Test Kennung:	1.3.6.1.4.1.25623.1.0.812309
Kategorie:	Databases
Titel:	PostgreSQL Information Disclosure Vulnerability (Dec 2017) - Windows
Zusammenfassung:	PostgreSQL is prone to an information disclosure vulnerability.
Beschreibung:	Summary: PostgreSQL is prone to an information disclosure vulnerability. Vulnerability Insight: The flaw exists as the functions json_populate_recordset and jsonb_populate_recordset are unable to handle malformed invalid input. Vulnerability Impact: Successful exploitation will allow remote authenticated users to send specially crafted data to trigger a rowtype mismatch in 'json{b}_populate_recordset' function to crash the target service or disclose potentially sensitive information. Affected Software/OS: PostgreSQL version 9.3.x before 9.3.20, 9.4.x before 9.4.15, 9.5.x before 9.5.10, 9.6.x before 9.6.6 and 10.x before 10.1. Solution: Upgrade to PostgreSQL version 10.1 or 9.6.6 or 9.5.10 or 9.4.15 or 9.3.20 or later. CVSS Score: 5.5 CVSS Vector: AV:N/AC:L/Au:S/C:P/I:N/A:P
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2017-15098 BugTraq ID: 101781 http://www.securityfocus.com/bid/101781 Debian Security Information: DSA-4027 (Google Search) https://www.debian.org/security/2017/dsa-4027 Debian Security Information: DSA-4028 (Google Search) https://www.debian.org/security/2017/dsa-4028 https://www.postgresql.org/support/security/ RedHat Security Advisories: RHSA-2018:2511 https://access.redhat.com/errata/RHSA-2018:2511 RedHat Security Advisories: RHSA-2018:2566 https://access.redhat.com/errata/RHSA-2018:2566 http://www.securitytracker.com/id/1039752
Copyright	Copyright (C) 2017 Greenbone AG

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.