Upstream information
Description
The regular expression parser in TCL before 8.4.17, as used in PostgreSQL 8.2 before 8.2.6, 8.1 before 8.1.11, 8.0 before 8.0.15, and 7.4 before 7.4.19, allows remote authenticated users to cause a denial of service (backend crash) via an out-of-bounds backref number.SUSE information
Overall state of this security issue: Resolved
This issue is currently rated as having important severity.
National Vulnerability Database | |
---|---|
Base Score | 6.8 |
Vector | AV:N/AC:L/Au:S/C:N/I:N/A:C |
Access Vector | Network |
Access Complexity | Low |
Authentication | Single |
Confidentiality Impact | None |
Integrity Impact | None |
Availability Impact | Complete |
- SUSE-SA:2008:005, published Wed, 06 Feb 2008 11:00:00 +0000
List of released packages
Product(s) | Fixed package version(s) | References |
---|---|---|
SUSE Linux Enterprise Server 11 SP1 |
| Patchnames: SUSE Linux Enterprise Server 11 SP1 GA postgresql |
SUSE Linux Enterprise Server 11 SP2 |
| Patchnames: SUSE Linux Enterprise Server 11 SP2 GA postgresql |
SUSE Linux Enterprise Server 11 SP3 |
| Patchnames: SUSE Linux Enterprise Server 11 SP3 GA libecpg6 SUSE Linux Enterprise Server 11 SP3 GA postgresql |
SUSE Linux Enterprise Server 11 SP4 |
| Patchnames: SUSE Linux Enterprise Server 11 SP4 GA libecpg6 SUSE Linux Enterprise Server 11 SP4 GA postgresql |
SUSE Linux Enterprise Software Development Kit 11 SP4 |
| Patchnames: SUSE Linux Enterprise Software Development Kit 11 SP4 GA postgresql-devel SUSE Linux Enterprise Software Development Kit 11 SP4 GA postgresql94-devel |
SUSE LINUX 10.1 |
| |
Novell Linux Desktop 9 for x86 Open Enterprise Server |
|
sles9-oes.x86 core9.s390 YOU Patch Nr: 12065 |
Novell Linux Desktop 9 for x86_64 |
|
sles9-oes.x86 core9.s390 YOU Patch Nr: 12065 |