Mandriva Linux Security Advisory : postgresql (MDVSA-2013:142)

This script is Copyright (C) 2013-2015 Tenable Network Security, Inc.

Synopsis :

The remote Mandriva Linux host is missing one or more security

Description :

Multiple vulnerabilities has been discovered and corrected in
postgresql :

PostgreSQL 9.2.x before 9.2.3, 9.1.x before 9.1.8, 9.0.x before
9.0.12, 8.4.x before 8.4.16, and 8.3.x before 8.3.23 does not properly
declare the enum_recv function in backend/utils/adt/enum.c, which
causes it to be invoked with incorrect arguments and allows remote
authenticated users to cause a denial of service (server crash) or
read sensitive process memory via a crafted SQL command, which
triggers an array index error and an out-of-bounds read

Argument injection vulnerability in PostgreSQL 9.2.x before 9.2.4,
9.1.x before 9.1.9, and 9.0.x before 9.0.13 allows remote attackers to
cause a denial of service (file corruption), and allows remote
authenticated users to modify configuration settings and execute
arbitrary code, via a connection request using a database name that
begins with a - (hyphen) (CVE-2013-1899).

PostgreSQL 9.2.x before 9.2.4, 9.1.x before 9.1.9, 9.0.x before
9.0.13, and 8.4.x before 8.4.17, when using OpenSSL, generates
insufficiently random numbers, which might allow remote authenticated
users to have an unspecified impact via vectors related to the
contrib/pgcrypto functions. (CVE-2013-1900).

PostgreSQL 9.2.x before 9.2.4 and 9.1.x before 9.1.9 does not properly
check REPLICATION privileges, which allows remote authenticated users
to bypass intended backup restrictions by calling the (1)
pg_start_backup or (2) pg_stop_backup functions (CVE-2013-1901).

This advisory provides the latest versions of PostgreSQL that is not
vulnerable to these issues.

See also :

Solution :

Update the affected packages.

Risk factor :

High / CVSS Base Score : 8.5
CVSS Temporal Score : 7.4
Public Exploit Available : false

Family: Mandriva Local Security Checks

Nessus Plugin ID: 66154 ()

Bugtraq ID: 57844

CVE ID: CVE-2013-0255

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now