Re: @(#)Mordred Labs advisory 0x0003: Buffer overflow in PostgreSQL

Bruce Momjian <pgman@candle.pha.pa.us>

From: Bruce Momjian <pgman@candle.pha.pa.us>
To: Vince Vielhaber <vev@michvhf.com>
Cc: pgsql-hackers@postgresql.org
Date: 2002-08-20T20:50:46Z
Lists: pgsql-hackers
Vince Vielhaber wrote:
> 
> Here's yet another.  He claims malicious code can be run on the server
> with this one.

> --[ Solution
> 
> Do you still running postgresql? ...Can't believe that...
> If so, execute the following command as a root: "killall -9 postmaster",
> and wait until the patch will be available.

You've got to love this last part.  ;-)

This has the attitude of "Oh, look at me, I found a bug.  Let me
publicize it and get more attention.  Aren't you proud of me?"

-- 
  Bruce Momjian                        |  http://candle.pha.pa.us
  pgman@candle.pha.pa.us               |  (610) 359-1001
  +  If your life is a hard drive,     |  13 Roberts Road
  +  Christ can be your backup.        |  Newtown Square, Pennsylvania 19073