Synopsis> ========
> =================
The PostgreSQL server can be tricked by a local attacker to execute arbitrary code.
Affected packages
> ===========
------------------------------------------------------------------- Package / Vulnerable / Unaffected -------------------------------------------------------------------
1 dev-db/postgresql < 7.4.7 >= 7.4.7
Description
> executed with the permissions of the PostgreSQL server.
PostgreSQL's LOAD extension is vulnerable to a local privilege escalation discovered by John Heasman. A local user can load any shared library, but the initialization function will then be