Home > mailing lists

postgresql command line exploit found in the wild - Mailing list pgsql-general

From	Merlin Moncure
Subject	postgresql command line exploit found in the wild
Date	April 8, 2013 18:07:27
Msg-id	CAHyXU0xJMZHd62ozJkUjzduKY4u0SWgv16bda2cLOZ3J_tyZuQ@mail.gmail.com Whole thread Raw
Responses	Re: postgresql command line exploit found in the wild
List	pgsql-general

Tree view

see: http://schemaverse.tumblr.com/post/47312545952/the-schemaverse-was-hacked

if you have an internet facing database, patch it immediately!
(personally, I would only do this through a service such as pgbouncer
runnning under extremely limited account).  do not delay!

merlin

pgsql-general by date:

From: Richard Harley
Date: 08 April 2013, 17:17:46
Subject: Re: Selecting timestamp from Database

From: Jared Beck
Date: 08 April 2013, 18:25:22
Subject: Re: [Maintainers] REL/Centos4 release of 8.4.17?

postgresql command line exploit found in the wild - Mailing list pgsql-general

Previous

Next