Your submission was sent successfully! Close

CVE-2013-1901

Published: 04 April 2013

PostgreSQL 9.2.x before 9.2.4 and 9.1.x before 9.1.9 does not properly check REPLICATION privileges, which allows remote authenticated users to bypass intended backup restrictions by calling the (1) pg_start_backup or (2) pg_stop_backup functions.

Priority

Medium

Status

Package Release Status
postgresql-8.2
Launchpad, Ubuntu, Debian
Upstream Needs triage

postgresql-8.3
Launchpad, Ubuntu, Debian
Upstream Needs triage

postgresql-8.4
Launchpad, Ubuntu, Debian
Upstream
Released (8.4.17)
postgresql-9.1
Launchpad, Ubuntu, Debian
Upstream
Released (9.1.9)