CVE-2006-5540 - Secunia Advisories - Vulnerability Intelligence

CVE Reference: CVE-2006-5540
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2006-5540

Description: backend/parser/analyze.c in PostgreSQL 8.1.x before 8.1.5 allows remote authenticated users to cause a denial of service (daemon crash) via certain aggregate functions in an UPDATE statement, which are not properly handled during a "MIN/MAX index optimization."

CVE Status: Candidate

References: UBUNTU http://www.ubuntu.com/usn/usn-369-2 http://www.ubuntu.com/usn/usn-369-1 TRUSTIX http://www.trustix.org/errata/2006/0059/ SUSE http://www.novell.com/linux/security/advisories/2006_27_sr.html ST 1017115 SGI SAID Secunia Advisory: SA22606 Secunia Advisory: SA22562 Secunia Advisory: SA22584 Secunia Advisory: SA22636 Secunia Advisory: SA23048 Secunia Advisory: SA23132 Secunia Advisory: SA24094 Secunia Advisory: SA24577 Secunia Advisory: SA24284 REDHAT http://www.redhat.com/support/errata/RHSA-2007-0064.html http://www.redhat.com/support/errata/RHSA-2007-0068.html http://www.redhat.com/support/errata/RHSA-2007-0067.html MANDRIVA http://frontal2.mandriva.com/security/advisories?name=MDKSA-2006:194 CONFIRM http://support.novell.com/techcenter/psdb/59650c03a8bc5ae310cd7898bd106ad2.html http://support.avaya.com/elmodocs2/security/ASA-2007-117.htm http://www.postgresql.org/about/news.664 http://projects.commandprompt.com/public/pgsql/changeset/25504 BID 20717

Return to the previous page.