CVE-2004-0977

Publication date 9 February 2005

Last updated 17 July 2025

Ubuntu priority

Why this priority?

Description

The make_oidjoins_check script in PostgreSQL 7.4.5 and earlier allows local users to overwrite files via a symlink attack on temporary files.

Status

Show unmaintained releases

Package	Ubuntu Release	Status
postgresql	7.04 feisty	Not in release
	6.10 edgy	Fixed 7.5.16.1
	6.06 LTS dapper	Fixed 7.5.16.1
postgresql-7.4	7.04 feisty	Not in release
	6.10 edgy	Fixed 7.4.12-3
	6.06 LTS dapper	Fixed 7.4.12-3
postgresql-8.0	7.04 feisty	Not in release
	6.10 edgy	Not in release
	6.06 LTS dapper	Fixed 8.0.7-2build1
postgresql-8.1	7.04 feisty	Fixed 8.1.8-1ubuntu3
	6.10 edgy	Fixed 8.1.9-0ubuntu0.6.10
	6.06 LTS dapper	Fixed 8.1.9-0ubuntu0.6.06
postgresql-8.2	7.04 feisty	Fixed 8.2.4-0ubuntu0.7.04
	6.10 edgy	Not in release
	6.06 LTS dapper	Not in release

References

Related Ubuntu Security Notices (USN)

USN-6-1
postgresql contributed script vulnerability
27 October 2004

Other references

https://www.cve.org/CVERecord?id=CVE-2004-0977