Upstream information

CVE-2005-0245 at MITRE

Description

Buffer overflow in gram.y for PostgreSQL 8.0.0 and earlier may allow attackers to execute arbitrary code via a large number of arguments to a refcursor function (gram.y), which leads to a heap-based buffer overflow, a different vulnerability than CVE-2005-0247.

SUSE information

Overall state of this security issue: Resolved

This issue is currently rated as having important severity.

CVSS v2 Scores
  National Vulnerability Database
Base Score 7.5
Vector AV:N/AC:L/Au:N/C:P/I:P/A:P
Access Vector Network
Access Complexity Low
Authentication None
Confidentiality Impact Partial
Integrity Impact Partial
Availability Impact Partial
SUSE Bugzilla entries: 65191, 65692 [RESOLVED]

SUSE Security Advisories:

List of released packages

Product(s) Fixed package version(s) References
SUSE LINUX Retail Solution 8
SuSE Linux Enterprise Server 8 for AMD64
SuSE Linux Enterprise Server 8 for IBM iSeries and IBM pSeries
SuSE Linux Enterprise Server 8 for IBM zSeries
SuSE Linux Enterprise Server 8 for IPF
SuSE Linux Openexchange Server 4
SuSE Linux School Server for i386
SuSE Linux Standard Server 8
UnitedLinux 1.0
  • postgresql >= 7.2.7-4
  • postgresql-devel >= 7.2.7-4
  • postgresql-jdbc >= 7.2.7-4
  • postgresql-libs >= 7.2.7-4
  • postgresql-odbc >= 7.2.7-4
  • postgresql-perl >= 7.2.7-4
  • postgresql-python >= 7.2.7-4
  • postgresql-server >= 7.2.7-4
  • postgresql-tcl >= 7.2.7-4
ul1.s390
ul1.ia64
ul1.s390x
slox4,2.x86
ul1.x86-64
ul1.ppc
YOU Patch Nr: 10013
SUSE LINUX 9.1 for IA32
  • postgresql >= 7.4.7-0.5
  • postgresql-contrib >= 7.4.7-0.5
  • postgresql-devel >= 7.4.7-0.5
  • postgresql-docs >= 7.4.7-0.5
  • postgresql-libs >= 7.4.7-0.5
  • postgresql-pl >= 7.4.7-0.5
  • postgresql-server >= 7.4.7-0.5
SUSE LINUX 9.1 for x86-64
  • postgresql >= 7.4.7-0.5
  • postgresql-contrib >= 7.4.7-0.5
  • postgresql-devel >= 7.4.7-0.5
  • postgresql-docs >= 7.4.7-0.5
  • postgresql-libs >= 7.4.7-0.5
  • postgresql-libs-32bit >= 9.1-200504131537
  • postgresql-pl >= 7.4.7-0.5
  • postgresql-server >= 7.4.7-0.5
SUSE LINUX 9.2
  • postgresql >= 7.4.7-0.3
  • postgresql-contrib >= 7.4.7-0.3
  • postgresql-devel >= 7.4.7-0.3
  • postgresql-docs >= 7.4.7-0.3
  • postgresql-libs >= 7.4.7-0.3
  • postgresql-libs-32bit >= 9.2-200504131606
  • postgresql-pl >= 7.4.7-0.3
  • postgresql-server >= 7.4.7-0.3
SUSE LINUX 9.3
  • postgresql >= 8.0.1-6
  • postgresql-contrib >= 8.0.1-6
  • postgresql-devel >= 8.0.1-6
  • postgresql-docs >= 8.0.1-6
  • postgresql-libs >= 8.0.1-6
  • postgresql-libs-32bit >= 9.3-7.1
  • postgresql-pl >= 8.0.1-6
  • postgresql-server >= 8.0.1-6
SUSE LINUX Retail Solution 8
SuSE Linux Enterprise Server 8 for AMD64
SuSE Linux Enterprise Server 8 for IBM iSeries and IBM pSeries
SuSE Linux Enterprise Server 8 for IBM zSeries
SuSE Linux Enterprise Server 8 for IPF
SuSE Linux Openexchange Server 4
SuSE Linux School Server for i386
SuSE Linux Standard Server 8
UnitedLinux 1.0
  • postgresql >= 7.2.8-2
  • postgresql-devel >= 7.2.8-2
  • postgresql-jdbc >= 7.2.8-2
  • postgresql-libs >= 7.2.8-2
  • postgresql-odbc >= 7.2.8-2
  • postgresql-perl >= 7.2.8-2
  • postgresql-python >= 7.2.8-2
  • postgresql-server >= 7.2.8-2
  • postgresql-tcl >= 7.2.8-2
slox4,2.x86
ul1.ia64
ul1.ppc
ul1.x86-64
ul1.s390
YOU Patch Nr: 10229
Novell Linux Desktop 9 for x86
Novell Linux Desktop 9 for x86_64
Open Enterprise Server
  • postgresql >= 7.4.8-0.6
  • postgresql-contrib >= 7.4.8-0.6
  • postgresql-devel >= 7.4.8-0.6
  • postgresql-docs >= 7.4.8-0.6
  • postgresql-libs >= 7.4.8-0.6
  • postgresql-pl >= 7.4.8-0.6
  • postgresql-server >= 7.4.8-0.6
suse91.s390
suse91.ia64
suse91.x86
suse91.ppc
YOU Patch Nr: 10230
SUSE LINUX 9.1 for IA32
  • postgresql >= 7.4.8-0.6
  • postgresql-contrib >= 7.4.8-0.6
  • postgresql-devel >= 7.4.8-0.6
  • postgresql-docs >= 7.4.8-0.6
  • postgresql-libs >= 7.4.8-0.6
  • postgresql-pl >= 7.4.8-0.6
  • postgresql-server >= 7.4.8-0.6
SUSE LINUX 9.1 for x86-64
  • postgresql >= 7.4.8-0.6
  • postgresql-contrib >= 7.4.8-0.6
  • postgresql-devel >= 7.4.8-0.6
  • postgresql-docs >= 7.4.8-0.6
  • postgresql-libs >= 7.4.8-0.6
  • postgresql-libs-32bit >= 9.1-200506061950
  • postgresql-pl >= 7.4.8-0.6
  • postgresql-server >= 7.4.8-0.6
SUSE LINUX 9.2
  • postgresql >= 7.4.8-0.3
  • postgresql-contrib >= 7.4.8-0.3
  • postgresql-devel >= 7.4.8-0.3
  • postgresql-docs >= 7.4.8-0.3
  • postgresql-libs >= 7.4.8-0.3
  • postgresql-libs-32bit >= 9.2-200506062019
  • postgresql-pl >= 7.4.8-0.3
  • postgresql-server >= 7.4.8-0.3
SUSE LINUX 9.3
  • postgresql >= 8.0.3-1.2
  • postgresql-contrib >= 8.0.3-1.2
  • postgresql-devel >= 8.0.3-1.2
  • postgresql-docs >= 8.0.3-1.2
  • postgresql-libs >= 8.0.3-1.2
  • postgresql-libs-32bit >= 9.3-7.2
  • postgresql-pl >= 8.0.3-1.2
  • postgresql-server >= 8.0.3-1.2
Novell Linux Desktop 9 for x86
Novell Linux Desktop 9 for x86_64
Open Enterprise Server
  • postgresql >= 7.4.7-0.5
  • postgresql-contrib >= 7.4.7-0.5
  • postgresql-devel >= 7.4.7-0.5
  • postgresql-docs >= 7.4.7-0.5
  • postgresql-libs >= 7.4.7-0.5
  • postgresql-pl >= 7.4.7-0.5
  • postgresql-server >= 7.4.7-0.5
suse91.x86-64
suse91.s390
suse91.s390x
suse91.ia64
suse91.ppc
suse91.x86
YOU Patch Nr: 10012