Re: CVE-2013-1899 security issue and limited IP addresses in pg_hba.conf

Поиск
Список
Период
Сортировка
От Devrim Gündüz
Тема Re: CVE-2013-1899 security issue and limited IP addresses in pg_hba.conf
Дата
Msg-id d252077c-7ce0-4d48-91bd-5d32cc99de88@email.android.com
обсуждение исходный текст
Ответ на CVE-2013-1899 security issue and limited IP addresses in pg_hba.conf  (Mads.Tandrup@schneider-electric.com)
Список pgsql-general
Дерево обсуждения
Hi,

pg_hba.conf does not have protection for this security issue.

Regards, Devrim

Mads.Tandrup@schneider-electric.com wrote:
Hi All

I'm trying to understand the implications of the latest security fix to postgresql [1].

We have a setup were we in pg_hba.conf have limited the allowed IP addresses of the clients. But does anyone know if CVE-2013-1899 allows an arbitrary attacker to use the exploits described in [1]?

We are using PostgreSQL 8.4.

Best regards,
Mads

[1] http://www.postgresql.org/support/security/faq/2013-04-04/


--
Devrim Gündüz

В списке pgsql-general по дате отправления:

Предыдущее
От: Mads.Tandrup@schneider-electric.com
Дата:
Сообщение: CVE-2013-1899 security issue and limited IP addresses in pg_hba.conf
Следующее
От: Bruce Momjian
Дата:
Сообщение: Re: CVE-2013-1899 security issue and limited IP addresses in pg_hba.conf