Test Kennung:	1.3.6.1.4.1.25623.1.0.810993
Kategorie:	Databases
Titel:	PostgreSQL MITM Vulnerability (May 2017) - Windows
Zusammenfassung:	PostgreSQL is prone to a man-in-the-middle (MITM); vulnerability.
Beschreibung:	Summary: PostgreSQL is prone to a man-in-the-middle (MITM) vulnerability. Vulnerability Insight: The flaw exists due to an error in the 'libpq' component of PostgreSQL, where the 'PGREQUIRESSL' environment variable was no longer enforcing a SSL/TLS connection to a PostgreSQL server. Vulnerability Impact: Successful exploitation will allow a man-in-the-middle attacker to strip the SSL/TLS protection from a connection between a client and a server. Affected Software/OS: PostgreSQL version 9.3.x before 9.3.17, 9.4.x before 9.4.12, 9.5.x before 9.5.7, and 9.6.x before 9.6.3. Solution: Upgrade to PostgreSQL version 9.3.17 or 9.4.12 or 9.5.7 or 9.6.3 or later. CVSS Score: 4.3 CVSS Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2017-7485 BugTraq ID: 98461 http://www.securityfocus.com/bid/98461 Debian Security Information: DSA-3851 (Google Search) http://www.debian.org/security/2017/dsa-3851 https://security.gentoo.org/glsa/201710-06 RedHat Security Advisories: RHSA-2017:1677 https://access.redhat.com/errata/RHSA-2017:1677 RedHat Security Advisories: RHSA-2017:1678 https://access.redhat.com/errata/RHSA-2017:1678 RedHat Security Advisories: RHSA-2017:1838 https://access.redhat.com/errata/RHSA-2017:1838 RedHat Security Advisories: RHSA-2017:2425 https://access.redhat.com/errata/RHSA-2017:2425 http://www.securitytracker.com/id/1038476
Copyright	Copyright (C) 2017 Greenbone AG

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.