Home > mailing lists

Re: postgres vulnerability - Mailing list pgsql-hackers

From	Stephan Szabo
Subject	Re: postgres vulnerability
Date	October 10, 2004 17:48:51
Msg-id	20041010064438.M66363@megazone.bigpanda.com Whole thread Raw
In response to	Re: postgres vulnerability (Neil Conway <neilc@samurai.com>)
Responses	Re: postgres vulnerability
List	pgsql-hackers

Tree view

On Sun, 10 Oct 2004, Neil Conway wrote:

> Gaetano Mendola wrote:
> > Here  http://www.sans.org/top20/#u9
> > are listed postgres vulnerability it's sad see that almost all
> > are related to third part components
>
> "Almost all"? By my count, 12 of the 17 vulnerabilities refer to
> legitimate problems in PostgreSQL, its RPM distribution, or the ODBC driver.

However, even removing "almost all" from the comment, it's still pretty
sad that a "trusted source for computer security training, certification
and research" would have a >25% miss rate on properly categorizing
vulnerabilities.

pgsql-hackers by date:

From: Gaetano Mendola
Date: 10 October 2004, 16:50:23
Subject: Re: postgres vulnerability

From: ohp@pyrenet.fr
Date: 10 October 2004, 22:27:44
Subject: Re: beta3 on unixware 714

Re: postgres vulnerability - Mailing list pgsql-hackers

Previous

Next