PostgreSQL 8.1.0 up to and including 8.1.2 allows authenticated database users to gain additional privileges via "knowledge of the backend protocol" using a crafted SET ROLE to other database users, a different vulnerability than CVE-2006-0678.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
postgresql postgresql 8.1.0 |
||
postgresql postgresql 8.1.1 |
||
postgresql postgresql 8.1.2 |