SonicALERT
Search

Sonicwall Signatures

 

Go to All Categories list.


  pgAdmin External Utilities Validation RCE

Category: WEB-ATTACKS      

This issue occurs when the pgAdmin server HTTP API validates the path a user selects to external PostgreSQL utilities such as pg_dump and pg_restore. Versions of pgAdmin prior to 7.6 failed to properly control the server code executed on this API, allowing an authenticated user to run arbitrary commands on the server.

References
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0247


Relevant Information