CVE-2009-3230 (retired)

Priority
Description
The core server component in PostgreSQL 8.4 before 8.4.1, 8.3 before 8.3.8,
8.2 before 8.2.14, 8.1 before 8.1.18, 8.0 before 8.0.22, and 7.4 before
7.4.26 does not use the appropriate privileges for the (1) RESET ROLE and
(2) RESET SESSION AUTHORIZATION operations, which allows remote
authenticated users to gain privileges. NOTE: this is due to an incomplete
fix for CVE-2007-6600.
Assigned-to
pitti
Package
Upstream:released (8.1.18)
Package
Upstream:released (8.3.8)
More Information

Updated: 2019-03-26 11:49:01 UTC (commit ccdecfcf0fead22bd291e5f4ea745a46872dcb15)