Detections
Analytics

PostgreSQL 9.0 < 9.0.23 / 9.1 < 9.1.19 / 9.2 < 9.2.14 / 9.3 < 9.3.10 / 9.4 < 9.4.5 Multiple Vulnerabilities

high Nessus Network Monitor Plugin ID 9262

Synopsis

The database running on the remote server is affected by multiple vulnerabilities.

Description

The version of PostgreSQL installed on the remote host is 9.0.x prior to 9.0.23, 9.1.x prior to 9.1.19, 9.2.x prior to 9.2.14, 9.3.x prior to 9.3.10, or 9.4.x prior to 9.4.5 and is affected by multiple vulnerabilities :

 - A flaw within the 'crypt()' function included with the optional 'pgCrypto' extension could be exploited to read a few additional bytes of memory. No further details have been provided.
 - A flaw exists that is triggered as a function is executed in an outer-subtransaction cursor. This may allow an authenticated attacker to cause a denial of service.
 - An overflow condition exists that is triggered as user-supplied input is not properly validated when handling input related to record types, range types, json, jsonb, tsquery, ltxtquery and query_int. This may allow an authenticated attacker to cause a stack-based buffer overflow, resulting in an unspecified impact.
 - A flaw exists that is triggered as world-readable permissions are granted to temporary files that are created during a pg_dump with tar-format output. This may allow a local attacker to gain access to sensitive information.
 - An overflow condition exists that is triggered as user-supplied input is not properly validated when handling 'SIMILAR TO' and 'LIKE' matching regular expressions. This may allow an authenticated attacker to cause a stack overflow, resulting in a denial of service.

Solution

Upgrade to PostgreSQL 9.0.23 / 9.1.19 / 9.2.14 / 9.3.10 / 9.4.5, or later.

See Also

http://www.postgresql.org/about/news/1615

http://www.postgresql.org/docs/9.0/static/release-9-0-23.html

http://www.postgresql.org/docs/9.1/static/release-9-1-19.html

http://www.postgresql.org/docs/9.2/static/release-9-2-14.html

http://www.postgresql.org/docs/9.3/static/release-9-3-10.html

http://www.postgresql.org/docs/9.4/static/release-9-4-5.html

Plugin Details

Severity: High

ID: 9262

Family: Database

Published: 4/22/2016

Updated: 3/6/2019

Risk Information

VPR

Risk Factor: Medium

Score: 5.2

CVSS v2

Risk Factor: High

Base Score: 7.1

Temporal Score: 6.2

Vector: CVSS2#AV:N/AC:H/Au:S/C:C/I:C/A:C

CVSS v3

Risk Factor: High

Base Score: 7.5

Temporal Score: 7.2

Vector: CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:X/RL:O/RC:C

Vulnerability Information

CPE: cpe:/a:postgresql:postgresql

Patch Publication Date: 10/8/2015

Vulnerability Publication Date: 10/8/2015

Reference Information

CVE: CVE-2015-5288

BID: 77049