Búsqueda de    
Vulnerabilidad   
    Buscar 219043 Descripciones CVE y
99761 Descripciones de Pruebas,
accesos 10,000+ referencias cruzadas.
Pruebas   CVE   Todos  

ID de Prueba:1.3.6.1.4.1.25623.1.0.811580
Categoría:Databases
Título:PostgreSQL Multiple Vulnerabilities - August17 (Linux)
Resumen:PostgreSQL is prone to multiple vulnerabilities.
Descripción:Summary:
PostgreSQL is prone to multiple vulnerabilities.

Vulnerability Insight:
Multiple flaws exist due to:

- libpq, and by extension any connection driver that utilizes libpq, ignores
empty passwords and does not transmit them to the server.

- User had access to see the options in pg_user_mappings even if the user did not
have the USAGE permission on the associated foreign server.

Vulnerability Impact:
Successful exploitation will allow a
remote attacker to bypass security and obtain sensitive information.

Affected Software/OS:
PostgreSQL version 9.2.x before 9.2.22,
9.3.x before 9.3.18, 9.4.x before 9.4.13, and 9.5.x before 9.5.8 and 9.6.x
before 9.6.4.

Solution:
Upgrade to version 9.2.22 or 9.3.18 or
9.4.13 or 9.5.8 or 9.6.4 or later.

CVSS Score:
7.5

CVSS Vector:
AV:N/AC:L/Au:N/C:P/I:P/A:P

Referencia Cruzada: BugTraq ID: 100275
BugTraq ID: 100278
Common Vulnerability Exposure (CVE) ID: CVE-2017-7546
http://www.securityfocus.com/bid/100278
Debian Security Information: DSA-3935 (Google Search)
http://www.debian.org/security/2017/dsa-3935
Debian Security Information: DSA-3936 (Google Search)
http://www.debian.org/security/2017/dsa-3936
https://security.gentoo.org/glsa/201710-06
RedHat Security Advisories: RHSA-2017:2677
https://access.redhat.com/errata/RHSA-2017:2677
RedHat Security Advisories: RHSA-2017:2678
https://access.redhat.com/errata/RHSA-2017:2678
RedHat Security Advisories: RHSA-2017:2728
https://access.redhat.com/errata/RHSA-2017:2728
RedHat Security Advisories: RHSA-2017:2860
https://access.redhat.com/errata/RHSA-2017:2860
http://www.securitytracker.com/id/1039142
Common Vulnerability Exposure (CVE) ID: CVE-2017-7547
http://www.securityfocus.com/bid/100275
CopyrightCopyright (C) 2017 Greenbone Networks GmbH

Esta es sólo una de 99761 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.

Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.




© 1998-2024 E-Soft Inc. Todos los derechos reservados.