| VID |
25315 |
| Severity |
40 |
| Port |
5432 |
| Protocol |
TCP |
| Class |
DB |
| Detailed Description |
The version of PostgreSQL installed on the remote host is 11.x prior to 11.4. As such, it is potentially affected by a stack overflow vulnerability. Any authenticated user can overflow a stack-based buffer by changing the user's own password to a purpose-crafted value.
* References:
https://www.postgresql.org/about/news/1949/ https://access.redhat.com/security/cve/CVE-2019-10164
* Platforms Affected:
PostgreSQL 11.x prior to 11.4
Any operating system Any version |
| Recommendation |
Upgrade to the latest version of PostgreSQL (11.4 or later), available from the PostgreSQL Web page at http://www.postgresql.org/download/ |
| Related URL |
CVE-2019-10164 (CVE) |
| Related URL |
108875 (SecurityFocus) |
| Related URL |
(ISS) |
|
