FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

CVE-2005-1410

This CVE name corresponds to:

Entered Topic
2006-02-16 postgresql -- character conversion and tsearch2 vulnerabilities

The following information is adapted from the Common Vulnerabilities and Exposures (CVE) project. CVE and the CVE logo are trademarks of The MITRE Corporation. CVE content is Copyright 2005, The MITRE Corporation.

CVE-2005-1410 at cve.mitre.org

Details

Type Candidate
Name CVE-2005-1410
Phase Assigned(20050503)

Description

The tsearch2 module in PostgreSQL 7.4 through 8.0.x declares the (1) dex_init, (2) snb_en_init, (3) snb_ru_init, (4) spell_init, and (5) syn_init functions as "internal" even when they do not take an internal argument, which allows attackers to cause a denial of service (application crash) and possibly have other impacts via SQL commands that call other functions that accept internal arguments.

References

Source Reference
CONFIRM http://www.postgresql.org/about/news.315
MLIST [pgsql-announce] 20050502 IMPORTANT: two new PostgreSQL security problems found
FEDORA FLSA-2006:157366
REDHAT RHSA-2005:433
SUSE SUSE-SA:2005:036
BID 13475
OVAL oval:org.mitre.oval:def:9343
VUPEN ADV-2005-0453
OVAL oval:org.mitre.oval:def:1086

Copyright © 2005 The MITRE Corporation.

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.