ID de Prueba:	1.3.6.1.4.1.25623.1.0.67511
Categoría:	CentOS Local Security Checks
Título:	CentOS Security Advisory CESA-2010:0428 (postgresql)
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is missing updates to postgresql announced in advisory CESA-2010:0428. For details on the issues addressed in this update, please visit the referenced security advisories. Solution: Update the appropriate packages on your system. http://www.securityspace.com/smysecure/catid.html?in=CESA-2010:0428 http://www.securityspace.com/smysecure/catid.html?in=RHSA-2010:0428 https://rhn.redhat.com/errata/RHSA-2010-0428.html Risk factor : Critical CVSS Score: 8.5
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2009-4136 1023326 http://www.securitytracker.com/id?1023326 20100307 rPSA-2010-0012-1 postgresql postgresql-contrib postgresql-server http://www.securityfocus.com/archive/1/509917/100/0/threaded 37333 http://www.securityfocus.com/bid/37333 37663 http://secunia.com/advisories/37663 39820 http://secunia.com/advisories/39820 61039 http://osvdb.org/61039 ADV-2009-3519 http://www.vupen.com/english/advisories/2009/3519 ADV-2010-1197 http://www.vupen.com/english/advisories/2010/1197 FEDORA-2009-13363 https://www.redhat.com/archives/fedora-package-announce/2009-December/msg01035.html FEDORA-2009-13381 https://www.redhat.com/archives/fedora-package-announce/2009-December/msg01056.html HPSBMU02781 http://marc.info/?l=bugtraq&m=134124585221119&w=2 MDVSA-2009:333 http://www.mandriva.com/security/advisories?name=MDVSA-2009:333 RHSA-2010:0427 http://www.redhat.com/support/errata/RHSA-2010-0427.html RHSA-2010:0428 http://www.redhat.com/support/errata/RHSA-2010-0428.html RHSA-2010:0429 http://www.redhat.com/support/errata/RHSA-2010-0429.html SSRT100617 SUSE-SR:2010:001 http://lists.opensuse.org/opensuse-security-announce/2010-01/msg00007.html http://wiki.rpath.com/wiki/Advisories:rPSA-2010-0012 http://www.postgresql.org/docs/current/static/release-7-4-27.html http://www.postgresql.org/docs/current/static/release-8-0-23.html http://www.postgresql.org/docs/current/static/release-8-1-19.html http://www.postgresql.org/docs/current/static/release-8-2-15.html http://www.postgresql.org/docs/current/static/release-8-3-9.html http://www.postgresql.org/docs/current/static/release-8-4-2.html http://www.postgresql.org/support/security.html https://bugzilla.redhat.com/show_bug.cgi?id=546321 oval:org.mitre.oval:def:9358 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9358 Common Vulnerability Exposure (CVE) ID: CVE-2010-0442 1023510 http://securitytracker.com/id?1023510 37973 http://www.securityfocus.com/bid/37973 39566 http://secunia.com/advisories/39566 39939 http://secunia.com/advisories/39939 ADV-2010-1022 http://www.vupen.com/english/advisories/2010/1022 ADV-2010-1207 http://www.vupen.com/english/advisories/2010/1207 ADV-2010-1221 http://www.vupen.com/english/advisories/2010/1221 DSA-2051 http://www.debian.org/security/2010/dsa-2051 MDVSA-2010:103 http://www.mandriva.com/security/advisories?name=MDVSA-2010:103 USN-933-1 http://ubuntu.com/usn/usn-933-1 [oss-security] 20100127 Re: CVE id request: postgresql bitsubstr overflow http://www.openwall.com/lists/oss-security/2010/01/27/5 [pgsql-committers] 20100107 pgsql: Make bit/varbit substring() treat any negative length as meaning http://archives.postgresql.org/pgsql-committers/2010-01/msg00125.php [pgsql-hackers] 20100107 Re: Patch: Allow substring/replace() to get/set bit values http://archives.postgresql.org/pgsql-hackers/2010-01/msg00634.php http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=567058 http://git.postgresql.org/gitweb?p=postgresql.git%3Ba=commit%3Bh=75dea10196c31d98d98c0bafeeb576ae99c09b12 http://git.postgresql.org/gitweb?p=postgresql.git%3Ba=commit%3Bh=b15087cb39ca9e4bde3c8920fcee3741045d2b83 http://intevydis.blogspot.com/2010/01/postgresql-8023-bitsubstr-overflow.html https://bugzilla.redhat.com/show_bug.cgi?id=559194 https://bugzilla.redhat.com/show_bug.cgi?id=559259 oval:org.mitre.oval:def:9720 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9720 postgresql-substring-bo(55902) https://exchange.xforce.ibmcloud.com/vulnerabilities/55902 Common Vulnerability Exposure (CVE) ID: CVE-2010-0733 38619 http://www.securityfocus.com/bid/38619 SUSE-SR:2010:014 http://lists.opensuse.org/opensuse-security-announce/2010-08/msg00001.html [oss-security] 20100309 CVE Request: postgresql integer overflow in hash table size calculation http://www.openwall.com/lists/oss-security/2010/03/09/2 [oss-security] 20100316 Re: CVE Request: postgresql integer overflow in hash table size calculation http://www.openwall.com/lists/oss-security/2010/03/16/10 [pgsql-bugs] 20091028 BUG #5145: Complex query with lots of LEFT JOIN causes segfault http://archives.postgresql.org/pgsql-bugs/2009-10/msg00277.php [pgsql-bugs] 20091029 Re: BUG #5145: Complex query with lots of LEFT JOIN causes segfault http://archives.postgresql.org/pgsql-bugs/2009-10/msg00287.php http://archives.postgresql.org/pgsql-bugs/2009-10/msg00289.php [pgsql-bugs] 20091030 Re: BUG #5145: Complex query with lots of LEFT JOIN causes segfault http://archives.postgresql.org/pgsql-bugs/2009-10/msg00310.php http://git.postgresql.org/gitweb?p=postgresql.git%3Ba=commit%3Bh=64b057e6823655fb6c5d1f24a28f236b94dd6c54 https://bugzilla.redhat.com/show_bug.cgi?id=546621 oval:org.mitre.oval:def:10691 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10691 Common Vulnerability Exposure (CVE) ID: CVE-2010-1169 1023988 http://www.securitytracker.com/id?1023988 39815 http://secunia.com/advisories/39815 39845 http://secunia.com/advisories/39845 39898 http://secunia.com/advisories/39898 40215 http://www.securityfocus.com/bid/40215 64755 http://osvdb.org/64755 ADV-2010-1167 http://www.vupen.com/english/advisories/2010/1167 ADV-2010-1182 http://www.vupen.com/english/advisories/2010/1182 ADV-2010-1198 http://www.vupen.com/english/advisories/2010/1198 FEDORA-2010-8696 http://lists.fedoraproject.org/pipermail/package-announce/2010-May/041559.html FEDORA-2010-8715 http://lists.fedoraproject.org/pipermail/package-announce/2010-May/041579.html FEDORA-2010-8723 http://lists.fedoraproject.org/pipermail/package-announce/2010-May/041591.html RHSA-2010:0430 http://www.redhat.com/support/errata/RHSA-2010-0430.html [oss-security] 20100520 CVE-2010-1974 reject request (dupe of CVE-2010-1168) and CVE-2010-1447 description modification request http://www.openwall.com/lists/oss-security/2010/05/20/5 http://www.postgresql.org/about/news.1203 http://www.postgresql.org/docs/current/static/release-7-4-29.html http://www.postgresql.org/docs/current/static/release-8-0-25.html http://www.postgresql.org/docs/current/static/release-8-1-21.html http://www.postgresql.org/docs/current/static/release-8-2-17.html http://www.postgresql.org/docs/current/static/release-8-3-11.html http://www.postgresql.org/docs/current/static/release-8-4-4.html http://www.postgresql.org/support/security https://bugzilla.redhat.com/show_bug.cgi?id=582615 https://bugzilla.redhat.com/show_bug.cgi?id=588269 oval:org.mitre.oval:def:10645 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10645 postgresql-safe-code-execution(58693) https://exchange.xforce.ibmcloud.com/vulnerabilities/58693 Common Vulnerability Exposure (CVE) ID: CVE-2010-1170 1023987 http://www.securitytracker.com/id?1023987 64757 http://osvdb.org/64757 https://bugzilla.redhat.com/show_bug.cgi?id=583072 oval:org.mitre.oval:def:10510 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10510
Copyright	Copyright (c) 2010 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.