ID de Prueba:	1.3.6.1.4.1.25623.1.1.10.2018.0446
Categoría:	Mageia Linux Local Security Checks
Título:	Mageia: Security Advisory (MGASA-2018-0446)
Resumen:	The remote host is missing an update for the 'postgresql9.4, postgresql9.6' package(s) announced via the MGASA-2018-0446 advisory.
Descripción:	Summary: The remote host is missing an update for the 'postgresql9.4, postgresql9.6' package(s) announced via the MGASA-2018-0446 advisory. Vulnerability Insight: A flaw was found in the way Postgresql allowed a user to modify the behavior of a query for other users. An attacker with a user account could use this flaw to execute code with the permissions of superuser in the database (CVE-2018-1058). Postgresql 9.6.x before 9.6.9 is vulnerable in the adminpack extension, the pg_catalog.pg_logfile_rotate() function doesn't follow the same ACLs than pg_rorate_logfile. If the adminpack is added to a database, an attacker able to connect to it could exploit this to force log rotation (CVE-2018-1115). Andrew Krasichkov discovered that libpq did not reset all its connection state during reconnects (CVE-2018-10915). It was discovered that some 'CREATE TABLE' statements could disclose server memory (CVE-2018-10925). Fully fixing these security issues requires manual intervention. See the upstream advisories for details. Affected Software/OS: 'postgresql9.4, postgresql9.6' package(s) on Mageia 6. Solution: Please install the updated package(s). CVSS Score: 6.5 CVSS Vector: AV:N/AC:L/Au:S/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2018-1058 BugTraq ID: 103221 http://www.securityfocus.com/bid/103221 RedHat Security Advisories: RHSA-2018:2511 https://access.redhat.com/errata/RHSA-2018:2511 RedHat Security Advisories: RHSA-2018:2566 https://access.redhat.com/errata/RHSA-2018:2566 RedHat Security Advisories: RHSA-2018:3816 https://access.redhat.com/errata/RHSA-2018:3816 https://usn.ubuntu.com/3589-1/ Common Vulnerability Exposure (CVE) ID: CVE-2018-10915 BugTraq ID: 105054 http://www.securityfocus.com/bid/105054 Debian Security Information: DSA-4269 (Google Search) https://www.debian.org/security/2018/dsa-4269 https://security.gentoo.org/glsa/201810-08 https://lists.debian.org/debian-lts-announce/2018/08/msg00012.html RedHat Security Advisories: RHSA-2018:2557 https://access.redhat.com/errata/RHSA-2018:2557 RedHat Security Advisories: RHSA-2018:2565 https://access.redhat.com/errata/RHSA-2018:2565 RedHat Security Advisories: RHSA-2018:2643 https://access.redhat.com/errata/RHSA-2018:2643 RedHat Security Advisories: RHSA-2018:2721 https://access.redhat.com/errata/RHSA-2018:2721 RedHat Security Advisories: RHSA-2018:2729 https://access.redhat.com/errata/RHSA-2018:2729 http://www.securitytracker.com/id/1041446 SuSE Security Announcement: openSUSE-SU-2020:1227 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00043.html https://usn.ubuntu.com/3744-1/ Common Vulnerability Exposure (CVE) ID: CVE-2018-10925 BugTraq ID: 105052 http://www.securityfocus.com/bid/105052 Common Vulnerability Exposure (CVE) ID: CVE-2018-1115 BugTraq ID: 104285 http://www.securityfocus.com/bid/104285 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-1115 https://git.postgresql.org/gitweb/?p=postgresql.git;a=commitdiff;h=7b34740
Copyright	Copyright (C) 2022 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.