CVE-2016-0766

Gentoo Linux Security Advisory 201701-33

Severity Score

8.8

*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

PostgreSQL before 9.1.20, 9.2.x before 9.2.15, 9.3.x before 9.3.11, 9.4.x before 9.4.6, and 9.5.x before 9.5.1 does not properly restrict access to unspecified custom configuration settings (GUCS) for PL/Java, which allows attackers to gain privileges via unspecified vectors.

PostgreSQL en versiones anteriores a 9.1.20, 9.2.x en versiones anteriores a 9.2.15, 9.3.x en versiones anteriores a 9.3.11, 9.4.x en versiones anteriores a 9.4.6 y 9.5.x en versiones anteriores a 9.5.1 no restringe adecuadamente el acceso a ajustes de configuración personalizada no especificados (GUCS) para PL/Java, lo que permite a atacantes obtener privilegios a través de vectores no especificados.

It was discovered that PostgreSQL incorrectly handled certain regular expressions. A remote attacker could possibly use this issue to cause PostgreSQL to crash, resulting in a denial of service. It was discovered that PostgreSQL incorrectly handled certain configuration settings (GUCS) for users of PL/Java. A remote attacker could possibly use this issue to escalate privileges.

*Credits: N/A

Attack Vector

Network

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Attack Vector

Network

Attack Complexity

Low

Authentication

Single

Confidentiality

Complete

Integrity

Complete

Availability

Complete

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2015-12-16 CVE Reserved
2016-02-12 CVE Published
2024-08-05 CVE Updated
2025-03-30 EPSS Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CWE-264: Permissions, Privileges, and Access Controls

CAPEC

References (17)

URL	Tag	Source
http://www.securityfocus.com/bid/83184	Third Party Advisory
http://www.securitytracker.com/id/1035005	Third Party Advisory

URL	Date	SRC

URL	Date	SRC

URL	Date	SRC
http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00049.html	2023-01-19
http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00052.html	2023-01-19
http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00054.html	2023-01-19
http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00056.html	2023-01-19
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00016.html	2023-01-19
http://www.debian.org/security/2016/dsa-3475	2023-01-19
http://www.debian.org/security/2016/dsa-3476	2023-01-19
http://www.postgresql.org/about/news/1644	2023-01-19
http://www.postgresql.org/docs/current/static/release-9-1-20.html	2023-01-19
http://www.postgresql.org/docs/current/static/release-9-2-15.html	2023-01-19
http://www.postgresql.org/docs/current/static/release-9-3-11.html	2023-01-19
http://www.postgresql.org/docs/current/static/release-9-4-6.html	2023-01-19
http://www.postgresql.org/docs/current/static/release-9-5-1.html	2023-01-19
http://www.ubuntu.com/usn/USN-2894-1	2023-01-19
https://security.gentoo.org/glsa/201701-33	2023-01-19

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Postgresql Search vendor "Postgresql"		Postgresql Search vendor "Postgresql" for product "Postgresql"				>= 9.1.0 < 9.1.20 Search vendor "Postgresql" for product "Postgresql" and version " >= 9.1.0 < 9.1.20"		-		Affected
Postgresql Search vendor "Postgresql"		Postgresql Search vendor "Postgresql" for product "Postgresql"				>= 9.2 < 9.2.15 Search vendor "Postgresql" for product "Postgresql" and version " >= 9.2 < 9.2.15"		-		Affected
Postgresql Search vendor "Postgresql"		Postgresql Search vendor "Postgresql" for product "Postgresql"				>= 9.3 < 9.3.11 Search vendor "Postgresql" for product "Postgresql" and version " >= 9.3 < 9.3.11"		-		Affected
Postgresql Search vendor "Postgresql"		Postgresql Search vendor "Postgresql" for product "Postgresql"				>= 9.4 < 9.4.6 Search vendor "Postgresql" for product "Postgresql" and version " >= 9.4 < 9.4.6"		-		Affected
Postgresql Search vendor "Postgresql"		Postgresql Search vendor "Postgresql" for product "Postgresql"				9.5 Search vendor "Postgresql" for product "Postgresql" and version "9.5"		-		Affected
Canonical Search vendor "Canonical"		Ubuntu Linux Search vendor "Canonical" for product "Ubuntu Linux"				12.04 Search vendor "Canonical" for product "Ubuntu Linux" and version "12.04"		lts		Affected
Canonical Search vendor "Canonical"		Ubuntu Linux Search vendor "Canonical" for product "Ubuntu Linux"				14.04 Search vendor "Canonical" for product "Ubuntu Linux" and version "14.04"		lts		Affected
Canonical Search vendor "Canonical"		Ubuntu Linux Search vendor "Canonical" for product "Ubuntu Linux"				15.10 Search vendor "Canonical" for product "Ubuntu Linux" and version "15.10"		-		Affected
Debian Search vendor "Debian"		Debian Linux Search vendor "Debian" for product "Debian Linux"				7.0 Search vendor "Debian" for product "Debian Linux" and version "7.0"		-		Affected
Debian Search vendor "Debian"		Debian Linux Search vendor "Debian" for product "Debian Linux"				8.0 Search vendor "Debian" for product "Debian Linux" and version "8.0"		-		Affected