Vulnerability Details : CVE-2010-0442
The bitsubstr function in backend/utils/adt/varbit.c in PostgreSQL 8.0.23, 8.1.11, and 8.3.8 allows remote authenticated users to cause a denial of service (daemon crash) or have unspecified other impact via vectors involving a negative integer in the third argument, as demonstrated by a SELECT statement that contains a call to the substring function for a bit string, related to an "overflow."
Vulnerability category: Denial of service
Threat overview for CVE-2010-0442
Top countries where our scanners detected CVE-2010-0442
Top open port discovered on systems with this issue
5432
IPs affected by CVE-2010-0442 11,263
Threat actors abusing to this issue?
Yes
Find out if you* are
affected by CVE-2010-0442!
*Directly or indirectly through your vendors, service providers and 3rd parties.
Powered by
attack surface intelligence
from SecurityScorecard.
Exploit prediction scoring system (EPSS) score for CVE-2010-0442
Probability of exploitation activity in the next 30 days: 96.00%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 99 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2010-0442
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
---|---|---|---|---|---|
6.5
|
MEDIUM | AV:N/AC:L/Au:S/C:P/I:P/A:P |
8.0
|
6.4
|
NIST |
CWE ids for CVE-2010-0442
-
Assigned by: nvd@nist.gov (Primary)
References for CVE-2010-0442
-
https://bugzilla.redhat.com/show_bug.cgi?id=559259
559259 – (CVE-2010-0442) CVE-2010-0442 postgresql: substring() negative length argument buffer overflowIssue Tracking;Third Party Advisory
-
http://www.redhat.com/support/errata/RHSA-2010-0429.html
SupportThird Party Advisory
-
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=567058
#567058 - postgresql-8.3 - Segfault in substring - Debian Bug report logsThird Party Advisory
-
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9720
Repository / Oval RepositoryThird Party Advisory
-
http://archives.postgresql.org/pgsql-committers/2010-01/msg00125.php
PostgreSQL: pgsql: Make bit/varbit substring() treat any negative length as meaningVendor Advisory
-
https://bugzilla.redhat.com/show_bug.cgi?id=559194
559194 – PostgreSQL 8.0.23 bitsubstr overflowIssue Tracking;Third Party Advisory
-
http://www.redhat.com/support/errata/RHSA-2010-0428.html
SupportThird Party Advisory
-
http://www.vupen.com/english/advisories/2010/1197
Webmail | OVH- OVHPermissions Required
-
http://www.vupen.com/english/advisories/2010/1221
Webmail | OVH- OVHPermissions Required
-
http://ubuntu.com/usn/usn-933-1
USN-933-1: PostgreSQL vulnerability | Ubuntu security noticesThird Party Advisory
-
http://www.redhat.com/support/errata/RHSA-2010-0427.html
SupportThird Party Advisory
-
http://securitytracker.com/id?1023510
PostgreSQL Substring Buffer Overflow Lets Remote Authenticated Users Execute Arbitrary Code - SecurityTrackerThird Party Advisory;VDB Entry
-
http://www.vupen.com/english/advisories/2010/1207
Webmail | OVH- OVHPermissions Required
-
http://www.debian.org/security/2010/dsa-2051
Debian -- Security Information -- DSA-2051-1 postgresql-8.3Third Party Advisory
-
http://www.vupen.com/english/advisories/2010/1022
Webmail | OVH- OVHPermissions Required
-
http://archives.postgresql.org/pgsql-hackers/2010-01/msg00634.php
PostgreSQL: Re: Patch: Allow substring/replace() to get/set bit valuesVendor Advisory
-
http://www.securityfocus.com/bid/37973
PostgreSQL 'bitsubstr' Buffer Overflow VulnerabilityExploit;Third Party Advisory;VDB Entry
-
http://intevydis.blogspot.com/2010/01/postgresql-8023-bitsubstr-overflow.html
intevydis security researchThird Party Advisory
-
http://git.postgresql.org/gitweb?p=postgresql.git%3Ba=commit%3Bh=75dea10196c31d98d98c0bafeeb576ae99c09b12
git.postgresql.org GitVendor Advisory
-
http://www.mandriva.com/security/advisories?name=MDVSA-2010:103
mandriva.comBroken Link
-
http://git.postgresql.org/gitweb?p=postgresql.git%3Ba=commit%3Bh=b15087cb39ca9e4bde3c8920fcee3741045d2b83
git.postgresql.org GitVendor Advisory
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/55902
PostgreSQL SUBSTRING buffer overflow CVE-2010-0442 Vulnerability ReportThird Party Advisory;VDB Entry
-
http://www.openwall.com/lists/oss-security/2010/01/27/5
oss-security - Re: CVE id request: postgresql bitsubstr overflowMailing List;Third Party Advisory
Products affected by CVE-2010-0442
- cpe:2.3:a:postgresql:postgresql:*:*:*:*:*:*:*:*
- cpe:2.3:a:postgresql:postgresql:*:*:*:*:*:*:*:*
- cpe:2.3:a:postgresql:postgresql:*:*:*:*:*:*:*:*
- cpe:2.3:a:postgresql:postgresql:*:*:*:*:*:*:*:*
- cpe:2.3:a:postgresql:postgresql:*:*:*:*:*:*:*:*
- cpe:2.3:a:postgresql:postgresql:*:*:*:*:*:*:*:*