SuSE9 Security Update : PostgreSQL (YOU Patch Number 12571)

This script is Copyright (C) 2010-2012 Tenable Network Security, Inc.

Synopsis :

The remote SuSE 9 host is missing a security-related patch.

Description :

The following bugs have been fixed :

- An unprivileged, authenticated PostgreSQL user could
create a table which references functions with malicious
content. Maintenance operations carried out be the
database superuser could execute such functions.

- Embedded null bytes in the common name of SSL
certificates could bypass certificate hostname checks.

PostgreSQL was updated to the next upstream patchlevel update which
also includes several bugfixes. See the package changelog for details.

See also :

Solution :

Apply YOU patch number 12571.

Risk factor :

Medium / CVSS Base Score : 6.5

Family: SuSE Local Security Checks

Nessus Plugin ID: 44050 ()

Bugtraq ID:

CVE ID: CVE-2009-4034

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now