cve/2007/CVE-2007-3278.md

### [CVE-2007-3278](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3278)
![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)

### Description

PostgreSQL 8.1 and probably later versions, when local trust authentication is enabled and the Database Link library (dblink) is installed, allows remote attackers to access arbitrary accounts and execute arbitrary SQL queries via a dblink host parameter that proxies the connection from 127.0.0.1.

### POC

#### Reference
No PoCs from references.

#### Github
- https://github.com/Live-Hack-CVE/CVE-2007-6601
Update Sun May 26 14:27:04 CEST 2024 2024-05-26 14:27:05 +02:00			`### [CVE-2007-3278](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3278)`
			`![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)`
			`![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)`
			`![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)`

			`### Description`

			`PostgreSQL 8.1 and probably later versions, when local trust authentication is enabled and the Database Link library (dblink) is installed, allows remote attackers to access arbitrary accounts and execute arbitrary SQL queries via a dblink host parameter that proxies the connection from 127.0.0.1.`

			`### POC`

			`#### Reference`
			`No PoCs from references.`

			`#### Github`
			`- https://github.com/Live-Hack-CVE/CVE-2007-6601`