VDB
CVE-2007-3278
CVE-2007-3278
PUBLISHED
Reported by mitre · Published June 19, 2007
PostgreSQL 8.1 and probably later versions, when local trust authentication is enabled and the Database Link library (dblink) is installed, allows remote attackers to access arbitrary accounts and execute arbitrary SQL queries via a dblink host parameter that proxies the connection from 127.0.0.1.
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| n/a | n/a | n/a |
| n/a | n/a | n/a, n/a, n/a |
Timeline
- Jun 19, 2007 CVE Published
- Feb 4, 2022 EPSS Score
- Mar 29, 2022 EPSS Score
- May 20, 2022 EPSS Score
- Jul 12, 2022 EPSS Score
- Sep 4, 2022 EPSS Score
- Oct 26, 2022 EPSS Score
- Dec 18, 2022 EPSS Score
- Feb 9, 2023 EPSS Score
- Mar 7, 2023 EPSS Score
- Apr 3, 2023 EPSS Score
- May 25, 2023 EPSS Score
References
- DSA-1460 vendor-advisoryx_refsource_DEBIAN
- 28445 third-party-advisoryx_refsource_SECUNIA
- RHSA-2008:0038 vendor-advisoryx_refsource_REDHAT
- 20070618 Re: Having Fun With PostgreSQL mailing-listx_refsource_BUGTRAQ
- 28454 third-party-advisoryx_refsource_SECUNIA
- x_refsource_MISC
- 28679 third-party-advisoryx_refsource_SECUNIA
- ADV-2008-0109 vdb-entryx_refsource_VUPEN
- MDKSA-2007:188 vendor-advisoryx_refsource_MANDRIVA
- postgresql-dblink-sql-injection(35142) vdb-entryx_refsource_XF
- 28376 third-party-advisoryx_refsource_SECUNIA
- 103197 vendor-advisoryx_refsource_SUNALERT
- 28437 third-party-advisoryx_refsource_SECUNIA
- 28477 third-party-advisoryx_refsource_SECUNIA
- 29638 third-party-advisoryx_refsource_SECUNIA
- 28479 third-party-advisoryx_refsource_SECUNIA
- DSA-1463 vendor-advisoryx_refsource_DEBIAN
- RHSA-2008:0040 vendor-advisoryx_refsource_REDHAT
- SSRT080006 vendor-advisoryx_refsource_HP
- 200559 vendor-advisoryx_refsource_SUNALERT
…and 9 more