CVE-2007-6067 Information

Feb 14, 2021 cve

Description

Algorithmic complexity vulnerability in the regular expression parser in TCL before 8.4.17 as used in PostgreSQL 8.2 before 8.2.6 8.1 before 8.1.11 8.0 before 8.0.15 and 7.4 before 7.4.19 allows remote authenticated users to cause a denial of service (memory consumption) via a crafted \complex\ regular expression with doubly-nested states.

Reference

http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01420154 http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705 http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00000.html http://rhn.redhat.com/errata/RHSA-2013-0122.html http://secunia.com/advisories/28359 http://secunia.com/advisories/28376 http://secunia.com/advisories/28437 http://secunia.com/advisories/28438 http://secunia.com/advisories/28454 http://secunia.com/advisories/28455 http://secunia.com/advisories/28464 http://secunia.com/advisories/28477 http://secunia.com/advisories/28479 http://secunia.com/advisories/28679 http://secunia.com/advisories/28698 http://secunia.com/advisories/29638 http://security.gentoo.org/glsa/glsa-200801-15.xml http://securitytracker.com/id?1019157 http://sourceforge.net/project/shownotes.php?release_id=565440&group_id=10894 http://sourceforge.net/tracker/index.php?func=detail&aid=1810264&group_id=10894&atid=110894 http://sunsolve.sun.com/search/document.do?assetkey=1-26-103197-1 http://sunsolve.sun.com/search/document.do?assetkey=1-66-200559-1 http://www.debian.org/security/2008/dsa-1460 http://www.debian.org/security/2008/dsa-1463 http://www.mandriva.com/security/advisories?name=MDVSA-2008:004 http://www.postgresql.org/about/news.905 http://www.redhat.com/support/errata/RHSA-2008-0038.html http://www.redhat.com/support/errata/RHSA-2008-0040.html http://www.securityfocus.com/archive/1/485864/100/0/threaded http://www.securityfocus.com/archive/1/486407/100/0/threaded http://www.securityfocus.com/bid/27163 http://www.vupen.com/english/advisories/2008/0061 http://www.vupen.com/english/advisories/2008/0109 http://www.vupen.com/english/advisories/2008/1071/references https://exchange.xforce.ibmcloud.com/vulnerabilities/39498 https://issues.rpath.com/browse/RPL-1768 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A10235 https://usn.ubuntu.com/568-1/ https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00397.html https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00469.html

Share on: