Intrusion Prevention

PostgreSQL.Bit.Substring.Buffer.Overflow

Description

This indicates an attack attempt against a buffer-overflow vulnerability in the PostgreSQL database server.
The vulnerability is caused by an error when the vulnerable software handles a specially crafted SQL substring function with malicious input. It allows a remote attacker to cause a denial of service (daemon crash).

Affected Products

PostgreSQL PostgreSQL 8.0.23

Impact

Denial of service

Recommended Actions

Apply the patch supplied by the vendor:
http://archives.postgresql.org/pgsql-committers/2010-01/msg00125.php

CVE References

CVE-2010-0442