Test Kennung:	1.3.6.1.4.1.25623.1.0.804710
Kategorie:	Databases
Titel:	PostgreSQL Multiple Security Bypass Vulnerability (Jul 2014) - Windows
Zusammenfassung:	PostgreSQL is prone to multiple security bypass vulnerabilities.
Beschreibung:	Summary: PostgreSQL is prone to multiple security bypass vulnerabilities. Vulnerability Insight: Multiple flaws are due to: - An error when handling roles can be exploited to revoke access from other role members. - Multiple errors when handling calls to PL validator functions. - Some errors when handling name lookups. - Some boundary errors when handling wide datetime input/output. Vulnerability Impact: Successful exploitation may allow an attacker to bypass certain security restrictions, cause a DoS (Denial of Service), and potentially compromise a vulnerable system. Affected Software/OS: PostgreSQL version before 8.4.20, 9.0.x before 9.0.16, 9.1.x before 9.1.12, 9.2.x before 9.2.7, and 9.3.x before 9.3.3 Solution: Upgrade to version 9.3.3, 9.2.7, 9.1.12, 9.0.16 or 8.4.20, or later. CVSS Score: 6.5 CVSS Vector: AV:N/AC:L/Au:S/C:P/I:P/A:P
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2014-0060 61307 http://secunia.com/advisories/61307 APPLE-SA-2014-10-16-3 http://archives.neohapsis.com/archives/bugtraq/2014-10/0103.html DSA-2864 http://www.debian.org/security/2014/dsa-2864 DSA-2865 http://www.debian.org/security/2014/dsa-2865 RHSA-2014:0211 http://rhn.redhat.com/errata/RHSA-2014-0211.html RHSA-2014:0221 http://rhn.redhat.com/errata/RHSA-2014-0221.html RHSA-2014:0249 http://rhn.redhat.com/errata/RHSA-2014-0249.html RHSA-2014:0469 http://rhn.redhat.com/errata/RHSA-2014-0469.html USN-2120-1 http://www.ubuntu.com/usn/USN-2120-1 http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705 http://support.apple.com/kb/HT6448 http://wiki.postgresql.org/wiki/20140220securityrelease http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html http://www.postgresql.org/about/news/1506/ https://puppet.com/security/cve/cve-2014-0060 https://support.apple.com/kb/HT6536 openSUSE-SU-2014:0345 http://lists.opensuse.org/opensuse-updates/2014-03/msg00018.html openSUSE-SU-2014:0368 http://lists.opensuse.org/opensuse-updates/2014-03/msg00038.html Common Vulnerability Exposure (CVE) ID: CVE-2014-0061 Common Vulnerability Exposure (CVE) ID: CVE-2014-0062 65727 http://www.securityfocus.com/bid/65727 Common Vulnerability Exposure (CVE) ID: CVE-2014-0063 65719 http://www.securityfocus.com/bid/65719 http://www.postgresql.org/support/security/ https://bugzilla.redhat.com/show_bug.cgi?id=1065226 https://github.com/postgres/postgres/commit/4318daecc959886d001a6e79c6ea853e8b1dfb4b Common Vulnerability Exposure (CVE) ID: CVE-2014-0064 65725 http://www.securityfocus.com/bid/65725 https://bugzilla.redhat.com/show_bug.cgi?id=1065230 https://github.com/postgres/postgres/commit/31400a673325147e1205326008e32135a78b4d8a Common Vulnerability Exposure (CVE) ID: CVE-2014-0065 65731 http://www.securityfocus.com/bid/65731 Common Vulnerability Exposure (CVE) ID: CVE-2014-0066
Copyright	Copyright (C) 2014 Greenbone AG

Dies ist nur einer von 146377 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.