Skip site navigation (1)
Skip section navigation (2)
Peripheral Links
Header And Logo
|
Site Navigation
bugtraq post
- From: Ray Stell <stellr(at)cns(dot)vt(dot)edu>
- To: pgsql-admin(at)postgresql(dot)org
- Subject: bugtraq post
- Date: Sun, 17 Jun 2007 08:56:06 -0400
For the security minded: Nico Leidecker <nicoLeidecker(at)web(dot)de> posted this to bugtraq yesterday, fyi. "I'd like to present a paper about security issues with PostgreSQL. The paper describes weaknesses in the configuration that may +allow attackers to escalade privileges, execute shell commands and to upload arbitrary (binary) files via SQL injections. You can either get the TXT version from http://www.leidecker.info/pgshell/Having_Fun_With_PostgreSQL.txt Or as PDF at at http://www.portcullis.co.uk/uplds/whitepapers/Having_Fun_With_PostgreSQL.pdf The paper comes with a tool called `pgshell' that can be downloaded at http://www.leidecker.info/pgshell";
- Follow-Ups:
- Re: bugtraq post
- From: Dawid Kuroczko
- Re: bugtraq post
- Prev by Date: Bug #2993 on PG 8.2.4
- Next by Date: Re: Which file to download binary, rpms or srpms?
- Previous by thread: Bug #2993 on PG 8.2.4
- Next by thread: Re: bugtraq post
- Indexes: