Page 3 of 45 results (0.012 seconds)

CVSS: 7.3EPSS: 0%CPEs: 2EXPL: 1

CVE-2017-14798 – local privilege escalation in SUSE postgresql init script

https://notcve.org/view.php?id=CVE-2017-14798

A race condition in the postgresql init script could be used by attackers able to access the postgresql account to escalate their privileges to root. Una condición de carrera en el script init de postgresql podría ser aprovechada por atacantes para acceder a la cuenta postgresql y escalar sus privilegios a root. PostgreSQL version 9.4-0.5.3 suffers from a privilege escalation vulnerability. • https://www.exploit-db.com/exploits/45184 http://lists.suse.com/pipermail/sle-security-updates/2017-November/003420.html https://bugzilla.suse.com/show_bug.cgi?id=1062722 https://www.suse.com/de-de/security/cve/CVE-2017-14798 • CWE-61: UNIX Symbolic Link (Symlink) Following CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •

CVSS: 7.2EPSS: 0%CPEs: 76EXPL: 0

CVE-2017-12172 – postgresql: Start scripts permit database administrator to modify root-owned files

https://notcve.org/view.php?id=CVE-2017-12172

PostgreSQL 10.x before 10.1, 9.6.x before 9.6.6, 9.5.x before 9.5.10, 9.4.x before 9.4.15, 9.3.x before 9.3.20, and 9.2.x before 9.2.24 runs under a non-root operating system account, and database superusers have effective ability to run arbitrary code under that system account. PostgreSQL provides a script for starting the database server during system boot. Packages of PostgreSQL for many operating systems provide their own, packager-authored startup implementations. Several implementations use a log file name that the database superuser can replace with a symbolic link. As root, they open(), chmod() and/or chown() this log file name. • http://www.securityfocus.com/bid/101949 http://www.securitytracker.com/id/1039752 https://access.redhat.com/errata/RHSA-2017:3402 https://access.redhat.com/errata/RHSA-2017:3403 https://access.redhat.com/errata/RHSA-2017:3404 https://access.redhat.com/errata/RHSA-2017:3405 https://www.postgresql.org/about/news/1801 https://www.postgresql.org/support/security https://access.redhat.com/security/cve/CVE-2017-12172 https://bugzilla.redhat.com/show_bug.cgi?id=1498394 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •

CVSS: 9.8EPSS: 28%CPEs: 66EXPL: 0

CVE-2017-7546 – postgresql: Empty password accepted in some authentication methods

https://notcve.org/view.php?id=CVE-2017-7546

PostgreSQL versions before 9.2.22, 9.3.18, 9.4.13, 9.5.8 and 9.6.4 are vulnerable to incorrect authentication flaw allowing remote attackers to gain access to database accounts with an empty password. PostgreSQL en sus versiones anteriores a 9.2.22, 9.3.18, 9.4.13, 9.5.8 y 9.6.4 es vulnerable a un fallo de autenticación incorrecta que permite que atacantes remotos obtengan acceso a cuentas de la base de datos con una contraseña vacía. It was found that authenticating to a PostgreSQL database account with an empty password was possible despite libpq's refusal to send an empty password. A remote attacker could potentially use this flaw to gain access to database accounts with empty passwords. • http://www.debian.org/security/2017/dsa-3935 http://www.debian.org/security/2017/dsa-3936 http://www.securityfocus.com/bid/100278 http://www.securitytracker.com/id/1039142 https://access.redhat.com/errata/RHSA-2017:2677 https://access.redhat.com/errata/RHSA-2017:2678 https://access.redhat.com/errata/RHSA-2017:2728 https://access.redhat.com/errata/RHSA-2017:2860 https://security.gentoo.org/glsa/201710-06 https://www.postgresql.org/about/news/1772 https://access • CWE-287: Improper Authentication •

CVSS: 8.8EPSS: 0%CPEs: 65EXPL: 0

CVE-2017-7547 – postgresql: pg_user_mappings view discloses passwords to users lacking server privileges

https://notcve.org/view.php?id=CVE-2017-7547

PostgreSQL versions before 9.2.22, 9.3.18, 9.4.13, 9.5.8 and 9.6.4 are vulnerable to authorization flaw allowing remote authenticated attackers to retrieve passwords from the user mappings defined by the foreign server owners without actually having the privileges to do so. PostgreSQL en sus versiones anteriores a 9.2.22, 9.3.18, 9.4.13, 9.5.8 y 9.6.4 es vulnerable a un fallo de autorización que permite que los atacantes remotos autenticados recuperen contraseñas de los mapeos de usuarios definidos por los propietarios del servidor extranjero sin tener privilegios para ello. An authorization flaw was found in the way PostgreSQL handled access to the pg_user_mappings view on foreign servers. A remote, authenticated attacker could potentially use this flaw to retrieve passwords from the user mappings defined by the foreign server owners without actually having the privileges to do so. • http://www.debian.org/security/2017/dsa-3935 http://www.debian.org/security/2017/dsa-3936 http://www.securityfocus.com/bid/100275 http://www.securitytracker.com/id/1039142 https://access.redhat.com/errata/RHSA-2017:2677 https://access.redhat.com/errata/RHSA-2017:2678 https://access.redhat.com/errata/RHSA-2017:2728 https://security.gentoo.org/glsa/201710-06 https://www.postgresql.org/about/news/1772 https://access.redhat.com/security/cve/CVE-2017-7547 https:// • CWE-522: Insufficiently Protected Credentials •

CVSS: 7.5EPSS: 0%CPEs: 40EXPL: 0

CVE-2017-7484 – postgresql: Selectivity estimators bypass SELECT privilege checks

https://notcve.org/view.php?id=CVE-2017-7484

It was found that some selectivity estimation functions in PostgreSQL before 9.2.21, 9.3.x before 9.3.17, 9.4.x before 9.4.12, 9.5.x before 9.5.7, and 9.6.x before 9.6.3 did not check user privileges before providing information from pg_statistic, possibly leaking information. An unprivileged attacker could use this flaw to steal some information from tables they are otherwise not allowed to access. Se ha descubierto que algunas funciones de estimación de selectividad en PostgreSQL, en versiones anteriores a la 9.2.21, versiones 9.3.x anteriores a la 9.3.17, versiones 9.4.x anteriores a la 9.4.12, versiones 9.5.x anteriores a la 9.5.7 y versiones 9.6.x anteriores a la 9.6.3, no verificaban los privilegios de usuario antes de ofrecer información de pg_statistic, lo que probablemente implique un filtrado de información. Un atacante sin privilegios podría utilizar este fallo para robar información de tablas a las que, de otra forma, no tendría acceso. It was found that some selectivity estimation functions did not check user privileges before providing information from pg_statistic, possibly leaking information. • http://www.debian.org/security/2017/dsa-3851 http://www.securityfocus.com/bid/98459 http://www.securitytracker.com/id/1038476 https://access.redhat.com/errata/RHSA-2017:1677 https://access.redhat.com/errata/RHSA-2017:1678 https://access.redhat.com/errata/RHSA-2017:1838 https://access.redhat.com/errata/RHSA-2017:1983 https://access.redhat.com/errata/RHSA-2017:2425 https://security.gentoo.org/glsa/201710-06 https://www.postgresql.org/about/news/1746 https://access&# • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-285: Improper Authorization CWE-862: Missing Authorization •