Test ID:	1.3.6.1.4.1.25623.1.0.68348
Category:	Fedora Local Security Checks
Title:	Fedora Core 13 FEDORA-2010-16004 (sepostgresql)
Summary:	NOSUMMARY
Description:	Description: The remote host is missing an update to sepostgresql announced via advisory FEDORA-2010-16004. Update Information: Upgrade base version to v9.0.1 which contains various bug and security fixes. * http://www.postgresql.org/docs/9.0/static/release-9-0.html * http://www.postgresql.org/docs/9.0/static/release-9-0-1.html References: [ 1 ] Bug #583072 - CVE-2010-1170 PostgreSQL: PL/Tcl Intended restriction bypass https://bugzilla.redhat.com/show_bug.cgi?id=583072 [ 2 ] Bug #582615 - CVE-2010-1169 PostgreSQL: PL/Perl Intended restriction bypass https://bugzilla.redhat.com/show_bug.cgi?id=582615 [ 3 ] Bug #639371 - CVE-2010-3433 PostgreSQL (PL/Perl, PL/Tcl): SECURITY DEFINER function keyword bypass https://bugzilla.redhat.com/show_bug.cgi?id=639371 Solution: Apply the appropriate updates. This update can be installed with the yum update program. Use su -c 'yum update sepostgresql' at the command line. For more information, refer to Managing Software with yum, available at http://docs.fedoraproject.org/yum/. http://www.securityspace.com/smysecure/catid.html?in=FEDORA-2010-16004 Risk factor : Critical CVSS Score: 8.5
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2010-1170 1023987 http://www.securitytracker.com/id?1023987 39815 http://secunia.com/advisories/39815 39820 http://secunia.com/advisories/39820 39845 http://secunia.com/advisories/39845 39898 http://secunia.com/advisories/39898 39939 http://secunia.com/advisories/39939 40215 http://www.securityfocus.com/bid/40215 64757 http://osvdb.org/64757 ADV-2010-1167 http://www.vupen.com/english/advisories/2010/1167 ADV-2010-1182 http://www.vupen.com/english/advisories/2010/1182 ADV-2010-1197 http://www.vupen.com/english/advisories/2010/1197 ADV-2010-1198 http://www.vupen.com/english/advisories/2010/1198 ADV-2010-1207 http://www.vupen.com/english/advisories/2010/1207 ADV-2010-1221 http://www.vupen.com/english/advisories/2010/1221 DSA-2051 http://www.debian.org/security/2010/dsa-2051 FEDORA-2010-8696 http://lists.fedoraproject.org/pipermail/package-announce/2010-May/041559.html FEDORA-2010-8715 http://lists.fedoraproject.org/pipermail/package-announce/2010-May/041579.html FEDORA-2010-8723 http://lists.fedoraproject.org/pipermail/package-announce/2010-May/041591.html HPSBMU02781 http://marc.info/?l=bugtraq&m=134124585221119&w=2 MDVSA-2010:103 http://www.mandriva.com/security/advisories?name=MDVSA-2010:103 RHSA-2010:0427 http://www.redhat.com/support/errata/RHSA-2010-0427.html RHSA-2010:0428 http://www.redhat.com/support/errata/RHSA-2010-0428.html RHSA-2010:0429 http://www.redhat.com/support/errata/RHSA-2010-0429.html RHSA-2010:0430 http://www.redhat.com/support/errata/RHSA-2010-0430.html SSRT100617 SUSE-SR:2010:014 http://lists.opensuse.org/opensuse-security-announce/2010-08/msg00001.html [oss-security] 20100520 CVE-2010-1974 reject request (dupe of CVE-2010-1168) and CVE-2010-1447 description modification request http://www.openwall.com/lists/oss-security/2010/05/20/5 http://www.postgresql.org/about/news.1203 http://www.postgresql.org/docs/current/static/release-7-4-29.html http://www.postgresql.org/docs/current/static/release-8-0-25.html http://www.postgresql.org/docs/current/static/release-8-1-21.html http://www.postgresql.org/docs/current/static/release-8-2-17.html http://www.postgresql.org/docs/current/static/release-8-3-11.html http://www.postgresql.org/docs/current/static/release-8-4-4.html http://www.postgresql.org/support/security https://bugzilla.redhat.com/show_bug.cgi?id=583072 oval:org.mitre.oval:def:10510 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10510 Common Vulnerability Exposure (CVE) ID: CVE-2010-1169 1023988 http://www.securitytracker.com/id?1023988 64755 http://osvdb.org/64755 https://bugzilla.redhat.com/show_bug.cgi?id=582615 https://bugzilla.redhat.com/show_bug.cgi?id=588269 oval:org.mitre.oval:def:10645 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10645 postgresql-safe-code-execution(58693) https://exchange.xforce.ibmcloud.com/vulnerabilities/58693 Common Vulnerability Exposure (CVE) ID: CVE-2010-3433 42325 http://secunia.com/advisories/42325 43747 http://www.securityfocus.com/bid/43747 ADV-2010-3051 http://www.vupen.com/english/advisories/2010/3051 DSA-2120 http://www.debian.org/security/2010/dsa-2120 FEDORA-2010-15954 http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049591.html FEDORA-2010-15960 http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049592.html MDVSA-2010:197 http://www.mandriva.com/security/advisories?name=MDVSA-2010:197 RHSA-2010:0742 http://www.redhat.com/support/errata/RHSA-2010-0742.html RHSA-2010:0908 http://www.redhat.com/support/errata/RHSA-2010-0908.html SUSE-SR:2010:019 http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00006.html SUSE-SR:2010:020 http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00001.html USN-1002-1 http://www.ubuntu.com/usn/USN-1002-1 USN-1002-2 http://www.ubuntu.com/usn/USN-1002-2 http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705 http://www.postgresql.org/about/news.1244 http://www.postgresql.org/docs/9.0/static/release-9-0-1.html https://bugzilla.redhat.com/show_bug.cgi?id=639371 oval:org.mitre.oval:def:7291 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7291
Copyright	Copyright (c) 2010 E-Soft Inc. http://www.securityspace.com

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.