cve/CVE-2010-0442.md at eb8fb22b51df9332dc1ec68d0bcaedfdbefed8cd

admin/cve

mirror of https://github.com/0xMarcio/cve.git synced 2025-12-16 20:27:21 +00:00

0xMarcio 48a00929ac Removed duplicates

2024-06-18 02:51:15 +02:00

Description

The bitsubstr function in backend/utils/adt/varbit.c in PostgreSQL 8.0.23, 8.1.11, and 8.3.8 allows remote authenticated users to cause a denial of service (daemon crash) or have unspecified other impact via vectors involving a negative integer in the third argument, as demonstrated by a SELECT statement that contains a call to the substring function for a bit string, related to an "overflow."

POC

Reference

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9720

Github

https://github.com/ARPSyndicate/cvemon
https://github.com/Dokukin1/Metasploitable
https://github.com/Iknowmyname/Nmap-Scans-M2
https://github.com/NikulinMS/13-01-hw
https://github.com/Zhivarev/13-01-hw
https://github.com/smabramov/Vulnerabilities-and-attacks-on-information-systems
https://github.com/zzzWTF/db-13-01

1.2 KiB Raw Blame History

CVE-2010-0442

Description

POC

Reference

Github

1.2 KiB

Raw Blame History