This script is Copyright (C) 2016 Tenable Network Security, Inc.
The remote FreeBSD host is missing one or more security-related
PostgreSQL project reports :
Security Fixes for Regular Expressions, PL/Java
- CVE-2016-0773: This release closes security hole CVE-2016-0773, an
issue with regular expression (regex) parsing. Prior code allowed
users to pass in expressions which included out-of-range Unicode
characters, triggering a backend crash. This issue is critical for
PostgreSQL systems with untrusted users or which generate regexes
based on user input.
- CVE-2016-0766: The update also fixes CVE-2016-0766, a privilege
escalation issue for users of PL/Java. Certain custom configuration
settings (GUCS) for PL/Java will now be modifiable only by the
See also :
Update the affected packages.
Risk factor :
High / CVSS Base Score : 9.0