FreeBSD : PostgreSQL -- SQL injection in pg_upgrade and pg_dump (1c27a706-e3aa-11e8-b77a-6cc21735f730)
High Nessus Plugin ID 118844
SynopsisThe remote FreeBSD host is missing one or more security-related
DescriptionThe PostgreSQL project reports :
CVE-2018-16850: SQL injection in pg_upgrade and pg_dump, via CREATE
TRIGGER ... REFERENCING.
Using a purpose-crafted trigger definition, an attacker can run
arbitrary SQL statements with superuser privileges when a superuser
runs pg_upgrade on the database or during a pg_dump dump/restore
cycle. This attack requires a CREATE privilege on some non-temporary
schema or a TRIGGER privilege on a table. This is exploitable in the
default PostgreSQL configuration, where all users have CREATE
privilege on public schema.
SolutionUpdate the affected packages.