Test ID:	1.3.6.1.4.1.25623.1.1.12.2025.7358.1
Category:	Ubuntu Local Security Checks
Title:	Ubuntu: Security Advisory (USN-7358-1)
Summary:	The remote host is missing an update for the 'postgresql-9.5' package(s) announced via the USN-7358-1 advisory.
Description:	Summary: The remote host is missing an update for the 'postgresql-9.5' package(s) announced via the USN-7358-1 advisory. Vulnerability Insight: Wolfgang Walther discovered that PostgreSQL incorrectly tracked tables with row security. A remote attacker could possibly use this issue to perform forbidden reads and modifications. (CVE-2024-10976) Jacob Champion discovered that PostgreSQL clients used untrusted server error messages. An attacker that is able to intercept network communications could possibly use this issue to inject error messages that could be interpreted as valid query results. (CVE-2024-10977) Tom Lane discovered that PostgreSQL incorrectly handled certain privilege assignments. A remote attacker could possibly use this issue to view or change different rows from those intended. (CVE-2024-10978) Coby Abrams discovered that PostgreSQL incorrectly handled environment variables. A remote attacker could possibly use this issue to execute arbitrary code. (CVE-2024-10979) Affected Software/OS: 'postgresql-9.5' package(s) on Ubuntu 16.04. Solution: Please install the updated package(s). CVSS Score: 9.0 CVSS Vector: AV:N/AC:L/Au:S/C:C/I:C/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2024-10976 Common Vulnerability Exposure (CVE) ID: CVE-2024-10977 Common Vulnerability Exposure (CVE) ID: CVE-2024-10978 Common Vulnerability Exposure (CVE) ID: CVE-2024-10979
Copyright	Copyright (C) 2025 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.