Privilege Escalation via Validator Functions in PostgreSQL

Privilege Escalation via Validator Functions in PostgreSQL

CVE-2014-0061 · MEDIUM Severity

AV:N/AC:L/AU:S/C:P/I:P/A:P

The validator functions for the procedural languages (PLs) in PostgreSQL before 8.4.20, 9.0.x before 9.0.16, 9.1.x before 9.1.12, 9.2.x before 9.2.7, and 9.3.x before 9.3.3 allow remote authenticated users to gain privileges via a function that is (1) defined in another language or (2) not allowed to be directly called by the user due to permissions.

Learn more about our Cis Benchmark Audit For Microsoft Sql Server.