Re: [SECURITY] DoS attack on backend possible (was: Re:
Greg Copeland <greg@copelandconsulting.net>
From: Greg Copeland <greg@CopelandConsulting.Net>
To: Tom Lane <tgl@sss.pgh.pa.us>
Cc: Justin Clift <justin@postgresql.org>, Florian Weimer <Weimer@CERT.Uni-Stuttgart.DE>, PostgresSQL Hackers Mailing List <pgsql-hackers@postgresql.org>
Date: 2002-08-12T13:24:16Z
Lists: pgsql-hackers
Well, if it's a buffer overrun, there is certainly potential for risks well beyond that of simply crashing the "be". It's certainly possible that a simple bug in one cgi script or web site could allow someone to execute code on the database host because of this bug. Assuming they are running the "be" as "postgres" or some other seemingly harmless user, it's still possible that complete destruction of any and all databases which are hosted and accessible by this user can be utterly destroyed or miscellaneously corrupted. Buffer over runs should be treated with the up most urgency and respect. IMO, any known buffer overrun is worthy of an emergency fix and corresponding advisory. Greg Copeland On Sun, 2002-08-11 at 12:09, Tom Lane wrote: > Justin Clift <justin@postgresql.org> writes: > > Am I understanding this right: > > - A PostgreSQL 7.2.1 server can be crashed if it gets passed certain > > date values which would be accepted by standard "front end" parsing? > > AFAIK it's a buffer overrun issue, so anything that looks like a > reasonable date would *not* cause the problem. > > regards, tom lane > > ---------------------------(end of broadcast)--------------------------- > TIP 5: Have you checked our extensive FAQ? > > http://www.postgresql.org/users-lounge/docs/faq.html