CVE-2010-0442 : Detail

CVE-2010-0442

72.49%V3
Network
2010-02-02
17h00 +00:00
2017-09-18
10h57 +00:00
CVE.org
NVD
Notifications for a CVE
Stay informed of any changes for a specific CVE.
Notifications manage

CVE Descriptions

The bitsubstr function in backend/utils/adt/varbit.c in PostgreSQL 8.0.23, 8.1.11, and 8.3.8 allows remote authenticated users to cause a denial of service (daemon crash) or have unspecified other impact via vectors involving a negative integer in the third argument, as demonstrated by a SELECT statement that contains a call to the substring function for a bit string, related to an "overflow."

CVE Informations

Related Weaknesses

CWE-ID Weakness Name Source
CWE-189 Category : Numeric Errors
Weaknesses in this category are related to improper calculation or conversion of numbers.

Metrics

Metrics Score Severity CVSS Vector Source
V2 6.5 AV:N/AC:L/Au:S/C:P/I:P/A:P nvd@nist.gov

EPSS

EPSS is a scoring model that predicts the likelihood of a vulnerability being exploited.

EPSS Score

The EPSS model produces a probability score between 0 and 1 (0 and 100%). The higher the score, the greater the probability that a vulnerability will be exploited.

EPSS Percentile

The percentile is used to rank CVE according to their EPSS score. For example, a CVE in the 95th percentile according to its EPSS score is more likely to be exploited than 95% of other CVE. Thus, the percentile is used to compare the EPSS score of a CVE with that of other CVE.
EPSS First.org

Exploit information

Exploit Database EDB-ID : 33571

Publication date : 2010-01-26 23h00 +00:00
Author : Intevydis
EDB Verified : Yes

source: https://www.securityfocus.com/bid/37973/info PostgreSQL is prone to a buffer-overflow vulnerability because the application fails to perform adequate boundary checks on user-supplied data. Attackers can exploit this issue to execute arbitrary code with elevated privileges or crash the affected application. PostgreSQL 8.0.23 is vulnerable; other versions may also be affected. testdb=# select substring(B'101010101010101010101010101010101010 10101010101',33,-15);

Products Mentioned

Configuraton 0

Postgresql>>Postgresql >> Version From (including) 7.4 To (excluding) 7.4.28

Postgresql>>Postgresql >> Version From (including) 8.0 To (excluding) 8.0.24

Postgresql>>Postgresql >> Version From (including) 8.1 To (excluding) 8.1.20

Postgresql>>Postgresql >> Version From (including) 8.2 To (excluding) 8.2.16

Postgresql>>Postgresql >> Version From (including) 8.3 To (excluding) 8.3.10

Postgresql>>Postgresql >> Version From (including) 8.4 To (excluding) 8.4.3

References

http://www.redhat.com/support/errata/RHSA-2010-0427.html
Tags : vendor-advisory, x_refsource_REDHAT
http://securitytracker.com/id?1023510
Tags : vdb-entry, x_refsource_SECTRACK
http://www.redhat.com/support/errata/RHSA-2010-0428.html
Tags : vendor-advisory, x_refsource_REDHAT
http://www.debian.org/security/2010/dsa-2051
Tags : vendor-advisory, x_refsource_DEBIAN
http://ubuntu.com/usn/usn-933-1
Tags : vendor-advisory, x_refsource_UBUNTU
http://secunia.com/advisories/39820
Tags : third-party-advisory, x_refsource_SECUNIA
http://www.openwall.com/lists/oss-security/2010/01/27/5
Tags : mailing-list, x_refsource_MLIST
http://www.vupen.com/english/advisories/2010/1221
Tags : vdb-entry, x_refsource_VUPEN
http://www.securityfocus.com/bid/37973
Tags : vdb-entry, x_refsource_BID
http://www.vupen.com/english/advisories/2010/1207
Tags : vdb-entry, x_refsource_VUPEN
http://www.vupen.com/english/advisories/2010/1022
Tags : vdb-entry, x_refsource_VUPEN
http://secunia.com/advisories/39566
Tags : third-party-advisory, x_refsource_SECUNIA
http://www.redhat.com/support/errata/RHSA-2010-0429.html
Tags : vendor-advisory, x_refsource_REDHAT
http://www.mandriva.com/security/advisories?name=MDVSA-2010:103
Tags : vendor-advisory, x_refsource_MANDRIVA
http://secunia.com/advisories/39939
Tags : third-party-advisory, x_refsource_SECUNIA
http://www.vupen.com/english/advisories/2010/1197
Tags : vdb-entry, x_refsource_VUPEN