The remote host is running PostgreSQL, a database application. The version of PostgreSQL is potentially affected by multiple issues :
Authenticated non-superusers can shut down the backend server by re-LOAD-ing libraries in $libdir/plugins, if any libraries are present there.
A privilege escalation issue allows some actions to be performed with superuser privileges instead of table owner privileges. This is related to the fix for CVE-2007-6600 which failed to include protection against misuse of ‘RESET SESSION AUTHORIZATION’.
If PostgreSQL is configured with LDAP authentication, and your LDAP configuration allows anonymous binds, it is possible for a user to authenticate themselves with an empty password.
Binary data 5170.prm
Vendor | Product | Version | CPE |
---|---|---|---|
postgresql | postgresql | cpe:/a:postgresql:postgresql |