Signature Detail

DB: PostgreSQL Bit Substring Buffer Overflow

This signature detects malformed SQL queries within a PostgreSQL request. A buffer overflow vulnerability exists in the PostgreSQL database server. The vulnerability is due to an error when executing the SQL substring function with malicious input. A remote authenticated attacker could leverage this vulnerability by sending a crafted SQL query to a target server. Successful exploitation could lead to the execution of arbitrary code on the target server.

Extended Description

PostgreSQL is prone to a buffer-overflow vulnerability because the application fails to perform adequate boundary checks on user-supplied data. Attackers can exploit this issue to execute arbitrary code with elevated privileges or crash the affected application. PostgreSQL 8.0.23 is vulnerable; other versions may also be affected.

Affected Products

• Avaya Aura Application Enablement Services 5.2
• Avaya Aura Application Enablement Services 5.2.1
• Avaya Aura Communication Manager 5.1
• Avaya Aura Communication Manager 5.2
• Avaya Aura Communication Manager 5.2.1
• Avaya Aura Presence Services 6.0
• Avaya Aura Session Manager 1.1
• Avaya Aura Session Manager 5.2
• Avaya Aura Session Manager 6.0
• Avaya Aura SIP Enablement Services 3.1
• Avaya Aura SIP Enablement Services 3.1.0
• Avaya Aura SIP Enablement Services 3.1.1
• Avaya Aura SIP Enablement Services 4.0
• Avaya Aura SIP Enablement Services 5.0
• Avaya Aura SIP Enablement Services 5.1
• Avaya Aura SIP Enablement Services 5.2
• Avaya Aura SIP Enablement Services 5.2.1
• Avaya Aura System Manager 5.2
• Avaya Aura System Manager 6.0 SP1
• Avaya Intuity AUDIX LX 2.0
• Avaya Intuity AUDIX LX 2.0 SP1
• Avaya Intuity AUDIX LX 2.0 SP2
• Avaya Meeting Exchange 5.0
• Avaya Meeting Exchange 5.1
• Avaya Meeting Exchange 5.2
• Avaya Meeting Exchange 5.2 SP1
• Avaya Message Networking 5.2
• Avaya Message Networking MN 3.1
• Avaya Voice Portal 4.0
• Avaya Voice Portal 4.1
• Avaya Voice Portal 4.1 SP1
• Avaya Voice Portal 4.1 SP2
• Avaya Voice Portal 5.0
• Avaya Voice Portal 5.0 SP1
• Avaya Voice Portal 5.0 SP2
• Avaya Voice Portal 5.1
• Debian Linux 5.0
• Debian Linux 5.0 Alpha
• Debian Linux 5.0 Amd64
• Debian Linux 5.0 Arm
• Debian Linux 5.0 Armel
• Debian Linux 5.0 Hppa
• Debian Linux 5.0 Ia-32
• Debian Linux 5.0 Ia-64
• Debian Linux 5.0 M68k
• Debian Linux 5.0 Mips
• Debian Linux 5.0 Mipsel
• Debian Linux 5.0 Powerpc
• Debian Linux 5.0 S/390
• Debian Linux 5.0 Sparc
• Gentoo Linux
• Mandriva Corporate Server 4.0
• Mandriva Corporate Server 4.0.0 X86 64
• Mandriva Enterprise Server 5
• Mandriva Enterprise Server 5 X86 64
• Mandriva Linux Mandrake 2008.0
• Mandriva Linux Mandrake 2008.0 X86 64
• Mandriva Linux Mandrake 2009.0
• Mandriva Linux Mandrake 2009.0 X86 64
• Mandriva Linux Mandrake 2009.1
• Mandriva Linux Mandrake 2009.1 X86 64
• Mandriva Linux Mandrake 2010.0
• Mandriva Linux Mandrake 2010.0 X86 64
• Pardus Linux 2009
• PostgreSQL 8.0.23
• Red Hat Desktop 3.0.0
• Red Hat Enterprise Linux 5 Server
• Red Hat Enterprise Linux Desktop Version 4
• Red Hat Enterprise Linux AS 3
• Red Hat Enterprise Linux AS 4
• Red Hat Enterprise Linux Desktop 5 Client
• Red Hat Enterprise Linux Desktop Workstation 5 Client
• Red Hat Enterprise Linux ES 3
• Red Hat Enterprise Linux ES 4
• Red Hat Enterprise Linux WS 3
• Red Hat Enterprise Linux WS 4
• Ubuntu Ubuntu Linux 6.06 LTS Amd64
• Ubuntu Ubuntu Linux 6.06 LTS I386
• Ubuntu Ubuntu Linux 6.06 LTS Powerpc
• Ubuntu Ubuntu Linux 6.06 LTS Sparc
• Ubuntu Ubuntu Linux 8.04 LTS Amd64
• Ubuntu Ubuntu Linux 8.04 LTS I386
• Ubuntu Ubuntu Linux 8.04 LTS Lpia
• Ubuntu Ubuntu Linux 8.04 LTS Powerpc
• Ubuntu Ubuntu Linux 8.04 LTS Sparc
• Ubuntu Ubuntu Linux 9.04 Amd64
• Ubuntu Ubuntu Linux 9.04 I386
• Ubuntu Ubuntu Linux 9.04 Lpia
• Ubuntu Ubuntu Linux 9.04 Powerpc
• Ubuntu Ubuntu Linux 9.04 Sparc
• Ubuntu Ubuntu Linux 9.10 Amd64
• Ubuntu Ubuntu Linux 9.10 I386
• Ubuntu Ubuntu Linux 9.10 Lpia
• Ubuntu Ubuntu Linux 9.10 Powerpc
• Ubuntu Ubuntu Linux 9.10 Sparc

References

• BugTraq: 37973
• CVE: CVE-2010-0442