PostgreSQL 7.2.1 and 7.2.2 allows local users to delete transaction log (pg_clog) data and cause a denial of service (data loss) via the VACUUM command.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Postgresql | Postgresql | 7.2 (including) | 7.2 (including) |
| Postgresql | Postgresql | 7.2.1 (including) | 7.2.1 (including) |
| Postgresql | Postgresql | 7.2.2 (including) | 7.2.2 (including) |
References
- http://archives.postgresql.org/pgsql-announce/2002-10/msg00000.php
- http://www.kb.cert.org/vuls/id/891177
- http://www.redhat.com/support/errata/RHSA-2003-001.html
- http://www.securityfocus.com/bid/7657
- https://exchange.xforce.ibmcloud.com/vulnerabilities/11102
- http://archives.postgresql.org/pgsql-announce/2002-10/msg00000.php
- http://www.kb.cert.org/vuls/id/891177
- http://www.redhat.com/support/errata/RHSA-2003-001.html
- http://www.securityfocus.com/bid/7657
- https://exchange.xforce.ibmcloud.com/vulnerabilities/11102