ID de Prueba:	1.3.6.1.4.1.25623.1.0.903102
Categoría:	Denial of Service
Título:	PostgreSQL PgBouncer Denial of Service Vulnerability - Windows
Resumen:	PostgreSQL PgBouncer pooler is prone to a denial of service vulnerability.
Descripción:	Summary: PostgreSQL PgBouncer pooler is prone to a denial of service vulnerability. Vulnerability Insight: An error exists within the 'add_database' function in objects.c in the pgbouncer pooler when adding new databases with an overly large name. Vulnerability Impact: Successful exploitation will allow remote attackers to cause the application to crash by creating a denial of service condition. Affected Software/OS: PostgreSQL PgBouncer Pooler version 1.5.2 and prior on Windows. Solution: Upgrade to PostgreSQL PgBouncer Pooler version 1.5.3 or later. CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2012-4575 56371 http://www.securityfocus.com/bid/56371 [oss-security] 20121102 Re: CVE Request -- pgbouncer: DoS (pooler server shutdown) by adding database with large name http://openwall.com/lists/oss-security/2012/11/02/8 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=692103 http://git.postgresql.org/gitweb/?p=pgbouncer.git%3Ba=commit%3Bh=4b92112b820830b30cd7bc91bef3dd8f35305525 https://bugzilla.redhat.com/show_bug.cgi?id=872527
Copyright	Copyright (C) 2013 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.