Launchpad.net

Launchpad Home
Code
Bugs
Blueprints
Translations
Answers

CVE 2012-4575

The add_database function in objects.c in the pgbouncer pooler 1.5.2 for PostgreSQL allows remote attackers to cause a denial of service (daemon outage) via a long database name in a request.

Related bugs and status

CVE-2012-4575 (Candidate) is related to these bugs:

Bug #1083414: DoS-Vulnerability in pgbouncer

		In	Importance	Status
1083414	DoS-Vulnerability in pgbouncer	pgbouncer (Ubuntu)	Undecided	Fix Released
1083414	DoS-Vulnerability in pgbouncer	pgbouncer (Ubuntu Quantal)	Undecided	Fix Released
1083414	DoS-Vulnerability in pgbouncer	pgbouncer (Ubuntu Raring)	Undecided	Fix Released
1083414	DoS-Vulnerability in pgbouncer	pgbouncer (Ubuntu Lucid)	Undecided	Fix Released
1083414	DoS-Vulnerability in pgbouncer	pgbouncer (Ubuntu Oneiric)	Undecided	Fix Released
1083414	DoS-Vulnerability in pgbouncer	pgbouncer (Ubuntu Precise)	Undecided	Fix Released

See the

CVE page on Mitre.org for more details.

References

MISC: http://www.securityfoc...
MISC: http://openwall.com/li...
MISC: http://bugs.debian.org...
MISC: http://git.postgresql....
MISC: https://bugzilla.redha...