Forum OpenACS Q&A: Another bugtraq posting: Buffer overflow in PostgreSQL

Collapse
Posted by Jade Rubick on
Let me know if you'd rather not receive this:
From: Sir Mordred The Traitor 
Date: Tue Aug 20, 2002  07:28:49 AM US/Pacific
To: bugtraq@securityfocus.com
Subject: @(#)Mordred Labs advisory 0x0003: Buffer overflow in 
PostgreSQL


//@(#)Mordred Labs advisory 0x0003

Release data: 20/08/02
Name: Buffer overflow in PostgreSQL
Versions affected: all versions
Risk: high

--[ Description:

...PostgreSQL is a sophisticated Object-Relational DBMS,
supporting almost all SQL constructs, including subselects,
transactions, and user-defined types and functions. It is the
most advanced open-source database available 
anywhere...blah...blah...
For more info check out this link:
http://www.postgresql.org/idocs/index.php?preface.html#INTRO-
WHATIS

There exists a heap buffer overflow in a repeat(text, integer) 
function,
which
allows an attacker to execute malicious code.

--[ Details:

Upon invoking a repeat() function, a
src/backend/utils/adt/oracle_compat.c::repeat() function
will gets called which suffers from a buffer overflow.

--[ How to reproduce:

psql> select repeat('xxx',1431655765);
pqReadData() -- backend closed the channel unexpectedly.
        This probably means the backend terminated abnormally
        before or while processing the request.
The connection to the server was lost. Attempting reset: Failed.

--[ Solution

Do you still running postgresql? ...Can't believe that...
If so, execute the following command as a root: "killall -9 
postmaster",
and wait until the patch will be available.