Test ID:	1.3.6.1.4.1.25623.1.0.805805
Category:	Databases
Title:	PostgreSQL Multiple Vulnerabilities (May 2015) - Linux
Summary:	PostgreSQL is prone to multiple vulnerabilities.
Description:	Summary: PostgreSQL is prone to multiple vulnerabilities. Vulnerability Insight: The following flaws exist: - CVE-2015-3165: Double 'free' after authentication timeout - CVE-2015-3166: Unanticipated errors from the standard library - CVE-2015-3167: pgcrypto has multiple error messages for decryption with an incorrect key Affected Software/OS: PostgreSQL versions prior to 9.0.20, 9.1.x prior to 9.1.16, 9.2.x prior to 9.2.11, 9.3.x prior to 9.3.7 and 9.4.x prior to 9.4.2. Solution: Update to version 9.0.20, 9.1.16, 9.2.11, 9.3.7, 9.4.2 or later. CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2015-3165 http://lists.apple.com/archives/security-announce/2015/Sep/msg00004.html BugTraq ID: 74787 http://www.securityfocus.com/bid/74787 Debian Security Information: DSA-3269 (Google Search) http://www.debian.org/security/2015/dsa-3269 Debian Security Information: DSA-3270 (Google Search) http://www.debian.org/security/2015/dsa-3270 https://security.gentoo.org/glsa/201507-20 RedHat Security Advisories: RHSA-2015:1194 http://rhn.redhat.com/errata/RHSA-2015-1194.html RedHat Security Advisories: RHSA-2015:1195 http://rhn.redhat.com/errata/RHSA-2015-1195.html RedHat Security Advisories: RHSA-2015:1196 http://rhn.redhat.com/errata/RHSA-2015-1196.html http://www.ubuntu.com/usn/USN-2621-1 Common Vulnerability Exposure (CVE) ID: CVE-2015-3166 http://ubuntu.com/usn/usn-2621-1 http://www.postgresql.org/about/news/1587/ http://www.postgresql.org/docs/9.0/static/release-9-0-20.html http://www.postgresql.org/docs/9.1/static/release-9-1-16.html http://www.postgresql.org/docs/9.2/static/release-9-2-11.html http://www.postgresql.org/docs/9.3/static/release-9-3-7.html http://www.postgresql.org/docs/9.4/static/release-9-4-2.html Common Vulnerability Exposure (CVE) ID: CVE-2015-3167
Copyright	Copyright (C) 2015 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.