CVE - CVE-2006-5540

CVE-ID
CVE-2006-5540	Learn more at National Vulnerability Database (NVD) • CVSS Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings • CPE Information
Description
backend/parser/analyze.c in PostgreSQL 8.1.x before 8.1.5 allows remote authenticated users to cause a denial of service (daemon crash) via certain aggregate functions in an UPDATE statement, which are not properly handled during a "MIN/MAX index optimization."
References
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
BID:20717 URL:http://www.securityfocus.com/bid/20717 CONFIRM:http://projects.commandprompt.com/public/pgsql/changeset/25504 CONFIRM:http://support.avaya.com/elmodocs2/security/ASA-2007-117.htm CONFIRM:http://support.novell.com/techcenter/psdb/59650c03a8bc5ae310cd7898bd106ad2.html CONFIRM:http://www.postgresql.org/about/news.664 MANDRIVA:MDKSA-2006:194 URL:~~http://www.mandriva.com/security/advisories?name=MDKSA-2006:194~~ (Obsolete source) OVAL:oval:org.mitre.oval:def:11425 URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11425 REDHAT:RHSA-2007:0064 URL:http://www.redhat.com/support/errata/RHSA-2007-0064.html REDHAT:RHSA-2007:0067 URL:http://www.redhat.com/support/errata/RHSA-2007-0067.html REDHAT:RHSA-2007:0068 URL:http://www.redhat.com/support/errata/RHSA-2007-0068.html SECTRACK:1017115 URL:http://securitytracker.com/id?1017115 SECUNIA:22562 URL:http://secunia.com/advisories/22562 SECUNIA:22584 URL:http://secunia.com/advisories/22584 SECUNIA:22606 URL:http://secunia.com/advisories/22606 SECUNIA:22636 URL:http://secunia.com/advisories/22636 SECUNIA:23048 URL:http://secunia.com/advisories/23048 SECUNIA:23132 URL:http://secunia.com/advisories/23132 SECUNIA:24094 URL:http://secunia.com/advisories/24094 SECUNIA:24284 URL:http://secunia.com/advisories/24284 SECUNIA:24577 URL:http://secunia.com/advisories/24577 SGI:20070201-01-P URL:ftp://patches.sgi.com/support/free/security/advisories/20070201-01-P.asc SUSE:SUSE-SR:2006:027 URL:http://www.novell.com/linux/security/advisories/2006_27_sr.html TRUSTIX:2006-0059 URL:~~http://www.trustix.org/errata/2006/0059/~~ (Obsolete source - check if archived by the Wayback Machine) UBUNTU:USN-369-1 URL:http://www.ubuntu.com/usn/usn-369-1 UBUNTU:USN-369-2 URL:http://www.ubuntu.com/usn/usn-369-2 VUPEN:ADV-2006-4182 URL:~~http://www.vupen.com/english/advisories/2006/4182~~ (Obsolete source)
Assigning CNA
MITRE Corporation
Date Record Created
20061026	Disclaimer: The record creation date may reflect when the CVE ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Assigned (20061026)
Votes (Legacy)

Comments (Legacy)

Proposed (Legacy)
N/A
This is an record on the CVE List, which provides common identifiers for publicly known cybersecurity vulnerabilities.
Search CVE Using Keywords: You can also search by reference using the CVE Reference Maps.
For More Information: CVE Request Web Form (select "Other" from dropdown)