DB: PostgreSQL Database Link Library Linux Remote Code Execution
This signature detects attempts to exploit a known vulnerability against PostgreSQL. A successful attack can lead to arbitrary code execution.
Extended Description
The Database Link library (dblink) in PostgreSQL 8.1 implements functions via CREATE statements that map to arbitrary libraries based on the C programming language, which allows remote authenticated superusers to map and execute a function from any library, as demonstrated by using the system function in libc.so.6 to gain shell access.
Affected Products
Postgresql postgresql
References
CVE: CVE-2007-3280
Short Name
DB:POSTGRESQL:LINUX-DBLINK-RCE
Severity
Major
Recommended
False
Recommended Action
Drop
Category
DB
Keywords
CVE-2007-3280 Code Database Execution Library Link Linux PostgreSQL Remote
Release Date
03/21/2013
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3407
Port
TCP/5432
False Positive
Unknown
Vendors
Postgresql
CVSS Score
9.0