PostgreSQL 9.0 < 9.0.20 / 9.1 < 9.1.16 / 9.2 < 9.2.11 / 9.3 < 9.3.7 / 9.4 < 9.4.2 Multiple Vulnerabilities

Medium Nessus Network Monitor Plugin ID 8796

Synopsis

The database running on the remote server is affected by multiple vulnerabilities.

Description

The version of PostgreSQL installed on the remote host is 9.0.x prior to 9.0.20, 9.1.x prior to 9.1.16, 9.2.x prior to 9.2.11, 9.3.x prior to 9.3.7, or 9.4.x prior to 9.4.2 and is affected by multiple vulnerabilities :

- A double free memory error exists after authentication timeout, which a remote attacker can utilize to cause the program to crash. (CVE-2015-3165)
- A flaw exists in the printf() functions due to a failure to check for errors. A remote attacker can use this to gain access to sensitive information. (CVE-2015-3166)
- pgcrypto has multiple error messages for decryption with an incorrect key. A remote attacker can use this to recover keys from other systems. (CVE-2015-3167)

Solution

Upgrade to PostgreSQL 9.0.20 / 9.1.16 / 9.2.11 / 9.3.7 / 9.4.2, or later.

See Also

http://www.postgresql.org/about/news/1587

http://www.postgresql.org/docs/9.0/static/release-9-0-20.html

http://www.postgresql.org/docs/9.1/static/release-9-1-16.html

http://www.postgresql.org/docs/9.2/static/release-9-2-11.html

http://www.postgresql.org/docs/9.3/static/release-9-3-7.html

http://www.postgresql.org/docs/9.4/static/release-9-4-2.html

Plugin Details

Severity: Medium

ID: 8796

Family: Database

Published: 2015/07/10

Modified: 2016/02/05

Dependencies: 8705

Nessus ID: 83818

Risk Information

Risk Factor: Medium

CVSSv2

Base Score: 5.5

Temporal Score: 4.8

Vector: CVSS2#AV:N/AC:L/Au:S/C:P/I:N/A:P

Temporal Vector: CVSS2#E:ND/RL:OF/RC:C

CVSSv3

Base Score: 5.3

Temporal Score: 5

Vector: CVSS3#AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L

Temporal Vector: CVSS3#E:X/RL:O/RC:C

Vulnerability Information

CPE: cpe:/a:postgresql:postgresql

Patch Publication Date: 2015/05/22

Vulnerability Publication Date: 2015/05/22

Reference Information

CVE: CVE-2015-3165, CVE-2015-3166, CVE-2015-3167

BID: 74787, 74789, 74790

IAVB: 2015-B-0068