PostgreSQL 9.0 < 9.0.23 / 9.1 < 9.1.19 / 9.2 < 9.2.14 / 9.3 < 9.3.10 / 9.4 < 9.4.5 Multiple Vulnerabilities

High Nessus Network Monitor Plugin ID 9262

Synopsis

The database running on the remote server is affected by multiple vulnerabilities.

Description

The version of PostgreSQL installed on the remote host is 9.0.x prior to 9.0.23, 9.1.x prior to 9.1.19, 9.2.x prior to 9.2.14, 9.3.x prior to 9.3.10, or 9.4.x prior to 9.4.5 and is affected by multiple vulnerabilities :

- A flaw within the 'crypt()' function included with the optional 'pgCrypto' extension could be exploited to read a few additional bytes of memory. No further details have been provided. (OSVDB 128635)
- A flaw exists that is triggered as a function is executed in an outer-subtransaction cursor. This may allow an authenticated attacker to cause a denial of service. (OSVDB 129228)
- An overflow condition exists that is triggered as user-supplied input is not properly validated when handling input related to record types, range types, json, jsonb, tsquery, ltxtquery and query_int. This may allow an authenticated attacker to cause a stack-based buffer overflow, resulting in an unspecified impact. (OSVDB 129229)
- A flaw exists that is triggered as world-readable permissions are granted to temporary files that are created during a pg_dump with tar-format output. This may allow a local attacker to gain access to sensitive information. (OSVDB 129230)
- An overflow condition exists that is triggered as user-supplied input is not properly validated when handling 'SIMILAR TO' and 'LIKE' matching regular expressions. This may allow an authenticated attacker to cause a stack overflow, resulting in a denial of service. (OSVDB 129231)

Solution

Upgrade to PostgreSQL 9.0.23 / 9.1.19 / 9.2.14 / 9.3.10 / 9.4.5, or later.

See Also

http://www.postgresql.org/about/news/1615

http://www.postgresql.org/docs/9.0/static/release-9-0-23.html

http://www.postgresql.org/docs/9.1/static/release-9-1-19.html

http://www.postgresql.org/docs/9.2/static/release-9-2-14.html

http://www.postgresql.org/docs/9.3/static/release-9-3-10.html

http://www.postgresql.org/docs/9.4/static/release-9-4-5.html

Plugin Details

Severity: High

ID: 9262

Family: Database

Published: 2016/04/22

Modified: 2016/04/22

Dependencies: 8705

Risk Information

Risk Factor: High

CVSSv2

Base Score: 7.1

Temporal Score: 6.2

Vector: CVSS2#AV:N/AC:H/Au:S/C:C/I:C/A:C

Temporal Vector: CVSS2#E:ND/RL:OF/RC:C

CVSSv3

Base Score: 7.5

Temporal Score: 7.1

Vector: CVSS3#AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS3#E:X/RL:O/RC:C

Vulnerability Information

CPE: cpe:/a:postgresql:postgresql

Patch Publication Date: 2015/10/08

Vulnerability Publication Date: 2015/10/08

Reference Information

CVE: CVE-2015-5288

BID: 77049