Lucene search

K
freebsdFreeBSD174B8864-6237-11E1-BE18-14DAE938EC40
HistoryFeb 27, 2012 - 12:00 a.m.

databases/postgresql*-client -- multiple vulnerabilities

2012-02-2700:00:00
vuxml.freebsd.org
15

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.009 Low

EPSS

Percentile

83.2%

The PostgreSQL Global Development Group reports:

These vulnerabilities could allow users to define triggers that
execute functions on which the user does not have EXECUTE
permission, allow SSL certificate spoofing and allow line breaks
in object names to be exploited to execute code when loading a
pg_dump file.

OSVersionArchitecturePackageVersionFilename
FreeBSDanynoarchpostgresql-client< 8.3.18UNKNOWN

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.009 Low

EPSS

Percentile

83.2%