SUSE:SuSE-SA:2002:038 | URL:http://www.suse.de/de/security/2002_038_postgresql.html | BUGTRAQ:20020826 GLSA: PostgreSQL | URL:http://marc.theaimsgroup.com/?l=bugtraq&m=103036987114437&w=2 | BUGTRAQ:20020824 Fwd: [GENERAL] PostgreSQL 7.2.2: Security Release | URL:http://marc.theaimsgroup.com/?l=bugtraq&m=103021186622725&w=2 | Christey> MANDRAKE:MDKSA-2002:062 | URL:http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2002:062 | REDHAT:RHSA-2003:015 | URL:http://www.redhat.com/support/errata/RHSA-2003-015.html | Frech> XF:postgresql-lpad-rpad-bo(9927) | Christey> REDHAT:RHSA-2003:010
