CVE-2009-3229

The core server component in PostgreSQL 8.4 before 8.4.1, 8.3 before 8.3.8, and 8.2 before 8.2.14 allows remote authenticated users to cause a denial of service (backend shutdown) by re-LOAD-ing libraries from a certain plugins directory.

Affected Software

Name	Vendor	Start Version	End Version
Postgresql	Postgresql	8.2 (including)	8.2 (including)
Postgresql	Postgresql	8.2.1 (including)	8.2.1 (including)
Postgresql	Postgresql	8.2.2 (including)	8.2.2 (including)
Postgresql	Postgresql	8.2.3 (including)	8.2.3 (including)
Postgresql	Postgresql	8.2.4 (including)	8.2.4 (including)
Postgresql	Postgresql	8.2.5 (including)	8.2.5 (including)
Postgresql	Postgresql	8.2.6 (including)	8.2.6 (including)
Postgresql	Postgresql	8.2.7 (including)	8.2.7 (including)
Postgresql	Postgresql	8.2.8 (including)	8.2.8 (including)
Postgresql	Postgresql	8.2.9 (including)	8.2.9 (including)
Postgresql	Postgresql	8.2.10 (including)	8.2.10 (including)
Postgresql	Postgresql	8.2.11 (including)	8.2.11 (including)
Postgresql	Postgresql	8.2.12 (including)	8.2.12 (including)
Postgresql	Postgresql	8.2.13 (including)	8.2.13 (including)
Postgresql	Postgresql	8.3 (including)	8.3 (including)
Postgresql	Postgresql	8.3.1 (including)	8.3.1 (including)
Postgresql	Postgresql	8.3.2 (including)	8.3.2 (including)
Postgresql	Postgresql	8.3.3 (including)	8.3.3 (including)
Postgresql	Postgresql	8.3.4 (including)	8.3.4 (including)
Postgresql	Postgresql	8.3.5 (including)	8.3.5 (including)
Postgresql	Postgresql	8.3.6 (including)	8.3.6 (including)
Postgresql	Postgresql	8.3.7 (including)	8.3.7 (including)
Postgresql	Postgresql	8.4 (including)	8.4 (including)
Postgresql-8.3	Ubuntu	hardy	*
Postgresql-8.3	Ubuntu	intrepid	*
Postgresql-8.3	Ubuntu	jaunty	*
Postgresql-8.3	Ubuntu	upstream	*

NVD	https://nvd.nist.gov/vuln/detail/CVE-2009-3229
CWE	https://cwe.mitre.org/data/definitions/.html

Affected Software

References