| VID |
25224 |
| Severity |
40 |
| Port |
5432 |
| Protocol |
TCP |
| Class |
DB |
| Detailed Description |
The PostgreSQL server, according to its version number, has multiple vulnerabilities. PostgreSQL is a Object-Relational database management system (DBMS) that supports an extended subset of SQL.
The version of PostgreSQL installed on the remote host is 9.5.x prior to 9.5.6. It is, therefore, affected by multiple vulnerabilities :
- An off-by-one buffer overflow condition exists in the quote_literal_cstr() function due to improper validation of certain input when it is encased entirely in single quotes or backslashes. An unauthenticated, remote attacker can exploit this to cause a denial of service condition.
- A flaw exists when handling multiple concurrent calls of the pg_strat_backup() and pg_stop_backup() functions. An unauthenticated, remote attacker can exploit this to cause a denial of service condition.
- An off-by-one buffer overflow condition exists due to improper validation of certain input when handling a filename supplied to ecpg that ends with a dot. An unauthenticated, remote attacker can exploit this to cause a denial of service condition or potentially the execution of arbitrary code.
* Note: This check solely relied on the version number of the remote PostgreSQL server to assess this vulnerability, so this might be a false positive.
* References:
https://www.postgresql.org/about/news/1733/
https://www.postgresql.org/docs/current/static/release-9-5-6.html
* Platforms Affected:
PostgreSQL prior to 9.5.6
Any operating system Any version |
| Recommendation |
Upgrade to the latest version of PostgreSQL (9.5.6 or later), available from the PostgreSQL Web page at http://www.postgresql.org/download/ |
| Related URL |
(CVE) |
| Related URL |
(SecurityFocus) |
| Related URL |
(ISS) |
|
