Re: [GENERAL] PostgreSQL 7.2.2: Security Release

Поиск
Список
Период
Сортировка
От Gavin Sherry
Тема Re: [GENERAL] PostgreSQL 7.2.2: Security Release
Дата
Msg-id Pine.LNX.4.21.0208252336280.19755-100000@linuxworld.com.au
обсуждение исходный текст
Ответ на Re: [GENERAL] PostgreSQL 7.2.2: Security Release  (Bruce Momjian <pgman@candle.pha.pa.us>)
Ответы Re: [GENERAL] PostgreSQL 7.2.2: Security Release
Список pgsql-hackers
On Sat, 24 Aug 2002, Bruce Momjian wrote:

> 
> The issue is data-provoked crashes vs. query-invoked crashes.  Marc's
> point, and I think it was clear enough, is that you can't just poke at
> the TCP port and hope to do anything bad, which was the thrust of the
> argument, I think.

Bruce,

I am convinced that someone with enough time on their hands and some code
pointed to by Florian Weimer could exploit the datetime overrun issue by
crafting a datetime string in such a way as to overrun the buffer and
smash the stack.

In applications which pass date/time data directly to the database without
any validation (is this datetime string greater than 52 bytes? does it
look like a date/time string?) then a malicious user without direct
database access could crash the database by taking advantage of the short
comings in Postgres and the application.

As such, I would recommend all people who offer direct access to the
database and/or have applications which user date/time data
types/functionality to upgrade to 7.2.2.

Gavin




В списке pgsql-hackers по дате отправления:

Предыдущее
От: "Nigel J. Andrews"
Дата:
Сообщение: A configure.in patch check (fwd)
Следующее
От: Bruce Momjian
Дата:
Сообщение: Re: [GENERAL] PostgreSQL 7.2.2: Security Release