Búsqueda de    
Vulnerabilidad   
    Buscar 219043 Descripciones CVE y
99761 Descripciones de Pruebas,
accesos 10,000+ referencias cruzadas.
Pruebas   CVE   Todos  

ID de Prueba:1.3.6.1.4.1.25623.1.0.808665
Categoría:Databases
Título:PostgreSQL Code Injection and Denial of Service Vulnerabilities (Linux)
Resumen:This host is running PostgreSQL and is; prone to code injection and denial of service vulnerabilities.
Descripción:Summary:
This host is running PostgreSQL and is
prone to code injection and denial of service vulnerabilities.

Vulnerability Insight:
Multiple flaws are due to

- An error in certain nested CASE expressions.

- Improper sanitization of input passed to database and role names.

Vulnerability Impact:
Successful exploitation will allow a
remote attacker to inject code and cause the server to crash.

Affected Software/OS:
PostgreSQL version before 9.1.23, 9.2.x
before 9.2.18, 9.3.x before 9.3.14, 9.4.x before 9.4.9, and 9.5.x before
9.5.4.

Solution:
Upgrade to version 9.1.23 or 9.2.18 or
9.3.14 or 9.4.9 or 9.5.4 or higher.

CVSS Score:
6.5

CVSS Vector:
AV:N/AC:L/Au:S/C:P/I:P/A:P

Referencia Cruzada: BugTraq ID: 92433
BugTraq ID: 92435
Common Vulnerability Exposure (CVE) ID: CVE-2016-5423
http://www.securityfocus.com/bid/92433
Debian Security Information: DSA-3646 (Google Search)
http://www.debian.org/security/2016/dsa-3646
https://security.gentoo.org/glsa/201701-33
RedHat Security Advisories: RHSA-2016:1781
http://rhn.redhat.com/errata/RHSA-2016-1781.html
RedHat Security Advisories: RHSA-2016:1820
http://rhn.redhat.com/errata/RHSA-2016-1820.html
RedHat Security Advisories: RHSA-2016:1821
http://rhn.redhat.com/errata/RHSA-2016-1821.html
RedHat Security Advisories: RHSA-2016:2606
http://rhn.redhat.com/errata/RHSA-2016-2606.html
RedHat Security Advisories: RHSA-2017:2425
https://access.redhat.com/errata/RHSA-2017:2425
http://www.securitytracker.com/id/1036617
Common Vulnerability Exposure (CVE) ID: CVE-2016-5424
http://www.securityfocus.com/bid/92435
CopyrightCopyright (C) 2016 Greenbone Networks GmbH

Esta es sólo una de 99761 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.

Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.




© 1998-2024 E-Soft Inc. Todos los derechos reservados.