VulnerableCode Package Details - pkg:ebuild/dev-db/postgresql-server@8.4.11

Search for packages

Vulnerability	Summary	Fixed by
This package is not known to be affected by vulnerabilities.

Vulnerability

Summary

Fixed by

This package is not known to be affected by vulnerabilities.

Vulnerability	Summary	Aliases
VCID-1qsp-wvwq-j3f5	It is possible to cause a momentary denial of service when there is a failure to convert a localized error message to the client-specified encoding. A valid login is required to exploit this vulnerability.more details	CVE-2009-0922
VCID-1uzm-h9m3-akge	Insecure permissions on the pltcl_modules table could allow an authenticated user to run arbitrary Tcl code on the database server if PL/Tcl is installed and enabled.more details	CVE-2010-1170
VCID-666x-ret3-xufr	An authenticated database user can cause a buffer overrun by calling functions from the intarray optional module with certain parameters.more details	CVE-2010-4015
VCID-6dmy-t1qp-nuf3	If PostgreSQL is configured with LDAP authentication, and your LDAP configuration allows anonymous binds, it is possible for a user to authenticate themselves with an empty password.more details	CVE-2009-3231
VCID-6vh2-2sja-xba9	Multiple vulnerabilities in the PostgreSQL server and client allow remote attacker to conduct several attacks, including the execution of arbitrary code and Denial of Service.	CVE-2010-0733
VCID-721k-9zdg-buhv	The fix for issue CVE-2007-6600 (below) failed to include protection against misuse of RESET SESSION AUTHORIZATION.more details	CVE-2009-3230
VCID-7ev2-5qge-uubs	Multiple vulnerabilities in the PostgreSQL server and client allow remote attacker to conduct several attacks, including the execution of arbitrary code and Denial of Service.	CVE-2010-0442
VCID-7q99-jk4u-1fen	An authenticated database user can manipulate modules and tied variables in some external procedural languages to execute code with enhanced privileges.Detailsmore details	CVE-2010-3433
VCID-c8ch-zd9x-kufn	NULL Bytes in SSL Certificates can be used to falsify client or server authentication. This only affects users who have SSL enabled, perform certificate name validation or client certificate authentication, and where the Certificate Authority (CA) has been tricked into issuing invalid certificates. The use of a CA that can be trusted to always issue valid certificates is recommended to ensure you are not vulnerable to this issue.more details	CVE-2009-4034
VCID-cffd-gdpc-uqeb	A vulnerability in Safe.pm and PL/Perl can allow an authenticated user to run arbitrary Perl code on the database server if PL/Perl is installed and enabled.more details	CVE-2010-1169
VCID-s8a2-wbb4-dyda	Authenticated non-superusers can shut down the backend server by re-LOAD-ing libraries in $libdir/plugins, if any libraries are present there.more details	CVE-2009-3229
VCID-sxmd-5tzu-hkav	Multiple vulnerabilities were found in PHP, the worst of which leading to remote execution of arbitrary code.	CVE-2011-2483
VCID-u5h4-4p6j-wbay	Privilege escalation via changing session state in an index function. This closes a corner case related to vulnerabilities CVE-2009-3230 and CVE-2007-6600 (below).more details	CVE-2009-4136
VCID-v69z-cmag-xfaf	An unprivileged database user can remove superuser-only settings that were applied to his account with ALTER USER by a superuser, thus bypassing settings that should be enforced.more details	CVE-2010-1975
VCID-xzhq-u9n2-c3gn	Multiple vulnerabilities in the PostgreSQL server and client allow remote attacker to conduct several attacks, including the execution of arbitrary code and Denial of Service.	CVE-2010-1447

Vulnerability

Summary

Aliases

VCID-1qsp-wvwq-j3f5

It is possible to cause a momentary denial of service when there is a failure to convert a localized error message to the client-specified encoding. A valid login is required to exploit this vulnerability.more details

CVE-2009-0922

VCID-1uzm-h9m3-akge

Insecure permissions on the pltcl_modules table could allow an authenticated user to run arbitrary Tcl code on the database server if PL/Tcl is installed and enabled.more details

CVE-2010-1170

VCID-666x-ret3-xufr

An authenticated database user can cause a buffer overrun by calling functions from the intarray optional module with certain parameters.more details

CVE-2010-4015

VCID-6dmy-t1qp-nuf3

If PostgreSQL is configured with LDAP authentication, and your LDAP configuration allows anonymous binds, it is possible for a user to authenticate themselves with an empty password.more details

CVE-2009-3231

VCID-6vh2-2sja-xba9

Multiple vulnerabilities in the PostgreSQL server and client allow remote attacker to conduct several attacks, including the execution of arbitrary code and Denial of Service.

CVE-2010-0733

VCID-721k-9zdg-buhv

The fix for issue CVE-2007-6600 (below) failed to include protection against misuse of RESET SESSION AUTHORIZATION.more details

CVE-2009-3230

VCID-7ev2-5qge-uubs

Multiple vulnerabilities in the PostgreSQL server and client allow remote attacker to conduct several attacks, including the execution of arbitrary code and Denial of Service.

CVE-2010-0442

VCID-7q99-jk4u-1fen

An authenticated database user can manipulate modules and tied variables in some external procedural languages to execute code with enhanced privileges.Detailsmore details

CVE-2010-3433

VCID-c8ch-zd9x-kufn

NULL Bytes in SSL Certificates can be used to falsify client or server authentication. This only affects users who have SSL enabled, perform certificate name validation or client certificate authentication, and where the Certificate Authority (CA) has been tricked into issuing invalid certificates. The use of a CA that can be trusted to always issue valid certificates is recommended to ensure you are not vulnerable to this issue.more details

CVE-2009-4034

VCID-cffd-gdpc-uqeb

A vulnerability in Safe.pm and PL/Perl can allow an authenticated user to run arbitrary Perl code on the database server if PL/Perl is installed and enabled.more details

CVE-2010-1169

VCID-s8a2-wbb4-dyda

Authenticated non-superusers can shut down the backend server by re-LOAD-ing libraries in $libdir/plugins, if any libraries are present there.more details

CVE-2009-3229

VCID-sxmd-5tzu-hkav

Multiple vulnerabilities were found in PHP, the worst of which leading to remote execution of arbitrary code.

CVE-2011-2483

VCID-u5h4-4p6j-wbay

Privilege escalation via changing session state in an index function. This closes a corner case related to vulnerabilities CVE-2009-3230 and CVE-2007-6600 (below).more details

CVE-2009-4136

VCID-v69z-cmag-xfaf

An unprivileged database user can remove superuser-only settings that were applied to his account with ALTER USER by a superuser, thus bypassing settings that should be enforced.more details

CVE-2010-1975

VCID-xzhq-u9n2-c3gn

Multiple vulnerabilities in the PostgreSQL server and client allow remote attacker to conduct several attacks, including the execution of arbitrary code and Denial of Service.

CVE-2010-1447

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-01T13:12:18.687072+00:00	Gentoo Importer	Fixing	VCID-sxmd-5tzu-hkav	https://security.gentoo.org/glsa/201110-22	38.0.0
2026-04-01T13:12:18.619444+00:00	Gentoo Importer	Fixing	VCID-666x-ret3-xufr	https://security.gentoo.org/glsa/201110-22	38.0.0
2026-04-01T13:12:18.529849+00:00	Gentoo Importer	Fixing	VCID-7q99-jk4u-1fen	https://security.gentoo.org/glsa/201110-22	38.0.0
2026-04-01T13:12:18.461684+00:00	Gentoo Importer	Fixing	VCID-v69z-cmag-xfaf	https://security.gentoo.org/glsa/201110-22	38.0.0
2026-04-01T13:12:18.392486+00:00	Gentoo Importer	Fixing	VCID-xzhq-u9n2-c3gn	https://security.gentoo.org/glsa/201110-22	38.0.0
2026-04-01T13:12:18.321944+00:00	Gentoo Importer	Fixing	VCID-1uzm-h9m3-akge	https://security.gentoo.org/glsa/201110-22	38.0.0
2026-04-01T13:12:18.250333+00:00	Gentoo Importer	Fixing	VCID-cffd-gdpc-uqeb	https://security.gentoo.org/glsa/201110-22	38.0.0
2026-04-01T13:12:18.190980+00:00	Gentoo Importer	Fixing	VCID-6vh2-2sja-xba9	https://security.gentoo.org/glsa/201110-22	38.0.0
2026-04-01T13:12:18.080852+00:00	Gentoo Importer	Fixing	VCID-7ev2-5qge-uubs	https://security.gentoo.org/glsa/201110-22	38.0.0
2026-04-01T13:12:17.994625+00:00	Gentoo Importer	Fixing	VCID-u5h4-4p6j-wbay	https://security.gentoo.org/glsa/201110-22	38.0.0
2026-04-01T13:12:17.931126+00:00	Gentoo Importer	Fixing	VCID-c8ch-zd9x-kufn	https://security.gentoo.org/glsa/201110-22	38.0.0
2026-04-01T13:12:17.863122+00:00	Gentoo Importer	Fixing	VCID-6dmy-t1qp-nuf3	https://security.gentoo.org/glsa/201110-22	38.0.0
2026-04-01T13:12:17.808352+00:00	Gentoo Importer	Fixing	VCID-721k-9zdg-buhv	https://security.gentoo.org/glsa/201110-22	38.0.0
2026-04-01T13:12:17.745399+00:00	Gentoo Importer	Fixing	VCID-s8a2-wbb4-dyda	https://security.gentoo.org/glsa/201110-22	38.0.0
2026-04-01T13:12:17.683209+00:00	Gentoo Importer	Fixing	VCID-1qsp-wvwq-j3f5	https://security.gentoo.org/glsa/201110-22	38.0.0