English | Deutsch | Español
 
Inicial ▼
Página inicial Acerca Nuestro Contáctenos Privacidad Programas de Asociados Testimonios En la Prensa Listas de Correos Abuso Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
 
Auditorias ▼
Inicial Dedicada Avanzada Estándar Periódica Sin Riesgo Escritorio Básica Sello FAQ Resumen de Precio/Funciones Ordenar Nuevas Pruebas Todas las Pruebas Confidencialidad Búsqueda de Vulnerabilidad Ejecutar Auditoría Programador IP Permissions Auditorías Personalizadas Cola Recordatorio Sellos Informes Estilos de Informes
DNS
Administrado ▼
Acerca de DNS Ordenar/Renovar Preguntas Frecuentes AUP Dynamic DNS Clients
Configurar Dominios Dynamic DNS Update Password
Monitoreo
de Redes ▼
Enterprise Avanzado Estándarr Prueba Preguntas Frecuentes Resumen de Precio/Funciones Ordenar Muestras
Configure/Status Alert Profiles
Research
Reports ▼
Home FAQ Glossary Archive
 Iniciar sesión/Registrarse 
 
 Búsqueda de    
Vulnerabilidad   		     Buscar 324607 Descripciones CVE y
145615 Descripciones de Pruebas,
accesos 10,000+ referencias cruzadas.
Pruebas   CVE   Todos  

ID de Prueba:1.3.6.1.4.1.25623.1.1.10.2014.0205
Categoría:Mageia Linux Local Security Checks
Título:Mageia: Security Advisory (MGASA-2014-0205)
Resumen:The remote host is missing an update for the 'postgresql9.0, postgresql9.1, postgresql9.2, postgresql9.3' package(s) announced via the MGASA-2014-0205 advisory.
Descripción:Summary:
The remote host is missing an update for the 'postgresql9.0, postgresql9.1, postgresql9.2, postgresql9.3' package(s) announced via the MGASA-2014-0205 advisory.

Vulnerability Insight:
Updated postgresql packages fix security vulnerabilities:

Granting a role without ADMIN OPTION is supposed to prevent the
grantee from adding or removing members from the granted role, but
this restriction was easily bypassed by doing SET ROLE first. The
security impact is mostly that a role member can revoke the access
of others, contrary to the wishes of his grantor. Unapproved role
member additions are a lesser concern, since an uncooperative role
member could provide most of his rights to others anyway by creating
views or SECURITY DEFINER functions (CVE-2014-0060).

The primary role of PL validator functions is to be called implicitly
during CREATE FUNCTION, but they are also normal SQL functions
that a user can call explicitly. Calling a validator on a function
actually written in some other language was not checked for and could
be exploited for privilege-escalation purposes. The fix involves
adding a call to a privilege-checking function in each validator
function. Non-core procedural languages will also need to make this
change to their own validator functions, if any (CVE-2014-0061).

If the name lookups come to different conclusions due to concurrent
activity, we might perform some parts of the DDL on a different
table than other parts. At least in the case of CREATE INDEX, this
can be used to cause the permissions checks to be performed against
a different table than the index creation, allowing for a privilege
escalation attack (CVE-2014-0062).

The MAXDATELEN constant was too small for the longest possible value of
type interval, allowing a buffer overrun in interval_out(). Although
the datetime input functions were more careful about avoiding buffer
overrun, the limit was short enough to cause them to reject some valid
inputs, such as input containing a very long timezone name. The ecpg
library contained these vulnerabilities along with some of its own
(CVE-2014-0063).

Several functions, mostly type input functions, calculated an
allocation size without checking for overflow. If overflow did
occur, a too-small buffer would be allocated and then written past
(CVE-2014-0064).

Use strlcpy() and related functions to provide a clear guarantee
that fixed-size buffers are not overrun. Unlike the preceding items,
it is unclear whether these cases really represent live issues,
since in most cases there appear to be previous constraints on the
size of the input string. Nonetheless it seems prudent to silence
all Coverity warnings of this type (CVE-2014-0065).

There are relatively few scenarios in which crypt() could return NULL,
but contrib/chkpass would crash if it did. One practical case in which
this could be an issue is if libc is configured to refuse to execute
unapproved hashing algorithms (e.g., FIPS mode) (CVE-2014-0066).

Since the temporary server started by make check uses trust
authentication, another user on the same machine could connect to it
as ... [Please see the references for more information on the vulnerabilities]

Affected Software/OS:
'postgresql9.0, postgresql9.1, postgresql9.2, postgresql9.3' package(s) on Mageia 4.

Solution:
Please install the updated package(s).

CVSS Score:
6.5

CVSS Vector:
AV:N/AC:L/Au:S/C:P/I:P/A:P

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2014-0060
61307
http://secunia.com/advisories/61307
APPLE-SA-2014-10-16-3
http://archives.neohapsis.com/archives/bugtraq/2014-10/0103.html
DSA-2864
http://www.debian.org/security/2014/dsa-2864
DSA-2865
http://www.debian.org/security/2014/dsa-2865
RHSA-2014:0211
http://rhn.redhat.com/errata/RHSA-2014-0211.html
RHSA-2014:0221
http://rhn.redhat.com/errata/RHSA-2014-0221.html
RHSA-2014:0249
http://rhn.redhat.com/errata/RHSA-2014-0249.html
RHSA-2014:0469
http://rhn.redhat.com/errata/RHSA-2014-0469.html
USN-2120-1
http://www.ubuntu.com/usn/USN-2120-1
http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705
http://support.apple.com/kb/HT6448
http://wiki.postgresql.org/wiki/20140220securityrelease
http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html
http://www.postgresql.org/about/news/1506/
https://puppet.com/security/cve/cve-2014-0060
https://support.apple.com/kb/HT6536
openSUSE-SU-2014:0345
http://lists.opensuse.org/opensuse-updates/2014-03/msg00018.html
openSUSE-SU-2014:0368
http://lists.opensuse.org/opensuse-updates/2014-03/msg00038.html
Common Vulnerability Exposure (CVE) ID: CVE-2014-0061
Common Vulnerability Exposure (CVE) ID: CVE-2014-0062
65727
http://www.securityfocus.com/bid/65727
Common Vulnerability Exposure (CVE) ID: CVE-2014-0063
65719
http://www.securityfocus.com/bid/65719
http://www.postgresql.org/support/security/
https://bugzilla.redhat.com/show_bug.cgi?id=1065226
https://github.com/postgres/postgres/commit/4318daecc959886d001a6e79c6ea853e8b1dfb4b
Common Vulnerability Exposure (CVE) ID: CVE-2014-0064
65725
http://www.securityfocus.com/bid/65725
https://bugzilla.redhat.com/show_bug.cgi?id=1065230
https://github.com/postgres/postgres/commit/31400a673325147e1205326008e32135a78b4d8a
Common Vulnerability Exposure (CVE) ID: CVE-2014-0065
65731
http://www.securityfocus.com/bid/65731
Common Vulnerability Exposure (CVE) ID: CVE-2014-0066
Common Vulnerability Exposure (CVE) ID: CVE-2014-0067
65721
http://www.securityfocus.com/bid/65721
APPLE-SA-2015-08-13-2
http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html
APPLE-SA-2015-09-16-4
http://lists.apple.com/archives/security-announce/2015/Sep/msg00004.html
https://support.apple.com/HT205219
https://support.apple.com/kb/HT205031
CopyrightCopyright (C) 2022 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.

Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.



© 1998-2025 E-Soft Inc. Todos los derechos reservados.