English | Deutsch | Español
 
Home ▼
Home About Us Contact Us Privacy Partner Programs Testimonials In Press Mailing Lists Abuse Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
Security
Audits ▼
Home Dedicated audits Advanced audits Standard audits Recurring audits No Risk audits Desktop audits Basic audit Security Seal FAQ Price/Feature Summary Order New Tests All Tests Confidentiality Vulnerability search Run Audit Scheduler IP Permissions Audit Configuration Editor Scan Queue Reminder Notification Schedule Seal Reports Reports Style Editor
Managed
DNS ▼
About Order FAQ Acceptable Use Policy Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password
Network
Monitor ▼
Enterprise Package Advanced Package Standard Package Free Trial FAQ Price/Feature Summary Order/Renew Examples
Configure/Status Alert Profiles
Research
Reports ▼
Home FAQ Glossary Archive
 Login/Register 
 
 Vulnerability   
Search   		     Search 324607 CVE descriptions
and 145615 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.702865
Category:Debian Local Security Checks
Title:Debian: Security Advisory (DSA-2865-1)
Summary:The remote host is missing an update for the Debian 'postgresql-9.1' package(s) announced via the DSA-2865-1 advisory.
Description:Summary:
The remote host is missing an update for the Debian 'postgresql-9.1' package(s) announced via the DSA-2865-1 advisory.

Vulnerability Insight:
Various vulnerabilities were discovered in PostgreSQL:

CVE-2014-0060 Shore up GRANT ... WITH ADMIN OPTION restrictions (Noah Misch) Granting a role without ADMIN OPTION is supposed to prevent the grantee from adding or removing members from the granted role, but this restriction was easily bypassed by doing SET ROLE first. The security impact is mostly that a role member can revoke the access of others, contrary to the wishes of his grantor. Unapproved role member additions are a lesser concern, since an uncooperative role member could provide most of his rights to others anyway by creating views or SECURITY DEFINER functions.

CVE-2014-0061 Prevent privilege escalation via manual calls to PL validator functions (Andres Freund) The primary role of PL validator functions is to be called implicitly during CREATE FUNCTION, but they are also normal SQL functions that a user can call explicitly. Calling a validator on a function actually written in some other language was not checked for and could be exploited for privilege-escalation purposes. The fix involves adding a call to a privilege-checking function in each validator function. Non-core procedural languages will also need to make this change to their own validator functions, if any.

CVE-2014-0062 Avoid multiple name lookups during table and index DDL (Robert Haas, Andres Freund) If the name lookups come to different conclusions due to concurrent activity, we might perform some parts of the DDL on a different table than other parts. At least in the case of CREATE INDEX, this can be used to cause the permissions checks to be performed against a different table than the index creation, allowing for a privilege escalation attack.

CVE-2014-0063 Prevent buffer overrun with long datetime strings (Noah Misch) The MAXDATELEN constant was too small for the longest possible value of type interval, allowing a buffer overrun in interval_out(). Although the datetime input functions were more careful about avoiding buffer overrun, the limit was short enough to cause them to reject some valid inputs, such as input containing a very long timezone name. The ecpg library contained these vulnerabilities along with some of its own.

CVE-2014-0064 CVE-2014-2669 Prevent buffer overrun due to integer overflow in size calculations (Noah Misch, Heikki Linnakangas) Several functions, mostly type input functions, calculated an allocation size without checking for overflow. If overflow did occur, a too-small buffer would be allocated and then written past.

CVE-2014-0065 Prevent overruns of fixed-size buffers (Peter Eisentraut, Jozef Mlich) Use strlcpy() and related functions to provide a clear guarantee that fixed-size buffers are not overrun. Unlike the preceding items, it is unclear whether these cases really represent live issues, since in most cases there appear to be previous constraints on the size of the input string. Nonetheless it ... [Please see the references for more information on the vulnerabilities]

Affected Software/OS:
'postgresql-9.1' package(s) on Debian 7.

Solution:
Please install the updated package(s).

CVSS Score:
6.5

CVSS Vector:
AV:N/AC:L/Au:S/C:P/I:P/A:P

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2014-0060
61307
http://secunia.com/advisories/61307
APPLE-SA-2014-10-16-3
http://archives.neohapsis.com/archives/bugtraq/2014-10/0103.html
DSA-2864
http://www.debian.org/security/2014/dsa-2864
DSA-2865
http://www.debian.org/security/2014/dsa-2865
RHSA-2014:0211
http://rhn.redhat.com/errata/RHSA-2014-0211.html
RHSA-2014:0221
http://rhn.redhat.com/errata/RHSA-2014-0221.html
RHSA-2014:0249
http://rhn.redhat.com/errata/RHSA-2014-0249.html
RHSA-2014:0469
http://rhn.redhat.com/errata/RHSA-2014-0469.html
USN-2120-1
http://www.ubuntu.com/usn/USN-2120-1
http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705
http://support.apple.com/kb/HT6448
http://wiki.postgresql.org/wiki/20140220securityrelease
http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html
http://www.postgresql.org/about/news/1506/
https://puppet.com/security/cve/cve-2014-0060
https://support.apple.com/kb/HT6536
openSUSE-SU-2014:0345
http://lists.opensuse.org/opensuse-updates/2014-03/msg00018.html
openSUSE-SU-2014:0368
http://lists.opensuse.org/opensuse-updates/2014-03/msg00038.html
Common Vulnerability Exposure (CVE) ID: CVE-2014-0061
Common Vulnerability Exposure (CVE) ID: CVE-2014-0062
65727
http://www.securityfocus.com/bid/65727
Common Vulnerability Exposure (CVE) ID: CVE-2014-0063
65719
http://www.securityfocus.com/bid/65719
http://www.postgresql.org/support/security/
https://bugzilla.redhat.com/show_bug.cgi?id=1065226
https://github.com/postgres/postgres/commit/4318daecc959886d001a6e79c6ea853e8b1dfb4b
Common Vulnerability Exposure (CVE) ID: CVE-2014-0064
65725
http://www.securityfocus.com/bid/65725
https://bugzilla.redhat.com/show_bug.cgi?id=1065230
https://github.com/postgres/postgres/commit/31400a673325147e1205326008e32135a78b4d8a
Common Vulnerability Exposure (CVE) ID: CVE-2014-0065
65731
http://www.securityfocus.com/bid/65731
Common Vulnerability Exposure (CVE) ID: CVE-2014-0066
Common Vulnerability Exposure (CVE) ID: CVE-2014-0067
65721
http://www.securityfocus.com/bid/65721
APPLE-SA-2015-08-13-2
http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html
APPLE-SA-2015-09-16-4
http://lists.apple.com/archives/security-announce/2015/Sep/msg00004.html
https://support.apple.com/HT205219
https://support.apple.com/kb/HT205031
Common Vulnerability Exposure (CVE) ID: CVE-2014-2669
Debian Security Information: DSA-2864 (Google Search)
Debian Security Information: DSA-2865 (Google Search)
RedHat Security Advisories: RHSA-2014:0221
RedHat Security Advisories: RHSA-2014:0469
CopyrightCopyright (C) 2014 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.



© 1998-2025 E-Soft Inc. All rights reserved.