PostgreSQL Permissions Privileges and Access Controls Vulnerability - CVE-2007-3278 - Vulnerability Database

PostgreSQL Permissions Privileges and Access Controls Vulnerability - CVE-2007-3278

Medium

Reference: CVE-2007-3278

NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2007-3278

Title: PostgreSQL Permissions Privileges and Access Controls Vulnerability

Overview:

PostgreSQL 8.1 and probably later versions when local trust authentication is enabled and the Database Link library (dblink) is installed allows remote attackers to access arbitrary accounts and execute arbitrary SQL queries via a dblink host parameter that proxies the connection from 127.0.0.1.