Unrated severityNVD Advisory· Published Jun 19, 2007· Updated Jun 16, 2026
CVE-2007-3278
CVE-2007-3278
Description
PostgreSQL 8.1 and probably later versions, when local trust authentication is enabled and the Database Link library (dblink) is installed, allows remote attackers to access arbitrary accounts and execute arbitrary SQL queries via a dblink host parameter that proxies the connection from 127.0.0.1.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
4cpe:2.3:a:postgresql:postgresql:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:postgresql:postgresql:*:*:*:*:*:*:*:*range: >=7.3,<7.3.21
- (no CPE)range: >=8.1
Patches
Vulnerability mechanics
References
29- h20000.www2.hp.com/bizsupport/TechSupport/Document.jspnvdThird Party Advisory
- security.gentoo.org/glsa/glsa-200801-15.xmlnvdThird Party Advisory
- www.debian.org/security/2008/dsa-1460nvdThird Party Advisory
- www.debian.org/security/2008/dsa-1463nvdThird Party Advisory
- www.leidecker.info/pgshell/Having_Fun_With_PostgreSQL.txtnvdThird Party Advisory
- www.mandriva.com/security/advisoriesnvdThird Party Advisory
- www.portcullis.co.uk/uplds/whitepapers/Having_Fun_With_PostgreSQL.pdfnvdThird Party Advisory
- www.redhat.com/support/errata/RHSA-2008-0038.htmlnvdThird Party Advisory
- www.redhat.com/support/errata/RHSA-2008-0039.htmlnvdThird Party Advisory
- www.redhat.com/support/errata/RHSA-2008-0040.htmlnvdThird Party Advisory
- www.securityfocus.com/archive/1/471541/100/0/threadednvdThird Party AdvisoryVDB Entry
- www.securityfocus.com/archive/1/471644/100/0/threadednvdThird Party AdvisoryVDB Entry
- exchange.xforce.ibmcloud.com/vulnerabilities/35142nvdThird Party AdvisoryVDB Entry
- oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10334nvdThird Party Advisory
- usn.ubuntu.com/568-1/nvdThird Party Advisory
- osvdb.org/40899nvdBroken Link
- secunia.com/advisories/28376nvdBroken Link
- secunia.com/advisories/28437nvdBroken Link
- secunia.com/advisories/28438nvdBroken Link
- secunia.com/advisories/28445nvdBroken Link
- secunia.com/advisories/28454nvdBroken Link
- secunia.com/advisories/28477nvdBroken Link
- secunia.com/advisories/28479nvdBroken Link
- secunia.com/advisories/28679nvdBroken Link
- secunia.com/advisories/29638nvdBroken Link
- sunsolve.sun.com/search/document.donvdBroken Link
- sunsolve.sun.com/search/document.donvdBroken Link
- www.vupen.com/english/advisories/2008/0109nvdPermissions Required
- www.vupen.com/english/advisories/2008/1071/referencesnvdPermissions Required
News mentions
0No linked articles in our index yet.