Databases : PostgreSQL PL/Perl and PL/Tcl Local Privilege Escalation Vulnerability

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.100843

Categoría: Databases

Título: PostgreSQL PL/Perl and PL/Tcl Local Privilege Escalation Vulnerability

Resumen: PostgreSQL is prone to a local privilege escalation vulnerability.

Descripción: Summary:
PostgreSQL is prone to a local privilege escalation vulnerability.

Vulnerability Impact:
Exploiting this issue allows local attackers to gain elevated
privileges and execute arbitrary commands with the privileges of the victim.

Affected Software/OS:
Versions prior to PostgreSQL 9.0.1 are vulnerable.

Solution:
Updates are available. Please see the references for more information.

CVSS Score:
6.0

CVSS Vector:
AV:N/AC:M/Au:S/C:P/I:P/A:P

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2010-3433
42325
http://secunia.com/advisories/42325
43747
http://www.securityfocus.com/bid/43747
ADV-2010-3051
http://www.vupen.com/english/advisories/2010/3051
DSA-2120
http://www.debian.org/security/2010/dsa-2120
FEDORA-2010-15954
http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049591.html
FEDORA-2010-15960
http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049592.html
HPSBMU02781
http://marc.info/?l=bugtraq&m=134124585221119&w=2
MDVSA-2010:197
http://www.mandriva.com/security/advisories?name=MDVSA-2010:197
RHSA-2010:0742
http://www.redhat.com/support/errata/RHSA-2010-0742.html
RHSA-2010:0908
http://www.redhat.com/support/errata/RHSA-2010-0908.html
SSRT100617
SUSE-SR:2010:019
http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00006.html
SUSE-SR:2010:020
http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00001.html
USN-1002-1
http://www.ubuntu.com/usn/USN-1002-1
USN-1002-2
http://www.ubuntu.com/usn/USN-1002-2
http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705
http://www.postgresql.org/about/news.1244
http://www.postgresql.org/docs/9.0/static/release-9-0-1.html
https://bugzilla.redhat.com/show_bug.cgi?id=639371
oval:org.mitre.oval:def:7291
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7291

Copyright Copyright (C) 2010 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.100843
Categoría:	Databases
Título:	PostgreSQL PL/Perl and PL/Tcl Local Privilege Escalation Vulnerability
Resumen:	PostgreSQL is prone to a local privilege escalation vulnerability.
Descripción:	Summary: PostgreSQL is prone to a local privilege escalation vulnerability. Vulnerability Impact: Exploiting this issue allows local attackers to gain elevated privileges and execute arbitrary commands with the privileges of the victim. Affected Software/OS: Versions prior to PostgreSQL 9.0.1 are vulnerable. Solution: Updates are available. Please see the references for more information. CVSS Score: 6.0 CVSS Vector: AV:N/AC:M/Au:S/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2010-3433 42325 http://secunia.com/advisories/42325 43747 http://www.securityfocus.com/bid/43747 ADV-2010-3051 http://www.vupen.com/english/advisories/2010/3051 DSA-2120 http://www.debian.org/security/2010/dsa-2120 FEDORA-2010-15954 http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049591.html FEDORA-2010-15960 http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049592.html HPSBMU02781 http://marc.info/?l=bugtraq&m=134124585221119&w=2 MDVSA-2010:197 http://www.mandriva.com/security/advisories?name=MDVSA-2010:197 RHSA-2010:0742 http://www.redhat.com/support/errata/RHSA-2010-0742.html RHSA-2010:0908 http://www.redhat.com/support/errata/RHSA-2010-0908.html SSRT100617 SUSE-SR:2010:019 http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00006.html SUSE-SR:2010:020 http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00001.html USN-1002-1 http://www.ubuntu.com/usn/USN-1002-1 USN-1002-2 http://www.ubuntu.com/usn/USN-1002-2 http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705 http://www.postgresql.org/about/news.1244 http://www.postgresql.org/docs/9.0/static/release-9-0-1.html https://bugzilla.redhat.com/show_bug.cgi?id=639371 oval:org.mitre.oval:def:7291 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7291
Copyright	Copyright (C) 2010 Greenbone AG