bugtraq post

For the security minded:

Nico Leidecker <nicoLeidecker@web.de> posted this to bugtraq yesterday, fyi.

"I'd like to present a paper about security issues with PostgreSQL. The paper describes weaknesses in the configuration
thatmay 
+allow attackers to escalade privileges, execute shell commands and to upload arbitrary (binary) files via SQL
injections.

You can either get the TXT version from http://www.leidecker.info/pgshell/Having_Fun_With_PostgreSQL.txt
Or as PDF at at http://www.portcullis.co.uk/uplds/whitepapers/Having_Fun_With_PostgreSQL.pdf

The paper comes with a tool called `pgshell' that can be downloaded at http://www.leidecker.info/pgshell"