Test Kennung:	1.3.6.1.4.1.25623.1.0.811580
Kategorie:	Databases
Titel:	PostgreSQL Multiple Vulnerabilities (Aug 2017) - Linux
Zusammenfassung:	PostgreSQL is prone to multiple vulnerabilities.
Beschreibung:	Summary: PostgreSQL is prone to multiple vulnerabilities. Vulnerability Insight: Multiple flaws exist due to: - libpq, and by extension any connection driver that utilizes libpq, ignores empty passwords and does not transmit them to the server. - User had access to see the options in pg_user_mappings even if the user did not have the USAGE permission on the associated foreign server. Vulnerability Impact: Successful exploitation will allow a remote attacker to bypass security and obtain sensitive information. Affected Software/OS: PostgreSQL version 9.2.x before 9.2.22, 9.3.x before 9.3.18, 9.4.x before 9.4.13, and 9.5.x before 9.5.8 and 9.6.x before 9.6.4. Solution: Upgrade to version 9.2.22 or 9.3.18 or 9.4.13 or 9.5.8 or 9.6.4 or later. CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2017-7546 BugTraq ID: 100278 http://www.securityfocus.com/bid/100278 Debian Security Information: DSA-3935 (Google Search) http://www.debian.org/security/2017/dsa-3935 Debian Security Information: DSA-3936 (Google Search) http://www.debian.org/security/2017/dsa-3936 https://security.gentoo.org/glsa/201710-06 RedHat Security Advisories: RHSA-2017:2677 https://access.redhat.com/errata/RHSA-2017:2677 RedHat Security Advisories: RHSA-2017:2678 https://access.redhat.com/errata/RHSA-2017:2678 RedHat Security Advisories: RHSA-2017:2728 https://access.redhat.com/errata/RHSA-2017:2728 RedHat Security Advisories: RHSA-2017:2860 https://access.redhat.com/errata/RHSA-2017:2860 http://www.securitytracker.com/id/1039142 Common Vulnerability Exposure (CVE) ID: CVE-2017-7547 BugTraq ID: 100275 http://www.securityfocus.com/bid/100275
Copyright	Copyright (C) 2017 Greenbone AG

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.