Page 3 of 47 results (0.009 seconds)

CVSS: 7.3EPSS: 0%CPEs: 2EXPL: 1

A race condition in the postgresql init script could be used by attackers able to access the postgresql account to escalate their privileges to root. Una condición de carrera en el script init de postgresql podría ser aprovechada por atacantes para acceder a la cuenta postgresql y escalar sus privilegios a root. PostgreSQL version 9.4-0.5.3 suffers from a privilege escalation vulnerability. • https://www.exploit-db.com/exploits/45184 http://lists.suse.com/pipermail/sle-security-updates/2017-November/003420.html https://bugzilla.suse.com/show_bug.cgi?id=1062722 https://www.suse.com/de-de/security/cve/CVE-2017-14798 • CWE-61: UNIX Symbolic Link (Symlink) Following CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •

CVSS: 7.5EPSS: 0%CPEs: 40EXPL: 0

It was found that some selectivity estimation functions in PostgreSQL before 9.2.21, 9.3.x before 9.3.17, 9.4.x before 9.4.12, 9.5.x before 9.5.7, and 9.6.x before 9.6.3 did not check user privileges before providing information from pg_statistic, possibly leaking information. An unprivileged attacker could use this flaw to steal some information from tables they are otherwise not allowed to access. Se ha descubierto que algunas funciones de estimación de selectividad en PostgreSQL, en versiones anteriores a la 9.2.21, versiones 9.3.x anteriores a la 9.3.17, versiones 9.4.x anteriores a la 9.4.12, versiones 9.5.x anteriores a la 9.5.7 y versiones 9.6.x anteriores a la 9.6.3, no verificaban los privilegios de usuario antes de ofrecer información de pg_statistic, lo que probablemente implique un filtrado de información. Un atacante sin privilegios podría utilizar este fallo para robar información de tablas a las que, de otra forma, no tendría acceso. It was found that some selectivity estimation functions did not check user privileges before providing information from pg_statistic, possibly leaking information. • http://www.debian.org/security/2017/dsa-3851 http://www.securityfocus.com/bid/98459 http://www.securitytracker.com/id/1038476 https://access.redhat.com/errata/RHSA-2017:1677 https://access.redhat.com/errata/RHSA-2017:1678 https://access.redhat.com/errata/RHSA-2017:1838 https://access.redhat.com/errata/RHSA-2017:1983 https://access.redhat.com/errata/RHSA-2017:2425 https://security.gentoo.org/glsa/201710-06 https://www.postgresql.org/about/news/1746 https://access&# • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-285: Improper Authorization CWE-862: Missing Authorization •

CVSS: 7.5EPSS: 0%CPEs: 134EXPL: 0

PostgreSQL versions 8.4 - 9.6 are vulnerable to information leak in pg_user_mappings view which discloses foreign server passwords to any user having USAGE privilege on the associated foreign server. Las versiones 8.4 a 9.6 de PostgreSQL son vulnerables a un filtrado de información en la vista pg_user_mappings que revela contraseñas de servidores extranjeros a cualquier usuario que tenga privilegio USAGE en el servidor extranjero asociado. It was found that the pg_user_mappings view could disclose information about user mappings to a foreign database to non-administrative database users. A database user with USAGE privilege for this mapping could, when querying the view, obtain user mapping data, such as the username and password used to connect to the foreign database. • http://www.debian.org/security/2017/dsa-3851 http://www.securityfocus.com/bid/98460 http://www.securitytracker.com/id/1038476 https://access.redhat.com/errata/RHSA-2017:1677 https://access.redhat.com/errata/RHSA-2017:1678 https://access.redhat.com/errata/RHSA-2017:1838 https://access.redhat.com/errata/RHSA-2017:1983 https://access.redhat.com/errata/RHSA-2017:2425 https://security.gentoo.org/glsa/201710-06 https://www.postgresql.org/about/news/1746 https://access&# • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-285: Improper Authorization CWE-522: Insufficiently Protected Credentials •

CVSS: 7.6EPSS: 0%CPEs: 47EXPL: 0

PostgreSQL before 9.1.23, 9.2.x before 9.2.18, 9.3.x before 9.3.14, 9.4.x before 9.4.9, and 9.5.x before 9.5.4 might allow remote authenticated users with the CREATEDB or CREATEROLE role to gain superuser privileges via a (1) " (double quote), (2) \ (backslash), (3) carriage return, or (4) newline character in a (a) database or (b) role name that is mishandled during an administrative operation. PostgreSQL en versiones anteriores a 9.1.23, 9.2.x en versiones anteriores a 9.2.18, 9.3.x en versiones anteriores a 9.3.14, 9.4.x en versiones anteriores a 9.4.9 y 9.5.x en versiones anteriores a 9.5.4 podrían permitir a usuarios remotos autenticados con el rol CREATEDB o CREATEROLE obtener privilegios de superusuario a través de un carácter (1) " (comillas dobles), (2) \ (barra invertida), (3) retorno de carro o (4) nueva linea en (a) una base de datos o (b) el nombre del rol que se maneja incorrectamente durante una operación administrativa. A flaw was found in the way PostgreSQL client programs handled database and role names containing newlines, carriage returns, double quotes, or backslashes. By crafting such an object name, roles with the CREATEDB or CREATEROLE option could escalate their privileges to superuser when a superuser next executes maintenance with a vulnerable client program. • http://rhn.redhat.com/errata/RHSA-2016-1781.html http://rhn.redhat.com/errata/RHSA-2016-1820.html http://rhn.redhat.com/errata/RHSA-2016-1821.html http://rhn.redhat.com/errata/RHSA-2016-2606.html http://www.debian.org/security/2016/dsa-3646 http://www.securityfocus.com/bid/92435 http://www.securitytracker.com/id/1036617 https://access.redhat.com/errata/RHSA-2017:2425 https://security.gentoo.org/glsa/201701-33 https://www.postgresql.org/about/news/1688 https: • CWE-20: Improper Input Validation CWE-94: Improper Control of Generation of Code ('Code Injection') •

CVSS: 8.5EPSS: 1%CPEs: 47EXPL: 0

PostgreSQL before 9.1.23, 9.2.x before 9.2.18, 9.3.x before 9.3.14, 9.4.x before 9.4.9, and 9.5.x before 9.5.4 allow remote authenticated users to cause a denial of service (NULL pointer dereference and server crash), obtain sensitive memory information, or possibly execute arbitrary code via (1) a CASE expression within the test value subexpression of another CASE or (2) inlining of an SQL function that implements the equality operator used for a CASE expression involving values of different types. PostgreSQL en versiones anteriores a 9.1.23, 9.2.x en versiones anteriores a 9.2.18, 9.3.x en versiones anteriores a 9.3.14, 9.4.x en versiones anteriores a 9.4.9 y 9.5.x en versiones anteriores a 9.5.4 permiten a usuarios remotos autenticados provocar una denegación de servicio (referencia a puntero NULL y caída del servidor), obtener información de memoria sensible, o posiblemente ejecutar código arbitrario a través de (1) una expresión CASE dentro de la subexpresión de valor de prueba de otro CASE o (2) el inicio de una función SQL que implementa el operador de igualdad utilizado para una expresión CASE que implica valores de diferentes tipos. A flaw was found in the way PostgreSQL server handled certain SQL statements containing CASE/WHEN commands. A remote, authenticated attacker could use a specially crafted SQL statement to cause PostgreSQL to crash or disclose a few bytes of server memory or possibly execute arbitrary code. • http://rhn.redhat.com/errata/RHSA-2016-1781.html http://rhn.redhat.com/errata/RHSA-2016-1820.html http://rhn.redhat.com/errata/RHSA-2016-1821.html http://rhn.redhat.com/errata/RHSA-2016-2606.html http://www.debian.org/security/2016/dsa-3646 http://www.securityfocus.com/bid/92433 http://www.securitytracker.com/id/1036617 https://access.redhat.com/errata/RHSA-2017:2425 https://bugzilla.redhat.com/show_bug.cgi?id=1364001 https://security.gentoo.org/glsa/201701-33 • CWE-476: NULL Pointer Dereference CWE-822: Untrusted Pointer Dereference •