Amazon Linux AMI : postgresql96 (ALAS-2018-1119)

2018-12-07T00:00:00

Description

A vulnerability was found in libpq, the default PostgreSQL client library where libpq failed to properly reset its internal state between connections. If an affected version of libpq were used with 'host' or 'hostaddr' connection parameters from untrusted input, attackers could bypass client-side connection security features, obtain access to higher privileged connections or potentially cause other impact through SQL injection, by causing the PQescape() functions to malfunction.(CVE-2018-10915) It was discovered that PostgreSQL failed to properly check authorization on certain statements involved with 'INSERT ... ON CONFLICT DO UPDATE'. An attacker with 'CREATE TABLE' privileges could exploit this to read arbitrary bytes server memory. If the attacker also had certain 'INSERT' and limited 'UPDATE' privileges to a particular table, they could exploit this to update other columns in the same table.(CVE-2018-10925) It was found that pg_catalog.pg_logfile_rotate(), from the adminpack extension, did not follow the same ACLs than pg_rorate_logfile. If the adminpack is added to a database, an attacker able to connect to it could use this flaw to force log rotation.(CVE-2018-1115 )

{"id": "ALA_ALAS-2018-1119.NASL", "vendorId": null, "type": "nessus", "bulletinFamily": "scanner", "title": "Amazon Linux AMI : postgresql96 (ALAS-2018-1119)", "description": "A vulnerability was found in libpq, the default PostgreSQL client library where libpq failed to properly reset its internal state between connections. If an affected version of libpq were used with 'host' or 'hostaddr' connection parameters from untrusted input, attackers could bypass client-side connection security features, obtain access to higher privileged connections or potentially cause other impact through SQL injection, by causing the PQescape() functions to malfunction.(CVE-2018-10915)\n\nIt was discovered that PostgreSQL failed to properly check authorization on certain statements involved with 'INSERT ... ON CONFLICT DO UPDATE'. An attacker with 'CREATE TABLE' privileges could exploit this to read arbitrary bytes server memory. If the attacker also had certain 'INSERT' and limited 'UPDATE' privileges to a particular table, they could exploit this to update other columns in the same table.(CVE-2018-10925)\n\nIt was found that pg_catalog.pg_logfile_rotate(), from the adminpack extension, did not follow the same ACLs than pg_rorate_logfile. If the adminpack is added to a database, an attacker able to connect to it could use this flaw to force log rotation.(CVE-2018-1115 )", "published": "2018-12-07T00:00:00", "modified": "2020-06-09T00:00:00", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:P"}, "cvss2": {}, "cvss3": {"score": 9.1, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H"}, "href": "https://www.tenable.com/plugins/nessus/119478", "reporter": "This script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof.", "references": ["http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10925", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10915", "https://alas.aws.amazon.com/ALAS-2018-1119.html", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1115"], "cvelist": ["CVE-2018-10915", "CVE-2018-10925", "CVE-2018-1115"], "immutableFields": [], "lastseen": "2022-03-27T16:01:30", "viewCount": 15, "enchantments": {"dependencies": {"references": [{"type": "altlinux", "idList": ["1439985FB2BBD6F818D68C0558B49CBF", "5DD94B5885CE9E10B1AB50DB58BF4495", "6534D818C5F5A107890D02B31E442296", "7B02354C0BC6D76C3892BF9DF91A7B2C", "8DA449A8BBEDF97F8E87B61EC6E9A58E", "AA8ACE971A07DD6AF2FE7B20E5FEC4D1", "B4D0A4D27A15718EF93F1B5E22394CE9", "EAD4050F7D8442CA4AC68B5BD083F89C"]}, {"type": "amazon", "idList": ["ALAS-2018-1074", "ALAS-2018-1079", "ALAS-2018-1080", "ALAS-2018-1117", "ALAS-2018-1118", "ALAS-2018-1119", "ALAS2-2018-1080"]}, {"type": "centos", "idList": ["CESA-2018:2557"]}, {"type": "cve", "idList": ["CVE-2018-10915", "CVE-2018-10925", "CVE-2018-1115"]}, {"type": "debian", "idList": ["DEBIAN:DLA-1464-1:8FAE2", "DEBIAN:DLA-1464-1:9FEF5", "DEBIAN:DSA-4269-1:4963D"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2018-10915", "DEBIANCVE:CVE-2018-10925", "DEBIANCVE:CVE-2018-1115"]}, {"type": "f5", "idList": ["F5:K48209417"]}, {"type": "fedora", "idList": ["FEDORA:0F51861122EE", "FEDORA:1EF0760608FF", "FEDORA:44D0E60603F2", "FEDORA:7FADD604D40F", "FEDORA:F2CC660D2A1B"]}, {"type": "freebsd", "idList": ["96EAB874-9C79-11E8-B34B-6CC21735F730"]}, {"type": "gentoo", "idList": ["GLSA-201810-08"]}, {"type": "ibm", "idList": ["5A23BE34322F36780B2821378B1628B3331997E99E3A9C4B3B0067399EEBC3F5", "CD8271F1E3A620207AA3EAC35F944E1453EFEBC4728A88B9C3D9D0DA7F511F56"]}, {"type": "kaspersky", "idList": ["KLA11263", "KLA11300"]}, {"type": "mageia", "idList": ["MGASA-2018-0446"]}, {"type": "nessus", "idList": ["AL2_ALAS-2018-1080.NASL", "ALA_ALAS-2018-1074.NASL", "ALA_ALAS-2018-1079.NASL", "ALA_ALAS-2018-1080.NASL", "ALA_ALAS-2018-1117.NASL", "ALA_ALAS-2018-1118.NASL", "CENTOS_RHSA-2018-2557.NASL", "DEBIAN_DLA-1464.NASL", "DEBIAN_DSA-4269.NASL", "EULEROS_SA-2018-1311.NASL", "EULEROS_SA-2018-1312.NASL", "EULEROS_SA-2020-1876.NASL", "FEDORA_2018-08550A9006.NASL", "FEDORA_2018-5D1F7BD2D7.NASL", "FEDORA_2018-937C789F2A.NASL", "FEDORA_2018-BD6F9237B5.NASL", "FEDORA_2018-D8F5AEA89D.NASL", "FREEBSD_PKG_96EAB8749C7911E8B34B6CC21735F730.NASL", "GENTOO_GLSA-201810-08.NASL", "NEWSTART_CGSL_NS-SA-2019-0036_POSTGRESQL.NASL", "OPENSUSE-2018-1278.NASL", "OPENSUSE-2018-1482.NASL", "OPENSUSE-2018-638.NASL", "OPENSUSE-2018-696.NASL", "OPENSUSE-2018-955.NASL", "OPENSUSE-2019-659.NASL", "OPENSUSE-2020-1227.NASL", "ORACLELINUX_ELSA-2018-2557.NASL", "PHOTONOS_PHSA-2018-1_0-0178.NASL", "PHOTONOS_PHSA-2018-1_0-0178_POSTGRESQL.NASL", "PHOTONOS_PHSA-2018-2_0-0087.NASL", "PHOTONOS_PHSA-2018-2_0-0087_POSTGRESQL.NASL", "POSTGRESQL_20180809.NASL", "POSTGRESQL_20181115.NASL", "REDHAT-RHSA-2018-2557.NASL", "REDHAT-RHSA-2018-2643.NASL", "SL_20180823_POSTGRESQL_ON_SL7_X.NASL", "SUSE_SU-2018-1695-1.NASL", "SUSE_SU-2018-2564-1.NASL", "SUSE_SU-2018-3287-1.NASL", "SUSE_SU-2018-3377-1.NASL", "SUSE_SU-2018-3909-1.NASL", "UBUNTU_USN-3744-1.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310141083", "OPENVAS:1361412562310141084", "OPENVAS:1361412562310704269", "OPENVAS:1361412562310813751", "OPENVAS:1361412562310813752", "OPENVAS:1361412562310813753", "OPENVAS:1361412562310813754", "OPENVAS:1361412562310843619", "OPENVAS:1361412562310851787", "OPENVAS:1361412562310851808", "OPENVAS:1361412562310851957", "OPENVAS:1361412562310852079", "OPENVAS:1361412562310852156", "OPENVAS:1361412562310874475", "OPENVAS:1361412562310874590", "OPENVAS:1361412562310874591", "OPENVAS:1361412562310874941", "OPENVAS:1361412562310874971", "OPENVAS:1361412562310882943", "OPENVAS:1361412562310891464", "OPENVAS:1361412562311220181311", "OPENVAS:1361412562311220181312"]}, {"type": "oraclelinux", "idList": ["ELSA-2018-2557"]}, {"type": "osv", "idList": ["OSV:DLA-1464-1", "OSV:DSA-4269-1"]}, {"type": "photon", "idList": ["PHSA-2018-0087", "PHSA-2018-0178", "PHSA-2018-1.0-0178", "PHSA-2018-2.0-0087"]}, {"type": "postgresql", "idList": ["POSTGRESQL:CVE-2018-10915", "POSTGRESQL:CVE-2018-10925", "POSTGRESQL:CVE-2018-1115"]}, {"type": "redhat", "idList": ["RHSA-2018:2511", "RHSA-2018:2557", "RHSA-2018:2565", "RHSA-2018:2566", "RHSA-2018:2643", "RHSA-2018:2721", "RHSA-2018:2729", "RHSA-2018:3816"]}, {"type": "redhatcve", "idList": ["RH:CVE-2018-10915", "RH:CVE-2018-10925", "RH:CVE-2018-1115"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2018:1709-1", "OPENSUSE-SU-2018:1900-1", "OPENSUSE-SU-2018:2599-1", "OPENSUSE-SU-2018:3449-1", "OPENSUSE-SU-2018:4007-1", "OPENSUSE-SU-2020:1227-1"]}, {"type": "ubuntu", "idList": ["USN-3744-1"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2018-10915", "UB:CVE-2018-10925", "UB:CVE-2018-1115"]}]}, "score": {"value": 0.3, "vector": "NONE"}, "backreferences": {"references": [{"type": "amazon", "idList": ["ALAS-2018-1074", "ALAS-2018-1079", "ALAS-2018-1080"]}, {"type": "centos", "idList": ["CESA-2018:2557"]}, {"type": "cve", "idList": ["CVE-2018-10915", "CVE-2018-10925", "CVE-2018-1115"]}, {"type": "debian", "idList": ["DEBIAN:DLA-1464-1:9FEF5", "DEBIAN:DSA-4269-1:4963D"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2018-10915", "DEBIANCVE:CVE-2018-10925", "DEBIANCVE:CVE-2018-1115"]}, {"type": "f5", "idList": ["F5:K48209417"]}, {"type": "fedora", "idList": ["FEDORA:0F51861122EE", "FEDORA:1EF0760608FF", "FEDORA:44D0E60603F2", "FEDORA:7FADD604D40F", "FEDORA:F2CC660D2A1B"]}, {"type": "freebsd", "idList": ["96EAB874-9C79-11E8-B34B-6CC21735F730"]}, {"type": "gentoo", "idList": ["GLSA-201810-08"]}, {"type": "ibm", "idList": ["5A23BE34322F36780B2821378B1628B3331997E99E3A9C4B3B0067399EEBC3F5"]}, {"type": "kaspersky", "idList": ["KLA11263", "KLA11300"]}, {"type": "nessus", "idList": ["AL2_ALAS-2018-1080.NASL", "ALA_ALAS-2018-1079.NASL", "ALA_ALAS-2018-1080.NASL", "CENTOS_RHSA-2018-2557.NASL", "DEBIAN_DLA-1464.NASL", "DEBIAN_DSA-4269.NASL", "EULEROS_SA-2018-1311.NASL", "EULEROS_SA-2018-1312.NASL", "FEDORA_2018-937C789F2A.NASL", "FEDORA_2018-BD6F9237B5.NASL", "FEDORA_2018-D8F5AEA89D.NASL", "FREEBSD_PKG_96EAB8749C7911E8B34B6CC21735F730.NASL", "GENTOO_GLSA-201810-08.NASL", "OPENSUSE-2018-638.NASL", "ORACLELINUX_ELSA-2018-2557.NASL", "POSTGRESQL_20180809.NASL", "POSTGRESQL_20181115.NASL", "REDHAT-RHSA-2018-2557.NASL", "SL_20180823_POSTGRESQL_ON_SL7_X.NASL", "SUSE_SU-2018-1695-1.NASL", "UBUNTU_USN-3744-1.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310141083", "OPENVAS:1361412562310141084", "OPENVAS:1361412562310704269", "OPENVAS:1361412562310813751", "OPENVAS:1361412562310813752", "OPENVAS:1361412562310813753", "OPENVAS:1361412562310813754", "OPENVAS:1361412562310843619", "OPENVAS:1361412562310851787", "OPENVAS:1361412562310851957", "OPENVAS:1361412562310852079", "OPENVAS:1361412562310874475", "OPENVAS:1361412562310874590", "OPENVAS:1361412562310874591", "OPENVAS:1361412562310874941", "OPENVAS:1361412562310874971", "OPENVAS:1361412562310891464"]}, {"type": "oraclelinux", "idList": ["ELSA-2018-2557"]}, {"type": "photon", "idList": ["PHSA-2018-1.0-0178", "PHSA-2018-2.0-0087"]}, {"type": "postgresql", "idList": ["POSTGRESQL:CVE-2018-1115"]}, {"type": "redhat", "idList": ["RHSA-2018:2565", "RHSA-2018:2566"]}, {"type": "redhatcve", "idList": ["RH:CVE-2018-1115"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2018:1709-1"]}, {"type": "ubuntu", "idList": ["USN-3744-1"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2018-10915", "UB:CVE-2018-10925", "UB:CVE-2018-1115"]}]}, "exploitation": null, "vulnersScore": 0.3}, "_state": {"dependencies": 1659998956, "score": 1659863599}, "_internal": {"score_hash": "04f03fe8f27aa6038d0d4eb6170a47f4"}, "pluginID": "119478", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux AMI Security Advisory ALAS-2018-1119.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(119478);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/06/09\");\n\n script_cve_id(\"CVE-2018-10915\", \"CVE-2018-10925\", \"CVE-2018-1115\");\n script_xref(name:\"ALAS\", value:\"2018-1119\");\n\n script_name(english:\"Amazon Linux AMI : postgresql96 (ALAS-2018-1119)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote Amazon Linux AMI host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"A vulnerability was found in libpq, the default PostgreSQL client\nlibrary where libpq failed to properly reset its internal state\nbetween connections. If an affected version of libpq were used with\n'host' or 'hostaddr' connection parameters from untrusted input,\nattackers could bypass client-side connection security features,\nobtain access to higher privileged connections or potentially cause\nother impact through SQL injection, by causing the PQescape()\nfunctions to malfunction.(CVE-2018-10915)\n\nIt was discovered that PostgreSQL failed to properly check\nauthorization on certain statements involved with 'INSERT ... ON\nCONFLICT DO UPDATE'. An attacker with 'CREATE TABLE' privileges could\nexploit this to read arbitrary bytes server memory. If the attacker\nalso had certain 'INSERT' and limited 'UPDATE' privileges to a\nparticular table, they could exploit this to update other columns in\nthe same table.(CVE-2018-10925)\n\nIt was found that pg_catalog.pg_logfile_rotate(), from the adminpack\nextension, did not follow the same ACLs than pg_rorate_logfile. If the\nadminpack is added to a database, an attacker able to connect to it\ncould use this flaw to force log rotation.(CVE-2018-1115 )\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://alas.aws.amazon.com/ALAS-2018-1119.html\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\"Run 'yum update postgresql96' to update your system.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:postgresql96\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:postgresql96-contrib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:postgresql96-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:postgresql96-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:postgresql96-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:postgresql96-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:postgresql96-plperl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:postgresql96-plpython26\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:postgresql96-plpython27\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:postgresql96-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:postgresql96-static\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:postgresql96-test\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/05/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/12/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/12/07\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nos_ver = pregmatch(pattern: \"^AL(A|\\d)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"A\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux AMI\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (rpm_check(release:\"ALA\", reference:\"postgresql96-9.6.11-1.82.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"postgresql96-contrib-9.6.11-1.82.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"postgresql96-debuginfo-9.6.11-1.82.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"postgresql96-devel-9.6.11-1.82.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"postgresql96-docs-9.6.11-1.82.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"postgresql96-libs-9.6.11-1.82.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"postgresql96-plperl-9.6.11-1.82.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"postgresql96-plpython26-9.6.11-1.82.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"postgresql96-plpython27-9.6.11-1.82.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"postgresql96-server-9.6.11-1.82.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"postgresql96-static-9.6.11-1.82.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"postgresql96-test-9.6.11-1.82.amzn1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"postgresql96 / postgresql96-contrib / postgresql96-debuginfo / etc\");\n}\n", "naslFamily": "Amazon Linux Local Security Checks", "cpe": ["p-cpe:/a:amazon:linux:postgresql96", "p-cpe:/a:amazon:linux:postgresql96-contrib", "p-cpe:/a:amazon:linux:postgresql96-debuginfo", "p-cpe:/a:amazon:linux:postgresql96-devel", "p-cpe:/a:amazon:linux:postgresql96-docs", "p-cpe:/a:amazon:linux:postgresql96-libs", "p-cpe:/a:amazon:linux:postgresql96-plperl", "p-cpe:/a:amazon:linux:postgresql96-plpython26", "p-cpe:/a:amazon:linux:postgresql96-plpython27", "p-cpe:/a:amazon:linux:postgresql96-server", "p-cpe:/a:amazon:linux:postgresql96-static", "p-cpe:/a:amazon:linux:postgresql96-test", "cpe:/o:amazon:linux"], "solution": "Run 'yum update postgresql96' to update your system.", "nessusSeverity": "Medium", "cvssScoreSource": "", "vpr": {"risk factor": "Medium", "score": "6.7"}, "exploitAvailable": false, "exploitEase": "No known exploits are available", "patchPublicationDate": "2018-12-07T00:00:00", "vulnerabilityPublicationDate": "2018-05-10T00:00:00", "exploitableWith": []}

{"nessus": [{"lastseen": "2022-03-27T15:12:29", "description": "This update for postgresql10 fixes the following issues :\n\nPostgreSQL 10 was updated to 10.5 :\n\nhttps://www.postgresql.org/about/news/1851/\n\nhttps://www.postgresql.org/docs/current/static/release-10-5.html\n\nA dump/restore is not required for those running 10.X. However, if you use the adminpack extension, you should update it as per the first changelog entry below. Also, if the function marking mistakes mentioned in the second and third changelog entries below affect you, you will want to take steps to correct your database catalogs.\n\nSecurity issues fixed: CVE-2018-1115: Remove public execute privilege from contrib/adminpack's pg_logfile_rotate() function pg_logfile_rotate() is a deprecated wrapper for the core function pg_rotate_logfile(). When that function was changed to rely on SQL privileges for access control rather than a hard-coded superuser check, pg_logfile_rotate() should have been updated as well, but the need for this was missed. Hence, if adminpack is installed, any user could request a logfile rotation, creating a minor security issue.\nAfter installing this update, administrators should update adminpack by performing ALTER EXTENSION adminpack UPDATE in each database in which adminpack is installed (bsc#1091610).\n\nCVE-2018-10915: libpq failed to properly reset its internal state between connections. If an affected version of libpq was used with 'host' or 'hostaddr' connection parameters from untrusted input, attackers could have bypassed client-side connection security features, obtain access to higher privileged connections or potentially cause other impact SQL injection, by causing the PQescape() functions to malfunction (bsc#1104199)\n\nCVE-2018-10925: Add missing authorization check on certain statements involved with 'INSERT ... ON CONFLICT DO UPDATE'. An attacker with 'CREATE TABLE' privileges could have exploited this to read arbitrary bytes server memory. If the attacker also had certain 'INSERT' and limited 'UPDATE' privileges to a particular table, they could have exploited this to update other columns in the same table (bsc#1104202).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 9.1, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H"}, "published": "2019-01-02T00:00:00", "type": "nessus", "title": "SUSE SLED15 / SLES15 Security Update : postgresql10 (SUSE-SU-2018:2564-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-10915", "CVE-2018-10925", "CVE-2018-1115"], "modified": "2021-01-13T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:libecpg6", "p-cpe:/a:novell:suse_linux:libecpg6-debuginfo", "p-cpe:/a:novell:suse_linux:libpq5", "p-cpe:/a:novell:suse_linux:libpq5-debuginfo", "p-cpe:/a:novell:suse_linux:postgresql10", "p-cpe:/a:novell:suse_linux:postgresql10-contrib", "p-cpe:/a:novell:suse_linux:postgresql10-contrib-debuginfo", "p-cpe:/a:novell:suse_linux:postgresql10-debuginfo", "p-cpe:/a:novell:suse_linux:postgresql10-debugsource", "p-cpe:/a:novell:suse_linux:postgresql10-devel", "p-cpe:/a:novell:suse_linux:postgresql10-devel-debuginfo", "p-cpe:/a:novell:suse_linux:postgresql10-plperl", "p-cpe:/a:novell:suse_linux:postgresql10-plperl-debuginfo", "p-cpe:/a:novell:suse_linux:postgresql10-plpython", "p-cpe:/a:novell:suse_linux:postgresql10-plpython-debuginfo", "p-cpe:/a:novell:suse_linux:postgresql10-pltcl", "p-cpe:/a:novell:suse_linux:postgresql10-pltcl-debuginfo", "p-cpe:/a:novell:suse_linux:postgresql10-server", "p-cpe:/a:novell:suse_linux:postgresql10-server-debuginfo", "cpe:/o:novell:suse_linux:15"], "id": "SUSE_SU-2018-2564-1.NASL", "href": "https://www.tenable.com/plugins/nessus/120090", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2018:2564-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(120090);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/13\");\n\n script_cve_id(\"CVE-2018-10915\", \"CVE-2018-10925\", \"CVE-2018-1115\");\n\n script_name(english:\"SUSE SLED15 / SLES15 Security Update : postgresql10 (SUSE-SU-2018:2564-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"This update for postgresql10 fixes the following issues :\n\nPostgreSQL 10 was updated to 10.5 :\n\nhttps://www.postgresql.org/about/news/1851/\n\nhttps://www.postgresql.org/docs/current/static/release-10-5.html\n\nA dump/restore is not required for those running 10.X. However, if you\nuse the adminpack extension, you should update it as per the first\nchangelog entry below. Also, if the function marking mistakes\nmentioned in the second and third changelog entries below affect you,\nyou will want to take steps to correct your database catalogs.\n\nSecurity issues fixed: CVE-2018-1115: Remove public execute privilege\nfrom contrib/adminpack's pg_logfile_rotate() function\npg_logfile_rotate() is a deprecated wrapper for the core function\npg_rotate_logfile(). When that function was changed to rely on SQL\nprivileges for access control rather than a hard-coded superuser\ncheck, pg_logfile_rotate() should have been updated as well, but the\nneed for this was missed. Hence, if adminpack is installed, any user\ncould request a logfile rotation, creating a minor security issue.\nAfter installing this update, administrators should update adminpack\nby performing ALTER EXTENSION adminpack UPDATE in each database in\nwhich adminpack is installed (bsc#1091610).\n\nCVE-2018-10915: libpq failed to properly reset its internal state\nbetween connections. If an affected version of libpq was used with\n'host' or 'hostaddr' connection parameters from untrusted input,\nattackers could have bypassed client-side connection security\nfeatures, obtain access to higher privileged connections or\npotentially cause other impact SQL injection, by causing the\nPQescape() functions to malfunction (bsc#1104199)\n\nCVE-2018-10925: Add missing authorization check on certain statements\ninvolved with 'INSERT ... ON CONFLICT DO UPDATE'. An attacker with\n'CREATE TABLE' privileges could have exploited this to read arbitrary\nbytes server memory. If the attacker also had certain 'INSERT' and\nlimited 'UPDATE' privileges to a particular table, they could have\nexploited this to update other columns in the same table\n(bsc#1104202).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1091610\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1104199\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1104202\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.postgresql.org/about/news/1851/\"\n );\n # https://www.postgresql.org/docs/current/static/release-10-5.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.postgresql.org/docs/current/release-10-5.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-10915/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-10925/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-1115/\"\n );\n # https://www.suse.com/support/update/announcement/2018/suse-su-20182564-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?4549d076\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Module for Server Applications 15:zypper in -t\npatch SUSE-SLE-Module-Server-Applications-15-2018-1799=1\n\nSUSE Linux Enterprise Module for Basesystem 15:zypper in -t patch\nSUSE-SLE-Module-Basesystem-15-2018-1799=1\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libecpg6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libecpg6-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libpq5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libpq5-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:postgresql10\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:postgresql10-contrib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:postgresql10-contrib-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:postgresql10-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:postgresql10-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:postgresql10-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:postgresql10-devel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:postgresql10-plperl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:postgresql10-plperl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:postgresql10-plpython\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:postgresql10-plpython-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:postgresql10-pltcl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:postgresql10-pltcl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:postgresql10-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:postgresql10-server-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:15\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/05/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/08/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/01/02\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLED15|SLES15)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLED15 / SLES15\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES15\" && (! preg(pattern:\"^(0)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES15 SP0\", os_ver + \" SP\" + sp);\nif (os_ver == \"SLED15\" && (! preg(pattern:\"^(0)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLED15 SP0\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libecpg6-10.5-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libecpg6-debuginfo-10.5-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libpq5-10.5-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libpq5-debuginfo-10.5-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"postgresql10-10.5-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"postgresql10-contrib-10.5-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"postgresql10-contrib-debuginfo-10.5-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"postgresql10-debuginfo-10.5-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"postgresql10-debugsource-10.5-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"postgresql10-devel-10.5-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"postgresql10-devel-debuginfo-10.5-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"postgresql10-plperl-10.5-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"postgresql10-plperl-debuginfo-10.5-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"postgresql10-plpython-10.5-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"postgresql10-plpython-debuginfo-10.5-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"postgresql10-pltcl-10.5-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"postgresql10-pltcl-debuginfo-10.5-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"postgresql10-server-10.5-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"postgresql10-server-debuginfo-10.5-4.5.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libpq5-10.5-4.5.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libpq5-debuginfo-10.5-4.5.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"postgresql10-10.5-4.5.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"postgresql10-debuginfo-10.5-4.5.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"postgresql10-debugsource-10.5-4.5.1\")) flag++;\n\n\nif (flag)\n{\n set_kb_item(name:'www/0/SQLi', value:TRUE);\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"postgresql10\");\n}\n", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2022-03-27T15:54:22", "description": "The remote host is affected by the vulnerability described in GLSA-201810-08 (PostgreSQL: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in PostgreSQL. Please review the referenced CVE identifiers for details.\n In addition it was discovered that Gentoo’s PostgreSQL installation suffered from a privilege escalation vulnerability due to a runscript which called OpenRC’s checkpath() on a user controlled path and allowed user running PostgreSQL to kill arbitrary processes via PID file manipulation.\n Impact :\n\n A remote attacker could bypass certain client-side connection security features, read arbitrary server memory or alter certain data.\n In addition, a local attacker could gain privileges or cause a Denial of Service condition by killing arbitrary processes.\n Workaround :\n\n There is no known workaround at this time.", "cvss3": {"score": 9.1, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H"}, "published": "2018-10-31T00:00:00", "type": "nessus", "title": "GLSA-201810-08 : PostgreSQL: Multiple vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-10915", "CVE-2018-10925", "CVE-2018-1115"], "modified": "2022-01-31T00:00:00", "cpe": ["p-cpe:/a:gentoo:linux:postgresql", "cpe:/o:gentoo:linux"], "id": "GENTOO_GLSA-201810-08.NASL", "href": "https://www.tenable.com/plugins/nessus/118508", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 201810-08.\n#\n# The advisory text is Copyright (C) 2001-2022 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(118508);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/01/31\");\n\n script_cve_id(\"CVE-2018-10915\", \"CVE-2018-10925\", \"CVE-2018-1115\");\n script_xref(name:\"GLSA\", value:\"201810-08\");\n\n script_name(english:\"GLSA-201810-08 : PostgreSQL: Multiple vulnerabilities\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"The remote host is affected by the vulnerability described in GLSA-201810-08\n(PostgreSQL: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in PostgreSQL. Please\n review the referenced CVE identifiers for details.\n In addition it was discovered that Gentoo’s PostgreSQL installation\n suffered from a privilege escalation vulnerability due to a runscript\n which called OpenRC’s checkpath() on a user controlled path and allowed\n user running PostgreSQL to kill arbitrary processes via PID file\n manipulation.\n \nImpact :\n\n A remote attacker could bypass certain client-side connection security\n features, read arbitrary server memory or alter certain data.\n In addition, a local attacker could gain privileges or cause a Denial of\n Service condition by killing arbitrary processes.\n \nWorkaround :\n\n There is no known workaround at this time.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/201810-08\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"All PostgreSQL users up to 9.3 should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=dev-db/postgresql-9.3.24:9.3'\n All PostgreSQL 9.4 users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=dev-db/postgresql-9.4.19:9.4'\n All PostgreSQL 9.5 users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=dev-db/postgresql-9.5.14:9.5'\n All PostgreSQL 9.6 users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=dev-db/postgresql-9.6.10:9.6'\n All PostgreSQL 10 users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=dev-db/postgresql-10.5:10'\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-1115\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:postgresql\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/05/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/10/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/10/31\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"dev-db/postgresql\", unaffected:make_list(\"ge 9.3.24\", \"ge 9.4.19\", \"ge 9.5.14\", \"ge 9.6.10\", \"ge 10.5\"), vulnerable:make_list(\"lt 10.5\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:qpkg_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"PostgreSQL\");\n}\n", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2022-03-27T15:52:44", "description": "This update for postgresql10 fixes the following issues :\n\nPostgreSQL 10 was updated to 10.5 :\n\n- https://www.postgresql.org/about/news/1851/\n\n- https://www.postgresql.org/docs/current/static/release-10-5.html\n\n A dump/restore is not required for those running 10.X.\n However, if you use the adminpack extension, you should update it as per the first changelog entry below. Also, if the function marking mistakes mentioned in the second and third changelog entries below affect you, you will want to take steps to correct your database catalogs.\n\nSecurity issues fixed :\n\n - CVE-2018-1115: Remove public execute privilege from contrib/adminpack's pg_logfile_rotate() function pg_logfile_rotate() is a deprecated wrapper for the core function pg_rotate_logfile(). When that function was changed to rely on SQL privileges for access control rather than a hard-coded superuser check, pg_logfile_rotate() should have been updated as well, but the need for this was missed. Hence, if adminpack is installed, any user could request a logfile rotation, creating a minor security issue. After installing this update, administrators should update adminpack by performing ALTER EXTENSION adminpack UPDATE in each database in which adminpack is installed (bsc#1091610).\n\n - CVE-2018-10915: libpq failed to properly reset its internal state between connections. If an affected version of libpq was used with 'host' or 'hostaddr' connection parameters from untrusted input, attackers could have bypassed client-side connection security features, obtain access to higher privileged connections or potentially cause other impact SQL injection, by causing the PQescape() functions to malfunction (bsc#1104199)\n\n - CVE-2018-10925: Add missing authorization check on certain statements involved with 'INSERT ... ON CONFLICT DO UPDATE'. An attacker with 'CREATE TABLE' privileges could have exploited this to read arbitrary bytes server memory. If the attacker also had certain 'INSERT' and limited 'UPDATE' privileges to a particular table, they could have exploited this to update other columns in the same table (bsc#1104202).\n\nThis update was imported from the SUSE:SLE-15:Update update project.", "cvss3": {"score": 9.1, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H"}, "published": "2018-09-04T00:00:00", "type": "nessus", "title": "openSUSE Security Update : postgresql10 (openSUSE-2018-955)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-10915", "CVE-2018-10925", "CVE-2018-1115"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:libecpg6", "p-cpe:/a:novell:opensuse:libecpg6-32bit", "p-cpe:/a:novell:opensuse:libecpg6-32bit-debuginfo", "p-cpe:/a:novell:opensuse:libecpg6-debuginfo", "p-cpe:/a:novell:opensuse:libpq5", "p-cpe:/a:novell:opensuse:libpq5-32bit", "p-cpe:/a:novell:opensuse:libpq5-32bit-debuginfo", "p-cpe:/a:novell:opensuse:libpq5-debuginfo", "p-cpe:/a:novell:opensuse:postgresql10", "p-cpe:/a:novell:opensuse:postgresql10-contrib", "p-cpe:/a:novell:opensuse:postgresql10-contrib-debuginfo", "p-cpe:/a:novell:opensuse:postgresql10-debuginfo", "p-cpe:/a:novell:opensuse:postgresql10-debugsource", "p-cpe:/a:novell:opensuse:postgresql10-devel", "p-cpe:/a:novell:opensuse:postgresql10-devel-debuginfo", "p-cpe:/a:novell:opensuse:postgresql10-plperl", "p-cpe:/a:novell:opensuse:postgresql10-plperl-debuginfo", "p-cpe:/a:novell:opensuse:postgresql10-plpython", "p-cpe:/a:novell:opensuse:postgresql10-plpython-debuginfo", "p-cpe:/a:novell:opensuse:postgresql10-pltcl", "p-cpe:/a:novell:opensuse:postgresql10-pltcl-debuginfo", "p-cpe:/a:novell:opensuse:postgresql10-server", "p-cpe:/a:novell:opensuse:postgresql10-server-debuginfo", "p-cpe:/a:novell:opensuse:postgresql10-test", "cpe:/o:novell:opensuse:15.0"], "id": "OPENSUSE-2018-955.NASL", "href": "https://www.tenable.com/plugins/nessus/112269", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2018-955.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(112269);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2018-10915\", \"CVE-2018-10925\", \"CVE-2018-1115\");\n\n script_name(english:\"openSUSE Security Update : postgresql10 (openSUSE-2018-955)\");\n script_summary(english:\"Check for the openSUSE-2018-955 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for postgresql10 fixes the following issues :\n\nPostgreSQL 10 was updated to 10.5 :\n\n- https://www.postgresql.org/about/news/1851/\n\n- https://www.postgresql.org/docs/current/static/release-10-5.html\n\n A dump/restore is not required for those running 10.X.\n However, if you use the adminpack extension, you should\n update it as per the first changelog entry below. Also, if\n the function marking mistakes mentioned in the second and\n third changelog entries below affect you, you will want to\n take steps to correct your database catalogs.\n\nSecurity issues fixed :\n\n - CVE-2018-1115: Remove public execute privilege from\n contrib/adminpack's pg_logfile_rotate() function\n pg_logfile_rotate() is a deprecated wrapper for the core\n function pg_rotate_logfile(). When that function was\n changed to rely on SQL privileges for access control\n rather than a hard-coded superuser check,\n pg_logfile_rotate() should have been updated as well,\n but the need for this was missed. Hence, if adminpack is\n installed, any user could request a logfile rotation,\n creating a minor security issue. After installing this\n update, administrators should update adminpack by\n performing ALTER EXTENSION adminpack UPDATE in each\n database in which adminpack is installed (bsc#1091610).\n\n - CVE-2018-10915: libpq failed to properly reset its\n internal state between connections. If an affected\n version of libpq was used with 'host' or 'hostaddr'\n connection parameters from untrusted input, attackers\n could have bypassed client-side connection security\n features, obtain access to higher privileged connections\n or potentially cause other impact SQL injection, by\n causing the PQescape() functions to malfunction\n (bsc#1104199)\n\n - CVE-2018-10925: Add missing authorization check on\n certain statements involved with 'INSERT ... ON CONFLICT\n DO UPDATE'. An attacker with 'CREATE TABLE' privileges\n could have exploited this to read arbitrary bytes server\n memory. If the attacker also had certain 'INSERT' and\n limited 'UPDATE' privileges to a particular table, they\n could have exploited this to update other columns in the\n same table (bsc#1104202).\n\nThis update was imported from the SUSE:SLE-15:Update update project.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1091610\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1104199\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1104202\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.postgresql.org/about/news/1851/\"\n );\n # https://www.postgresql.org/docs/current/static/release-10-5.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.postgresql.org/docs/current/release-10-5.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected postgresql10 packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libecpg6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libecpg6-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libecpg6-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libecpg6-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libpq5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libpq5-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libpq5-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libpq5-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql10\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql10-contrib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql10-contrib-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql10-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql10-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql10-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql10-devel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql10-plperl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql10-plperl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql10-plpython\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql10-plpython-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql10-pltcl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql10-pltcl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql10-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql10-server-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql10-test\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:15.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/09/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/09/04\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE15\\.0)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"15.0\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libecpg6-10.5-lp150.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libecpg6-debuginfo-10.5-lp150.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libpq5-10.5-lp150.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libpq5-debuginfo-10.5-lp150.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"postgresql10-10.5-lp150.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"postgresql10-contrib-10.5-lp150.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"postgresql10-contrib-debuginfo-10.5-lp150.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"postgresql10-debuginfo-10.5-lp150.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"postgresql10-debugsource-10.5-lp150.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"postgresql10-devel-10.5-lp150.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"postgresql10-devel-debuginfo-10.5-lp150.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"postgresql10-plperl-10.5-lp150.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"postgresql10-plperl-debuginfo-10.5-lp150.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"postgresql10-plpython-10.5-lp150.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"postgresql10-plpython-debuginfo-10.5-lp150.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"postgresql10-pltcl-10.5-lp150.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"postgresql10-pltcl-debuginfo-10.5-lp150.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"postgresql10-server-10.5-lp150.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"postgresql10-server-debuginfo-10.5-lp150.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"postgresql10-test-10.5-lp150.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libecpg6-32bit-10.5-lp150.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libecpg6-32bit-debuginfo-10.5-lp150.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libpq5-32bit-10.5-lp150.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libpq5-32bit-debuginfo-10.5-lp150.3.3.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"postgresql10 / postgresql10-contrib / etc\");\n}\n", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2022-03-27T15:22:42", "description": "This update for postgresql10 fixes the following issues :\n\nPostgreSQL 10 was updated to 10.5 :\n\n- https://www.postgresql.org/about/news/1851/\n\n- https://www.postgresql.org/docs/current/static/release-10-5.html\n\n A dump/restore is not required for those running 10.X.\n However, if you use the adminpack extension, you should update it as per the first changelog entry below. Also, if the function marking mistakes mentioned in the second and third changelog entries below affect you, you will want to take steps to correct your database catalogs.\n\nSecurity issues fixed :\n\n - CVE-2018-1115: Remove public execute privilege from contrib/adminpack's pg_logfile_rotate() function pg_logfile_rotate() is a deprecated wrapper for the core function pg_rotate_logfile(). When that function was changed to rely on SQL privileges for access control rather than a hard-coded superuser check, pg_logfile_rotate() should have been updated as well, but the need for this was missed. Hence, if adminpack is installed, any user could request a logfile rotation, creating a minor security issue. After installing this update, administrators should update adminpack by performing ALTER EXTENSION adminpack UPDATE in each database in which adminpack is installed (bsc#1091610).\n\n - CVE-2018-10915: libpq failed to properly reset its internal state between connections. If an affected version of libpq was used with 'host' or 'hostaddr' connection parameters from untrusted input, attackers could have bypassed client-side connection security features, obtain access to higher privileged connections or potentially cause other impact SQL injection, by causing the PQescape() functions to malfunction (bsc#1104199)\n\n - CVE-2018-10925: Add missing authorization check on certain statements involved with 'INSERT ... ON CONFLICT DO UPDATE'. An attacker with 'CREATE TABLE' privileges could have exploited this to read arbitrary bytes server memory. If the attacker also had certain 'INSERT' and limited 'UPDATE' privileges to a particular table, they could have exploited this to update other columns in the same table (bsc#1104202).\n\nThis update was imported from the SUSE:SLE-15:Update update project.", "cvss3": {"score": 9.1, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H"}, "published": "2019-03-27T00:00:00", "type": "nessus", "title": "openSUSE Security Update : postgresql10 (openSUSE-2019-659)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-10915", "CVE-2018-10925", "CVE-2018-1115"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:libecpg6", "p-cpe:/a:novell:opensuse:libecpg6-32bit", "p-cpe:/a:novell:opensuse:libecpg6-32bit-debuginfo", "p-cpe:/a:novell:opensuse:libecpg6-debuginfo", "p-cpe:/a:novell:opensuse:libpq5", "p-cpe:/a:novell:opensuse:libpq5-32bit", "p-cpe:/a:novell:opensuse:libpq5-32bit-debuginfo", "p-cpe:/a:novell:opensuse:libpq5-debuginfo", "p-cpe:/a:novell:opensuse:postgresql10", "p-cpe:/a:novell:opensuse:postgresql10-contrib", "p-cpe:/a:novell:opensuse:postgresql10-contrib-debuginfo", "p-cpe:/a:novell:opensuse:postgresql10-debuginfo", "p-cpe:/a:novell:opensuse:postgresql10-debugsource", "p-cpe:/a:novell:opensuse:postgresql10-devel", "p-cpe:/a:novell:opensuse:postgresql10-devel-debuginfo", "p-cpe:/a:novell:opensuse:postgresql10-plperl", "p-cpe:/a:novell:opensuse:postgresql10-plperl-debuginfo", "p-cpe:/a:novell:opensuse:postgresql10-plpython", "p-cpe:/a:novell:opensuse:postgresql10-plpython-debuginfo", "p-cpe:/a:novell:opensuse:postgresql10-pltcl", "p-cpe:/a:novell:opensuse:postgresql10-pltcl-debuginfo", "p-cpe:/a:novell:opensuse:postgresql10-server", "p-cpe:/a:novell:opensuse:postgresql10-server-debuginfo", "p-cpe:/a:novell:opensuse:postgresql10-test", "cpe:/o:novell:opensuse:15.0"], "id": "OPENSUSE-2019-659.NASL", "href": "https://www.tenable.com/plugins/nessus/123286", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2019-659.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(123286);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2018-10915\", \"CVE-2018-10925\", \"CVE-2018-1115\");\n\n script_name(english:\"openSUSE Security Update : postgresql10 (openSUSE-2019-659)\");\n script_summary(english:\"Check for the openSUSE-2019-659 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for postgresql10 fixes the following issues :\n\nPostgreSQL 10 was updated to 10.5 :\n\n- https://www.postgresql.org/about/news/1851/\n\n- https://www.postgresql.org/docs/current/static/release-10-5.html\n\n A dump/restore is not required for those running 10.X.\n However, if you use the adminpack extension, you should\n update it as per the first changelog entry below. Also, if\n the function marking mistakes mentioned in the second and\n third changelog entries below affect you, you will want to\n take steps to correct your database catalogs.\n\nSecurity issues fixed :\n\n - CVE-2018-1115: Remove public execute privilege from\n contrib/adminpack's pg_logfile_rotate() function\n pg_logfile_rotate() is a deprecated wrapper for the core\n function pg_rotate_logfile(). When that function was\n changed to rely on SQL privileges for access control\n rather than a hard-coded superuser check,\n pg_logfile_rotate() should have been updated as well,\n but the need for this was missed. Hence, if adminpack is\n installed, any user could request a logfile rotation,\n creating a minor security issue. After installing this\n update, administrators should update adminpack by\n performing ALTER EXTENSION adminpack UPDATE in each\n database in which adminpack is installed (bsc#1091610).\n\n - CVE-2018-10915: libpq failed to properly reset its\n internal state between connections. If an affected\n version of libpq was used with 'host' or 'hostaddr'\n connection parameters from untrusted input, attackers\n could have bypassed client-side connection security\n features, obtain access to higher privileged connections\n or potentially cause other impact SQL injection, by\n causing the PQescape() functions to malfunction\n (bsc#1104199)\n\n - CVE-2018-10925: Add missing authorization check on\n certain statements involved with 'INSERT ... ON CONFLICT\n DO UPDATE'. An attacker with 'CREATE TABLE' privileges\n could have exploited this to read arbitrary bytes server\n memory. If the attacker also had certain 'INSERT' and\n limited 'UPDATE' privileges to a particular table, they\n could have exploited this to update other columns in the\n same table (bsc#1104202).\n\nThis update was imported from the SUSE:SLE-15:Update update project.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1091610\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1104199\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1104202\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.postgresql.org/about/news/1851/\"\n );\n # https://www.postgresql.org/docs/current/static/release-10-5.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.postgresql.org/docs/current/release-10-5.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected postgresql10 packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libecpg6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libecpg6-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libecpg6-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libecpg6-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libpq5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libpq5-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libpq5-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libpq5-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql10\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql10-contrib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql10-contrib-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql10-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql10-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql10-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql10-devel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql10-plperl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql10-plperl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql10-plpython\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql10-plpython-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql10-pltcl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql10-pltcl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql10-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql10-server-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql10-test\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:15.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/05/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/03/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/03/27\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE15\\.0)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"15.0\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libecpg6-10.5-lp150.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libecpg6-debuginfo-10.5-lp150.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libpq5-10.5-lp150.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libpq5-debuginfo-10.5-lp150.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"postgresql10-10.5-lp150.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"postgresql10-contrib-10.5-lp150.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"postgresql10-contrib-debuginfo-10.5-lp150.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"postgresql10-debuginfo-10.5-lp150.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"postgresql10-debugsource-10.5-lp150.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"postgresql10-devel-10.5-lp150.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"postgresql10-devel-debuginfo-10.5-lp150.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"postgresql10-plperl-10.5-lp150.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"postgresql10-plperl-debuginfo-10.5-lp150.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"postgresql10-plpython-10.5-lp150.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"postgresql10-plpython-debuginfo-10.5-lp150.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"postgresql10-pltcl-10.5-lp150.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"postgresql10-pltcl-debuginfo-10.5-lp150.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"postgresql10-server-10.5-lp150.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"postgresql10-server-debuginfo-10.5-lp150.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"postgresql10-test-10.5-lp150.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libecpg6-32bit-10.5-lp150.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libecpg6-32bit-debuginfo-10.5-lp150.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libpq5-32bit-10.5-lp150.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libpq5-32bit-debuginfo-10.5-lp150.3.3.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"postgresql10 / postgresql10-contrib / etc\");\n}\n", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2022-05-24T15:52:39", "description": "An update of the postgresql package has been released.", "cvss3": {"score": 8.1, "vector": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N"}, "published": "2019-02-07T00:00:00", "type": "nessus", "title": "Photon OS 1.0: Postgresql PHSA-2018-1.0-0178", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-10915", "CVE-2018-10925"], "modified": "2022-05-23T00:00:00", "cpe": ["p-cpe:/a:vmware:photonos:postgresql", "cpe:/o:vmware:photonos:1.0"], "id": "PHOTONOS_PHSA-2018-1_0-0178_POSTGRESQL.NASL", "href": "https://www.tenable.com/plugins/nessus/121879", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\n\n# The descriptive text and package checks in this plugin were\n# extracted from VMware Security Advisory PHSA-2018-1.0-0178. The text\n# itself is copyright (C) VMware, Inc.\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(121879);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/23\");\n\n script_cve_id(\"CVE-2018-10915\", \"CVE-2018-10925\");\n\n script_name(english:\"Photon OS 1.0: Postgresql PHSA-2018-1.0-0178\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote PhotonOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"An update of the postgresql package has been released.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://github.com/vmware/photon/wiki/Security-Updates-1.0-178.md\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected Linux packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:S/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-10915\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2018-10925\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/08/23\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/08/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/02/07\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:vmware:photonos:postgresql\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:vmware:photonos:1.0\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"PhotonOS Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/PhotonOS/release\", \"Host/PhotonOS/rpm-list\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/PhotonOS/release\");\nif (isnull(release) || release !~ \"^VMware Photon\") audit(AUDIT_OS_NOT, \"PhotonOS\");\nif (release !~ \"^VMware Photon (?:Linux|OS) 1\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"PhotonOS 1.0\");\n\nif (!get_kb_item(\"Host/PhotonOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"PhotonOS\", cpu);\n\nflag = 0;\n\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"postgresql-9.6.10-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"postgresql-9.6.10-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"postgresql-debuginfo-9.6.10-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"postgresql-debuginfo-9.6.10-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"postgresql-devel-9.6.10-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"postgresql-devel-9.6.10-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"postgresql-libs-9.6.10-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"postgresql-libs-9.6.10-1.ph1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"postgresql\");\n}\n", "cvss": {"score": 6, "vector": "AV:N/AC:M/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2022-05-24T15:51:55", "description": "An update of the postgresql package has been released.", "cvss3": {"score": 8.1, "vector": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N"}, "published": "2019-02-07T00:00:00", "type": "nessus", "title": "Photon OS 2.0: Postgresql PHSA-2018-2.0-0087", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-10915", "CVE-2018-10925"], "modified": "2022-05-23T00:00:00", "cpe": ["p-cpe:/a:vmware:photonos:postgresql", "cpe:/o:vmware:photonos:2.0"], "id": "PHOTONOS_PHSA-2018-2_0-0087_POSTGRESQL.NASL", "href": "https://www.tenable.com/plugins/nessus/121988", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\n\n# The descriptive text and package checks in this plugin were\n# extracted from VMware Security Advisory PHSA-2018-2.0-0087. The text\n# itself is copyright (C) VMware, Inc.\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(121988);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/23\");\n\n script_cve_id(\"CVE-2018-10915\", \"CVE-2018-10925\");\n\n script_name(english:\"Photon OS 2.0: Postgresql PHSA-2018-2.0-0087\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote PhotonOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"An update of the postgresql package has been released.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://github.com/vmware/photon/wiki/Security-Updates-2-87.md\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected Linux packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:S/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-10915\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2018-10925\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/08/24\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/08/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/02/07\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:vmware:photonos:postgresql\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:vmware:photonos:2.0\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"PhotonOS Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/PhotonOS/release\", \"Host/PhotonOS/rpm-list\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/PhotonOS/release\");\nif (isnull(release) || release !~ \"^VMware Photon\") audit(AUDIT_OS_NOT, \"PhotonOS\");\nif (release !~ \"^VMware Photon (?:Linux|OS) 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"PhotonOS 2.0\");\n\nif (!get_kb_item(\"Host/PhotonOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"PhotonOS\", cpu);\n\nflag = 0;\n\nif (rpm_check(release:\"PhotonOS-2.0\", reference:\"postgresql-9.6.10-1.ph2\")) flag++;\nif (rpm_check(release:\"PhotonOS-2.0\", reference:\"postgresql-9.6.10-1.ph2\")) flag++;\nif (rpm_check(release:\"PhotonOS-2.0\", reference:\"postgresql-debuginfo-9.6.10-1.ph2\")) flag++;\nif (rpm_check(release:\"PhotonOS-2.0\", reference:\"postgresql-debuginfo-9.6.10-1.ph2\")) flag++;\nif (rpm_check(release:\"PhotonOS-2.0\", reference:\"postgresql-devel-9.6.10-1.ph2\")) flag++;\nif (rpm_check(release:\"PhotonOS-2.0\", reference:\"postgresql-devel-9.6.10-1.ph2\")) flag++;\nif (rpm_check(release:\"PhotonOS-2.0\", reference:\"postgresql-libs-9.6.10-1.ph2\")) flag++;\nif (rpm_check(release:\"PhotonOS-2.0\", reference:\"postgresql-libs-9.6.10-1.ph2\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"postgresql\");\n}\n", "cvss": {"score": 6, "vector": "AV:N/AC:M/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2022-03-27T15:16:26", "description": "update to 10.5, CVE-2018-10915, CVE-2018-10925\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 7.5, "vector": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}, "published": "2019-01-03T00:00:00", "type": "nessus", "title": "Fedora 28 : postgresql (2018-5d1f7bd2d7)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-10915", "CVE-2018-10925"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:postgresql", "cpe:/o:fedoraproject:fedora:28"], "id": "FEDORA_2018-5D1F7BD2D7.NASL", "href": "https://www.tenable.com/plugins/nessus/120455", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2018-5d1f7bd2d7.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(120455);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2018-10915\", \"CVE-2018-10925\");\n script_xref(name:\"FEDORA\", value:\"2018-5d1f7bd2d7\");\n\n script_name(english:\"Fedora 28 : postgresql (2018-5d1f7bd2d7)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"update to 10.5, CVE-2018-10915, CVE-2018-10925\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2018-5d1f7bd2d7\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected postgresql package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:S/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-10915\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:postgresql\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:28\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/08/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/08/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/01/03\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^28([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 28\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC28\", reference:\"postgresql-10.5-1.fc28\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"postgresql\");\n}\n", "cvss": {"score": 6, "vector": "AV:N/AC:M/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2022-03-27T15:52:18", "description": "A vulnerability was found in libpq, the default PostgreSQL client library where libpq failed to properly reset its internal state between connections. If an affected version of libpq were used with 'host' or 'hostaddr' connection parameters from untrusted input, attackers could bypass client-side connection security features, obtain access to higher privileged connections or potentially cause other impact through SQL injection, by causing the PQescape() functions to malfunction.(CVE-2018-10915)\n\nIt was discovered that PostgreSQL failed to properly check authorization on certain statements involved with 'INSERT ... ON CONFLICT DO UPDATE'. An attacker with 'CREATE TABLE' privileges could exploit this to read arbitrary bytes server memory. If the attacker also had certain 'INSERT' and limited 'UPDATE' privileges to a particular table, they could exploit this to update other columns in the same table.(CVE-2018-10925)", "cvss3": {"score": 8.1, "vector": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N"}, "published": "2018-09-07T00:00:00", "type": "nessus", "title": "Amazon Linux AMI : postgresql96 (ALAS-2018-1074)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-10915", "CVE-2018-10925"], "modified": "2018-10-19T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:postgresql96", "p-cpe:/a:amazon:linux:postgresql96-contrib", "p-cpe:/a:amazon:linux:postgresql96-debuginfo", "p-cpe:/a:amazon:linux:postgresql96-devel", "p-cpe:/a:amazon:linux:postgresql96-docs", "p-cpe:/a:amazon:linux:postgresql96-libs", "p-cpe:/a:amazon:linux:postgresql96-plperl", "p-cpe:/a:amazon:linux:postgresql96-plpython26", "p-cpe:/a:amazon:linux:postgresql96-plpython27", "p-cpe:/a:amazon:linux:postgresql96-server", "p-cpe:/a:amazon:linux:postgresql96-static", "p-cpe:/a:amazon:linux:postgresql96-test", "cpe:/o:amazon:linux"], "id": "ALA_ALAS-2018-1074.NASL", "href": "https://www.tenable.com/plugins/nessus/117346", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux AMI Security Advisory ALAS-2018-1074.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(117346);\n script_version(\"1.3\");\n script_cvs_date(\"Date: 2018/10/19 9:33:04\");\n\n script_cve_id(\"CVE-2018-10915\", \"CVE-2018-10925\");\n script_xref(name:\"ALAS\", value:\"2018-1074\");\n\n script_name(english:\"Amazon Linux AMI : postgresql96 (ALAS-2018-1074)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Amazon Linux AMI host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A vulnerability was found in libpq, the default PostgreSQL client\nlibrary where libpq failed to properly reset its internal state\nbetween connections. If an affected version of libpq were used with\n'host' or 'hostaddr' connection parameters from untrusted input,\nattackers could bypass client-side connection security features,\nobtain access to higher privileged connections or potentially cause\nother impact through SQL injection, by causing the PQescape()\nfunctions to malfunction.(CVE-2018-10915)\n\nIt was discovered that PostgreSQL failed to properly check\nauthorization on certain statements involved with 'INSERT ... ON\nCONFLICT DO UPDATE'. An attacker with 'CREATE TABLE' privileges could\nexploit this to read arbitrary bytes server memory. If the attacker\nalso had certain 'INSERT' and limited 'UPDATE' privileges to a\nparticular table, they could exploit this to update other columns in\nthe same table.(CVE-2018-10925)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://alas.aws.amazon.com/ALAS-2018-1074.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Run 'yum update postgresql96' to update your system.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:S/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:postgresql96\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:postgresql96-contrib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:postgresql96-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:postgresql96-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:postgresql96-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:postgresql96-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:postgresql96-plperl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:postgresql96-plpython26\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:postgresql96-plpython27\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:postgresql96-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:postgresql96-static\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:postgresql96-test\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/09/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/09/07\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nos_ver = pregmatch(pattern: \"^AL(A|\\d)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"A\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux AMI\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (rpm_check(release:\"ALA\", reference:\"postgresql96-9.6.10-1.81.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"postgresql96-contrib-9.6.10-1.81.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"postgresql96-debuginfo-9.6.10-1.81.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"postgresql96-devel-9.6.10-1.81.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"postgresql96-docs-9.6.10-1.81.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"postgresql96-libs-9.6.10-1.81.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"postgresql96-plperl-9.6.10-1.81.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"postgresql96-plpython26-9.6.10-1.81.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"postgresql96-plpython27-9.6.10-1.81.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"postgresql96-server-9.6.10-1.81.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"postgresql96-static-9.6.10-1.81.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"postgresql96-test-9.6.10-1.81.amzn1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"postgresql96 / postgresql96-contrib / postgresql96-debuginfo / etc\");\n}\n", "cvss": {"score": 6, "vector": "AV:N/AC:M/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2022-07-12T15:15:34", "description": "Two vulnerabilities have been found in the PostgreSQL database system :\n\n - CVE-2018-10915 Andrew Krasichkov discovered that libpq did not reset all its connection state during reconnects.\n\n - CVE-2018-10925 It was discovered that some 'CREATE TABLE' statements could disclose server memory.\n\nFor additional information please refer to the upstream announcement at https://www.postgresql.org/about/news/1878/", "cvss3": {"score": 8.1, "vector": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N"}, "published": "2018-08-13T00:00:00", "type": "nessus", "title": "Debian DSA-4269-1 : postgresql-9.6 - security update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-10915", "CVE-2018-10925"], "modified": "2018-11-13T00:00:00", "cpe": ["cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "p-cpe:2.3:a:debian:debian_linux:postgresql-9.6:*:*:*:*:*:*:*"], "id": "DEBIAN_DSA-4269.NASL", "href": "https://www.tenable.com/plugins/nessus/111653", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-4269. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(111653);\n script_version(\"1.5\");\n script_cvs_date(\"Date: 2018/11/13 12:30:47\");\n\n script_cve_id(\"CVE-2018-10915\", \"CVE-2018-10925\");\n script_xref(name:\"DSA\", value:\"4269\");\n\n script_name(english:\"Debian DSA-4269-1 : postgresql-9.6 - security update\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Two vulnerabilities have been found in the PostgreSQL database system\n:\n\n - CVE-2018-10915\n Andrew Krasichkov discovered that libpq did not reset\n all its connection state during reconnects.\n\n - CVE-2018-10925\n It was discovered that some 'CREATE TABLE' statements\n could disclose server memory.\n\nFor additional information please refer to the upstream announcement\nat https://www.postgresql.org/about/news/1878/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2018-10915\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2018-10925\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.postgresql.org/about/news/1878/\"\n );\n # https://security-tracker.debian.org/tracker/source-package/postgresql-9.6\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?350b32e8\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/stretch/postgresql-9.6\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2018/dsa-4269\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the postgresql-9.6 packages.\n\nFor the stable distribution (stretch), these problems have been fixed\nin version 9.6.10-0+deb9u1.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:S/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:postgresql-9.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:9.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/08/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/08/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"9.0\", prefix:\"libecpg-compat3\", reference:\"9.6.10-0+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libecpg-dev\", reference:\"9.6.10-0+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libecpg6\", reference:\"9.6.10-0+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libpgtypes3\", reference:\"9.6.10-0+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libpq-dev\", reference:\"9.6.10-0+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libpq5\", reference:\"9.6.10-0+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"postgresql-9.6\", reference:\"9.6.10-0+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"postgresql-9.6-dbg\", reference:\"9.6.10-0+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"postgresql-client-9.6\", reference:\"9.6.10-0+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"postgresql-contrib-9.6\", reference:\"9.6.10-0+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"postgresql-doc-9.6\", reference:\"9.6.10-0+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"postgresql-plperl-9.6\", reference:\"9.6.10-0+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"postgresql-plpython-9.6\", reference:\"9.6.10-0+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"postgresql-plpython3-9.6\", reference:\"9.6.10-0+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"postgresql-pltcl-9.6\", reference:\"9.6.10-0+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"postgresql-server-dev-9.6\", reference:\"9.6.10-0+deb9u1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 6, "vector": "CVSS2#AV:N/AC:M/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2022-03-27T15:50:35", "description": "The PostgreSQL project reports :\n\nCVE-2018-10915: Certain host connection parameters defeat client-side security defenses\n\nlibpq, the client connection API for PostgreSQL that is also used by other connection libraries, had an internal issue where it did not reset all of its connection state variables when attempting to reconnect. In particular, the state variable that determined whether or not a password is needed for a connection would not be reset, which could allow users of features requiring libpq, such as the 'dblink' or 'postgres_fdw' extensions, to login to servers they should not be able to access.\n\nCVE-2018-10925: Memory disclosure and missing authorization in `INSERT ... ON CONFLICT DO UPDATE`\n\nAn attacker able to issue CREATE TABLE can read arbitrary bytes of server memory using an upsert (`INSERT ... ON CONFLICT DO UPDATE`) query. By default, any user can exploit that. A user that has specific INSERT privileges and an UPDATE privilege on at least one column in a given table can also update other columns using a view and an upsert query.", "cvss3": {"score": 8.1, "vector": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N"}, "published": "2018-08-13T00:00:00", "type": "nessus", "title": "FreeBSD : PostgreSQL -- two vulnerabilities (96eab874-9c79-11e8-b34b-6cc21735f730)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-10915", "CVE-2018-10925"], "modified": "2018-11-10T00:00:00", "cpe": ["p-cpe:/a:freebsd:freebsd:postgresql10-server", "p-cpe:/a:freebsd:freebsd:postgresql93-server", "p-cpe:/a:freebsd:freebsd:postgresql94-server", "p-cpe:/a:freebsd:freebsd:postgresql95-server", "p-cpe:/a:freebsd:freebsd:postgresql96-server", "cpe:/o:freebsd:freebsd"], "id": "FREEBSD_PKG_96EAB8749C7911E8B34B6CC21735F730.NASL", "href": "https://www.tenable.com/plugins/nessus/111656", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2018 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(111656);\n script_version(\"1.4\");\n script_cvs_date(\"Date: 2018/11/10 11:49:47\");\n\n script_cve_id(\"CVE-2018-10915\", \"CVE-2018-10925\");\n\n script_name(english:\"FreeBSD : PostgreSQL -- two vulnerabilities (96eab874-9c79-11e8-b34b-6cc21735f730)\");\n script_summary(english:\"Checks for updated packages in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote FreeBSD host is missing one or more security-related\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The PostgreSQL project reports :\n\nCVE-2018-10915: Certain host connection parameters defeat client-side\nsecurity defenses\n\nlibpq, the client connection API for PostgreSQL that is also used by\nother connection libraries, had an internal issue where it did not\nreset all of its connection state variables when attempting to\nreconnect. In particular, the state variable that determined whether\nor not a password is needed for a connection would not be reset, which\ncould allow users of features requiring libpq, such as the 'dblink' or\n'postgres_fdw' extensions, to login to servers they should not be able\nto access.\n\nCVE-2018-10925: Memory disclosure and missing authorization in `INSERT\n... ON CONFLICT DO UPDATE`\n\nAn attacker able to issue CREATE TABLE can read arbitrary bytes of\nserver memory using an upsert (`INSERT ... ON CONFLICT DO UPDATE`)\nquery. By default, any user can exploit that. A user that has specific\nINSERT privileges and an UPDATE privilege on at least one column in a\ngiven table can also update other columns using a view and an upsert\nquery.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.postgresql.org/about/news/1878/\"\n );\n # https://vuxml.freebsd.org/freebsd/96eab874-9c79-11e8-b34b-6cc21735f730.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?9d981a7b\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:S/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:postgresql10-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:postgresql93-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:postgresql94-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:postgresql95-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:postgresql96-server\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/08/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/08/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/08/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"postgresql10-server<10.5\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"postgresql96-server<9.6.10\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"postgresql95-server<9.5.14\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"postgresql94-server<9.4.19\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"postgresql93-server<9.3.24\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:pkg_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 6, "vector": "AV:N/AC:M/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2022-03-28T14:04:39", "description": "Andrew Krasichkov discovered that the PostgreSQL client library incorrectly reset its internal state between connections. A remote attacker could possibly use this issue to bypass certain client-side connection security features. This issue only affected Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. (CVE-2018-10915)\n\nIt was discovered that PostgreSQL incorrectly checked authorization on certain statements. A remote attacker could possibly use this issue to read arbitrary server memory or alter certain data. (CVE-2018-10925).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 8.1, "vector": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N"}, "published": "2018-08-17T00:00:00", "type": "nessus", "title": "Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS : PostgreSQL vulnerabilities (USN-3744-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-10915", "CVE-2018-10925"], "modified": "2020-09-17T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:postgresql-10", "p-cpe:/a:canonical:ubuntu_linux:postgresql-9.3", "p-cpe:/a:canonical:ubuntu_linux:postgresql-9.5", "cpe:/o:canonical:ubuntu_linux:14.04", "cpe:/o:canonical:ubuntu_linux:16.04", "cpe:/o:canonical:ubuntu_linux:18.04:-:lts"], "id": "UBUNTU_USN-3744-1.NASL", "href": "https://www.tenable.com/plugins/nessus/111844", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-3744-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(111844);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/09/17\");\n\n script_cve_id(\"CVE-2018-10915\", \"CVE-2018-10925\");\n script_xref(name:\"USN\", value:\"3744-1\");\n\n script_name(english:\"Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS : PostgreSQL vulnerabilities (USN-3744-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"Andrew Krasichkov discovered that the PostgreSQL client library\nincorrectly reset its internal state between connections. A remote\nattacker could possibly use this issue to bypass certain client-side\nconnection security features. This issue only affected Ubuntu 16.04\nLTS and Ubuntu 18.04 LTS. (CVE-2018-10915)\n\nIt was discovered that PostgreSQL incorrectly checked authorization on\ncertain statements. A remote attacker could possibly use this issue to\nread arbitrary server memory or alter certain data. (CVE-2018-10925).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/3744-1/\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"Update the affected postgresql-10, postgresql-9.3 and / or\npostgresql-9.5 packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:S/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:postgresql-10\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:postgresql-9.3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:postgresql-9.5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:14.04\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:16.04\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:18.04:-:lts\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/08/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/08/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/08/17\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2018-2020 Canonical, Inc. / NASL script (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(14\\.04|16\\.04|18\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 14.04 / 16.04 / 18.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"14.04\", pkgname:\"postgresql-9.3\", pkgver:\"9.3.24-0ubuntu0.14.04\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"postgresql-9.5\", pkgver:\"9.5.14-0ubuntu0.16.04\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"postgresql-10\", pkgver:\"10.5-0ubuntu0.18.04\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"postgresql-10 / postgresql-9.3 / postgresql-9.5\");\n}\n", "cvss": {"score": 6, "vector": "AV:N/AC:M/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2022-04-12T16:56:01", "description": "The version of PostgreSQL installed on the remote host is 9.3.x prior to 9.3.24, 9.4.x prior to 9.4.19, 9.5.x prior to 9.5.14, 9.6.x prior to 9.6.10, or 10.x prior to 10.5. It is, therefore, affected by multiple vulnerabilities.", "cvss3": {"score": 7.5, "vector": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}, "published": "2018-08-17T00:00:00", "type": "nessus", "title": "PostgreSQL 9.3.x < 9.3.24 / 9.4.x < 9.4.19 / 9.5.x < 9.5.14 / 9.6.x < 9.6.10 / 10.x < 10.5 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-10915", "CVE-2018-10925"], "modified": "2022-04-11T00:00:00", "cpe": ["cpe:/a:postgresql:postgresql"], "id": "POSTGRESQL_20180809.NASL", "href": "https://www.tenable.com/plugins/nessus/111966", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(111966);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/04/11\");\n\n script_cve_id(\"CVE-2018-10915\", \"CVE-2018-10925\");\n script_bugtraq_id(105052, 105054);\n\n script_name(english:\"PostgreSQL 9.3.x < 9.3.24 / 9.4.x < 9.4.19 / 9.5.x < 9.5.14 / 9.6.x < 9.6.10 / 10.x < 10.5 Multiple Vulnerabilities\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote database server is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of PostgreSQL installed on the remote host is 9.3.x prior\nto 9.3.24, 9.4.x prior to 9.4.19, 9.5.x prior to 9.5.14, 9.6.x prior\nto 9.6.10, or 10.x prior to 10.5. It is, therefore, affected by\nmultiple vulnerabilities.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.postgresql.org/about/news/1878/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.postgresql.org/docs/current/release-9-3-24.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.postgresql.org/docs/current/static/release-9-4-19.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.postgresql.org/docs/current/release-9-5-14.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.postgresql.org/docs/current/static/release-9-6-10.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.postgresql.org/docs/current/static/release-10-5.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to PostgreSQL version 9.3.24 / 9.4.19 / 9.5.14 /\n9.6.10 / 10.5 or later.\");\n script_set_attribute(attribute:\"agent\", value:\"all\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:S/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-10915\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/08/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/08/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/08/17\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:postgresql:postgresql\");\n script_set_attribute(attribute:\"thorough_tests\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Databases\");\n\n script_copyright(english:\"This script is Copyright (C) 2018-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"postgres_installed_windows.nbin\", \"postgres_installed_nix.nbin\", \"postgresql_version.nbin\");\n script_require_ports(\"Services/postgresql\", 5432, \"installed_sw/PostgreSQL\");\n\n exit(0);\n}\n\ninclude('vcf_extras_postgresql.inc');\n\nvar app = 'PostgreSQL';\nvar win_local = TRUE;\n\nif (!get_kb_item('SMB/Registry/Enumerated'))\n win_local = FALSE;\n\nvar port = get_service(svc:'postgresql', default:5432);\nvar kb_base = 'database/' + port + '/postgresql/';\nvar kb_ver = NULL;\nvar kb_path = kb_base + 'version';\nvar ver = get_kb_item(kb_path);\nif (!empty_or_null(ver)) kb_ver = kb_path;\n\napp_info = vcf::postgresql::get_app_info(app:app, port:port, kb_ver:kb_ver, kb_base:kb_base, win_local:win_local);\nvcf::check_granularity(app_info:app_info, sig_segments:2);\n\n# 9.3.24 / 9.4.19 / 9.5.14 / 9.6.10 / 10.5\nconstraints = [\n { \"min_version\" : \"9.3\", \"fixed_version\" : \"9.3.24\" },\n { \"min_version\" : \"9.4\", \"fixed_version\" : \"9.4.19\" },\n { \"min_version\" : \"9.5\", \"fixed_version\" : \"9.5.14\" },\n { \"min_version\" : \"9.6\", \"fixed_version\" : \"9.6.10\" },\n { \"min_version\" : \"10.0\", \"fixed_version\" : \"10.5\" }\n];\n\nvcf::postgresql::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_WARNING);\n", "cvss": {"score": 6, "vector": "AV:N/AC:M/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2022-03-27T15:51:51", "description": "A vulnerability was found in libpq, the default PostgreSQL client library where libpq failed to properly reset its internal state between connections. If an affected version of libpq were used with 'host' or 'hostaddr' connection parameters from untrusted input, attackers could bypass client-side connection security features, obtain access to higher privileged connections or potentially cause other impact through SQL injection, by causing the PQescape() functions to malfunction.(CVE-2018-10915)\n\nIt was discovered that PostgreSQL failed to properly check authorization on certain statements involved with 'INSERT ... ON CONFLICT DO UPDATE'. An attacker with 'CREATE TABLE' privileges could exploit this to read arbitrary bytes server memory. If the attacker also had certain 'INSERT' and limited 'UPDATE' privileges to a particular table, they could exploit this to update other columns in the same table.(CVE-2018-10925)", "cvss3": {"score": 8.1, "vector": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N"}, "published": "2018-09-20T00:00:00", "type": "nessus", "title": "Amazon Linux AMI : postgresql93 / postgresql94,postgresql95 (ALAS-2018-1079)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-10915", "CVE-2018-10925"], "modified": "2018-10-19T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:postgresql93", "p-cpe:/a:amazon:linux:postgresql93-contrib", "p-cpe:/a:amazon:linux:postgresql93-debuginfo", "p-cpe:/a:amazon:linux:postgresql93-devel", "p-cpe:/a:amazon:linux:postgresql93-docs", "p-cpe:/a:amazon:linux:postgresql93-libs", "p-cpe:/a:amazon:linux:postgresql93-plperl", "p-cpe:/a:amazon:linux:postgresql93-plpython26", "p-cpe:/a:amazon:linux:postgresql93-plpython27", "p-cpe:/a:amazon:linux:postgresql93-pltcl", "p-cpe:/a:amazon:linux:postgresql93-server", "p-cpe:/a:amazon:linux:postgresql93-test", "p-cpe:/a:amazon:linux:postgresql94", "p-cpe:/a:amazon:linux:postgresql94-contrib", "p-cpe:/a:amazon:linux:postgresql94-debuginfo", "p-cpe:/a:amazon:linux:postgresql94-devel", "p-cpe:/a:amazon:linux:postgresql94-docs", "p-cpe:/a:amazon:linux:postgresql94-libs", "p-cpe:/a:amazon:linux:postgresql94-plperl", "p-cpe:/a:amazon:linux:postgresql94-plpython26", "p-cpe:/a:amazon:linux:postgresql94-plpython27", "p-cpe:/a:amazon:linux:postgresql94-server", "p-cpe:/a:amazon:linux:postgresql94-test", "p-cpe:/a:amazon:linux:postgresql95", "p-cpe:/a:amazon:linux:postgresql95-contrib", "p-cpe:/a:amazon:linux:postgresql95-debuginfo", "p-cpe:/a:amazon:linux:postgresql95-devel", "p-cpe:/a:amazon:linux:postgresql95-docs", "p-cpe:/a:amazon:linux:postgresql95-libs", "p-cpe:/a:amazon:linux:postgresql95-plperl", "p-cpe:/a:amazon:linux:postgresql95-plpython26", "p-cpe:/a:amazon:linux:postgresql95-plpython27", "p-cpe:/a:amazon:linux:postgresql95-server", "p-cpe:/a:amazon:linux:postgresql95-static", "p-cpe:/a:amazon:linux:postgresql95-test", "cpe:/o:amazon:linux"], "id": "ALA_ALAS-2018-1079.NASL", "href": "https://www.tenable.com/plugins/nessus/117603", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux AMI Security Advisory ALAS-2018-1079.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(117603);\n script_version(\"1.3\");\n script_cvs_date(\"Date: 2018/10/19 9:33:04\");\n\n script_cve_id(\"CVE-2018-10915\", \"CVE-2018-10925\");\n script_xref(name:\"ALAS\", value:\"2018-1079\");\n\n script_name(english:\"Amazon Linux AMI : postgresql93 / postgresql94,postgresql95 (ALAS-2018-1079)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Amazon Linux AMI host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A vulnerability was found in libpq, the default PostgreSQL client\nlibrary where libpq failed to properly reset its internal state\nbetween connections. If an affected version of libpq were used with\n'host' or 'hostaddr' connection parameters from untrusted input,\nattackers could bypass client-side connection security features,\nobtain access to higher privileged connections or potentially cause\nother impact through SQL injection, by causing the PQescape()\nfunctions to malfunction.(CVE-2018-10915)\n\nIt was discovered that PostgreSQL failed to properly check\nauthorization on certain statements involved with 'INSERT ... ON\nCONFLICT DO UPDATE'. An attacker with 'CREATE TABLE' privileges could\nexploit this to read arbitrary bytes server memory. If the attacker\nalso had certain 'INSERT' and limited 'UPDATE' privileges to a\nparticular table, they could exploit this to update other columns in\nthe same table.(CVE-2018-10925)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://alas.aws.amazon.com/ALAS-2018-1079.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Run 'yum update postgresql93' to update your system.\n\nRun 'yum update postgresql94' to update your system.\n\nRun 'yum update postgresql95' to update your system.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:S/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:postgresql93\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:postgresql93-contrib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:postgresql93-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:postgresql93-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:postgresql93-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:postgresql93-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:postgresql93-plperl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:postgresql93-plpython26\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:postgresql93-plpython27\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:postgresql93-pltcl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:postgresql93-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:postgresql93-test\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:postgresql94\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:postgresql94-contrib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:postgresql94-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:postgresql94-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:postgresql94-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:postgresql94-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:postgresql94-plperl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:postgresql94-plpython26\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:postgresql94-plpython27\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:postgresql94-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:postgresql94-test\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:postgresql95\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:postgresql95-contrib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:postgresql95-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:postgresql95-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:postgresql95-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:postgresql95-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:postgresql95-plperl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:postgresql95-plpython26\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:postgresql95-plpython27\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:postgresql95-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:postgresql95-static\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:postgresql95-test\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/09/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/09/20\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nos_ver = pregmatch(pattern: \"^AL(A|\\d)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"A\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux AMI\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (rpm_check(release:\"ALA\", reference:\"postgresql93-9.3.24-1.71.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"postgresql93-contrib-9.3.24-1.71.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"postgresql93-debuginfo-9.3.24-1.71.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"postgresql93-devel-9.3.24-1.71.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"postgresql93-docs-9.3.24-1.71.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"postgresql93-libs-9.3.24-1.71.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"postgresql93-plperl-9.3.24-1.71.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"postgresql93-plpython26-9.3.24-1.71.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"postgresql93-plpython27-9.3.24-1.71.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"postgresql93-pltcl-9.3.24-1.71.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"postgresql93-server-9.3.24-1.71.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"postgresql93-test-9.3.24-1.71.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"postgresql94-9.4.19-1.75.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"postgresql94-contrib-9.4.19-1.75.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"postgresql94-debuginfo-9.4.19-1.75.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"postgresql94-devel-9.4.19-1.75.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"postgresql94-docs-9.4.19-1.75.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"postgresql94-libs-9.4.19-1.75.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"postgresql94-plperl-9.4.19-1.75.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"postgresql94-plpython26-9.4.19-1.75.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"postgresql94-plpython27-9.4.19-1.75.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"postgresql94-server-9.4.19-1.75.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"postgresql94-test-9.4.19-1.75.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"postgresql95-9.5.14-1.79.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"postgresql95-contrib-9.5.14-1.79.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"postgresql95-debuginfo-9.5.14-1.79.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"postgresql95-devel-9.5.14-1.79.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"postgresql95-docs-9.5.14-1.79.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"postgresql95-libs-9.5.14-1.79.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"postgresql95-plperl-9.5.14-1.79.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"postgresql95-plpython26-9.5.14-1.79.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"postgresql95-plpython27-9.5.14-1.79.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"postgresql95-server-9.5.14-1.79.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"postgresql95-static-9.5.14-1.79.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"postgresql95-test-9.5.14-1.79.amzn1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"postgresql93 / postgresql93-contrib / postgresql93-debuginfo / etc\");\n}\n", "cvss": {"score": 6, "vector": "AV:N/AC:M/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2022-03-27T15:50:46", "description": "update to 9.6.10, CVE-2018-10915 CVE-2018-10925\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 8.1, "vector": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N"}, "published": "2018-08-16T00:00:00", "type": "nessus", "title": "Fedora 27 : postgresql (2018-d8f5aea89d)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-10915", "CVE-2018-10925"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:postgresql", "cpe:/o:fedoraproject:fedora:27"], "id": "FEDORA_2018-D8F5AEA89D.NASL", "href": "https://www.tenable.com/plugins/nessus/111770", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2018-d8f5aea89d.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(111770);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2018-10915\", \"CVE-2018-10925\");\n script_xref(name:\"FEDORA\", value:\"2018-d8f5aea89d\");\n\n script_name(english:\"Fedora 27 : postgresql (2018-d8f5aea89d)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"update to 9.6.10, CVE-2018-10915 CVE-2018-10925\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2018-d8f5aea89d\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected postgresql package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:S/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:postgresql\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:27\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/08/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/08/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/08/16\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^27([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 27\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC27\", reference:\"postgresql-9.6.10-1.fc27\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"postgresql\");\n}\n", "cvss": {"score": 6, "vector": "AV:N/AC:M/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2022-06-01T16:48:09", "description": "A vulnerability was found in libpq, the default PostgreSQL client library where libpq failed to properly reset its internal state between connections. If an affected version of libpq were used with 'host' or 'hostaddr' connection parameters from untrusted input, attackers could bypass client-side connection security features, obtain access to higher privileged connections or potentially cause other impact through SQL injection, by causing the PQescape() functions to malfunction.(CVE-2018-10915)\n\nIt was discovered that PostgreSQL failed to properly check authorization on certain statements involved with 'INSERT ... ON CONFLICT DO UPDATE'. An attacker with 'CREATE TABLE' privileges could exploit this to read arbitrary bytes server memory. If the attacker also had certain 'INSERT' and limited 'UPDATE' privileges to a particular table, they could exploit this to update other columns in the same table.(CVE-2018-10925)", "cvss3": {"score": 8.1, "vector": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N"}, "published": "2018-12-07T00:00:00", "type": "nessus", "title": "Amazon Linux AMI : postgresql95 (ALAS-2018-1118)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-10915", "CVE-2018-10925"], "modified": "2022-05-31T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:postgresql95", "p-cpe:/a:amazon:linux:postgresql95-contrib", "p-cpe:/a:amazon:linux:postgresql95-debuginfo", "p-cpe:/a:amazon:linux:postgresql95-devel", "p-cpe:/a:amazon:linux:postgresql95-docs", "p-cpe:/a:amazon:linux:postgresql95-libs", "p-cpe:/a:amazon:linux:postgresql95-plperl", "p-cpe:/a:amazon:linux:postgresql95-plpython26", "p-cpe:/a:amazon:linux:postgresql95-plpython27", "p-cpe:/a:amazon:linux:postgresql95-server", "p-cpe:/a:amazon:linux:postgresql95-static", "p-cpe:/a:amazon:linux:postgresql95-test", "cpe:/o:amazon:linux"], "id": "ALA_ALAS-2018-1118.NASL", "href": "https://www.tenable.com/plugins/nessus/119477", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux AMI Security Advisory ALAS-2018-1118.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(119477);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/31\");\n\n script_cve_id(\"CVE-2018-10915\", \"CVE-2018-10925\");\n script_xref(name:\"ALAS\", value:\"2018-1118\");\n\n script_name(english:\"Amazon Linux AMI : postgresql95 (ALAS-2018-1118)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote Amazon Linux AMI host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"A vulnerability was found in libpq, the default PostgreSQL client\nlibrary where libpq failed to properly reset its internal state\nbetween connections. If an affected version of libpq were used with\n'host' or 'hostaddr' connection parameters from untrusted input,\nattackers could bypass client-side connection security features,\nobtain access to higher privileged connections or potentially cause\nother impact through SQL injection, by causing the PQescape()\nfunctions to malfunction.(CVE-2018-10915)\n\nIt was discovered that PostgreSQL failed to properly check\nauthorization on certain statements involved with 'INSERT ... ON\nCONFLICT DO UPDATE'. An attacker with 'CREATE TABLE' privileges could\nexploit this to read arbitrary bytes server memory. If the attacker\nalso had certain 'INSERT' and limited 'UPDATE' privileges to a\nparticular table, they could exploit this to update other columns in\nthe same table.(CVE-2018-10925)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://alas.aws.amazon.com/ALAS-2018-1118.html\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\"Run 'yum update postgresql95' to update your system.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:S/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-10915\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:postgresql95\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:postgresql95-contrib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:postgresql95-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:postgresql95-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:postgresql95-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:postgresql95-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:postgresql95-plperl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:postgresql95-plpython26\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:postgresql95-plpython27\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:postgresql95-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:postgresql95-static\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:postgresql95-test\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/08/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/12/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/12/07\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nos_ver = pregmatch(pattern: \"^AL(A|\\d)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"A\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux AMI\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (rpm_check(release:\"ALA\", reference:\"postgresql95-9.5.15-1.80.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"postgresql95-contrib-9.5.15-1.80.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"postgresql95-debuginfo-9.5.15-1.80.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"postgresql95-devel-9.5.15-1.80.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"postgresql95-docs-9.5.15-1.80.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"postgresql95-libs-9.5.15-1.80.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"postgresql95-plperl-9.5.15-1.80.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"postgresql95-plpython26-9.5.15-1.80.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"postgresql95-plpython27-9.5.15-1.80.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"postgresql95-server-9.5.15-1.80.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"postgresql95-static-9.5.15-1.80.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"postgresql95-test-9.5.15-1.80.amzn1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"postgresql95 / postgresql95-contrib / postgresql95-debuginfo / etc\");\n}\n", "cvss": {"score": 6, "vector": "AV:N/AC:M/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2022-03-27T15:54:26", "description": "This update for postgresql96 to 9.6.10 fixes the following issues :\n\nThese security issues were fixed :\n\nCVE-2018-10915: libpq failed to properly reset its internal state between connections. If an affected version of libpq was used with 'host' or 'hostaddr' connection parameters from untrusted input, attackers could have bypassed client-side connection security features, obtain access to higher privileged connections or potentially cause other impact SQL injection, by causing the PQescape() functions to malfunction (bsc#1104199)\n\nCVE-2018-10925: Add missing authorization check on certain statements involved with 'INSERT ... ON CONFLICT DO UPDATE'. An attacker with 'CREATE TABLE' privileges could have exploited this to read arbitrary bytes server memory. If the attacker also had certain 'INSERT' and limited 'UPDATE' privileges to a particular table, they could have exploited this to update other columns in the same table (bsc#1104202)\n\nFor addition details please see https://www.postgresql.org/docs/current/static/release-9-6-10.html\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 7.5, "vector": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}, "published": "2018-10-25T00:00:00", "type": "nessus", "title": "SUSE SLED12 / SLES12 Security Update : postgresql96 (SUSE-SU-2018:3377-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-10915", "CVE-2018-10925"], "modified": "2022-02-04T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:postgresql96", "p-cpe:/a:novell:suse_linux:postgresql96-contrib", "p-cpe:/a:novell:suse_linux:postgresql96-contrib-debuginfo", "p-cpe:/a:novell:suse_linux:postgresql96-debuginfo", "p-cpe:/a:novell:suse_linux:postgresql96-debugsource", "p-cpe:/a:novell:suse_linux:postgresql96-libs-debugsource", "p-cpe:/a:novell:suse_linux:postgresql96-server", "p-cpe:/a:novell:suse_linux:postgresql96-server-debuginfo", "cpe:/o:novell:suse_linux:12"], "id": "SUSE_SU-2018-3377-1.NASL", "href": "https://www.tenable.com/plugins/nessus/118387", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2018:3377-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(118387);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/02/04\");\n\n script_cve_id(\"CVE-2018-10915\", \"CVE-2018-10925\");\n\n script_name(english:\"SUSE SLED12 / SLES12 Security Update : postgresql96 (SUSE-SU-2018:3377-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"This update for postgresql96 to 9.6.10 fixes the following issues :\n\nThese security issues were fixed :\n\nCVE-2018-10915: libpq failed to properly reset its internal state\nbetween connections. If an affected version of libpq was used with\n'host' or 'hostaddr' connection parameters from untrusted input,\nattackers could have bypassed client-side connection security\nfeatures, obtain access to higher privileged connections or\npotentially cause other impact SQL injection, by causing the\nPQescape() functions to malfunction (bsc#1104199)\n\nCVE-2018-10925: Add missing authorization check on certain statements\ninvolved with 'INSERT ... ON CONFLICT DO UPDATE'. An attacker with\n'CREATE TABLE' privileges could have exploited this to read arbitrary\nbytes server memory. If the attacker also had certain 'INSERT' and\nlimited 'UPDATE' privileges to a particular table, they could have\nexploited this to update other columns in the same table (bsc#1104202)\n\nFor addition details please see\nhttps://www.postgresql.org/docs/current/static/release-9-6-10.html\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1104199\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1104202\"\n );\n # https://www.postgresql.org/docs/current/static/release-9-6-10.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.postgresql.org/docs/current/release-9-6-10.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-10915/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-10925/\"\n );\n # https://www.suse.com/support/update/announcement/2018/suse-su-20183377-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?84828164\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE OpenStack Cloud 7:zypper in -t patch\nSUSE-OpenStack-Cloud-7-2018-2427=1\n\nSUSE Linux Enterprise Software Development Kit 12-SP3:zypper in -t\npatch SUSE-SLE-SDK-12-SP3-2018-2427=1\n\nSUSE Linux Enterprise Server for SAP 12-SP2:zypper in -t patch\nSUSE-SLE-SAP-12-SP2-2018-2427=1\n\nSUSE Linux Enterprise Server for SAP 12-SP1:zypper in -t patch\nSUSE-SLE-SAP-12-SP1-2018-2427=1\n\nSUSE Linux Enterprise Server 12-SP3:zypper in -t patch\nSUSE-SLE-SERVER-12-SP3-2018-2427=1\n\nSUSE Linux Enterprise Server 12-SP2-LTSS:zypper in -t patch\nSUSE-SLE-SERVER-12-SP2-2018-2427=1\n\nSUSE Linux Enterprise Server 12-SP1-LTSS:zypper in -t patch\nSUSE-SLE-SERVER-12-SP1-2018-2427=1\n\nSUSE Linux Enterprise Server 12-LTSS:zypper in -t patch\nSUSE-SLE-SERVER-12-2018-2427=1\n\nSUSE Linux Enterprise Desktop 12-SP3:zypper in -t patch\nSUSE-SLE-DESKTOP-12-SP3-2018-2427=1\n\nSUSE Enterprise Storage 4:zypper in -t patch\nSUSE-Storage-4-2018-2427=1\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:S/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-10915\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:postgresql96\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:postgresql96-contrib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:postgresql96-contrib-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:postgresql96-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:postgresql96-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:postgresql96-libs-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:postgresql96-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:postgresql96-server-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/08/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/10/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/10/25\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLED12|SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLED12 / SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(0|1|2|3)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP0/1/2/3\", os_ver + \" SP\" + sp);\nif (os_ver == \"SLED12\" && (! preg(pattern:\"^(3)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLED12 SP3\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"postgresql96-9.6.10-3.22.7\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"postgresql96-contrib-9.6.10-3.22.7\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"postgresql96-contrib-debuginfo-9.6.10-3.22.7\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"postgresql96-debuginfo-9.6.10-3.22.7\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"postgresql96-debugsource-9.6.10-3.22.7\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"postgresql96-libs-debugsource-9.6.10-3.22.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"postgresql96-server-9.6.10-3.22.7\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"postgresql96-server-debuginfo-9.6.10-3.22.7\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"s390x\", reference:\"postgresql96-libs-debugsource-9.6.10-3.22.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"postgresql96-9.6.10-3.22.7\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"postgresql96-contrib-9.6.10-3.22.7\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"postgresql96-contrib-debuginfo-9.6.10-3.22.7\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"postgresql96-debuginfo-9.6.10-3.22.7\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"postgresql96-debugsource-9.6.10-3.22.7\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"postgresql96-server-9.6.10-3.22.7\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"postgresql96-server-debuginfo-9.6.10-3.22.7\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"postgresql96-9.6.10-3.22.7\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"postgresql96-contrib-9.6.10-3.22.7\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"postgresql96-contrib-debuginfo-9.6.10-3.22.7\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"postgresql96-debuginfo-9.6.10-3.22.7\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"postgresql96-debugsource-9.6.10-3.22.7\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"postgresql96-libs-debugsource-9.6.10-3.22.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"postgresql96-server-9.6.10-3.22.7\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"postgresql96-server-debuginfo-9.6.10-3.22.7\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"postgresql96-9.6.10-3.22.7\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"postgresql96-contrib-9.6.10-3.22.7\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"postgresql96-contrib-debuginfo-9.6.10-3.22.7\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"postgresql96-debuginfo-9.6.10-3.22.7\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"postgresql96-debugsource-9.6.10-3.22.7\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"postgresql96-libs-debugsource-9.6.10-3.22.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"postgresql96-server-9.6.10-3.22.7\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"postgresql96-server-debuginfo-9.6.10-3.22.7\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"postgresql96-9.6.10-3.22.7\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"postgresql96-debuginfo-9.6.10-3.22.7\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"postgresql96-debugsource-9.6.10-3.22.7\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"postgresql96-libs-debugsource-9.6.10-3.22.1\")) flag++;\n\n\nif (flag)\n{\n set_kb_item(name:'www/0/SQLi', value:TRUE);\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"postgresql96\");\n}\n", "cvss": {"score": 6, "vector": "AV:N/AC:M/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2022-03-27T15:55:28", "description": "This update for postgresql96 to 9.6.10 fixes the following issues :\n\nThese security issues were fixed :\n\n - CVE-2018-10915: libpq failed to properly reset its internal state between connections. If an affected version of libpq was used with 'host' or 'hostaddr' connection parameters from untrusted input, attackers could have bypassed client-side connection security features, obtain access to higher privileged connections or potentially cause other impact SQL injection, by causing the PQescape() functions to malfunction (bsc#1104199)\n\n - CVE-2018-10925: Add missing authorization check on certain statements involved with 'INSERT ... ON CONFLICT DO UPDATE'. An attacker with 'CREATE TABLE' privileges could have exploited this to read arbitrary bytes server memory. If the attacker also had certain 'INSERT' and limited 'UPDATE' privileges to a particular table, they could have exploited this to update other columns in the same table (bsc#1104202)\n\nFor addition details please see https://www.postgresql.org/docs/current/static/release-9-6-10.html\n\nThis update was imported from the SUSE:SLE-12:Update update project.", "cvss3": {"score": 8.1, "vector": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N"}, "published": "2018-10-26T00:00:00", "type": "nessus", "title": "openSUSE Security Update : postgresql96 (openSUSE-2018-1278)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-10915", "CVE-2018-10925"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:postgresql96", "p-cpe:/a:novell:opensuse:postgresql96-contrib", "p-cpe:/a:novell:opensuse:postgresql96-contrib-debuginfo", "p-cpe:/a:novell:opensuse:postgresql96-debuginfo", "p-cpe:/a:novell:opensuse:postgresql96-debugsource", "p-cpe:/a:novell:opensuse:postgresql96-devel", "p-cpe:/a:novell:opensuse:postgresql96-devel-debuginfo", "p-cpe:/a:novell:opensuse:postgresql96-libs-debugsource", "p-cpe:/a:novell:opensuse:postgresql96-plperl", "p-cpe:/a:novell:opensuse:postgresql96-plperl-debuginfo", "p-cpe:/a:novell:opensuse:postgresql96-plpython", "p-cpe:/a:novell:opensuse:postgresql96-plpython-debuginfo", "p-cpe:/a:novell:opensuse:postgresql96-pltcl", "p-cpe:/a:novell:opensuse:postgresql96-pltcl-debuginfo", "p-cpe:/a:novell:opensuse:postgresql96-server", "p-cpe:/a:novell:opensuse:postgresql96-server-debuginfo", "p-cpe:/a:novell:opensuse:postgresql96-test", "cpe:/o:novell:opensuse:42.3"], "id": "OPENSUSE-2018-1278.NASL", "href": "https://www.tenable.com/plugins/nessus/118448", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2018-1278.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(118448);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2018-10915\", \"CVE-2018-10925\");\n\n script_name(english:\"openSUSE Security Update : postgresql96 (openSUSE-2018-1278)\");\n script_summary(english:\"Check for the openSUSE-2018-1278 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for postgresql96 to 9.6.10 fixes the following issues :\n\nThese security issues were fixed :\n\n - CVE-2018-10915: libpq failed to properly reset its\n internal state between connections. If an affected\n version of libpq was used with 'host' or 'hostaddr'\n connection parameters from untrusted input, attackers\n could have bypassed client-side connection security\n features, obtain access to higher privileged connections\n or potentially cause other impact SQL injection, by\n causing the PQescape() functions to malfunction\n (bsc#1104199)\n\n - CVE-2018-10925: Add missing authorization check on\n certain statements involved with 'INSERT ... ON CONFLICT\n DO UPDATE'. An attacker with 'CREATE TABLE' privileges\n could have exploited this to read arbitrary bytes server\n memory. If the attacker also had certain 'INSERT' and\n limited 'UPDATE' privileges to a particular table, they\n could have exploited this to update other columns in the\n same table (bsc#1104202)\n\nFor addition details please see\nhttps://www.postgresql.org/docs/current/static/release-9-6-10.html\n\nThis update was imported from the SUSE:SLE-12:Update update project.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1104199\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1104202\"\n );\n # https://www.postgresql.org/docs/current/static/release-9-6-10.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.postgresql.org/docs/current/release-9-6-10.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected postgresql96 packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:S/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql96\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql96-contrib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql96-contrib-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql96-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql96-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql96-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql96-devel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql96-libs-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql96-plperl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql96-plperl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql96-plpython\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql96-plpython-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql96-pltcl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql96-pltcl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql96-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql96-server-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql96-test\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:42.3\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/10/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/10/26\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE42\\.3)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"42.3\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE42.3\", reference:\"postgresql96-9.6.10-21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"postgresql96-contrib-9.6.10-21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"postgresql96-contrib-debuginfo-9.6.10-21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"postgresql96-debuginfo-9.6.10-21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"postgresql96-debugsource-9.6.10-21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"postgresql96-devel-9.6.10-21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"postgresql96-devel-debuginfo-9.6.10-21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"postgresql96-libs-debugsource-9.6.10-21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"postgresql96-plperl-9.6.10-21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"postgresql96-plperl-debuginfo-9.6.10-21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"postgresql96-plpython-9.6.10-21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"postgresql96-plpython-debuginfo-9.6.10-21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"postgresql96-pltcl-9.6.10-21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"postgresql96-pltcl-debuginfo-9.6.10-21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"postgresql96-server-9.6.10-21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"postgresql96-server-debuginfo-9.6.10-21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"postgresql96-test-9.6.10-21.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"postgresql96-devel / postgresql96-devel-debuginfo / etc\");\n}\n", "cvss": {"score": 6, "vector": "AV:N/AC:M/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2022-03-27T15:49:11", "description": "An update of 'krb5', 'postgresql' packages of Photon OS has been released.", "cvss3": {"score": 3.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N"}, "published": "2018-08-31T00:00:00", "type": "nessus", "title": "Photon OS 2.0: Krb5 / Postgresql PHSA-2018-2.0-0087 (deprecated)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-10915", "CVE-2018-10925", "CVE-2018-5730"], "modified": "2019-02-07T00:00:00", "cpe": ["p-cpe:/a:vmware:photonos:krb5", "p-cpe:/a:vmware:photonos:postgresql", "cpe:/o:vmware:photonos:2.0"], "id": "PHOTONOS_PHSA-2018-2_0-0087.NASL", "href": "https://www.tenable.com/plugins/nessus/112220", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# @DEPRECATED@\n#\n# Disabled on 2/7/2019\n#\n\n# The descriptive text and package checks in this plugin were\n# extracted from VMware Security Advisory PHSA-2018-2.0-0087. The text\n# itself is copyright (C) VMware, Inc.\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(112220);\n script_version(\"1.4\");\n script_cvs_date(\"Date: 2019/02/07 18:59:51\");\n\n script_cve_id(\"CVE-2018-5730\", \"CVE-2018-10915\", \"CVE-2018-10925\");\n\n script_name(english:\"Photon OS 2.0: Krb5 / Postgresql PHSA-2018-2.0-0087 (deprecated)\");\n script_summary(english:\"Checks the rpm output for the updated packages.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"This plugin has been deprecated.\");\n script_set_attribute(attribute:\"description\", value:\n\"An update of 'krb5', 'postgresql' packages of Photon OS has been\nreleased.\");\n script_set_attribute(attribute:\"solution\", value:\"n/a.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:N\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-5730\");\n # https://github.com/vmware/photon/wiki/Security-Updates-2-87\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?f46375a5\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/08/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/08/31\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:vmware:photonos:krb5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:vmware:photonos:postgresql\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:vmware:photonos:2.0\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"PhotonOS Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/PhotonOS/release\", \"Host/PhotonOS/rpm-list\");\n\n exit(0);\n}\n\nexit(0, \"This plugin has been deprecated.\");\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/PhotonOS/release\");\nif (isnull(release) || release !~ \"^VMware Photon\") audit(AUDIT_OS_NOT, \"PhotonOS\");\nif (release !~ \"^VMware Photon (?:Linux|OS) 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"PhotonOS 2.0\");\n\nif (!get_kb_item(\"Host/PhotonOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"PhotonOS\", cpu);\n\nflag = 0;\n\npkgs = [\n \"krb5-1.16-2.ph2\",\n \"krb5-debuginfo-1.16-2.ph2\",\n \"krb5-devel-1.16-2.ph2\",\n \"krb5-lang-1.16-2.ph2\",\n \"postgresql-9.6.10-1.ph2\",\n \"postgresql-debuginfo-9.6.10-1.ph2\",\n \"postgresql-devel-9.6.10-1.ph2\",\n \"postgresql-libs-9.6.10-1.ph2\"\n];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"PhotonOS-2.0\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"krb5 / postgresql\");\n}\n", "cvss": {"score": 5.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:N"}}, {"lastseen": "2022-05-15T13:58:36", "description": "This update for postgresql96, postgresql10 and postgresql12 fixes the following issues :\n\npostgresql10 was updated to 10.13 (bsc#1171924).\n\nhttps://www.postgresql.org/about/news/2038/ https://www.postgresql.org/docs/10/release-10-13.html\n\npostgresql10 was updated to 10.12 (CVE-2020-1720, bsc#1163985)\n\n- https://www.postgresql.org/about/news/2011/\n\n- https://www.postgresql.org/docs/10/release-10-12.html\n\npostgresql10 was updated to 10.11 :\n\n- https://www.postgresql.org/about/news/1994/\n\n- https://www.postgresql.org/docs/10/release-10-11.html\n\npostgresql12 was updated to 12.3 (bsc#1171924).\n\nBug Fixes and Improvements :\n\n - Several fixes for GENERATED columns, including an issue where it was possible to crash or corrupt data in a table when the output of the generated column was the exact copy of a physical column on the table, e.g. if the expression called a function which could return its own input.\n\n - Several fixes for ALTER TABLE, including ensuring the SET STORAGE directive is propagated to a table's indexes.\n\n - Fix a potential race condition when using DROP OWNED BY while another session is deleting the same objects.\n\n - Allow for a partition to be detached when it has inherited ROW triggers.\n\n - Several fixes for REINDEX CONCURRENTLY, particularly with issues when a REINDEX CONCURRENTLY operation fails.\n\n - Fix crash when COLLATE is applied to an uncollatable type in a partition bound expression.\n\n - Fix performance regression in floating point overflow/underflow detection.\n\n - Several fixes for full text search, particularly with phrase searching.\n\n - Fix query-lifespan memory leak for a set-returning function used in a query's FROM clause.\n\n - Several reporting fixes for the output of VACUUM VERBOSE.\n\n - Allow input of type circle to accept the format (x,y),r, which is specified in the documentation.\n\n - Allow for the get_bit() and set_bit() functions to not fail on bytea strings longer than 256MB.\n\n - Avoid premature recycling of WAL segments during crash recovery, which could lead to WAL segments being recycled before being archived.\n\n - Avoid attempting to fetch nonexistent WAL files from archive storage during recovery by skipping irrelevant timelines.\n\n - Several fixes for logical replication and replication slots.\n\n - Fix several race conditions in synchronous standby management, including one that occurred when changing the synchronous_standby_names setting.\n\n - Several fixes for GSSAPI support, include a fix for a memory leak that occurred when using GSSAPI encryption.\n\n - Ensure that members of the pg_read_all_stats role can read all statistics views.\n\n - Fix performance regression in information_schema.triggers view.\n\n - Fix memory leak in libpq when using sslmode=verify-full.\n\n - Fix crash in psql when attempting to re-establish a failed connection.\n\n - Allow tab-completion of the filename argument to \\gx command in psql.\n\n - Add pg_dump support for ALTER ... DEPENDS ON EXTENSION.\n\n - Several other fixes for pg_dump, which include dumping comments on RLS policies and postponing restore of event triggers until the end.\n\n - Ensure pg_basebackup generates valid tar files.\n\n - pg_checksums skips tablespace subdirectories that belong to a different PostgreSQL major version\n\n - Several Windows compatibility fixes\n\nThis update also contains timezone tzdata release 2020a for DST law changes in Morocco and the Canadian Yukon, plus historical corrections for Shanghai. The America/Godthab zone has been renamed to America/Nuuk to reflect current English usage ; however, the old name remains available as a compatibility link. This also updates initdb's list of known Windows time zone names to include recent additions.\n\nFor more details, check out :\n\n - https://www.postgresql.org/docs/12/release-12-3.html\n\nOther fixes :\n\n - Let postgresqlXX conflict with postgresql-noarch < 12.0.1 to get a clean and complete cutover to the new packaging schema.\n\npostgresql96 was updated to 9.6.19 :\n\n - CVE-2020-14350, boo#1175194: Make contrib modules' installation scripts more secure.\n\n - https://www.postgresql.org/docs/9.6/release-9-6-19.html\n\n - Pack the /usr/lib/postgresql symlink only into the main package.\n\n - Let postgresqlXX conflict with postgresql-noarch < 12.0.1 to get a clean and complete cutover to the new packaging schema.\n\n - update to 9.6.18 (boo#1171924).\n https://www.postgresql.org/about/news/2038/ https://www.postgresql.org/docs/9.6/release-9-6-18.html\n\n - Unify the spec file to work across all current PostgreSQL versions to simplify future maintenance.\n\n - Move from the 'libs' build flavour to a 'mini' package that will only be used inside the build service and not get shipped, to avoid confusion with the debuginfo packages (boo#1148643).\n\n - update to 9.6.17 (CVE-2020-1720, boo#1163985) https://www.postgresql.org/about/news/2011/ https://www.postgresql.org/docs/9.6/release-9-6-17.html\n\n - use and package the sha256 checksum for for source\n\n - update to 9.6.16:\n https://www.postgresql.org/about/news/1994/ https://www.postgresql.org/docs/9.6/release-9-6-16.html\n\n - add requires to the devel package for the libs that are returned by pg_config --libs\n\n - Update to 9.6.15 :\n\n - https://www.postgresql.org/about/news/1960/\n\n - https://www.postgresql.org/docs/9.6/release-9-6-15.html\n\n - CVE-2019-10208, boo#1145092: TYPE in pg_temp executes arbitrary SQL during SECURITY DEFINER execution.\n\n - Use FAT LTO objects in order to provide proper static library.\n\n - Update to 9.6.14:\n https://www.postgresql.org/docs/9.6/release-9-6-14.html\n\n - Update to 9.6.13 :\n\n - https://www.postgresql.org/docs/9.6/release-9-6-13.html\n\n - https://www.postgresql.org/about/news/1939/\n\n - CVE-2019-10130, boo#1134689: Prevent row-level security policies from being bypassed via selectivity estimators.\n\n - Make the server-devel package exclusive across versions.\n\n - Update to 9.6.12 :\n\n - https://www.postgresql.org/docs/9.6/release-9-6-12.html\n\n - https://www.postgresql.org/about/news/1920/\n\n - By default, panic instead of retrying after fsync() failure, to avoid possible data corruption.\n\n - Numerous other bug fixes.\n\n - Overhaul README.SUSE\n\n - Update to 9.6.11 :\n\n - Numerous bug fixes, see the release notes:\n https://www.postgresql.org/docs/9.6/release-9-6-11.html\n\n - Remove unneeded library dependencies from PGXS.\n\n - add provides for the new server-devel package that will be introduced in postgresql 11\n\n - Update to 9.6.10:\n https://www.postgresql.org/docs/current/static/release-9\n -6-10.html\n\n - CVE-2018-10915, boo#1104199: Fix failure to reset libpq's state fully between connection attempts.\n\n - CVE-2018-10925, boo#1104202: Fix INSERT ... ON CONFLICT UPDATE through a view that isn't just SELECT * FROM ...\n\n - Update to 9.6.9:\n https://www.postgresql.org/about/news/1851/ https://www.postgresql.org/docs/current/static/release-9\n -6-9.html A dump/restore is not required for those running 9.6.X. However, if you use the adminpack extension, you should update it as per the first changelog entry below. Also, if the function marking mistakes mentioned in the second and third changelog entries below affect you, you will want to take steps to correct your database catalogs.\n\n - CVE-2018-1115, boo#1091610: Remove public execute privilege from contrib/adminpack's pg_logfile_rotate() function pg_logfile_rotate() is a deprecated wrapper for the core function pg_rotate_logfile(). When that function was changed to rely on SQL privileges for access control rather than a hard-coded superuser check, pg_logfile_rotate() should have been updated as well, but the need for this was missed. Hence, if adminpack is installed, any user could request a logfile rotation, creating a minor security issue. After installing this update, administrators should update adminpack by performing ALTER EXTENSION adminpack UPDATE in each database in which adminpack is installed.\n\n - Fix incorrect volatility markings on a few built-in functions\n\n - Fix incorrect parallel-safety markings on a few built-in functions.\n\nThis update was imported from the SUSE:SLE-15-SP1:Update update project.", "cvss3": {"score": 9.1, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H"}, "published": "2020-08-18T00:00:00", "type": "nessus", "title": "openSUSE Security Update : postgresql96 / postgresql10 and postgresql12 (openSUSE-2020-1227)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-10915", "CVE-2018-10925", "CVE-2018-1115", "CVE-2019-10130", "CVE-2019-10208", "CVE-2020-14350", "CVE-2020-1720"], "modified": "2022-05-13T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:libecpg6", "p-cpe:/a:novell:opensuse:libecpg6-debuginfo", "p-cpe:/a:novell:opensuse:libpq5", "p-cpe:/a:novell:opensuse:libpq5-debuginfo", "p-cpe:/a:novell:opensuse:postgresql", "p-cpe:/a:novell:opensuse:postgresql-contrib", "p-cpe:/a:novell:opensuse:postgresql-devel", "p-cpe:/a:novell:opensuse:postgresql-llvmjit", "p-cpe:/a:novell:opensuse:postgresql-plperl", "p-cpe:/a:novell:opensuse:postgresql-plpython", "p-cpe:/a:novell:opensuse:postgresql-pltcl", "p-cpe:/a:novell:opensuse:postgresql-server", "p-cpe:/a:novell:opensuse:postgresql-server-devel", "p-cpe:/a:novell:opensuse:postgresql-test", "p-cpe:/a:novell:opensuse:postgresql10", "p-cpe:/a:novell:opensuse:postgresql10-contrib", "p-cpe:/a:novell:opensuse:postgresql10-contrib-debuginfo", "p-cpe:/a:novell:opensuse:postgresql10-debuginfo", "p-cpe:/a:novell:opensuse:postgresql10-debugsource", "p-cpe:/a:novell:opensuse:postgresql10-devel", "p-cpe:/a:novell:opensuse:postgresql10-devel-debuginfo", "p-cpe:/a:novell:opensuse:postgresql10-plperl", "p-cpe:/a:novell:opensuse:postgresql10-plperl-debuginfo", "p-cpe:/a:novell:opensuse:postgresql10-plpython", "p-cpe:/a:novell:opensuse:postgresql10-plpython-debuginfo", "p-cpe:/a:novell:opensuse:postgresql10-pltcl", "p-cpe:/a:novell:opensuse:postgresql10-pltcl-debuginfo", "p-cpe:/a:novell:opensuse:postgresql10-server", "p-cpe:/a:novell:opensuse:postgresql10-server-debuginfo", "p-cpe:/a:novell:opensuse:postgresql10-test", "p-cpe:/a:novell:opensuse:postgresql12", "p-cpe:/a:novell:opensuse:postgresql12-contrib", "p-cpe:/a:novell:opensuse:postgresql12-contrib-debuginfo", "p-cpe:/a:novell:opensuse:postgresql12-debuginfo", "p-cpe:/a:novell:opensuse:postgresql12-debugsource", "p-cpe:/a:novell:opensuse:postgresql12-devel", "p-cpe:/a:novell:opensuse:postgresql12-devel-debuginfo", "p-cpe:/a:novell:opensuse:postgresql12-llvmjit", "p-cpe:/a:novell:opensuse:postgresql12-llvmjit-debuginfo", "p-cpe:/a:novell:opensuse:postgresql12-plperl", "p-cpe:/a:novell:opensuse:postgresql12-plperl-debuginfo", "p-cpe:/a:novell:opensuse:postgresql12-plpython", "p-cpe:/a:novell:opensuse:postgresql12-plpython-debuginfo", "p-cpe:/a:novell:opensuse:postgresql12-pltcl", "p-cpe:/a:novell:opensuse:postgresql12-pltcl-debuginfo", "p-cpe:/a:novell:opensuse:postgresql12-server", "p-cpe:/a:novell:opensuse:postgresql12-server-debuginfo", "p-cpe:/a:novell:opensuse:postgresql12-server-devel", "p-cpe:/a:novell:opensuse:postgresql12-server-devel-debuginfo", "p-cpe:/a:novell:opensuse:postgresql12-test", "p-cpe:/a:novell:opensuse:postgresql96", "p-cpe:/a:novell:opensuse:postgresql96-contrib", "p-cpe:/a:novell:opensuse:postgresql96-contrib-debuginfo", "p-cpe:/a:novell:opensuse:postgresql96-debuginfo", "p-cpe:/a:novell:opensuse:postgresql96-debugsource", "p-cpe:/a:novell:opensuse:postgresql96-devel", "p-cpe:/a:novell:opensuse:postgresql96-devel-debuginfo", "p-cpe:/a:novell:opensuse:postgresql96-plperl", "p-cpe:/a:novell:opensuse:postgresql96-plperl-debuginfo", "p-cpe:/a:novell:opensuse:postgresql96-plpython", "p-cpe:/a:novell:opensuse:postgresql96-plpython-debuginfo", "p-cpe:/a:novell:opensuse:postgresql96-pltcl", "p-cpe:/a:novell:opensuse:postgresql96-pltcl-debuginfo", "p-cpe:/a:novell:opensuse:postgresql96-server", "p-cpe:/a:novell:opensuse:postgresql96-server-debuginfo", "p-cpe:/a:novell:opensuse:postgresql96-test", "cpe:/o:novell:opensuse:15.1"], "id": "OPENSUSE-2020-1227.NASL", "href": "https://www.tenable.com/plugins/nessus/139655", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2020-1227.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(139655);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/13\");\n\n script_cve_id(\"CVE-2018-10915\", \"CVE-2018-10925\", \"CVE-2018-1115\", \"CVE-2019-10130\", \"CVE-2019-10208\", \"CVE-2020-14350\", \"CVE-2020-1720\");\n script_xref(name:\"IAVB\", value:\"2020-B-0047-S\");\n\n script_name(english:\"openSUSE Security Update : postgresql96 / postgresql10 and postgresql12 (openSUSE-2020-1227)\");\n script_summary(english:\"Check for the openSUSE-2020-1227 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"This update for postgresql96, postgresql10 and postgresql12 fixes the\nfollowing issues :\n\npostgresql10 was updated to 10.13 (bsc#1171924).\n\nhttps://www.postgresql.org/about/news/2038/\nhttps://www.postgresql.org/docs/10/release-10-13.html\n\npostgresql10 was updated to 10.12 (CVE-2020-1720, bsc#1163985)\n\n- https://www.postgresql.org/about/news/2011/\n\n- https://www.postgresql.org/docs/10/release-10-12.html\n\npostgresql10 was updated to 10.11 :\n\n- https://www.postgresql.org/about/news/1994/\n\n- https://www.postgresql.org/docs/10/release-10-11.html\n\npostgresql12 was updated to 12.3 (bsc#1171924).\n\nBug Fixes and Improvements :\n\n - Several fixes for GENERATED columns, including an issue\n where it was possible to crash or corrupt data in a\n table when the output of the generated column was the\n exact copy of a physical column on the table, e.g. if\n the expression called a function which could return its\n own input.\n\n - Several fixes for ALTER TABLE, including ensuring the\n SET STORAGE directive is propagated to a table's\n indexes.\n\n - Fix a potential race condition when using DROP OWNED BY\n while another session is deleting the same objects.\n\n - Allow for a partition to be detached when it has\n inherited ROW triggers.\n\n - Several fixes for REINDEX CONCURRENTLY, particularly\n with issues when a REINDEX CONCURRENTLY operation fails.\n\n - Fix crash when COLLATE is applied to an uncollatable\n type in a partition bound expression.\n\n - Fix performance regression in floating point\n overflow/underflow detection.\n\n - Several fixes for full text search, particularly with\n phrase searching.\n\n - Fix query-lifespan memory leak for a set-returning\n function used in a query's FROM clause.\n\n - Several reporting fixes for the output of VACUUM\n VERBOSE.\n\n - Allow input of type circle to accept the format (x,y),r,\n which is specified in the documentation.\n\n - Allow for the get_bit() and set_bit() functions to not\n fail on bytea strings longer than 256MB.\n\n - Avoid premature recycling of WAL segments during crash\n recovery, which could lead to WAL segments being\n recycled before being archived.\n\n - Avoid attempting to fetch nonexistent WAL files from\n archive storage during recovery by skipping irrelevant\n timelines.\n\n - Several fixes for logical replication and replication\n slots.\n\n - Fix several race conditions in synchronous standby\n management, including one that occurred when changing\n the synchronous_standby_names setting.\n\n - Several fixes for GSSAPI support, include a fix for a\n memory leak that occurred when using GSSAPI encryption.\n\n - Ensure that members of the pg_read_all_stats role can\n read all statistics views.\n\n - Fix performance regression in\n information_schema.triggers view.\n\n - Fix memory leak in libpq when using sslmode=verify-full.\n\n - Fix crash in psql when attempting to re-establish a\n failed connection.\n\n - Allow tab-completion of the filename argument to \\gx\n command in psql.\n\n - Add pg_dump support for ALTER ... DEPENDS ON EXTENSION.\n\n - Several other fixes for pg_dump, which include dumping\n comments on RLS policies and postponing restore of event\n triggers until the end.\n\n - Ensure pg_basebackup generates valid tar files.\n\n - pg_checksums skips tablespace subdirectories that belong\n to a different PostgreSQL major version\n\n - Several Windows compatibility fixes\n\nThis update also contains timezone tzdata release 2020a for DST law\nchanges in Morocco and the Canadian Yukon, plus historical corrections\nfor Shanghai. The America/Godthab zone has been renamed to\nAmerica/Nuuk to reflect current English usage ; however, the old name\nremains available as a compatibility link. This also updates initdb's\nlist of known Windows time zone names to include recent additions.\n\nFor more details, check out :\n\n - https://www.postgresql.org/docs/12/release-12-3.html\n\nOther fixes :\n\n - Let postgresqlXX conflict with postgresql-noarch <\n 12.0.1 to get a clean and complete cutover to the new\n packaging schema.\n\npostgresql96 was updated to 9.6.19 :\n\n - CVE-2020-14350, boo#1175194: Make contrib modules'\n installation scripts more secure.\n\n - https://www.postgresql.org/docs/9.6/release-9-6-19.html\n\n - Pack the /usr/lib/postgresql symlink only into the main\n package.\n\n - Let postgresqlXX conflict with postgresql-noarch <\n 12.0.1 to get a clean and complete cutover to the new\n packaging schema.\n\n - update to 9.6.18 (boo#1171924).\n https://www.postgresql.org/about/news/2038/\n https://www.postgresql.org/docs/9.6/release-9-6-18.html\n\n - Unify the spec file to work across all current\n PostgreSQL versions to simplify future maintenance.\n\n - Move from the 'libs' build flavour to a 'mini' package\n that will only be used inside the build service and not\n get shipped, to avoid confusion with the debuginfo\n packages (boo#1148643).\n\n - update to 9.6.17 (CVE-2020-1720, boo#1163985)\n https://www.postgresql.org/about/news/2011/\n https://www.postgresql.org/docs/9.6/release-9-6-17.html\n\n - use and package the sha256 checksum for for source\n\n - update to 9.6.16:\n https://www.postgresql.org/about/news/1994/\n https://www.postgresql.org/docs/9.6/release-9-6-16.html\n\n - add requires to the devel package for the libs that are\n returned by pg_config --libs\n\n - Update to 9.6.15 :\n\n - https://www.postgresql.org/about/news/1960/\n\n - https://www.postgresql.org/docs/9.6/release-9-6-15.html\n\n - CVE-2019-10208, boo#1145092: TYPE in pg_temp executes\n arbitrary SQL during SECURITY DEFINER execution.\n\n - Use FAT LTO objects in order to provide proper static\n library.\n\n - Update to 9.6.14:\n https://www.postgresql.org/docs/9.6/release-9-6-14.html\n\n - Update to 9.6.13 :\n\n - https://www.postgresql.org/docs/9.6/release-9-6-13.html\n\n - https://www.postgresql.org/about/news/1939/\n\n - CVE-2019-10130, boo#1134689: Prevent row-level security\n policies from being bypassed via selectivity estimators.\n\n - Make the server-devel package exclusive across versions.\n\n - Update to 9.6.12 :\n\n - https://www.postgresql.org/docs/9.6/release-9-6-12.html\n\n - https://www.postgresql.org/about/news/1920/\n\n - By default, panic instead of retrying after fsync()\n failure, to avoid possible data corruption.\n\n - Numerous other bug fixes.\n\n - Overhaul README.SUSE\n\n - Update to 9.6.11 :\n\n - Numerous bug fixes, see the release notes:\n https://www.postgresql.org/docs/9.6/release-9-6-11.html\n\n - Remove unneeded library dependencies from PGXS.\n\n - add provides for the new server-devel package that will\n be introduced in postgresql 11\n\n - Update to 9.6.10:\n https://www.postgresql.org/docs/current/static/release-9\n -6-10.html\n\n - CVE-2018-10915, boo#1104199: Fix failure to reset\n libpq's state fully between connection attempts.\n\n - CVE-2018-10925, boo#1104202: Fix INSERT ... ON CONFLICT\n UPDATE through a view that isn't just SELECT * FROM ...\n\n - Update to 9.6.9:\n https://www.postgresql.org/about/news/1851/\n https://www.postgresql.org/docs/current/static/release-9\n -6-9.html A dump/restore is not required for those\n running 9.6.X. However, if you use the adminpack\n extension, you should update it as per the first\n changelog entry below. Also, if the function marking\n mistakes mentioned in the second and third changelog\n entries below affect you, you will want to take steps to\n correct your database catalogs.\n\n - CVE-2018-1115, boo#1091610: Remove public execute\n privilege from contrib/adminpack's pg_logfile_rotate()\n function pg_logfile_rotate() is a deprecated wrapper for\n the core function pg_rotate_logfile(). When that\n function was changed to rely on SQL privileges for\n access control rather than a hard-coded superuser check,\n pg_logfile_rotate() should have been updated as well,\n but the need for this was missed. Hence, if adminpack is\n installed, any user could request a logfile rotation,\n creating a minor security issue. After installing this\n update, administrators should update adminpack by\n performing ALTER EXTENSION adminpack UPDATE in each\n database in which adminpack is installed.\n\n - Fix incorrect volatility markings on a few built-in\n functions\n\n - Fix incorrect parallel-safety markings on a few built-in\n functions.\n\nThis update was imported from the SUSE:SLE-15-SP1:Update update\nproject.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1091610\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1104199\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1104202\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1134689\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1145092\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1148643\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1163985\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1171924\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1175194\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.postgresql.org/about/news/1851/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.postgresql.org/about/news/1920/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.postgresql.org/about/news/1939/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.postgresql.org/about/news/1960/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.postgresql.org/about/news/1994/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.postgresql.org/about/news/2011/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.postgresql.org/about/news/2038/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.postgresql.org/docs/10/release-10-11.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.postgresql.org/docs/10/release-10-12.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.postgresql.org/docs/10/release-10-13.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.postgresql.org/docs/12/release-12-3.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.postgresql.org/docs/9.6/release-9-6-11.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.postgresql.org/docs/9.6/release-9-6-12.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.postgresql.org/docs/9.6/release-9-6-13.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.postgresql.org/docs/9.6/release-9-6-14.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.postgresql.org/docs/9.6/release-9-6-15.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.postgresql.org/docs/9.6/release-9-6-16.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.postgresql.org/docs/9.6/release-9-6-17.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.postgresql.org/docs/9.6/release-9-6-18.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.postgresql.org/docs/9.6/release-9-6-19.html\"\n );\n # https://www.postgresql.org/docs/current/static/release-9-6-10.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.postgresql.org/docs/current/release-9-6-10.html\"\n );\n # https://www.postgresql.org/docs/current/static/release-9-6-9.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.postgresql.org/docs/current/release-9-6-9.html\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\"Update the affected postgresql96 / postgresql10 and postgresql12 packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-10208\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libecpg6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libecpg6-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libpq5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libpq5-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql-contrib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql-llvmjit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql-plperl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql-plpython\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql-pltcl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql-server-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql-test\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql10\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql10-contrib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql10-contrib-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql10-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql10-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql10-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql10-devel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql10-plperl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql10-plperl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql10-plpython\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql10-plpython-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql10-pltcl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql10-pltcl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql10-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql10-server-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql10-test\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql12\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql12-contrib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql12-contrib-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql12-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql12-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql12-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql12-devel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql12-llvmjit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql12-llvmjit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql12-plperl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql12-plperl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql12-plpython\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql12-plpython-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql12-pltcl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql12-pltcl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql12-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql12-server-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql12-server-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql12-server-devel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql12-test\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql96\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql96-contrib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql96-contrib-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql96-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql96-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql96-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql96-devel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql96-plperl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql96-plperl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql96-plpython\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql96-plpython-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql96-pltcl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql96-pltcl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql96-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql96-server-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql96-test\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:15.1\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/05/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/08/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/08/18\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE15\\.1)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"15.1\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE15.1\", reference:\"postgresql-12.0.1-lp151.6.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"postgresql-contrib-12.0.1-lp151.6.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"postgresql-devel-12.0.1-lp151.6.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"postgresql-llvmjit-12.0.1-lp151.6.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"postgresql-plperl-12.0.1-lp151.6.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"postgresql-plpython-12.0.1-lp151.6.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"postgresql-pltcl-12.0.1-lp151.6.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"postgresql-server-12.0.1-lp151.6.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"postgresql-server-devel-12.0.1-lp151.6.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"postgresql-test-12.0.1-lp151.6.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"postgresql10-10.13-lp151.2.14.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"postgresql10-contrib-10.13-lp151.2.14.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"postgresql10-contrib-debuginfo-10.13-lp151.2.14.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"postgresql10-debuginfo-10.13-lp151.2.14.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"postgresql10-debugsource-10.13-lp151.2.14.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"postgresql10-devel-10.13-lp151.2.14.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"postgresql10-devel-debuginfo-10.13-lp151.2.14.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"postgresql10-plperl-10.13-lp151.2.14.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"postgresql10-plperl-debuginfo-10.13-lp151.2.14.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"postgresql10-plpython-10.13-lp151.2.14.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"postgresql10-plpython-debuginfo-10.13-lp151.2.14.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"postgresql10-pltcl-10.13-lp151.2.14.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"postgresql10-pltcl-debuginfo-10.13-lp151.2.14.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"postgresql10-server-10.13-lp151.2.14.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"postgresql10-server-debuginfo-10.13-lp151.2.14.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"postgresql10-test-10.13-lp151.2.14.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"postgresql96-9.6.19-lp151.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"postgresql96-contrib-9.6.19-lp151.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"postgresql96-contrib-debuginfo-9.6.19-lp151.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"postgresql96-debuginfo-9.6.19-lp151.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"postgresql96-debugsource-9.6.19-lp151.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"postgresql96-devel-9.6.19-lp151.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"postgresql96-devel-debuginfo-9.6.19-lp151.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"postgresql96-plperl-9.6.19-lp151.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"postgresql96-plperl-debuginfo-9.6.19-lp151.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"postgresql96-plpython-9.6.19-lp151.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"postgresql96-plpython-debuginfo-9.6.19-lp151.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"postgresql96-pltcl-9.6.19-lp151.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"postgresql96-pltcl-debuginfo-9.6.19-lp151.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"postgresql96-server-9.6.19-lp151.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"postgresql96-server-debuginfo-9.6.19-lp151.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"postgresql96-test-9.6.19-lp151.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", cpu:\"x86_64\", reference:\"libecpg6-12.3-lp151.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", cpu:\"x86_64\", reference:\"libecpg6-debuginfo-12.3-lp151.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", cpu:\"x86_64\", reference:\"libpq5-12.3-lp151.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", cpu:\"x86_64\", reference:\"libpq5-debuginfo-12.3-lp151.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", cpu:\"x86_64\", reference:\"postgresql12-12.3-lp151.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", cpu:\"x86_64\", reference:\"postgresql12-contrib-12.3-lp151.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", cpu:\"x86_64\", reference:\"postgresql12-contrib-debuginfo-12.3-lp151.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", cpu:\"x86_64\", reference:\"postgresql12-debuginfo-12.3-lp151.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", cpu:\"x86_64\", reference:\"postgresql12-debugsource-12.3-lp151.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", cpu:\"x86_64\", reference:\"postgresql12-devel-12.3-lp151.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", cpu:\"x86_64\", reference:\"postgresql12-devel-debuginfo-12.3-lp151.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", cpu:\"x86_64\", reference:\"postgresql12-llvmjit-12.3-lp151.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", cpu:\"x86_64\", reference:\"postgresql12-llvmjit-debuginfo-12.3-lp151.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", cpu:\"x86_64\", reference:\"postgresql12-plperl-12.3-lp151.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", cpu:\"x86_64\", reference:\"postgresql12-plperl-debuginfo-12.3-lp151.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", cpu:\"x86_64\", reference:\"postgresql12-plpython-12.3-lp151.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", cpu:\"x86_64\", reference:\"postgresql12-plpython-debuginfo-12.3-lp151.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", cpu:\"x86_64\", reference:\"postgresql12-pltcl-12.3-lp151.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", cpu:\"x86_64\", reference:\"postgresql12-pltcl-debuginfo-12.3-lp151.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", cpu:\"x86_64\", reference:\"postgresql12-server-12.3-lp151.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", cpu:\"x86_64\", reference:\"postgresql12-server-debuginfo-12.3-lp151.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", cpu:\"x86_64\", reference:\"postgresql12-server-devel-12.3-lp151.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", cpu:\"x86_64\", reference:\"postgresql12-server-devel-debuginfo-12.3-lp151.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", cpu:\"x86_64\", reference:\"postgresql12-test-12.3-lp151.2.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"postgresql / postgresql-contrib / postgresql-devel / etc\");\n}\n", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2022-03-27T15:48:48", "description": "An update of 'python2', 'strongswan', 'python3', 'postgresql' packages of Photon OS has been released.", "cvss3": {"score": 7.5, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "published": "2018-08-31T00:00:00", "type": "nessus", "title": "Photon OS 1.0: Postgresql / Python2 / Python3 / Strongswan PHSA-2018-1.0-0178 (deprecated)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-1060", "CVE-2018-1061", "CVE-2018-10811", "CVE-2018-10915", "CVE-2018-10925"], "modified": "2019-02-07T00:00:00", "cpe": ["p-cpe:/a:vmware:photonos:postgresql", "p-cpe:/a:vmware:photonos:python2", "p-cpe:/a:vmware:photonos:python3", "p-cpe:/a:vmware:photonos:strongswan", "cpe:/o:vmware:photonos:1.0"], "id": "PHOTONOS_PHSA-2018-1_0-0178.NASL", "href": "https://www.tenable.com/plugins/nessus/112221", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# @DEPRECATED@\n#\n# Disabled on 2/7/2019\n#\n\n# The descriptive text and package checks in this plugin were\n# extracted from VMware Security Advisory PHSA-2018-1.0-0178. The text\n# itself is copyright (C) VMware, Inc.\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(112221);\n script_version(\"1.2\");\n script_cvs_date(\"Date: 2019/02/07 18:59:50\");\n\n script_cve_id(\n \"CVE-2018-1060\",\n \"CVE-2018-1061\",\n \"CVE-2018-10811\",\n \"CVE-2018-10915\",\n \"CVE-2018-10925\"\n );\n\n script_name(english:\"Photon OS 1.0: Postgresql / Python2 / Python3 / Strongswan PHSA-2018-1.0-0178 (deprecated)\");\n script_summary(english:\"Checks the rpm output for the updated packages.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"This plugin has been deprecated.\");\n script_set_attribute(attribute:\"description\", value:\n\"An update of 'python2', 'strongswan', 'python3', 'postgresql' packages\nof Photon OS has been released.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://github.com/vmware/photon/wiki/Security-Updates-1.0-178\");\n script_set_attribute(attribute:\"solution\", value:\"n/a.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-1060\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/08/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/08/31\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:vmware:photonos:postgresql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:vmware:photonos:python2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:vmware:photonos:python3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:vmware:photonos:strongswan\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:vmware:photonos:1.0\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"PhotonOS Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/PhotonOS/release\", \"Host/PhotonOS/rpm-list\");\n\n exit(0);\n}\n\nexit(0, \"This plugin has been deprecated.\");\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/PhotonOS/release\");\nif (isnull(release) || release !~ \"^VMware Photon\") audit(AUDIT_OS_NOT, \"PhotonOS\");\nif (release !~ \"^VMware Photon (?:Linux|OS) 1\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"PhotonOS 1.0\");\n\nif (!get_kb_item(\"Host/PhotonOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"PhotonOS\", cpu);\n\nflag = 0;\n\npkgs = [\n \"postgresql-9.6.10-1.ph1\",\n \"postgresql-debuginfo-9.6.10-1.ph1\",\n \"postgresql-devel-9.6.10-1.ph1\",\n \"postgresql-libs-9.6.10-1.ph1\",\n \"python2-2.7.15-1.ph1\",\n \"python2-debuginfo-2.7.15-1.ph1\",\n \"python2-devel-2.7.15-1.ph1\",\n \"python2-libs-2.7.15-1.ph1\",\n \"python2-tools-2.7.15-1.ph1\",\n \"python3-3.5.5-2.ph1\",\n \"python3-debuginfo-3.5.5-2.ph1\",\n \"python3-devel-3.5.5-2.ph1\",\n \"python3-libs-3.5.5-2.ph1\",\n \"python3-tools-3.5.5-2.ph1\",\n \"strongswan-5.5.2-3.ph1\",\n \"strongswan-debuginfo-5.5.2-3.ph1\"\n];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"PhotonOS-1.0\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"postgresql / python2 / python3 / strongswan\");\n}\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-03-27T15:59:55", "description": "This update for postgresql94 to 9.4.19 fixes the following security issue :\n\nCVE-2018-10915: libpq failed to properly reset its internal state between connections. If an affected version of libpq was used with 'host' or 'hostaddr' connection parameters from untrusted input, attackers could have bypassed client-side connection security features, obtain access to higher privileged connections or potentially cause other impact SQL injection, by causing the PQescape() functions to malfunction (bsc#1104199).\n\nA dump/restore is not required for this update unless you use the functions query_to_xml, cursor_to_xml, cursor_to_xmlschema, query_to_xmlschema, and query_to_xml_and_xmlschema. In this case please see the first entry of https://www.postgresql.org/docs/9.4/static/release-9-4-18.html\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 7.5, "vector": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}, "published": "2018-11-27T00:00:00", "type": "nessus", "title": "SUSE SLES12 Security Update : postgresql94 (SUSE-SU-2018:3909-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-10915"], "modified": "2020-07-01T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:postgresql94", "p-cpe:/a:novell:suse_linux:postgresql94-contrib", "p-cpe:/a:novell:suse_linux:postgresql94-contrib-debuginfo", "p-cpe:/a:novell:suse_linux:postgresql94-debuginfo", "p-cpe:/a:novell:suse_linux:postgresql94-debugsource", "p-cpe:/a:novell:suse_linux:postgresql94-server", "p-cpe:/a:novell:suse_linux:postgresql94-server-debuginfo", "cpe:/o:novell:suse_linux:12"], "id": "SUSE_SU-2018-3909-1.NASL", "href": "https://www.tenable.com/plugins/nessus/119212", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2018:3909-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(119212);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/07/01\");\n\n script_cve_id(\"CVE-2018-10915\");\n\n script_name(english:\"SUSE SLES12 Security Update : postgresql94 (SUSE-SU-2018:3909-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"This update for postgresql94 to 9.4.19 fixes the following security\nissue :\n\nCVE-2018-10915: libpq failed to properly reset its internal state\nbetween connections. If an affected version of libpq was used with\n'host' or 'hostaddr' connection parameters from untrusted input,\nattackers could have bypassed client-side connection security\nfeatures, obtain access to higher privileged connections or\npotentially cause other impact SQL injection, by causing the\nPQescape() functions to malfunction (bsc#1104199).\n\nA dump/restore is not required for this update unless you use the\nfunctions query_to_xml, cursor_to_xml, cursor_to_xmlschema,\nquery_to_xmlschema, and query_to_xml_and_xmlschema. In this case\nplease see the first entry of\nhttps://www.postgresql.org/docs/9.4/static/release-9-4-18.html\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1104199\"\n );\n # https://www.postgresql.org/docs/9.4/static/release-9-4-18.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.postgresql.org/docs/9.4/release-9-4-18.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-10915/\"\n );\n # https://www.suse.com/support/update/announcement/2018/suse-su-20183909-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?62028ee3\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE OpenStack Cloud 7:zypper in -t patch\nSUSE-OpenStack-Cloud-7-2018-2779=1\n\nSUSE Linux Enterprise Server for SAP 12-SP2:zypper in -t patch\nSUSE-SLE-SAP-12-SP2-2018-2779=1\n\nSUSE Linux Enterprise Server for SAP 12-SP1:zypper in -t patch\nSUSE-SLE-SAP-12-SP1-2018-2779=1\n\nSUSE Linux Enterprise Server 12-SP2-LTSS:zypper in -t patch\nSUSE-SLE-SERVER-12-SP2-2018-2779=1\n\nSUSE Linux Enterprise Server 12-SP1-LTSS:zypper in -t patch\nSUSE-SLE-SERVER-12-SP1-2018-2779=1\n\nSUSE Linux Enterprise Server 12-LTSS:zypper in -t patch\nSUSE-SLE-SERVER-12-2018-2779=1\n\nSUSE Enterprise Storage 4:zypper in -t patch\nSUSE-Storage-4-2018-2779=1\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:S/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:postgresql94\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:postgresql94-contrib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:postgresql94-contrib-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:postgresql94-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:postgresql94-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:postgresql94-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:postgresql94-server-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/08/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/11/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/11/27\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(0|1|2)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP0/1/2\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"postgresql94-9.4.19-21.22.7\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"postgresql94-contrib-9.4.19-21.22.7\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"postgresql94-contrib-debuginfo-9.4.19-21.22.7\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"postgresql94-debuginfo-9.4.19-21.22.7\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"postgresql94-debugsource-9.4.19-21.22.7\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"postgresql94-server-9.4.19-21.22.7\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"postgresql94-server-debuginfo-9.4.19-21.22.7\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"postgresql94-9.4.19-21.22.7\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"postgresql94-contrib-9.4.19-21.22.7\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"postgresql94-contrib-debuginfo-9.4.19-21.22.7\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"postgresql94-debuginfo-9.4.19-21.22.7\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"postgresql94-debugsource-9.4.19-21.22.7\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"postgresql94-server-9.4.19-21.22.7\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"postgresql94-server-debuginfo-9.4.19-21.22.7\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"postgresql94-9.4.19-21.22.7\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"postgresql94-contrib-9.4.19-21.22.7\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"postgresql94-contrib-debuginfo-9.4.19-21.22.7\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"postgresql94-debuginfo-9.4.19-21.22.7\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"postgresql94-debugsource-9.4.19-21.22.7\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"postgresql94-server-9.4.19-21.22.7\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"postgresql94-server-debuginfo-9.4.19-21.22.7\")) flag++;\n\n\nif (flag)\n{\n set_kb_item(name:'www/0/SQLi', value:TRUE);\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"postgresql94\");\n}\n", "cvss": {"score": 6, "vector": "AV:N/AC:M/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2022-03-27T15:53:29", "description": "A vulnerability was found in libpq, the default PostgreSQL client library where libpq failed to properly reset its internal state between connections. If an affected version of libpq were used with 'host' or 'hostaddr' connection parameters from untrusted input, attackers could bypass client-side connection security features, obtain access to higher privileged connections or potentially cause other impact through SQL injection, by causing the PQescape() functions to malfunction.(CVE-2018-10915)", "cvss3": {"score": 7.5, "vector": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}, "published": "2018-09-27T00:00:00", "type": "nessus", "title": "Amazon Linux 2 : postgresql (ALAS-2018-1080)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-10915"], "modified": "2022-03-21T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:postgresql", "p-cpe:/a:amazon:linux:postgresql-contrib", "p-cpe:/a:amazon:linux:postgresql-debuginfo", "p-cpe:/a:amazon:linux:postgresql-devel", "p-cpe:/a:amazon:linux:postgresql-docs", "p-cpe:/a:amazon:linux:postgresql-libs", "p-cpe:/a:amazon:linux:postgresql-plperl", "p-cpe:/a:amazon:linux:postgresql-plpython", "p-cpe:/a:amazon:linux:postgresql-pltcl", "p-cpe:/a:amazon:linux:postgresql-server", "p-cpe:/a:amazon:linux:postgresql-static", "p-cpe:/a:amazon:linux:postgresql-test", "p-cpe:/a:amazon:linux:postgresql-upgrade", "cpe:/o:amazon:linux:2"], "id": "AL2_ALAS-2018-1080.NASL", "href": "https://www.tenable.com/plugins/nessus/117709", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux 2 Security Advisory ALAS-2018-1080.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(117709);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/03/21\");\n\n script_cve_id(\"CVE-2018-10915\");\n script_xref(name:\"ALAS\", value:\"2018-1080\");\n\n script_name(english:\"Amazon Linux 2 : postgresql (ALAS-2018-1080)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote Amazon Linux 2 host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"A vulnerability was found in libpq, the default PostgreSQL client\nlibrary where libpq failed to properly reset its internal state\nbetween connections. If an affected version of libpq were used with\n'host' or 'hostaddr' connection parameters from untrusted input,\nattackers could bypass client-side connection security features,\nobtain access to higher privileged connections or potentially cause\nother impact through SQL injection, by causing the PQescape()\nfunctions to malfunction.(CVE-2018-10915)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://alas.aws.amazon.com/AL2/ALAS-2018-1080.html\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\"Run 'yum update postgresql' to update your system.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:S/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-10915\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:postgresql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:postgresql-contrib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:postgresql-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:postgresql-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:postgresql-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:postgresql-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:postgresql-plperl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:postgresql-plpython\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:postgresql-pltcl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:postgresql-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:postgresql-static\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:postgresql-test\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:postgresql-upgrade\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux:2\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/08/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/09/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/09/27\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nos_ver = pregmatch(pattern: \"^AL(A|\\d)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"2\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux 2\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (rpm_check(release:\"AL2\", reference:\"postgresql-9.2.24-1.amzn2.0.1\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"postgresql-contrib-9.2.24-1.amzn2.0.1\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"postgresql-debuginfo-9.2.24-1.amzn2.0.1\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"postgresql-devel-9.2.24-1.amzn2.0.1\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"postgresql-docs-9.2.24-1.amzn2.0.1\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"postgresql-libs-9.2.24-1.amzn2.0.1\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"postgresql-plperl-9.2.24-1.amzn2.0.1\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"postgresql-plpython-9.2.24-1.amzn2.0.1\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"postgresql-pltcl-9.2.24-1.amzn2.0.1\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"postgresql-server-9.2.24-1.amzn2.0.1\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"postgresql-static-9.2.24-1.amzn2.0.1\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"postgresql-test-9.2.24-1.amzn2.0.1\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"postgresql-upgrade-9.2.24-1.amzn2.0.1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"postgresql / postgresql-contrib / postgresql-debuginfo / etc\");\n}\n", "cvss": {"score": 6, "vector": "AV:N/AC:M/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2022-03-27T15:53:18", "description": "According to the version of the postgresql packages installed, the EulerOS installation on the remote host is affected by the following vulnerability :\n\n - postgresql: Certain host connection parameters defeat client-side security defenses (CVE-2018-10915)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 7.5, "vector": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}, "published": "2018-09-27T00:00:00", "type": "nessus", "title": "EulerOS 2.0 SP3 : postgresql (EulerOS-SA-2018-1312)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-10915"], "modified": "2022-03-03T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:postgresql", "p-cpe:/a:huawei:euleros:postgresql-contrib", "p-cpe:/a:huawei:euleros:postgresql-devel", "p-cpe:/a:huawei:euleros:postgresql-docs", "p-cpe:/a:huawei:euleros:postgresql-libs", "p-cpe:/a:huawei:euleros:postgresql-plperl", "p-cpe:/a:huawei:euleros:postgresql-plpython", "p-cpe:/a:huawei:euleros:postgresql-pltcl", "p-cpe:/a:huawei:euleros:postgresql-server", "p-cpe:/a:huawei:euleros:postgresql-test", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2018-1312.NASL", "href": "https://www.tenable.com/plugins/nessus/117755", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(117755);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/03/03\");\n\n script_cve_id(\"CVE-2018-10915\");\n\n script_name(english:\"EulerOS 2.0 SP3 : postgresql (EulerOS-SA-2018-1312)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the version of the postgresql packages installed, the\nEulerOS installation on the remote host is affected by the following\nvulnerability :\n\n - postgresql: Certain host connection parameters defeat\n client-side security defenses (CVE-2018-10915)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2018-1312\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?4d48a8f0\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected postgresql package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:S/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-10915\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/09/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/09/27\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:postgresql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:postgresql-contrib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:postgresql-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:postgresql-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:postgresql-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:postgresql-plperl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:postgresql-plpython\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:postgresql-pltcl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:postgresql-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:postgresql-test\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2018-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0\");\n\nsp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(3)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP3\");\n\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP3\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nflag = 0;\n\npkgs = [\"postgresql-9.2.24-1\",\n \"postgresql-contrib-9.2.24-1\",\n \"postgresql-devel-9.2.24-1\",\n \"postgresql-docs-9.2.24-1\",\n \"postgresql-libs-9.2.24-1\",\n \"postgresql-plperl-9.2.24-1\",\n \"postgresql-plpython-9.2.24-1\",\n \"postgresql-pltcl-9.2.24-1\",\n \"postgresql-server-9.2.24-1\",\n \"postgresql-test-9.2.24-1\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"3\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"postgresql\");\n}\n", "cvss": {"score": 6, "vector": "AV:N/AC:M/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2022-03-27T15:52:10", "description": "According to the version of the postgresql packages installed, the EulerOS installation on the remote host is affected by the following vulnerability :\n\n - postgresql: Certain host connection parameters defeat client-side security defenses (CVE-2018-10915)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 7.5, "vector": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}, "published": "2018-09-27T00:00:00", "type": "nessus", "title": "EulerOS 2.0 SP2 : postgresql (EulerOS-SA-2018-1311)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-10915"], "modified": "2022-03-03T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:postgresql", "p-cpe:/a:huawei:euleros:postgresql-contrib", "p-cpe:/a:huawei:euleros:postgresql-devel", "p-cpe:/a:huawei:euleros:postgresql-docs", "p-cpe:/a:huawei:euleros:postgresql-libs", "p-cpe:/a:huawei:euleros:postgresql-plperl", "p-cpe:/a:huawei:euleros:postgresql-plpython", "p-cpe:/a:huawei:euleros:postgresql-pltcl", "p-cpe:/a:huawei:euleros:postgresql-server", "p-cpe:/a:huawei:euleros:postgresql-test", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2018-1311.NASL", "href": "https://www.tenable.com/plugins/nessus/117754", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(117754);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/03/03\");\n\n script_cve_id(\"CVE-2018-10915\");\n\n script_name(english:\"EulerOS 2.0 SP2 : postgresql (EulerOS-SA-2018-1311)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the version of the postgresql packages installed, the\nEulerOS installation on the remote host is affected by the following\nvulnerability :\n\n - postgresql: Certain host connection parameters defeat\n client-side security defenses (CVE-2018-10915)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2018-1311\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?1464f574\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected postgresql package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:S/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-10915\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/09/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/09/27\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:postgresql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:postgresql-contrib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:postgresql-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:postgresql-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:postgresql-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:postgresql-plperl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:postgresql-plpython\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:postgresql-pltcl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:postgresql-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:postgresql-test\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2018-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0\");\n\nsp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(2)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP2\");\n\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP2\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nflag = 0;\n\npkgs = [\"postgresql-9.2.24-1\",\n \"postgresql-contrib-9.2.24-1\",\n \"postgresql-devel-9.2.24-1\",\n \"postgresql-docs-9.2.24-1\",\n \"postgresql-libs-9.2.24-1\",\n \"postgresql-plperl-9.2.24-1\",\n \"postgresql-plpython-9.2.24-1\",\n \"postgresql-pltcl-9.2.24-1\",\n \"postgresql-server-9.2.24-1\",\n \"postgresql-test-9.2.24-1\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"2\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"postgresql\");\n}\n", "cvss": {"score": 6, "vector": "AV:N/AC:M/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2022-03-27T15:48:52", "description": "An update for postgresql is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\nPostgreSQL is an advanced object-relational database management system (DBMS).\n\nThe following packages have been upgraded to a later upstream version:\npostgresql (9.2.24). (BZ#1612667)\n\nSecurity Fix(es) :\n\n* postgresql: Certain host connection parameters defeat client-side security defenses (CVE-2018-10915)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.\n\nRed Hat would like to thank the PostgreSQL project for reporting this issue. Upstream acknowledges Andrew Krasichkov as the original reporter.", "cvss3": {"score": 7.5, "vector": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}, "published": "2018-08-29T00:00:00", "type": "nessus", "title": "CentOS 7 : postgresql (CESA-2018:2557)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-10915"], "modified": "2019-12-31T00:00:00", "cpe": ["p-cpe:/a:centos:centos:postgresql", "p-cpe:/a:centos:centos:postgresql-contrib", "p-cpe:/a:centos:centos:postgresql-devel", "p-cpe:/a:centos:centos:postgresql-docs", "p-cpe:/a:centos:centos:postgresql-libs", "p-cpe:/a:centos:centos:postgresql-plperl", "p-cpe:/a:centos:centos:postgresql-plpython", "p-cpe:/a:centos:centos:postgresql-pltcl", "p-cpe:/a:centos:centos:postgresql-server", "p-cpe:/a:centos:centos:postgresql-static", "p-cpe:/a:centos:centos:postgresql-test", "p-cpe:/a:centos:centos:postgresql-upgrade", "cpe:/o:centos:centos:7"], "id": "CENTOS_RHSA-2018-2557.NASL", "href": "https://www.tenable.com/plugins/nessus/112163", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2018:2557 and \n# CentOS Errata and Security Advisory 2018:2557 respectively.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(112163);\n script_version(\"1.5\");\n script_cvs_date(\"Date: 2019/12/31\");\n\n script_cve_id(\"CVE-2018-10915\");\n script_xref(name:\"RHSA\", value:\"2018:2557\");\n\n script_name(english:\"CentOS 7 : postgresql (CESA-2018:2557)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An update for postgresql is now available for Red Hat Enterprise Linux\n7.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Important. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nPostgreSQL is an advanced object-relational database management system\n(DBMS).\n\nThe following packages have been upgraded to a later upstream version:\npostgresql (9.2.24). (BZ#1612667)\n\nSecurity Fix(es) :\n\n* postgresql: Certain host connection parameters defeat client-side\nsecurity defenses (CVE-2018-10915)\n\nFor more details about the security issue(s), including the impact, a\nCVSS score, and other related information, refer to the CVE page(s)\nlisted in the References section.\n\nRed Hat would like to thank the PostgreSQL project for reporting this\nissue. Upstream acknowledges Andrew Krasichkov as the original\nreporter.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2018-August/023017.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?fa5ea80b\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected postgresql packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:S/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-10915\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:postgresql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:postgresql-contrib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:postgresql-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:postgresql-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:postgresql-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:postgresql-plperl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:postgresql-plpython\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:postgresql-pltcl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:postgresql-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:postgresql-static\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:postgresql-test\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:postgresql-upgrade\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:7\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/08/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/08/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/08/29\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 7.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"postgresql-9.2.24-1.el7_5\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"postgresql-contrib-9.2.24-1.el7_5\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"postgresql-devel-9.2.24-1.el7_5\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"postgresql-docs-9.2.24-1.el7_5\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"postgresql-libs-9.2.24-1.el7_5\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"postgresql-plperl-9.2.24-1.el7_5\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"postgresql-plpython-9.2.24-1.el7_5\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"postgresql-pltcl-9.2.24-1.el7_5\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"postgresql-server-9.2.24-1.el7_5\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"postgresql-static-9.2.24-1.el7_5\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"postgresql-test-9.2.24-1.el7_5\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"postgresql-upgrade-9.2.24-1.el7_5\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"postgresql / postgresql-contrib / postgresql-devel / etc\");\n}\n", "cvss": {"score": 6, "vector": "AV:N/AC:M/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2022-03-27T15:52:52", "description": "A vulnerability was found in libpq, the default PostgreSQL client library where libpq failed to properly reset its internal state between connections. If an affected version of libpq were used with 'host' or 'hostaddr' connection parameters from untrusted input, attackers could bypass client-side connection security features, obtain access to higher privileged connections or potentially cause other impact through SQL injection, by causing the PQescape() functions to malfunction.(CVE-2018-10915)", "cvss3": {"score": 7.5, "vector": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}, "published": "2018-09-20T00:00:00", "type": "nessus", "title": "Amazon Linux AMI : postgresql92 (ALAS-2018-1080)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-10915"], "modified": "2018-10-10T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:postgresql92", "p-cpe:/a:amazon:linux:postgresql92-contrib", "p-cpe:/a:amazon:linux:postgresql92-debuginfo", "p-cpe:/a:amazon:linux:postgresql92-devel", "p-cpe:/a:amazon:linux:postgresql92-docs", "p-cpe:/a:amazon:linux:postgresql92-libs", "p-cpe:/a:amazon:linux:postgresql92-plperl", "p-cpe:/a:amazon:linux:postgresql92-plpython26", "p-cpe:/a:amazon:linux:postgresql92-plpython27", "p-cpe:/a:amazon:linux:postgresql92-pltcl", "p-cpe:/a:amazon:linux:postgresql92-server", "p-cpe:/a:amazon:linux:postgresql92-server-compat", "p-cpe:/a:amazon:linux:postgresql92-test", "cpe:/o:amazon:linux"], "id": "ALA_ALAS-2018-1080.NASL", "href": "https://www.tenable.com/plugins/nessus/117604", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux AMI Security Advisory ALAS-2018-1080.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(117604);\n script_version(\"1.2\");\n script_cvs_date(\"Date: 2018/10/10 10:09:32\");\n\n script_cve_id(\"CVE-2018-10915\");\n script_xref(name:\"ALAS\", value:\"2018-1080\");\n\n script_name(english:\"Amazon Linux AMI : postgresql92 (ALAS-2018-1080)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Amazon Linux AMI host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A vulnerability was found in libpq, the default PostgreSQL client\nlibrary where libpq failed to properly reset its internal state\nbetween connections. If an affected version of libpq were used with\n'host' or 'hostaddr' connection parameters from untrusted input,\nattackers could bypass client-side connection security features,\nobtain access to higher privileged connections or potentially cause\nother impact through SQL injection, by causing the PQescape()\nfunctions to malfunction.(CVE-2018-10915)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://alas.aws.amazon.com/ALAS-2018-1080.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Run 'yum update postgresql92' to update your system.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:S/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:postgresql92\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:postgresql92-contrib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:postgresql92-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:postgresql92-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:postgresql92-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:postgresql92-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:postgresql92-plperl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:postgresql92-plpython26\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:postgresql92-plpython27\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:postgresql92-pltcl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:postgresql92-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:postgresql92-server-compat\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:postgresql92-test\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/09/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/09/20\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nos_ver = pregmatch(pattern: \"^AL(A|\\d)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"A\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux AMI\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (rpm_check(release:\"ALA\", reference:\"postgresql92-9.2.24-2.66.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"postgresql92-contrib-9.2.24-2.66.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"postgresql92-debuginfo-9.2.24-2.66.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"postgresql92-devel-9.2.24-2.66.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"postgresql92-docs-9.2.24-2.66.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"postgresql92-libs-9.2.24-2.66.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"postgresql92-plperl-9.2.24-2.66.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"postgresql92-plpython26-9.2.24-2.66.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"postgresql92-plpython27-9.2.24-2.66.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"postgresql92-pltcl-9.2.24-2.66.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"postgresql92-server-9.2.24-2.66.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"postgresql92-server-compat-9.2.24-2.66.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"postgresql92-test-9.2.24-2.66.amzn1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"postgresql92 / postgresql92-contrib / postgresql92-debuginfo / etc\");\n}\n", "cvss": {"score": 6, "vector": "AV:N/AC:M/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2022-03-27T15:49:28", "description": "An unprivileged user of dblink or postgres_fdw could bypass the checks intended to prevent use of server-side credentials, such as a ~/.pgpass file owned by the operating-system user running the server.\nServers allowing peer authentication on local connections are particularly vulnerable. Other attacks such as SQL injection into a postgres_fdw session are also possible. Attacking postgres_fdw in this way requires the ability to create a foreign server object with selected connection parameters, but any user with access to dblink could exploit the problem. In general, an attacker with the ability to select the connection parameters for a libpq-using application could cause mischief, though other plausible attack scenarios are harder to think of. Our thanks to Andrew Krasichkov for reporting this issue.\n\nFor Debian 8 'Jessie', this problem has been fixed in version 9.4.19-0+deb8u1.\n\nWe recommend that you upgrade your postgresql-9.4 packages.\n\nNOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 7.5, "vector": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}, "published": "2018-08-16T00:00:00", "type": "nessus", "title": "Debian DLA-1464-1 : postgresql-9.4 security update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-10915"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:libecpg-compat3", "p-cpe:/a:debian:debian_linux:libecpg-dev", "p-cpe:/a:debian:debian_linux:libecpg6", "p-cpe:/a:debian:debian_linux:libpgtypes3", "p-cpe:/a:debian:debian_linux:libpq-dev", "p-cpe:/a:debian:debian_linux:libpq5", "p-cpe:/a:debian:debian_linux:postgresql-9.4", "p-cpe:/a:debian:debian_linux:postgresql-9.4-dbg", "p-cpe:/a:debian:debian_linux:postgresql-client-9.4", "p-cpe:/a:debian:debian_linux:postgresql-contrib-9.4", "p-cpe:/a:debian:debian_linux:postgresql-doc-9.4", "p-cpe:/a:debian:debian_linux:postgresql-plperl-9.4", "p-cpe:/a:debian:debian_linux:postgresql-plpython-9.4", "p-cpe:/a:debian:debian_linux:postgresql-plpython3-9.4", "p-cpe:/a:debian:debian_linux:postgresql-pltcl-9.4", "p-cpe:/a:debian:debian_linux:postgresql-server-dev-9.4", "cpe:/o:debian:debian_linux:8.0"], "id": "DEBIAN_DLA-1464.NASL", "href": "https://www.tenable.com/plugins/nessus/111762", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Debian Security Advisory DLA-1464-1. The text\n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(111762);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2018-10915\");\n\n script_name(english:\"Debian DLA-1464-1 : postgresql-9.4 security update\");\n script_summary(english:\"Checks dpkg output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An unprivileged user of dblink or postgres_fdw could bypass the checks\nintended to prevent use of server-side credentials, such as a\n~/.pgpass file owned by the operating-system user running the server.\nServers allowing peer authentication on local connections are\nparticularly vulnerable. Other attacks such as SQL injection into a\npostgres_fdw session are also possible. Attacking postgres_fdw in this\nway requires the ability to create a foreign server object with\nselected connection parameters, but any user with access to dblink\ncould exploit the problem. In general, an attacker with the ability to\nselect the connection parameters for a libpq-using application could\ncause mischief, though other plausible attack scenarios are harder to\nthink of. Our thanks to Andrew Krasichkov for reporting this issue.\n\nFor Debian 8 'Jessie', this problem has been fixed in version\n9.4.19-0+deb8u1.\n\nWe recommend that you upgrade your postgresql-9.4 packages.\n\nNOTE: Tenable Network Security has extracted the preceding description\nblock directly from the DLA security advisory. Tenable has attempted\nto automatically clean and format it as much as possible without\nintroducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.debian.org/debian-lts-announce/2018/08/msg00012.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/jessie/postgresql-9.4\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Upgrade the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:S/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libecpg-compat3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libecpg-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libecpg6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libpgtypes3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libpq-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libpq5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:postgresql-9.4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:postgresql-9.4-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:postgresql-client-9.4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:postgresql-contrib-9.4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:postgresql-doc-9.4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:postgresql-plperl-9.4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:postgresql-plpython-9.4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:postgresql-plpython3-9.4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:postgresql-pltcl-9.4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:postgresql-server-dev-9.4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:8.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/08/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/08/16\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"8.0\", prefix:\"libecpg-compat3\", reference:\"9.4.19-0+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libecpg-dev\", reference:\"9.4.19-0+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libecpg6\", reference:\"9.4.19-0+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libpgtypes3\", reference:\"9.4.19-0+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libpq-dev\", reference:\"9.4.19-0+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libpq5\", reference:\"9.4.19-0+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"postgresql-9.4\", reference:\"9.4.19-0+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"postgresql-9.4-dbg\", reference:\"9.4.19-0+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"postgresql-client-9.4\", reference:\"9.4.19-0+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"postgresql-contrib-9.4\", reference:\"9.4.19-0+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"postgresql-doc-9.4\", reference:\"9.4.19-0+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"postgresql-plperl-9.4\", reference:\"9.4.19-0+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"postgresql-plpython-9.4\", reference:\"9.4.19-0+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"postgresql-plpython3-9.4\", reference:\"9.4.19-0+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"postgresql-pltcl-9.4\", reference:\"9.4.19-0+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"postgresql-server-dev-9.4\", reference:\"9.4.19-0+deb8u1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 6, "vector": "AV:N/AC:M/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2022-03-27T15:49:57", "description": "An update for postgresql is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\nPostgreSQL is an advanced object-relational database management system (DBMS).\n\nThe following packages have been upgraded to a later upstream version:\npostgresql (9.2.24). (BZ#1612667)\n\nSecurity Fix(es) :\n\n* postgresql: Certain host connection parameters defeat client-side security defenses (CVE-2018-10915)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.\n\nRed Hat would like to thank the PostgreSQL project for reporting this issue. Upstream acknowledges Andrew Krasichkov as the original reporter.", "cvss3": {"score": 7.5, "vector": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}, "published": "2018-08-24T00:00:00", "type": "nessus", "title": "RHEL 7 : postgresql (RHSA-2018:2557)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-10915"], "modified": "2019-10-24T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:postgresql", "p-cpe:/a:redhat:enterprise_linux:postgresql-contrib", "p-cpe:/a:redhat:enterprise_linux:postgresql-debuginfo", "p-cpe:/a:redhat:enterprise_linux:postgresql-devel", "p-cpe:/a:redhat:enterprise_linux:postgresql-docs", "p-cpe:/a:redhat:enterprise_linux:postgresql-libs", "p-cpe:/a:redhat:enterprise_linux:postgresql-plperl", "p-cpe:/a:redhat:enterprise_linux:postgresql-plpython", "p-cpe:/a:redhat:enterprise_linux:postgresql-pltcl", "p-cpe:/a:redhat:enterprise_linux:postgresql-server", "p-cpe:/a:redhat:enterprise_linux:postgresql-static", "p-cpe:/a:redhat:enterprise_linux:postgresql-test", "p-cpe:/a:redhat:enterprise_linux:postgresql-upgrade", "cpe:/o:redhat:enterprise_linux:7", "cpe:/o:redhat:enterprise_linux:7.5", "cpe:/o:redhat:enterprise_linux:7.6", "cpe:/o:redhat:enterprise_linux:7.7"], "id": "REDHAT-RHSA-2018-2557.NASL", "href": "https://www.tenable.com/plugins/nessus/112104", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2018:2557. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(112104);\n script_version(\"1.8\");\n script_cvs_date(\"Date: 2019/10/24 15:35:45\");\n\n script_cve_id(\"CVE-2018-10915\");\n script_xref(name:\"RHSA\", value:\"2018:2557\");\n\n script_name(english:\"RHEL 7 : postgresql (RHSA-2018:2557)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An update for postgresql is now available for Red Hat Enterprise Linux\n7.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Important. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nPostgreSQL is an advanced object-relational database management system\n(DBMS).\n\nThe following packages have been upgraded to a later upstream version:\npostgresql (9.2.24). (BZ#1612667)\n\nSecurity Fix(es) :\n\n* postgresql: Certain host connection parameters defeat client-side\nsecurity defenses (CVE-2018-10915)\n\nFor more details about the security issue(s), including the impact, a\nCVSS score, and other related information, refer to the CVE page(s)\nlisted in the References section.\n\nRed Hat would like to thank the PostgreSQL project for reporting this\nissue. Upstream acknowledges Andrew Krasichkov as the original\nreporter.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2018:2557\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2018-10915\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:S/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:postgresql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:postgresql-contrib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:postgresql-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:postgresql-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:postgresql-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:postgresql-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:postgresql-plperl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:postgresql-plpython\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:postgresql-pltcl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:postgresql-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:postgresql-static\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:postgresql-test\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:postgresql-upgrade\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.7\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/08/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/08/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/08/24\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 7.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2018:2557\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL7\", reference:\"postgresql-9.2.24-1.el7_5\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"postgresql-contrib-9.2.24-1.el7_5\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"postgresql-contrib-9.2.24-1.el7_5\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"postgresql-debuginfo-9.2.24-1.el7_5\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"postgresql-devel-9.2.24-1.el7_5\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"postgresql-docs-9.2.24-1.el7_5\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"postgresql-docs-9.2.24-1.el7_5\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"postgresql-libs-9.2.24-1.el7_5\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"postgresql-plperl-9.2.24-1.el7_5\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"postgresql-plperl-9.2.24-1.el7_5\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"postgresql-plpython-9.2.24-1.el7_5\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"postgresql-plpython-9.2.24-1.el7_5\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"postgresql-pltcl-9.2.24-1.el7_5\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"postgresql-pltcl-9.2.24-1.el7_5\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"postgresql-server-9.2.24-1.el7_5\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"postgresql-server-9.2.24-1.el7_5\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"postgresql-static-9.2.24-1.el7_5\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"postgresql-test-9.2.24-1.el7_5\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"postgresql-test-9.2.24-1.el7_5\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"postgresql-upgrade-9.2.24-1.el7_5\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"postgresql-upgrade-9.2.24-1.el7_5\")) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"postgresql / postgresql-contrib / postgresql-debuginfo / etc\");\n }\n}\n", "cvss": {"score": 6, "vector": "AV:N/AC:M/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2022-03-27T15:49:09", "description": "The following packages have been upgraded to a later upstream version:\npostgresql (9.2.24).\n\nSecurity Fix(es) :\n\n - postgresql: Certain host connection parameters defeat client-side security defenses (CVE-2018-10915)", "cvss3": {"score": 7.5, "vector": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}, "published": "2018-08-24T00:00:00", "type": "nessus", "title": "Scientific Linux Security Update : postgresql on SL7.x x86_64 (20180823)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-10915"], "modified": "2020-02-24T00:00:00", "cpe": ["p-cpe:/a:fermilab:scientific_linux:postgresql", "p-cpe:/a:fermilab:scientific_linux:postgresql-contrib", "p-cpe:/a:fermilab:scientific_linux:postgresql-debuginfo", "p-cpe:/a:fermilab:scientific_linux:postgresql-devel", "p-cpe:/a:fermilab:scientific_linux:postgresql-docs", "p-cpe:/a:fermilab:scientific_linux:postgresql-libs", "p-cpe:/a:fermilab:scientific_linux:postgresql-plperl", "p-cpe:/a:fermilab:scientific_linux:postgresql-plpython", "p-cpe:/a:fermilab:scientific_linux:postgresql-pltcl", "p-cpe:/a:fermilab:scientific_linux:postgresql-server", "p-cpe:/a:fermilab:scientific_linux:postgresql-static", "p-cpe:/a:fermilab:scientific_linux:postgresql-test", "p-cpe:/a:fermilab:scientific_linux:postgresql-upgrade", "x-cpe:/o:fermilab:scientific_linux"], "id": "SL_20180823_POSTGRESQL_ON_SL7_X.NASL", "href": "https://www.tenable.com/plugins/nessus/112105", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(112105);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/02/24\");\n\n script_cve_id(\"CVE-2018-10915\");\n\n script_name(english:\"Scientific Linux Security Update : postgresql on SL7.x x86_64 (20180823)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The following packages have been upgraded to a later upstream version:\npostgresql (9.2.24).\n\nSecurity Fix(es) :\n\n - postgresql: Certain host connection parameters defeat\n client-side security defenses (CVE-2018-10915)\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1808&L=scientific-linux-errata&F=&S=&P=9766\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?fd9f3e79\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:S/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:postgresql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:postgresql-contrib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:postgresql-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:postgresql-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:postgresql-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:postgresql-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:postgresql-plperl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:postgresql-plpython\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:postgresql-pltcl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:postgresql-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:postgresql-static\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:postgresql-test\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:postgresql-upgrade\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/08/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/08/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/08/24\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nos_ver = pregmatch(pattern: \"Scientific Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Scientific Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Scientific Linux 7.x\", \"Scientific Linux \" + os_ver);\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\nif (\"x86_64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"postgresql-9.2.24-1.el7_5\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"postgresql-contrib-9.2.24-1.el7_5\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"postgresql-debuginfo-9.2.24-1.el7_5\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"postgresql-devel-9.2.24-1.el7_5\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"postgresql-docs-9.2.24-1.el7_5\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"postgresql-libs-9.2.24-1.el7_5\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"postgresql-plperl-9.2.24-1.el7_5\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"postgresql-plpython-9.2.24-1.el7_5\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"postgresql-pltcl-9.2.24-1.el7_5\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"postgresql-server-9.2.24-1.el7_5\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"postgresql-static-9.2.24-1.el7_5\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"postgresql-test-9.2.24-1.el7_5\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"postgresql-upgrade-9.2.24-1.el7_5\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"postgresql / postgresql-contrib / postgresql-debuginfo / etc\");\n}\n", "cvss": {"score": 6, "vector": "AV:N/AC:M/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2022-03-27T15:50:41", "description": "From Red Hat Security Advisory 2018:2557 :\n\nAn update for postgresql is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\nPostgreSQL is an advanced object-relational database management system (DBMS).\n\nThe following packages have been upgraded to a later upstream version:\npostgresql (9.2.24). (BZ#1612667)\n\nSecurity Fix(es) :\n\n* postgresql: Certain host connection parameters defeat client-side security defenses (CVE-2018-10915)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.\n\nRed Hat would like to thank the PostgreSQL project for reporting this issue. Upstream acknowledges Andrew Krasichkov as the original reporter.", "cvss3": {"score": 7.5, "vector": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}, "published": "2018-08-24T00:00:00", "type": "nessus", "title": "Oracle Linux 7 : postgresql (ELSA-2018-2557)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-10915"], "modified": "2019-09-27T00:00:00", "cpe": ["p-cpe:/a:oracle:linux:postgresql", "p-cpe:/a:oracle:linux:postgresql-contrib", "p-cpe:/a:oracle:linux:postgresql-devel", "p-cpe:/a:oracle:linux:postgresql-docs", "p-cpe:/a:oracle:linux:postgresql-libs", "p-cpe:/a:oracle:linux:postgresql-plperl", "p-cpe:/a:oracle:linux:postgresql-plpython", "p-cpe:/a:oracle:linux:postgresql-pltcl", "p-cpe:/a:oracle:linux:postgresql-server", "p-cpe:/a:oracle:linux:postgresql-static", "p-cpe:/a:oracle:linux:postgresql-test", "p-cpe:/a:oracle:linux:postgresql-upgrade", "cpe:/o:oracle:linux:7"], "id": "ORACLELINUX_ELSA-2018-2557.NASL", "href": "https://www.tenable.com/plugins/nessus/112103", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2018:2557 and \n# Oracle Linux Security Advisory ELSA-2018-2557 respectively.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(112103);\n script_version(\"1.3\");\n script_cvs_date(\"Date: 2019/09/27 13:00:38\");\n\n script_cve_id(\"CVE-2018-10915\");\n script_xref(name:\"RHSA\", value:\"2018:2557\");\n\n script_name(english:\"Oracle Linux 7 : postgresql (ELSA-2018-2557)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2018:2557 :\n\nAn update for postgresql is now available for Red Hat Enterprise Linux\n7.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Important. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nPostgreSQL is an advanced object-relational database management system\n(DBMS).\n\nThe following packages have been upgraded to a later upstream version:\npostgresql (9.2.24). (BZ#1612667)\n\nSecurity Fix(es) :\n\n* postgresql: Certain host connection parameters defeat client-side\nsecurity defenses (CVE-2018-10915)\n\nFor more details about the security issue(s), including the impact, a\nCVSS score, and other related information, refer to the CVE page(s)\nlisted in the References section.\n\nRed Hat would like to thank the PostgreSQL project for reporting this\nissue. Upstream acknowledges Andrew Krasichkov as the original\nreporter.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2018-August/008006.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected postgresql packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:S/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:postgresql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:postgresql-contrib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:postgresql-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:postgresql-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:postgresql-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:postgresql-plperl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:postgresql-plpython\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:postgresql-pltcl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:postgresql-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:postgresql-static\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:postgresql-test\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:postgresql-upgrade\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:7\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/08/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/08/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/08/24\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 7\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\nif (\"x86_64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"postgresql-9.2.24-1.el7_5\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"postgresql-contrib-9.2.24-1.el7_5\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"postgresql-devel-9.2.24-1.el7_5\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"postgresql-docs-9.2.24-1.el7_5\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"postgresql-libs-9.2.24-1.el7_5\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"postgresql-plperl-9.2.24-1.el7_5\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"postgresql-plpython-9.2.24-1.el7_5\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"postgresql-pltcl-9.2.24-1.el7_5\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"postgresql-server-9.2.24-1.el7_5\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"postgresql-static-9.2.24-1.el7_5\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"postgresql-test-9.2.24-1.el7_5\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"postgresql-upgrade-9.2.24-1.el7_5\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"postgresql / postgresql-contrib / postgresql-devel / etc\");\n}\n", "cvss": {"score": 6, "vector": "AV:N/AC:M/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2022-03-27T16:02:27", "description": "This update for postgresql94 to 9.4.19 fixes the following security issue :\n\n - CVE-2018-10915: libpq failed to properly reset its internal state between connections. If an affected version of libpq was used with 'host' or 'hostaddr' connection parameters from untrusted input, attackers could have bypassed client-side connection security features, obtain access to higher privileged connections or potentially cause other impact SQL injection, by causing the PQescape() functions to malfunction (bsc#1104199).\n\nA dump/restore is not required for this update unless you use the functions query_to_xml, cursor_to_xml, cursor_to_xmlschema, query_to_xmlschema, and query_to_xml_and_xmlschema. In this case please see the first entry of https://www.postgresql.org/docs/9.4/static/release-9-4-18.html\n\nThis update was imported from the SUSE:SLE-12:Update update project.", "cvss3": {"score": 7.5, "vector": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}, "published": "2018-12-07T00:00:00", "type": "nessus", "title": "openSUSE Security Update : postgresql94 (openSUSE-2018-1482)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-10915"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:postgresql94", "p-cpe:/a:novell:opensuse:postgresql94-contrib", "p-cpe:/a:novell:opensuse:postgresql94-contrib-debuginfo", "p-cpe:/a:novell:opensuse:postgresql94-debuginfo", "p-cpe:/a:novell:opensuse:postgresql94-debugsource", "p-cpe:/a:novell:opensuse:postgresql94-devel", "p-cpe:/a:novell:opensuse:postgresql94-devel-debuginfo", "p-cpe:/a:novell:opensuse:postgresql94-libs-debugsource", "p-cpe:/a:novell:opensuse:postgresql94-plperl", "p-cpe:/a:novell:opensuse:postgresql94-plperl-debuginfo", "p-cpe:/a:novell:opensuse:postgresql94-plpython", "p-cpe:/a:novell:opensuse:postgresql94-plpython-debuginfo", "p-cpe:/a:novell:opensuse:postgresql94-pltcl", "p-cpe:/a:novell:opensuse:postgresql94-pltcl-debuginfo", "p-cpe:/a:novell:opensuse:postgresql94-server", "p-cpe:/a:novell:opensuse:postgresql94-server-debuginfo", "p-cpe:/a:novell:opensuse:postgresql94-test", "cpe:/o:novell:opensuse:42.3"], "id": "OPENSUSE-2018-1482.NASL", "href": "https://www.tenable.com/plugins/nessus/119490", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2018-1482.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(119490);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2018-10915\");\n\n script_name(english:\"openSUSE Security Update : postgresql94 (openSUSE-2018-1482)\");\n script_summary(english:\"Check for the openSUSE-2018-1482 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for postgresql94 to 9.4.19 fixes the following security\nissue :\n\n - CVE-2018-10915: libpq failed to properly reset its\n internal state between connections. If an affected\n version of libpq was used with 'host' or 'hostaddr'\n connection parameters from untrusted input, attackers\n could have bypassed client-side connection security\n features, obtain access to higher privileged connections\n or potentially cause other impact SQL injection, by\n causing the PQescape() functions to malfunction\n (bsc#1104199).\n\nA dump/restore is not required for this update unless you use the\nfunctions query_to_xml, cursor_to_xml, cursor_to_xmlschema,\nquery_to_xmlschema, and query_to_xml_and_xmlschema. In this case\nplease see the first entry of\nhttps://www.postgresql.org/docs/9.4/static/release-9-4-18.html\n\nThis update was imported from the SUSE:SLE-12:Update update project.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1104199\"\n );\n # https://www.postgresql.org/docs/9.4/static/release-9-4-18.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.postgresql.org/docs/9.4/release-9-4-18.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected postgresql94 packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:S/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql94\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql94-contrib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql94-contrib-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql94-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql94-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql94-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql94-devel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql94-libs-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql94-plperl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql94-plperl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql94-plpython\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql94-plpython-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql94-pltcl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql94-pltcl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql94-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql94-server-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql94-test\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:42.3\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/08/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/12/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/12/07\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE42\\.3)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"42.3\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE42.3\", reference:\"postgresql94-9.4.19-24.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"postgresql94-contrib-9.4.19-24.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"postgresql94-contrib-debuginfo-9.4.19-24.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"postgresql94-debuginfo-9.4.19-24.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"postgresql94-debugsource-9.4.19-24.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"postgresql94-devel-9.4.19-24.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"postgresql94-devel-debuginfo-9.4.19-24.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"postgresql94-libs-debugsource-9.4.19-24.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"postgresql94-plperl-9.4.19-24.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"postgresql94-plperl-debuginfo-9.4.19-24.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"postgresql94-plpython-9.4.19-24.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"postgresql94-plpython-debuginfo-9.4.19-24.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"postgresql94-pltcl-9.4.19-24.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"postgresql94-pltcl-debuginfo-9.4.19-24.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"postgresql94-server-9.4.19-24.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"postgresql94-server-debuginfo-9.4.19-24.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"postgresql94-test-9.4.19-24.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"postgresql94-devel / postgresql94-devel-debuginfo / etc\");\n}\n", "cvss": {"score": 6, "vector": "AV:N/AC:M/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2022-03-27T16:02:01", "description": "A vulnerability was found in libpq, the default PostgreSQL client library where libpq failed to properly reset its internal state between connections. If an affected version of libpq were used with 'host' or 'hostaddr' connection parameters from untrusted input, attackers could bypass client-side connection security features, obtain access to higher privileged connections or potentially cause other impact through SQL injection, by causing the PQescape() functions to malfunction.(CVE-2018-10915)", "cvss3": {"score": 7.5, "vector": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}, "published": "2018-12-07T00:00:00", "type": "nessus", "title": "Amazon Linux AMI : postgresql93 / postgresql94 (ALAS-2018-1117)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-10915"], "modified": "2020-06-09T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:postgresql93", "p-cpe:/a:amazon:linux:postgresql93-contrib", "p-cpe:/a:amazon:linux:postgresql93-debuginfo", "p-cpe:/a:amazon:linux:postgresql93-devel", "p-cpe:/a:amazon:linux:postgresql93-docs", "p-cpe:/a:amazon:linux:postgresql93-libs", "p-cpe:/a:amazon:linux:postgresql93-plperl", "p-cpe:/a:amazon:linux:postgresql93-plpython26", "p-cpe:/a:amazon:linux:postgresql93-plpython27", "p-cpe:/a:amazon:linux:postgresql93-pltcl", "p-cpe:/a:amazon:linux:postgresql93-server", "p-cpe:/a:amazon:linux:postgresql93-test", "p-cpe:/a:amazon:linux:postgresql94", "p-cpe:/a:amazon:linux:postgresql94-contrib", "p-cpe:/a:amazon:linux:postgresql94-debuginfo", "p-cpe:/a:amazon:linux:postgresql94-devel", "p-cpe:/a:amazon:linux:postgresql94-docs", "p-cpe:/a:amazon:linux:postgresql94-libs", "p-cpe:/a:amazon:linux:postgresql94-plperl", "p-cpe:/a:amazon:linux:postgresql94-plpython26", "p-cpe:/a:amazon:linux:postgresql94-plpython27", "p-cpe:/a:amazon:linux:postgresql94-server", "p-cpe:/a:amazon:linux:postgresql94-test", "cpe:/o:amazon:linux"], "id": "ALA_ALAS-2018-1117.NASL", "href": "https://www.tenable.com/plugins/nessus/119476", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux AMI Security Advisory ALAS-2018-1117.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(119476);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/06/09\");\n\n script_cve_id(\"CVE-2018-10915\");\n script_xref(name:\"ALAS\", value:\"2018-1117\");\n\n script_name(english:\"Amazon Linux AMI : postgresql93 / postgresql94 (ALAS-2018-1117)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote Amazon Linux AMI host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"A vulnerability was found in libpq, the default PostgreSQL client\nlibrary where libpq failed to properly reset its internal state\nbetween connections. If an affected version of libpq were used with\n'host' or 'hostaddr' connection parameters from untrusted input,\nattackers could bypass client-side connection security features,\nobtain access to higher privileged connections or potentially cause\nother impact through SQL injection, by causing the PQescape()\nfunctions to malfunction.(CVE-2018-10915)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://alas.aws.amazon.com/ALAS-2018-1117.html\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"Run 'yum update postgresql93' to update your system.\n\nRun 'yum update postgresql94' to update your system.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:S/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:postgresql93\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:postgresql93-contrib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:postgresql93-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:postgresql93-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:postgresql93-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:postgresql93-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:postgresql93-plperl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:postgresql93-plpython26\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:postgresql93-plpython27\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:postgresql93-pltcl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:postgresql93-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:postgresql93-test\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:postgresql94\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:postgresql94-contrib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:postgresql94-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:postgresql94-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:postgresql94-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:postgresql94-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:postgresql94-plperl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:postgresql94-plpython26\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:postgresql94-plpython27\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:postgresql94-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:postgresql94-test\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/08/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/12/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/12/07\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nos_ver = pregmatch(pattern: \"^AL(A|\\d)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"A\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux AMI\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (rpm_check(release:\"ALA\", reference:\"postgresql93-9.3.25-1.72.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"postgresql93-contrib-9.3.25-1.72.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"postgresql93-debuginfo-9.3.25-1.72.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"postgresql93-devel-9.3.25-1.72.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"postgresql93-docs-9.3.25-1.72.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"postgresql93-libs-9.3.25-1.72.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"postgresql93-plperl-9.3.25-1.72.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"postgresql93-plpython26-9.3.25-1.72.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"postgresql93-plpython27-9.3.25-1.72.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"postgresql93-pltcl-9.3.25-1.72.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"postgresql93-server-9.3.25-1.72.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"postgresql93-test-9.3.25-1.72.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"postgresql94-9.4.20-1.76.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"postgresql94-contrib-9.4.20-1.76.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"postgresql94-debuginfo-9.4.20-1.76.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"postgresql94-devel-9.4.20-1.76.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"postgresql94-docs-9.4.20-1.76.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"postgresql94-libs-9.4.20-1.76.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"postgresql94-plperl-9.4.20-1.76.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"postgresql94-plpython26-9.4.20-1.76.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"postgresql94-plpython27-9.4.20-1.76.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"postgresql94-server-9.4.20-1.76.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"postgresql94-test-9.4.20-1.76.amzn1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"postgresql93 / postgresql93-contrib / postgresql93-debuginfo / etc\");\n}\n", "cvss": {"score": 6, "vector": "AV:N/AC:M/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2022-03-27T15:53:50", "description": "This update for postgresql94 fixes the following issues :\n\npostgresql was updated to 9.4.19 :\n\nhttps://www.postgresql.org/docs/current/static/release-9-4-19.html\n\n - CVE-2018-10915, bsc#1104199: Fix failure to reset libpq's state fully between connection attempts.\n\npostgresql was updated to 9.4.18 :\n\nhttps://www.postgresql.org/about/news/1851/\n\nhttps://www.postgresql.org/docs/current/static/release-9-4-18.html A dump/restore is not required for those running 9.4.X. However, if the function marking mistakes mentioned in the first changelog entry below affect you, you will want to take steps to correct your database catalogs.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 7.5, "vector": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}, "published": "2018-10-23T00:00:00", "type": "nessus", "title": "SUSE SLES11 Security Update : postgresql94 (SUSE-SU-2018:3287-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-10915"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:libecpg6", "p-cpe:/a:novell:suse_linux:libpq5", "p-cpe:/a:novell:suse_linux:postgresql94", "p-cpe:/a:novell:suse_linux:postgresql94-contrib", "p-cpe:/a:novell:suse_linux:postgresql94-docs", "p-cpe:/a:novell:suse_linux:postgresql94-server", "cpe:/o:novell:suse_linux:11"], "id": "SUSE_SU-2018-3287-1.NASL", "href": "https://www.tenable.com/plugins/nessus/118320", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2018:3287-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(118320);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2018-10915\");\n\n script_name(english:\"SUSE SLES11 Security Update : postgresql94 (SUSE-SU-2018:3287-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for postgresql94 fixes the following issues :\n\npostgresql was updated to 9.4.19 :\n\nhttps://www.postgresql.org/docs/current/static/release-9-4-19.html\n\n - CVE-2018-10915, bsc#1104199: Fix failure to reset\n libpq's state fully between connection attempts.\n\npostgresql was updated to 9.4.18 :\n\nhttps://www.postgresql.org/about/news/1851/\n\nhttps://www.postgresql.org/docs/current/static/release-9-4-18.html A\ndump/restore is not required for those running 9.4.X. However, if the\nfunction marking mistakes mentioned in the first changelog entry below\naffect you, you will want to take steps to correct your database\ncatalogs.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1104199\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.postgresql.org/about/news/1851/\"\n );\n # https://www.postgresql.org/docs/current/static/release-9-4-18.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.postgresql.org/docs/current/release-9-4-18.html\"\n );\n # https://www.postgresql.org/docs/current/static/release-9-4-19.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.postgresql.org/docs/current/release-9-4-19.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-10915/\"\n );\n # https://www.suse.com/support/update/announcement/2018/suse-su-20183287-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?4db4b0f2\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Software Development Kit 11-SP4:zypper in -t\npatch sdksp4-postgresql94-13829=1\n\nSUSE Linux Enterprise Server 11-SP4:zypper in -t patch\nslessp4-postgresql94-13829=1\n\nSUSE Linux Enterprise Debuginfo 11-SP4:zypper in -t patch\ndbgsp4-postgresql94-13829=1\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:S/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libecpg6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libpq5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:postgresql94\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:postgresql94-contrib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:postgresql94-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:postgresql94-server\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:11\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/08/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/10/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/10/23\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES11)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES11\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES11\" && (! preg(pattern:\"^(4)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES11 SP4\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES11\", sp:\"4\", cpu:\"x86_64\", reference:\"libpq5-32bit-9.4.19-0.23.19.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", cpu:\"s390x\", reference:\"libpq5-32bit-9.4.19-0.23.19.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"libecpg6-9.4.19-0.23.19.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"libpq5-9.4.19-0.23.19.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"postgresql94-9.4.19-0.23.19.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"postgresql94-contrib-9.4.19-0.23.19.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"postgresql94-docs-9.4.19-0.23.19.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"postgresql94-server-9.4.19-0.23.19.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"postgresql94\");\n}\n", "cvss": {"score": 6, "vector": "AV:N/AC:M/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2022-02-19T13:35:05", "description": "The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has postgresql packages installed that are affected by a vulnerability:\n\n - A vulnerability was found in libpq, the default PostgreSQL client library where libpq failed to properly reset its internal state between connections. If an affected version of libpq were used with host or hostaddr connection parameters from untrusted input, attackers could bypass client-side connection security features, obtain access to higher privileged connections or potentially cause other impact through SQL injection, by causing the PQescape() functions to malfunction.\n (CVE-2018-10915)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 7.5, "vector": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}, "published": "2019-08-12T00:00:00", "type": "nessus", "title": "NewStart CGSL CORE 5.04 / MAIN 5.04 : postgresql Vulnerability (NS-SA-2019-0036)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-10915"], "modified": "2021-01-14T00:00:00", "cpe": [], "id": "NEWSTART_CGSL_NS-SA-2019-0036_POSTGRESQL.NASL", "href": "https://www.tenable.com/plugins/nessus/127207", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\n# The descriptive text and package checks in this plugin were\n# extracted from ZTE advisory NS-SA-2019-0036. The text\n# itself is copyright (C) ZTE, Inc.\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(127207);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2018-10915\");\n\n script_name(english:\"NewStart CGSL CORE 5.04 / MAIN 5.04 : postgresql Vulnerability (NS-SA-2019-0036)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote machine is affected by a vulnerability.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has postgresql packages installed that are\naffected by a vulnerability:\n\n - A vulnerability was found in libpq, the default\n PostgreSQL client library where libpq failed to properly\n reset its internal state between connections. If an\n affected version of libpq were used with host or\n hostaddr connection parameters from untrusted input,\n attackers could bypass client-side connection security\n features, obtain access to higher privileged connections\n or potentially cause other impact through SQL injection,\n by causing the PQescape() functions to malfunction.\n (CVE-2018-10915)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/notice/NS-SA-2019-0036\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade the vulnerable CGSL postgresql packages. Note that updated packages may not be available yet. Please contact ZTE\nfor more information.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:S/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-10915\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/08/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/07/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/08/12\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"NewStart CGSL Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/ZTE-CGSL/release\", \"Host/ZTE-CGSL/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/ZTE-CGSL/release\");\nif (isnull(release) || release !~ \"^CGSL (MAIN|CORE)\") audit(AUDIT_OS_NOT, \"NewStart Carrier Grade Server Linux\");\n\nif (release !~ \"CGSL CORE 5.04\" &&\n release !~ \"CGSL MAIN 5.04\")\n audit(AUDIT_OS_NOT, 'NewStart CGSL CORE 5.04 / NewStart CGSL MAIN 5.04');\n\nif (!get_kb_item(\"Host/ZTE-CGSL/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"NewStart Carrier Grade Server Linux\", cpu);\n\nflag = 0;\n\npkgs = {\n \"CGSL CORE 5.04\": [\n \"postgresql-9.2.24-1.el7_5\",\n \"postgresql-contrib-9.2.24-1.el7_5\",\n \"postgresql-debuginfo-9.2.24-1.el7_5\",\n \"postgresql-devel-9.2.24-1.el7_5\",\n \"postgresql-docs-9.2.24-1.el7_5\",\n \"postgresql-libs-9.2.24-1.el7_5\",\n \"postgresql-plperl-9.2.24-1.el7_5\",\n \"postgresql-plpython-9.2.24-1.el7_5\",\n \"postgresql-pltcl-9.2.24-1.el7_5\",\n \"postgresql-server-9.2.24-1.el7_5\",\n \"postgresql-static-9.2.24-1.el7_5\",\n \"postgresql-test-9.2.24-1.el7_5\",\n \"postgresql-upgrade-9.2.24-1.el7_5\"\n ],\n \"CGSL MAIN 5.04\": [\n \"postgresql-9.2.24-1.el7_5\",\n \"postgresql-contrib-9.2.24-1.el7_5\",\n \"postgresql-debuginfo-9.2.24-1.el7_5\",\n \"postgresql-devel-9.2.24-1.el7_5\",\n \"postgresql-docs-9.2.24-1.el7_5\",\n \"postgresql-libs-9.2.24-1.el7_5\",\n \"postgresql-plperl-9.2.24-1.el7_5\",\n \"postgresql-plpython-9.2.24-1.el7_5\",\n \"postgresql-pltcl-9.2.24-1.el7_5\",\n \"postgresql-server-9.2.24-1.el7_5\",\n \"postgresql-static-9.2.24-1.el7_5\",\n \"postgresql-test-9.2.24-1.el7_5\",\n \"postgresql-upgrade-9.2.24-1.el7_5\"\n ]\n};\npkg_list = pkgs[release];\n\nforeach (pkg in pkg_list)\n if (rpm_check(release:\"ZTE \" + release, reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"postgresql\");\n}\n", "cvss": {"score": 6, "vector": "AV:N/AC:M/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2022-04-12T16:44:10", "description": "The version of PostgreSQL installed on the remote host is 9.3.x prior to 9.3.23, 9.4.x prior to 9.4.18, 9.5.x prior to 9.5.13, or 9.6.x prior to 9.6.9, or 10.3.x. As such, it is potentially affected by Insecure ACL Remote Issue", "cvss3": {"score": 9.1, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H"}, "published": "2018-06-01T00:00:00", "type": "nessus", "title": "PostgreSQL 9.3 < 9.3.23 / 9.4 < 9.4.18 / 9.5 < 9.5.13 / 9.6 < 9.6.9 / 10.3 Insecure ACL Remote Issue", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-1115"], "modified": "2022-04-11T00:00:00", "cpe": ["cpe:/a:postgresql:postgresql"], "id": "POSTGRESQL_20181115.NASL", "href": "https://www.tenable.com/plugins/nessus/110288", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(110288);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/04/11\");\n\n script_cve_id(\"CVE-2018-1115\");\n script_bugtraq_id(104285);\n\n script_name(english:\"PostgreSQL 9.3 < 9.3.23 / 9.4 < 9.4.18 / 9.5 < 9.5.13 / 9.6 < 9.6.9 / 10.3 Insecure ACL Remote Issue\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote database server is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of PostgreSQL installed on the remote host is 9.3.x prior\nto 9.3.23, 9.4.x prior to 9.4.18, 9.5.x prior to 9.5.13, or 9.6.x\nprior to 9.6.9, or 10.3.x. As such, it is potentially affected by \nInsecure ACL Remote Issue\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.postgresql.org/about/news/1851/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.us-cert.gov/ncas/bulletins/SB18-134\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to PostgreSQL 9.3.23 / 9.4.18 / 9.5.13 / 9.6.9 / 10.4 or later.\");\n script_set_attribute(attribute:\"agent\", value:\"all\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-1115\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/05/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/05/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/06/01\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:postgresql:postgresql\");\n script_set_attribute(attribute:\"thorough_tests\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Databases\");\n\n script_copyright(english:\"This script is Copyright (C) 2018-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"postgres_installed_windows.nbin\", \"postgres_installed_nix.nbin\", \"postgresql_version.nbin\");\n script_require_ports(\"Services/postgresql\", 5432, \"installed_sw/PostgreSQL\");\n\n exit(0);\n}\n\ninclude('vcf_extras_postgresql.inc');\n\nvar app = 'PostgreSQL';\nvar win_local = TRUE;\n\nif (!get_kb_item('SMB/Registry/Enumerated'))\n win_local = FALSE;\n\nvar port = get_service(svc:'postgresql', default:5432);\nvar kb_base = 'database/' + port + '/postgresql/';\nvar kb_ver = NULL;\nvar kb_path = kb_base + 'version';\nvar ver = get_kb_item(kb_path);\nif (!empty_or_null(ver)) kb_ver = kb_path;\n\napp_info = vcf::postgresql::get_app_info(app:app, port:port, kb_ver:kb_ver, kb_base:kb_base, win_local:win_local);\nvcf::check_granularity(app_info:app_info, sig_segments:2);\n\nvar constraints = [\n { 'min_version' : '9', 'fixed_version' : '9.3.23' },\n { 'min_version' : '9.4', 'fixed_version' : '9.4.18' },\n { 'min_version' : '9.5', 'fixed_version' : '9.5.13' },\n { 'min_version' : '9.6', 'fixed_version' : '9.6.9' },\n { 'min_version' : '10', 'fixed_version' : '10.3' }\n];\n\n\n\nvcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_WARNING);\n", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2021-08-19T12:13:02", "description": "According to the version of the postgresql packages installed, the EulerOS installation on the remote host is affected by the following vulnerability :\n\n - postgresql before versions 10.4, 9.6.9 is vulnerable in the adminpack extension, the pg_catalog.pg_logfile_rotate() function doesn't follow the same ACLs than pg_rorate_logfile. If the adminpack is added to a database, an attacker able to connect to it could exploit this to force log rotation.(CVE-2018-1115)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 9.1, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H"}, "published": "2020-08-28T00:00:00", "type": "nessus", "title": "EulerOS 2.0 SP8 : postgresql (EulerOS-SA-2020-1876)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-1115"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:postgresql", "p-cpe:/a:huawei:euleros:postgresql-contrib", "p-cpe:/a:huawei:euleros:postgresql-devel", "p-cpe:/a:huawei:euleros:postgresql-docs", "p-cpe:/a:huawei:euleros:postgresql-libs", "p-cpe:/a:huawei:euleros:postgresql-plperl", "p-cpe:/a:huawei:euleros:postgresql-plpython", "p-cpe:/a:huawei:euleros:postgresql-pltcl", "p-cpe:/a:huawei:euleros:postgresql-server", "p-cpe:/a:huawei:euleros:postgresql-test", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2020-1876.NASL", "href": "https://www.tenable.com/plugins/nessus/139979", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(139979);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\n \"CVE-2018-1115\"\n );\n\n script_name(english:\"EulerOS 2.0 SP8 : postgresql (EulerOS-SA-2020-1876)\");\n script_summary(english:\"Checks the rpm output for the updated package.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the version of the postgresql packages installed, the\nEulerOS installation on the remote host is affected by the following\nvulnerability :\n\n - postgresql before versions 10.4, 9.6.9 is vulnerable in\n the adminpack extension, the\n pg_catalog.pg_logfile_rotate() function doesn't follow\n the same ACLs than pg_rorate_logfile. If the adminpack\n is added to a database, an attacker able to connect to\n it could exploit this to force log\n rotation.(CVE-2018-1115)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2020-1876\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?52958754\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected postgresql package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/08/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/08/28\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:postgresql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:postgresql-contrib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:postgresql-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:postgresql-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:postgresql-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:postgresql-plperl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:postgresql-plpython\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:postgresql-pltcl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:postgresql-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:postgresql-test\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0\");\n\nsp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(8)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP8\");\n\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP8\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"aarch64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"aarch64\", cpu);\n\nflag = 0;\n\npkgs = [\"postgresql-10.5-3.h8.eulerosv2r8\",\n \"postgresql-contrib-10.5-3.h8.eulerosv2r8\",\n \"postgresql-devel-10.5-3.h8.eulerosv2r8\",\n \"postgresql-docs-10.5-3.h8.eulerosv2r8\",\n \"postgresql-libs-10.5-3.h8.eulerosv2r8\",\n \"postgresql-plperl-10.5-3.h8.eulerosv2r8\",\n \"postgresql-plpython-10.5-3.h8.eulerosv2r8\",\n \"postgresql-pltcl-10.5-3.h8.eulerosv2r8\",\n \"postgresql-server-10.5-3.h8.eulerosv2r8\",\n \"postgresql-test-10.5-3.h8.eulerosv2r8\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"8\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"postgresql\");\n}\n", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2021-08-19T12:31:40", "description": "This update for postgresql95 fixes the following issues :\n\n - Update to PostgreSQL 9.5.13 :\n\n - https://www.postgresql.org/docs/9.5/static/release-9-5-13.html A dump/restore is not required for those running 9.5.X.\nHowever, if the function marking mistakes mentioned belowpg_logfile_rotate affect you, you will want to take steps to correct your database catalogs.\nThe functions query_to_xml, cursor_to_xml, cursor_to_xmlschema, query_to_xmlschema, and query_to_xml_and_xmlschema should be marked volatile because they execute user-supplied queries that might contain volatile operations. They were not, leading to a risk of incorrect query optimization. This has been repaired for new installations by correcting the initial catalog data, but existing installations will continue to contain the incorrect markings. Practical use of these functions seems to pose little hazard, but in case of trouble, it can be fixed by manually updating these functions' pg_proc entries, for example: ALTER FUNCTION pg_catalog.query_to_xml(text, boolean, boolean, text) VOLATILE.\n (Note that that will need to be done in each database of the installation.) Another option is to pg_upgrade the database to a version containing the corrected initial data.\nSecurity issue fixed :\n\n - CVE-2018-1115: Remove public execute privilege from contrib/adminpack's pg_logfile_rotate() function pg_logfile_rotate() is a deprecated wrapper for the core function pg_rotate_logfile(). When that function was changed to rely on SQL privileges for access control rather than a hard-coded superuser check, pg_logfile_rotate() should have been updated as well, but the need for this was missed. Hence, if adminpack is installed, any user could request a logfile rotation, creating a minor security issue. After installing this update, administrators should update adminpack by performing ALTER EXTENSION adminpack UPDATE in each database in which adminpack is installed. (bsc#1091610)", "cvss3": {"score": 9.1, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H"}, "published": "2018-07-09T00:00:00", "type": "nessus", "title": "openSUSE Security Update : postgresql95 (openSUSE-2018-696)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-1115"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:postgresql95", "p-cpe:/a:novell:opensuse:postgresql95-contrib", "p-cpe:/a:novell:opensuse:postgresql95-contrib-debuginfo", "p-cpe:/a:novell:opensuse:postgresql95-debuginfo", "p-cpe:/a:novell:opensuse:postgresql95-debugsource", "p-cpe:/a:novell:opensuse:postgresql95-devel", "p-cpe:/a:novell:opensuse:postgresql95-devel-debuginfo", "p-cpe:/a:novell:opensuse:postgresql95-libs-debugsource", "p-cpe:/a:novell:opensuse:postgresql95-plperl", "p-cpe:/a:novell:opensuse:postgresql95-plperl-debuginfo", "p-cpe:/a:novell:opensuse:postgresql95-plpython", "p-cpe:/a:novell:opensuse:postgresql95-plpython-debuginfo", "p-cpe:/a:novell:opensuse:postgresql95-pltcl", "p-cpe:/a:novell:opensuse:postgresql95-pltcl-debuginfo", "p-cpe:/a:novell:opensuse:postgresql95-server", "p-cpe:/a:novell:opensuse:postgresql95-server-debuginfo", "p-cpe:/a:novell:opensuse:postgresql95-test", "cpe:/o:novell:opensuse:42.3"], "id": "OPENSUSE-2018-696.NASL", "href": "https://www.tenable.com/plugins/nessus/110955", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2018-696.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(110955);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2018-1115\");\n\n script_name(english:\"openSUSE Security Update : postgresql95 (openSUSE-2018-696)\");\n script_summary(english:\"Check for the openSUSE-2018-696 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for postgresql95 fixes the following issues :\n\n - Update to PostgreSQL 9.5.13 :\n\n - https://www.postgresql.org/docs/9.5/static/release-9-5-13.html\nA dump/restore is not required for those running 9.5.X.\nHowever, if the function marking mistakes mentioned belowpg_logfile_rotate\naffect you, you will want to take steps to correct your\ndatabase catalogs.\nThe functions query_to_xml, cursor_to_xml, cursor_to_xmlschema,\nquery_to_xmlschema, and query_to_xml_and_xmlschema should be\nmarked volatile because they execute user-supplied queries\nthat might contain volatile operations. They were not,\nleading to a risk of incorrect query optimization. This has\nbeen repaired for new installations by correcting the initial\ncatalog data, but existing installations will continue to\ncontain the incorrect markings. Practical use of these\nfunctions seems to pose little hazard, but in case of trouble,\nit can be fixed by manually updating these functions' pg_proc\nentries, for example: ALTER FUNCTION\npg_catalog.query_to_xml(text, boolean, boolean, text) VOLATILE.\n (Note that that will need to be done in each database of the\ninstallation.) Another option is to pg_upgrade the database to\na version containing the corrected initial data.\nSecurity issue fixed :\n\n - CVE-2018-1115: Remove public execute privilege from\n contrib/adminpack's pg_logfile_rotate() function\n pg_logfile_rotate() is a deprecated wrapper for the core\n function pg_rotate_logfile(). When that function was\n changed to rely on SQL privileges for access control\n rather than a hard-coded superuser check,\n pg_logfile_rotate() should have been updated as well,\n but the need for this was missed. Hence, if adminpack is\n installed, any user could request a logfile rotation,\n creating a minor security issue. After installing this\n update, administrators should update adminpack by\n performing ALTER EXTENSION adminpack UPDATE in each\n database in which adminpack is installed. (bsc#1091610)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1091610\"\n );\n # https://www.postgresql.org/docs/9.5/static/release-9-5-13.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.postgresql.org/docs/9.5/release-9-5-13.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected postgresql95 packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql95\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql95-contrib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql95-contrib-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql95-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql95-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql95-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql95-devel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql95-libs-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql95-plperl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql95-plperl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql95-plpython\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql95-plpython-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql95-pltcl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql95-pltcl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql95-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql95-server-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql95-test\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:42.3\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/07/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/07/09\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE42\\.3)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"42.3\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE42.3\", reference:\"postgresql95-9.5.13-2.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"postgresql95-contrib-9.5.13-2.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"postgresql95-contrib-debuginfo-9.5.13-2.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"postgresql95-debuginfo-9.5.13-2.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"postgresql95-debugsource-9.5.13-2.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"postgresql95-devel-9.5.13-2.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"postgresql95-devel-debuginfo-9.5.13-2.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"postgresql95-libs-debugsource-9.5.13-2.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"postgresql95-plperl-9.5.13-2.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"postgresql95-plperl-debuginfo-9.5.13-2.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"postgresql95-plpython-9.5.13-2.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"postgresql95-plpython-debuginfo-9.5.13-2.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"postgresql95-pltcl-9.5.13-2.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"postgresql95-pltcl-debuginfo-9.5.13-2.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"postgresql95-server-9.5.13-2.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"postgresql95-server-debuginfo-9.5.13-2.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"postgresql95-test-9.5.13-2.9.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"postgresql95-devel / postgresql95-devel-debuginfo / etc\");\n}\n", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2021-08-19T12:32:06", "description": "PostgreSQL was updated to 9.6.9 fixing bugs and security issues :\n\nRelease notes :\n\n- https://www.postgresql.org/about/news/1851/\n\n- https://www.postgresql.org/docs/current/static/release-9-6-9.html\n\n A dump/restore is not required for those running 9.6.X.\n However, if you use the adminpack extension, you should update it as per the first changelog entry below. Also, if the function marking mistakes mentioned in the second and third changelog entries below affect you, you will want to take steps to correct your database catalogs.\n\nSecurity issue fixed :\n\n - CVE-2018-1115: Remove public execute privilege from contrib/adminpack's pg_logfile_rotate() function pg_logfile_rotate() is a deprecated wrapper for the core function pg_rotate_logfile(). When that function was changed to rely on SQL privileges for access control rather than a hard-coded superuser check, pg_logfile_rotate() should have been updated as well, but the need for this was missed. Hence, if adminpack is installed, any user could request a logfile rotation, creating a minor security issue. After installing this update, administrators should update adminpack by performing ALTER EXTENSION adminpack UPDATE in each database in which adminpack is installed. (bsc#1091610)\n\nThis update was imported from the SUSE:SLE-12:Update update project.", "cvss3": {"score": 9.1, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H"}, "published": "2018-06-18T00:00:00", "type": "nessus", "title": "openSUSE Security Update : postgresql96 (openSUSE-2018-638)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-1115"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:libecpg6", "p-cpe:/a:novell:opensuse:libecpg6-32bit", "p-cpe:/a:novell:opensuse:libecpg6-debuginfo", "p-cpe:/a:novell:opensuse:libecpg6-debuginfo-32bit", "p-cpe:/a:novell:opensuse:libpq5", "p-cpe:/a:novell:opensuse:libpq5-32bit", "p-cpe:/a:novell:opensuse:libpq5-debuginfo", "p-cpe:/a:novell:opensuse:libpq5-debuginfo-32bit", "p-cpe:/a:novell:opensuse:postgresql96", "p-cpe:/a:novell:opensuse:postgresql96-contrib", "p-cpe:/a:novell:opensuse:postgresql96-contrib-debuginfo", "p-cpe:/a:novell:opensuse:postgresql96-debuginfo", "p-cpe:/a:novell:opensuse:postgresql96-debugsource", "p-cpe:/a:novell:opensuse:postgresql96-devel", "p-cpe:/a:novell:opensuse:postgresql96-devel-debuginfo", "p-cpe:/a:novell:opensuse:postgresql96-libs-debugsource", "p-cpe:/a:novell:opensuse:postgresql96-plperl", "p-cpe:/a:novell:opensuse:postgresql96-plperl-debuginfo", "p-cpe:/a:novell:opensuse:postgresql96-plpython", "p-cpe:/a:novell:opensuse:postgresql96-plpython-debuginfo", "p-cpe:/a:novell:opensuse:postgresql96-pltcl", "p-cpe:/a:novell:opensuse:postgresql96-pltcl-debuginfo", "p-cpe:/a:novell:opensuse:postgresql96-server", "p-cpe:/a:novell:opensuse:postgresql96-server-debuginfo", "p-cpe:/a:novell:opensuse:postgresql96-test", "cpe:/o:novell:opensuse:42.3"], "id": "OPENSUSE-2018-638.NASL", "href": "https://www.tenable.com/plugins/nessus/110588", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2018-638.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(110588);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2018-1115\");\n\n script_name(english:\"openSUSE Security Update : postgresql96 (openSUSE-2018-638)\");\n script_summary(english:\"Check for the openSUSE-2018-638 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"PostgreSQL was updated to 9.6.9 fixing bugs and security issues :\n\nRelease notes :\n\n- https://www.postgresql.org/about/news/1851/\n\n- https://www.postgresql.org/docs/current/static/release-9-6-9.html\n\n A dump/restore is not required for those running 9.6.X.\n However, if you use the adminpack extension, you should\n update it as per the first changelog entry below. Also, if\n the function marking mistakes mentioned in the second and\n third changelog entries below affect you, you will want to\n take steps to correct your database catalogs.\n\nSecurity issue fixed :\n\n - CVE-2018-1115: Remove public execute privilege from\n contrib/adminpack's pg_logfile_rotate() function\n pg_logfile_rotate() is a deprecated wrapper for the core\n function pg_rotate_logfile(). When that function was\n changed to rely on SQL privileges for access control\n rather than a hard-coded superuser check,\n pg_logfile_rotate() should have been updated as well,\n but the need for this was missed. Hence, if adminpack is\n installed, any user could request a logfile rotation,\n creating a minor security issue. After installing this\n update, administrators should update adminpack by\n performing ALTER EXTENSION adminpack UPDATE in each\n database in which adminpack is installed. (bsc#1091610)\n\nThis update was imported from the SUSE:SLE-12:Update update project.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1091610\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.postgresql.org/about/news/1851/\"\n );\n # https://www.postgresql.org/docs/current/static/release-9-6-9.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.postgresql.org/docs/current/release-9-6-9.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected postgresql96 packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libecpg6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libecpg6-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libecpg6-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libecpg6-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libpq5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libpq5-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libpq5-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libpq5-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql96\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql96-contrib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql96-contrib-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql96-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql96-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql96-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql96-devel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql96-libs-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql96-plperl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql96-plperl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql96-plpython\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql96-plpython-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql96-pltcl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql96-pltcl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql96-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql96-server-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql96-test\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:42.3\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/06/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/06/18\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE42\\.3)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"42.3\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE42.3\", reference:\"libecpg6-9.6.9-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"libecpg6-debuginfo-9.6.9-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"libpq5-9.6.9-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"libpq5-debuginfo-9.6.9-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"postgresql96-9.6.9-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"postgresql96-contrib-9.6.9-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"postgresql96-contrib-debuginfo-9.6.9-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"postgresql96-debuginfo-9.6.9-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"postgresql96-debugsource-9.6.9-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"postgresql96-devel-9.6.9-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"postgresql96-devel-debuginfo-9.6.9-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"postgresql96-libs-debugsource-9.6.9-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"postgresql96-plperl-9.6.9-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"postgresql96-plperl-debuginfo-9.6.9-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"postgresql96-plpython-9.6.9-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"postgresql96-plpython-debuginfo-9.6.9-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"postgresql96-pltcl-9.6.9-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"postgresql96-pltcl-debuginfo-9.6.9-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"postgresql96-server-9.6.9-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"postgresql96-server-debuginfo-9.6.9-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"postgresql96-test-9.6.9-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", cpu:\"x86_64\", reference:\"libecpg6-32bit-9.6.9-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", cpu:\"x86_64\", reference:\"libecpg6-debuginfo-32bit-9.6.9-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", cpu:\"x86_64\", reference:\"libpq5-32bit-9.6.9-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", cpu:\"x86_64\", reference:\"libpq5-debuginfo-32bit-9.6.9-18.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libecpg6-32bit / libecpg6 / libecpg6-debuginfo-32bit / etc\");\n}\n", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2021-08-19T12:32:31", "description": "update to 9.6.9 per release notes https://www.postgresql.org/docs/9.6/static/release-9-6-9.html\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 9.1, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H"}, "published": "2018-05-23T00:00:00", "type": "nessus", "title": "Fedora 26 : postgresql (2018-bd6f9237b5)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-1115"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:postgresql", "cpe:/o:fedoraproject:fedora:26"], "id": "FEDORA_2018-BD6F9237B5.NASL", "href": "https://www.tenable.com/plugins/nessus/109972", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2018-bd6f9237b5.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(109972);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2018-1115\");\n script_xref(name:\"FEDORA\", value:\"2018-bd6f9237b5\");\n\n script_name(english:\"Fedora 26 : postgresql (2018-bd6f9237b5)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"update to 9.6.9 per release notes\nhttps://www.postgresql.org/docs/9.6/static/release-9-6-9.html\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2018-bd6f9237b5\"\n );\n # https://www.postgresql.org/docs/9.6/static/release-9-6-9.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.postgresql.org/docs/9.6/release-9-6-9.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected postgresql package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:postgresql\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:26\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/05/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/05/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/05/23\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^26([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 26\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC26\", reference:\"postgresql-9.6.9-1.fc26\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"postgresql\");\n}\n", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2021-08-19T12:32:21", "description": "update to 9.6.9 per release notes:\nhttps://www.postgresql.org/docs/9.6/static/release-9-6-9.html\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 9.1, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H"}, "published": "2018-05-23T00:00:00", "type": "nessus", "title": "Fedora 27 : postgresql (2018-937c789f2a)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-1115"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:postgresql", "cpe:/o:fedoraproject:fedora:27"], "id": "FEDORA_2018-937C789F2A.NASL", "href": "https://www.tenable.com/plugins/nessus/109971", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2018-937c789f2a.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(109971);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2018-1115\");\n script_xref(name:\"FEDORA\", value:\"2018-937c789f2a\");\n\n script_name(english:\"Fedora 27 : postgresql (2018-937c789f2a)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"update to 9.6.9 per release notes:\nhttps://www.postgresql.org/docs/9.6/static/release-9-6-9.html\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2018-937c789f2a\"\n );\n # https://www.postgresql.org/docs/9.6/static/release-9-6-9.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.postgresql.org/docs/9.6/release-9-6-9.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected postgresql package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:postgresql\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:27\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/05/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/05/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/05/23\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^27([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 27\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC27\", reference:\"postgresql-9.6.9-1.fc27\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"postgresql\");\n}\n", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2021-08-19T12:31:57", "description": "PostgreSQL was updated to 9.6.9 fixing bugs and security issues:\nRelease notes :\n\n- https://www.postgresql.org/about/news/1851/\n\n- https://www.postgresql.org/docs/current/static/release-9-6-9.html A dump/restore is not required for those running 9.6.X. However, if you use the adminpack extension, you should update it as per the first changelog entry below. Also, if the function marking mistakes mentioned in the second and third changelog entries below affect you, you will want to take steps to correct your database catalogs.\nSecurity issue fixed :\n\n - CVE-2018-1115: Remove public execute privilege from contrib/adminpack's pg_logfile_rotate() function pg_logfile_rotate() is a deprecated wrapper for the core function pg_rotate_logfile(). When that function was changed to rely on SQL privileges for access control rather than a hard-coded superuser check, pg_logfile_rotate() should have been updated as well, but the need for this was missed. Hence, if adminpack is installed, any user could request a logfile rotation, creating a minor security issue. After installing this update, administrators should update adminpack by performing ALTER EXTENSION adminpack UPDATE in each database in which adminpack is installed. (bsc#1091610)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 9.1, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H"}, "published": "2018-06-15T00:00:00", "type": "nessus", "title": "SUSE SLED12 / SLES12 Security Update : postgresql96 (SUSE-SU-2018:1695-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-1115"], "modified": "2021-01-13T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:libecpg6", "p-cpe:/a:novell:suse_linux:libecpg6-debuginfo", "p-cpe:/a:novell:suse_linux:libpq5", "p-cpe:/a:novell:suse_linux:libpq5-debuginfo", "p-cpe:/a:novell:suse_linux:postgresql96", "p-cpe:/a:novell:suse_linux:postgresql96-contrib", "p-cpe:/a:novell:suse_linux:postgresql96-contrib-debuginfo", "p-cpe:/a:novell:suse_linux:postgresql96-debuginfo", "p-cpe:/a:novell:suse_linux:postgresql96-debugsource", "p-cpe:/a:novell:suse_linux:postgresql96-libs-debugsource", "p-cpe:/a:novell:suse_linux:postgresql96-server", "p-cpe:/a:novell:suse_linux:postgresql96-server-debuginfo", "cpe:/o:novell:suse_linux:12"], "id": "SUSE_SU-2018-1695-1.NASL", "href": "https://www.tenable.com/plugins/nessus/110548", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2018:1695-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(110548);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/13\");\n\n script_cve_id(\"CVE-2018-1115\");\n\n script_name(english:\"SUSE SLED12 / SLES12 Security Update : postgresql96 (SUSE-SU-2018:1695-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"PostgreSQL was updated to 9.6.9 fixing bugs and security issues:\nRelease notes :\n\n- https://www.postgresql.org/about/news/1851/\n\n- https://www.postgresql.org/docs/current/static/release-9-6-9.html\nA dump/restore is not required for those running 9.6.X. However, if you\nuse the adminpack extension, you should update it as per the first\nchangelog entry below. Also, if the function marking mistakes mentioned in\nthe second and third changelog entries below affect you, you will want to\ntake steps to correct your database catalogs.\nSecurity issue fixed :\n\n - CVE-2018-1115: Remove public execute privilege from\n contrib/adminpack's pg_logfile_rotate() function\n pg_logfile_rotate() is a deprecated wrapper for the core\n function pg_rotate_logfile(). When that function was\n changed to rely on SQL privileges for access control\n rather than a hard-coded superuser check,\n pg_logfile_rotate() should have been updated as well,\n but the need for this was missed. Hence, if adminpack is\n installed, any user could request a logfile rotation,\n creating a minor security issue. After installing this\n update, administrators should update adminpack by\n performing ALTER EXTENSION adminpack UPDATE in each\n database in which adminpack is installed. (bsc#1091610)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1091610\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.postgresql.org/about/news/1851/\"\n );\n # https://www.postgresql.org/docs/current/static/release-9-6-9.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.postgresql.org/docs/current/release-9-6-9.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-1115/\"\n );\n # https://www.suse.com/support/update/announcement/2018/suse-su-20181695-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?3df3eceb\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Software Development Kit 12-SP3:zypper in -t\npatch SUSE-SLE-SDK-12-SP3-2018-1138=1\n\nSUSE Linux Enterprise Server 12-SP3:zypper in -t patch\nSUSE-SLE-SERVER-12-SP3-2018-1138=1\n\nSUSE Linux Enterprise Desktop 12-SP3:zypper in -t patch\nSUSE-SLE-DESKTOP-12-SP3-2018-1138=1\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libecpg6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libecpg6-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libpq5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libpq5-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:postgresql96\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:postgresql96-contrib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:postgresql96-contrib-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:postgresql96-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:postgresql96-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:postgresql96-libs-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:postgresql96-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:postgresql96-server-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/05/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/06/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/06/15\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLED12|SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLED12 / SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(3)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP3\", os_ver + \" SP\" + sp);\nif (os_ver == \"SLED12\" && (! preg(pattern:\"^(3)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLED12 SP3\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libecpg6-9.6.9-3.19.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libecpg6-debuginfo-9.6.9-3.19.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libpq5-32bit-9.6.9-3.19.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libpq5-9.6.9-3.19.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libpq5-debuginfo-32bit-9.6.9-3.19.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libpq5-debuginfo-9.6.9-3.19.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"postgresql96-9.6.9-3.19.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"postgresql96-contrib-9.6.9-3.19.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"postgresql96-contrib-debuginfo-9.6.9-3.19.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"postgresql96-debuginfo-9.6.9-3.19.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"postgresql96-debugsource-9.6.9-3.19.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"postgresql96-libs-debugsource-9.6.9-3.19.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"postgresql96-server-9.6.9-3.19.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"postgresql96-server-debuginfo-9.6.9-3.19.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libecpg6-9.6.9-3.19.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libecpg6-debuginfo-9.6.9-3.19.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libpq5-32bit-9.6.9-3.19.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libpq5-9.6.9-3.19.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libpq5-debuginfo-32bit-9.6.9-3.19.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libpq5-debuginfo-9.6.9-3.19.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"postgresql96-9.6.9-3.19.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"postgresql96-debuginfo-9.6.9-3.19.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"postgresql96-debugsource-9.6.9-3.19.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"postgresql96-libs-debugsource-9.6.9-3.19.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"postgresql96\");\n}\n", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2021-08-19T12:29:04", "description": "update to 10.4 per release notes:\nhttps://www.postgresql.org/docs/10/static/release-10-4.html\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 9.1, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H"}, "published": "2019-01-03T00:00:00", "type": "nessus", "title": "Fedora 28 : postgresql (2018-08550a9006)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-1115"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:postgresql", "cpe:/o:fedoraproject:fedora:28"], "id": "FEDORA_2018-08550A9006.NASL", "href": "https://www.tenable.com/plugins/nessus/120220", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2018-08550a9006.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(120220);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2018-1115\");\n script_xref(name:\"FEDORA\", value:\"2018-08550a9006\");\n\n script_name(english:\"Fedora 28 : postgresql (2018-08550a9006)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"update to 10.4 per release notes:\nhttps://www.postgresql.org/docs/10/static/release-10-4.html\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2018-08550a9006\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.postgresql.org/docs/10/static/release-10-4.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected postgresql package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:postgresql\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:28\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/05/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/05/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/01/03\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^28([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 28\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC28\", reference:\"postgresql-10.4-1.fc28\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"postgresql\");\n}\n", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2022-03-27T15:52:24", "description": "An update for rhvm-appliance is now available for Red Hat Virtualization 4 for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\nThe RHV-M Virtual Appliance automates the process of installing and configuring the Red Hat Virtualization Manager. The appliance is available to download as an OVA file from the Customer Portal.\n\nThe following packages have been upgraded to a later upstream version:\nrhvm-appliance (4.2). (BZ#1590658, BZ#1591095, BZ#1591096, BZ#1592655, BZ# 1594636, BZ#1597534, BZ#1612683)\n\nRed Hat would like to thank the PostgreSQL project for reporting CVE-2018-10915 and Ammarit Thongthua (Deloitte Thailand Pentest team) and Nattakit Intarasorn (Deloitte Thailand Pentest team) for reporting CVE-2018-1067. Upstream acknowledges Andrew Krasichkov as the original reporter of CVE-2018-10915.\n\nSecurity fixes :\n\n* vulnerability: wildfly-core: Path traversal can allow the extraction of .war archives to write arbitrary files (Zip Slip) (CVE-2018-10862)\n\n* vulnerability: apache-cxf: TLS hostname verification does not work correctly with com.sun.net.ssl.* (CVE-2018-8039)\n\n* vulnerability: postgresql: Certain host connection parameters defeat client-side security defenses (CVE-2018-10915)\n\n* vulnerability: undertow: HTTP header injection using CRLF with UTF-8 Encoding (incomplete fix of ) (CVE-2018-1067, CVE-2016-4993)\n\n* vulnerability: undertow: File descriptor leak caused by JarURLConnection.getLastModified() allows attacker to cause a denial of service (CVE-2018-1114)\n\n* vulnerability: guava: Unbounded memory allocation in AtomicDoubleArray and CompoundOrdering classes allow remote attackers to cause a denial of service (CVE-2018-10237)\n\n* vulnerability: bouncycastle: flaw in the low-level interface to RSA key pair generator (CVE-2018-1000180)\n\nFor more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE pages listed in the References section.", "cvss3": {"score": 8.1, "vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2018-09-06T00:00:00", "type": "nessus", "title": "RHEL 7 : Virtualization (RHSA-2018:2643)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-4993", "CVE-2018-1000180", "CVE-2018-10237", "CVE-2018-1067", "CVE-2018-10862", "CVE-2018-10915", "CVE-2018-1114", "CVE-2018-8039"], "modified": "2019-10-24T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:rhvm-appliance", "cpe:/o:redhat:enterprise_linux:7"], "id": "REDHAT-RHSA-2018-2643.NASL", "href": "https://www.tenable.com/plugins/nessus/117324", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2018:2643. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(117324);\n script_version(\"1.6\");\n script_cvs_date(\"Date: 2019/10/24 15:35:45\");\n\n script_cve_id(\"CVE-2018-1000180\", \"CVE-2018-10237\", \"CVE-2018-1067\", \"CVE-2018-10862\", \"CVE-2018-10915\", \"CVE-2018-1114\", \"CVE-2018-8039\");\n script_xref(name:\"RHSA\", value:\"2018:2643\");\n\n script_name(english:\"RHEL 7 : Virtualization (RHSA-2018:2643)\");\n script_summary(english:\"Checks the rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An update for rhvm-appliance is now available for Red Hat\nVirtualization 4 for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Important. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nThe RHV-M Virtual Appliance automates the process of installing and\nconfiguring the Red Hat Virtualization Manager. The appliance is\navailable to download as an OVA file from the Customer Portal.\n\nThe following packages have been upgraded to a later upstream version:\nrhvm-appliance (4.2). (BZ#1590658, BZ#1591095, BZ#1591096, BZ#1592655,\nBZ# 1594636, BZ#1597534, BZ#1612683)\n\nRed Hat would like to thank the PostgreSQL project for reporting\nCVE-2018-10915 and Ammarit Thongthua (Deloitte Thailand Pentest team)\nand Nattakit Intarasorn (Deloitte Thailand Pentest team) for reporting\nCVE-2018-1067. Upstream acknowledges Andrew Krasichkov as the original\nreporter of CVE-2018-10915.\n\nSecurity fixes :\n\n* vulnerability: wildfly-core: Path traversal can allow the extraction\nof .war archives to write arbitrary files (Zip Slip) (CVE-2018-10862)\n\n* vulnerability: apache-cxf: TLS hostname verification does not work\ncorrectly with com.sun.net.ssl.* (CVE-2018-8039)\n\n* vulnerability: postgresql: Certain host connection parameters defeat\nclient-side security defenses (CVE-2018-10915)\n\n* vulnerability: undertow: HTTP header injection using CRLF with UTF-8\nEncoding (incomplete fix of ) (CVE-2018-1067, CVE-2016-4993)\n\n* vulnerability: undertow: File descriptor leak caused by\nJarURLConnection.getLastModified() allows attacker to cause a denial\nof service (CVE-2018-1114)\n\n* vulnerability: guava: Unbounded memory allocation in\nAtomicDoubleArray and CompoundOrdering classes allow remote attackers\nto cause a denial of service (CVE-2018-10237)\n\n* vulnerability: bouncycastle: flaw in the low-level interface to RSA\nkey pair generator (CVE-2018-1000180)\n\nFor more details about the security issues, including the impact, a\nCVSS score, acknowledgments, and other related information, refer to\nthe CVE pages listed in the References section.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2018:2643\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2018-1067\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2018-1114\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2018-8039\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2018-10237\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2018-10862\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2018-10915\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2018-1000180\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected rhvm-appliance package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rhvm-appliance\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/04/26\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/09/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/09/06\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 7.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2018:2643\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n\n if (! (rpm_exists(release:\"RHEL7\", rpm:\"rhvm-appliance-4.2\"))) audit(AUDIT_PACKAGE_NOT_INSTALLED, \"Virtualization\");\n\n if (rpm_check(release:\"RHEL7\", reference:\"rhvm-appliance-4.2-20180828.0.el7\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"rhvm-appliance\");\n }\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "suse": [{"lastseen": "2018-09-04T13:45:05", "description": "This update for postgresql10 fixes the following issues:\n\n PostgreSQL 10 was updated to 10.5:\n\n - <a rel=\"nofollow\" href=\"https://www.postgresql.org/about/news/1851/\">https://www.postgresql.org/about/news/1851/</a>\n - <a rel=\"nofollow\" href=\"https://www.postgresql.org/docs/current/static/release-10-5.html\">https://www.postgresql.org/docs/current/static/release-10-5.html</a>\n\n A dump/restore is not required for those running 10.X. However, if you\n use the adminpack extension, you should update it as per the first\n changelog entry below. Also, if the function marking mistakes mentioned in\n the second and third changelog entries below affect you, you will want to\n take steps to correct your database catalogs.\n\n Security issues fixed:\n\n - CVE-2018-1115: Remove public execute privilege from contrib/adminpack's\n pg_logfile_rotate() function pg_logfile_rotate() is a deprecated wrapper\n for the core function pg_rotate_logfile(). When that function was\n changed to rely on SQL privileges for access control rather than a\n hard-coded superuser check, pg_logfile_rotate() should have been updated\n as well, but the need for this was missed. Hence, if adminpack is\n installed, any user could request a logfile rotation, creating a minor\n security issue. After installing this update, administrators should\n update adminpack by performing ALTER EXTENSION adminpack UPDATE in each\n database in which adminpack is installed (bsc#1091610).\n - CVE-2018-10915: libpq failed to properly reset its internal state\n between connections. If an affected version of libpq was used with\n "host" or "hostaddr" connection parameters from untrusted input,\n attackers could have bypassed client-side connection security features,\n obtain access to higher privileged connections or potentially cause\n other impact SQL injection, by causing the PQescape() functions to\n malfunction (bsc#1104199)\n - CVE-2018-10925: Add missing authorization check on certain statements\n involved with "INSERT ... ON CONFLICT DO UPDATE". An attacker with\n "CREATE TABLE" privileges could have exploited this to read arbitrary\n bytes server memory. If the attacker also had certain "INSERT" and\n limited "UPDATE" privileges to a particular table, they could have\n exploited this to update\n other columns in the same table (bsc#1104202).\n\n This update was imported from the SUSE:SLE-15:Update update project.\n\n", "cvss3": {}, "published": "2018-09-04T12:08:24", "type": "suse", "title": "Security update for postgresql10 (moderate)", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2018-10925", "CVE-2018-10915", "CVE-2018-1115"], "modified": "2018-09-04T12:08:24", "id": "OPENSUSE-SU-2018:2599-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2018-09/msg00006.html", "cvss": {"score": 6.4, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-10-25T20:31:20", "description": "This update for postgresql96 to 9.6.10 fixes the following issues:\n\n These security issues were fixed:\n\n - CVE-2018-10915: libpq failed to properly reset its internal state\n between connections. If an affected version of libpq was used with\n "host" or "hostaddr" connection parameters from untrusted input,\n attackers could have bypassed client-side connection security features,\n obtain access to higher privileged connections or potentially cause\n other impact SQL injection, by causing the PQescape() functions to\n malfunction (bsc#1104199)\n - CVE-2018-10925: Add missing authorization check on certain statements\n involved with "INSERT ... ON CONFLICT DO UPDATE". An attacker with\n "CREATE TABLE" privileges could have exploited this to read arbitrary\n bytes server memory. If the attacker also had certain "INSERT" and\n limited "UPDATE" privileges to a particular table, they could have\n exploited this to update\n other columns in the same table (bsc#1104202)\n\n For addition details please see\n <a rel=\"nofollow\" href=\"https://www.postgresql.org/docs/current/static/release-9-6-10.html\">https://www.postgresql.org/docs/current/static/release-9-6-10.html</a>\n\n This update was imported from the SUSE:SLE-12:Update update project.\n\n", "cvss3": {}, "published": "2018-10-25T18:20:22", "type": "suse", "title": "Security update for postgresql96 (important)", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2018-10925", "CVE-2018-10915"], "modified": "2018-10-25T18:20:22", "id": "OPENSUSE-SU-2018:3449-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2018-10/msg00067.html", "cvss": {"score": 6.0, "vector": "AV:NETWORK/AC:MEDIUM/Au:SINGLE_INSTANCE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2022-04-18T12:41:10", "description": "An update that solves 7 vulnerabilities and has two fixes\n is now available.\n\nDescription:\n\n This update for postgresql96, postgresql10 and postgresql12 fixes the\n following issues:\n\n postgresql10 was updated to 10.13 (bsc#1171924).\n\n https://www.postgresql.org/about/news/2038/\nhttps://www.postgresql.org/docs/10/release-10-13.html\n\n postgresql10 was updated to 10.12 (CVE-2020-1720, bsc#1163985)\n\n - https://www.postgresql.org/about/news/2011/\n - https://www.postgresql.org/docs/10/release-10-12.html\n\n postgresql10 was updated to 10.11:\n\n - https://www.postgresql.org/about/news/1994/\n - https://www.postgresql.org/docs/10/release-10-11.html\n\n\n postgresql12 was updated to 12.3 (bsc#1171924).\n\n Bug Fixes and Improvements:\n\n - Several fixes for GENERATED columns, including an issue where it was\n possible to crash or corrupt data in a table when the output of the\n generated column was the exact copy of a physical column on the table,\n e.g. if the expression called a function which could return its own\n input.\n - Several fixes for ALTER TABLE, including ensuring the SET STORAGE\n directive is propagated to a table's indexes.\n - Fix a potential race condition when using DROP OWNED BY while another\n session is deleting the same objects.\n - Allow for a partition to be detached when it has inherited ROW triggers.\n - Several fixes for REINDEX CONCURRENTLY, particularly with issues when a\n REINDEX CONCURRENTLY operation fails.\n - Fix crash when COLLATE is applied to an uncollatable type in a partition\n bound expression.\n - Fix performance regression in floating point overflow/underflow\n detection.\n - Several fixes for full text search, particularly with phrase searching.\n - Fix query-lifespan memory leak for a set-returning function used in a\n query's FROM clause.\n - Several reporting fixes for the output of VACUUM VERBOSE.\n - Allow input of type circle to accept the format (x,y),r, which is\n specified in the documentation.\n - Allow for the get_bit() and set_bit() functions to not fail on bytea\n strings longer than 256MB.\n - Avoid premature recycling of WAL segments during crash recovery, which\n could lead to WAL segments being recycled before being archived.\n - Avoid attempting to fetch nonexistent WAL files from archive storage\n during recovery by skipping irrelevant timelines.\n - Several fixes for logical replication and replication slots.\n - Fix several race conditions in synchronous standby management, including\n one that occurred when changing the synchronous_standby_names setting.\n - Several fixes for GSSAPI support, include a fix for a memory leak that\n occurred when using GSSAPI encryption.\n - Ensure that members of the pg_read_all_stats role can read all\n statistics views.\n - Fix performance regression in information_schema.triggers view.\n - Fix memory leak in libpq when using sslmode=verify-full.\n - Fix crash in psql when attempting to re-establish a failed connection.\n - Allow tab-completion of the filename argument to \\gx command in psql.\n - Add pg_dump support for ALTER ... DEPENDS ON EXTENSION.\n - Several other fixes for pg_dump, which include dumping comments on RLS\n policies and postponing restore of event triggers until the end.\n - Ensure pg_basebackup generates valid tar files.\n - pg_checksums skips tablespace subdirectories that belong to a different\n PostgreSQL major version\n - Several Windows compatibility fixes\n\n This update also contains timezone tzdata release 2020a for DST law\n changes in Morocco and the Canadian Yukon, plus historical corrections for\n Shanghai. The America/Godthab zone has been renamed to America/Nuuk to\n reflect current English usage ; however, the old name remains available as\n a compatibility link. This also updates initdb's list of known Windows\n time zone names to include recent additions.\n\n For more details, check out:\n\n - https://www.postgresql.org/docs/12/release-12-3.html\n\n Other fixes:\n\n - Let postgresqlXX conflict with postgresql-noarch < 12.0.1 to get a clean\n and complete cutover to the new packaging schema.\n\n\n postgresql96 was updated to 9.6.19:\n\n * CVE-2020-14350, boo#1175194: Make contrib modules' installation\n scripts more secure.\n * https://www.postgresql.org/docs/9.6/release-9-6-19.html\n\n - Pack the /usr/lib/postgresql symlink only into the main package.\n\n - Let postgresqlXX conflict with postgresql-noarch < 12.0.1 to get a clean\n and complete cutover to the new packaging schema.\n\n - update to 9.6.18 (boo#1171924).\n https://www.postgresql.org/about/news/2038/\nhttps://www.postgresql.org/docs/9.6/release-9-6-18.html\n - Unify the spec file to work across all current PostgreSQL versions to\n simplify future maintenance.\n - Move from the \"libs\" build flavour to a \"mini\" package that will\n only be used inside the build service and not get shipped, to avoid\n confusion with the debuginfo packages (boo#1148643).\n\n - update to 9.6.17 (CVE-2020-1720, boo#1163985)\n https://www.postgresql.org/about/news/2011/\nhttps://www.postgresql.org/docs/9.6/release-9-6-17.html\n\n - use and package the sha256 checksum for for source\n\n - update to 9.6.16: https://www.postgresql.org/about/news/1994/\nhttps://www.postgresql.org/docs/9.6/release-9-6-16.html\n\n - add requires to the devel package for the libs that are returned by\n pg_config --libs\n\n - Update to 9.6.15:\n * https://www.postgresql.org/about/news/1960/\n * https://www.postgresql.org/docs/9.6/release-9-6-15.html\n * CVE-2019-10208, boo#1145092: TYPE in pg_temp executes arbitrary SQL\n during SECURITY DEFINER execution.\n\n - Use FAT LTO objects in order to provide proper static library.\n\n - Update to 9.6.14: https://www.postgresql.org/docs/9.6/release-9-6-14.html\n\n - Update to 9.6.13:\n * https://www.postgresql.org/docs/9.6/release-9-6-13.html\n * https://www.postgresql.org/about/news/1939/\n * CVE-2019-10130, boo#1134689: Prevent row-level security policies from\n being bypassed via selectivity estimators.\n\n - Make the server-devel package exclusive across versions.\n\n - Update to 9.6.12:\n * https://www.postgresql.org/docs/9.6/release-9-6-12.html\n * https://www.postgresql.org/about/news/1920/\n * By default, panic instead of retrying after fsync() failure, to avoid\n possible data corruption.\n * Numerous other bug fixes.\n - Overhaul README.SUSE\n\n - Update to 9.6.11:\n * Numerous bug fixes, see the release notes:\n https://www.postgresql.org/docs/9.6/release-9-6-11.html\n * Remove unneeded library dependencies from PGXS.\n\n - add provides for the new server-devel package that will be introduced in\n postgresql 11\n\n - Update to 9.6.10:\n https://www.postgresql.org/docs/current/static/release-9-6-10.html\n * CVE-2018-10915, boo#1104199: Fix failure to reset libpq's state fully\n between connection attempts.\n * CVE-2018-10925, boo#1104202: Fix INSERT ... ON CONFLICT UPDATE through\n a view that isn't just SELECT * FROM ...\n\n - Update to 9.6.9: https://www.postgresql.org/about/news/1851/\nhttps://www.postgresql.org/docs/current/static/release-9-6-9.html A\n dump/restore is not required for those running 9.6.X. However, if you\n use the adminpack extension, you should update it as per the first\n changelog entry below. Also, if the function marking mistakes mentioned\n in the second and third changelog entries below affect you, you will\n want to take steps to correct your database catalogs.\n * CVE-2018-1115, boo#1091610: Remove public execute privilege from\n contrib/adminpack's pg_logfile_rotate() function pg_logfile_rotate()\n is a deprecated wrapper for the core function pg_rotate_logfile().\n When that function was changed to rely on SQL privileges for access\n control rather than a hard-coded superuser check, pg_logfile_rotate()\n should have been updated as well, but the need for this was missed.\n Hence, if adminpack is installed, any user could request a logfile\n rotation, creating a minor security issue. After installing this\n update, administrators should update adminpack by performing ALTER\n EXTENSION adminpack UPDATE in each database in which adminpack is\n installed.\n * Fix incorrect volatility markings on a few built-in functions\n * Fix incorrect parallel-safety markings on a few built-in functions.\n\n\n This update was imported from the SUSE:SLE-15-SP1:Update update project.\n\n\nPatch Instructions:\n\n To install this openSUSE Security Update use the SUSE recommended installation methods\n like YaST online_update or \"zypper patch\".\n\n Alternatively you can run the command listed for your product:\n\n - openSUSE Leap 15.1:\n\n zypper in -t patch openSUSE-2020-1227=1", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.2}, "published": "2020-08-17T00:00:00", "type": "suse", "title": "Security update for postgresql96, postgresql10 and postgresql12 (moderate)", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-10915", "CVE-2018-10925", "CVE-2018-1115", "CVE-2019-10130", "CVE-2019-10208", "CVE-2020-14350", "CVE-2020-1720"], "modified": "2020-08-17T00:00:00", "id": "OPENSUSE-SU-2020:1227-1", "href": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/RPLLEO7T4JPO4J5JMG2O4ZTONMNDEL64/", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2018-12-07T15:29:23", "description": "This update for postgresql94 to 9.4.19 fixes the following security issue:\n\n - CVE-2018-10915: libpq failed to properly reset its internal state\n between connections. If an affected version of libpq was used with\n "host" or "hostaddr" connection parameters from untrusted input,\n attackers could have bypassed client-side connection security features,\n obtain access to higher privileged connections or potentially cause\n other impact SQL injection, by causing the PQescape() functions to\n malfunction (bsc#1104199).\n\n A dump/restore is not required for this update unless you use the\n functions query_to_xml, cursor_to_xml, cursor_to_xmlschema,\n query_to_xmlschema, and query_to_xml_and_xmlschema. In this case please\n see the first entry of\n <a rel=\"nofollow\" href=\"https://www.postgresql.org/docs/9.4/static/release-9-4-18.html\">https://www.postgresql.org/docs/9.4/static/release-9-4-18.html</a>\n\n This update was imported from the SUSE:SLE-12:Update update project.\n\n", "cvss3": {}, "published": "2018-12-07T12:26:28", "type": "suse", "title": "Security update for postgresql94 (important)", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2018-10915"], "modified": "2018-12-07T12:26:28", "id": "OPENSUSE-SU-2018:4007-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2018-12/msg00006.html", "cvss": {"score": 6.0, "vector": "AV:NETWORK/AC:MEDIUM/Au:SINGLE_INSTANCE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-07-06T01:46:30", "bulletinFamily": "unix", "cvelist": ["CVE-2018-1115"], "description": "This update for postgresql95 fixes the following issues:\n\n - Update to PostgreSQL 9.5.13:\n * <a rel=\"nofollow\" href=\"https://www.postgresql.org/docs/9.5/static/release-9-5-13.html\">https://www.postgresql.org/docs/9.5/static/release-9-5-13.html</a> A\n dump/restore is not required for those running 9.5.X. However, if the\n function marking mistakes mentioned belowpg_logfile_rotate affect you,\n you will want to take steps to correct your database catalogs.\n\n The functions query_to_xml, cursor_to_xml, cursor_to_xmlschema,\n query_to_xmlschema, and query_to_xml_and_xmlschema should be marked\n volatile because they execute user-supplied queries that might contain\n volatile operations. They were not, leading to a risk of incorrect query\n optimization. This has been repaired for new installations by correcting\n the initial catalog data, but existing installations will continue to\n contain the incorrect markings. Practical use of these functions seems to\n pose little hazard, but in case of trouble, it can be fixed by manually\n updating these functions' pg_proc entries, for example: ALTER FUNCTION\n pg_catalog.query_to_xml(text, boolean, boolean, text) VOLATILE. (Note that\n that will need to be done in each database of the installation.) Another\n option is to pg_upgrade the database to a version containing the corrected\n initial data.\n\n Security issue fixed:\n\n - CVE-2018-1115: Remove public execute privilege from contrib/adminpack's\n pg_logfile_rotate() function pg_logfile_rotate() is a deprecated wrapper\n for the core function pg_rotate_logfile(). When that function was\n changed to rely on SQL privileges for access control rather than a\n hard-coded superuser check, pg_logfile_rotate() should have been updated\n as well, but the need for this was missed. Hence, if adminpack is\n installed, any user could request a logfile rotation, creating a minor\n security issue. After installing this update, administrators should\n update adminpack by performing ALTER EXTENSION adminpack UPDATE in each\n database in which adminpack is installed. (bsc#1091610)\n\n", "modified": "2018-07-06T00:11:08", "published": "2018-07-06T00:11:08", "id": "OPENSUSE-SU-2018:1900-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2018-07/msg00004.html", "type": "suse", "title": "Recommended update for postgresql95 (moderate)", "cvss": {"score": 6.4, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-06-16T03:06:24", "description": "PostgreSQL was updated to 9.6.9 fixing bugs and security issues:\n\n Release notes:\n\n - <a rel=\"nofollow\" href=\"https://www.postgresql.org/about/news/1851/\">https://www.postgresql.org/about/news/1851/</a>\n - <a rel=\"nofollow\" href=\"https://www.postgresql.org/docs/current/static/release-9-6-9.html\">https://www.postgresql.org/docs/current/static/release-9-6-9.html</a>\n\n A dump/restore is not required for those running 9.6.X. However, if you\n use the adminpack extension, you should update it as per the first\n changelog entry below. Also, if the function marking mistakes mentioned in\n the second and third changelog entries below affect you, you will want to\n take steps to correct your database catalogs.\n\n Security issue fixed:\n\n - CVE-2018-1115: Remove public execute privilege from contrib/adminpack's\n pg_logfile_rotate() function pg_logfile_rotate() is a deprecated wrapper\n for the core function pg_rotate_logfile(). When that function was\n changed to rely on SQL privileges for access control rather than a\n hard-coded superuser check, pg_logfile_rotate() should have been updated\n as well, but the need for this was missed. Hence, if adminpack is\n installed, any user could request a logfile rotation, creating a minor\n security issue. After installing this update, administrators should\n update adminpack by performing ALTER EXTENSION adminpack UPDATE in each\n database in which adminpack is installed. (bsc#1091610)\n\n\n This update was imported from the SUSE:SLE-12:Update update project.\n\n", "cvss3": {}, "published": "2018-06-16T00:07:53", "type": "suse", "title": "Security update for postgresql96 (moderate)", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2018-1115"], "modified": "2018-06-16T00:07:53", "id": "OPENSUSE-SU-2018:1709-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2018-06/msg00029.html", "cvss": {"score": 6.4, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:PARTIAL/A:PARTIAL/"}}], "gentoo": [{"lastseen": "2022-01-17T19:04:13", "description": "### Background\n\nPostgreSQL is an open source object-relational database management system. \n\n### Description\n\nMultiple vulnerabilities have been discovered in PostgreSQL. Please review the referenced CVE identifiers for details. \n\nIn addition it was discovered that Gentoo\u2019s PostgreSQL installation suffered from a privilege escalation vulnerability due to a runscript which called OpenRC\u2019s checkpath() on a user controlled path and allowed user running PostgreSQL to kill arbitrary processes via PID file manipulation. \n\n### Impact\n\nA remote attacker could bypass certain client-side connection security features, read arbitrary server memory or alter certain data. \n\nIn addition, a local attacker could gain privileges or cause a Denial of Service condition by killing arbitrary processes. \n\n### Workaround\n\nThere is no known workaround at this time.\n\n### Resolution\n\nAll PostgreSQL users up to 9.3 should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=dev-db/postgresql-9.3.24:9.3\"\n \n\nAll PostgreSQL 9.4 users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=dev-db/postgresql-9.4.19:9.4\"\n \n\nAll PostgreSQL 9.5 users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=dev-db/postgresql-9.5.14:9.5\"\n \n\nAll PostgreSQL 9.6 users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=dev-db/postgresql-9.6.10:9.6\"\n \n\nAll PostgreSQL 10 users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=dev-db/postgresql-10.5:10\"", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.1, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.2}, "published": "2018-10-30T00:00:00", "type": "gentoo", "title": "PostgreSQL: Multiple vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.4, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": true, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-10915", "CVE-2018-10925", "CVE-2018-1115"], "modified": "2018-10-30T00:00:00", "id": "GLSA-201810-08", "href": "https://security.gentoo.org/glsa/201810-08", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:P"}}], "openvas": [{"lastseen": "2020-01-31T17:35:30", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2018-10-26T00:00:00", "type": "openvas", "title": "openSUSE: Security Advisory for postgresql10 (openSUSE-SU-2018:2599-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-10925", "CVE-2018-10915", "CVE-2018-1115"], "modified": "2020-01-31T00:00:00", "id": "OPENVAS:1361412562310851957", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310851957", "sourceData": "# Copyright (C) 2018 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of their respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.851957\");\n script_version(\"2020-01-31T08:23:39+0000\");\n script_cve_id(\"CVE-2018-10915\", \"CVE-2018-10925\", \"CVE-2018-1115\");\n script_tag(name:\"cvss_base\", value:\"6.4\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-01-31 08:23:39 +0000 (Fri, 31 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2018-10-26 06:22:52 +0200 (Fri, 26 Oct 2018)\");\n script_name(\"openSUSE: Security Advisory for postgresql10 (openSUSE-SU-2018:2599-1)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=openSUSELeap15\\.0\");\n\n script_xref(name:\"openSUSE-SU\", value:\"2018:2599-1\");\n script_xref(name:\"URL\", value:\"https://lists.opensuse.org/opensuse-security-announce/2018-09/msg00006.html\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'postgresql10'\n package(s) announced via the openSUSE-SU-2018:2599-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"This update for postgresql10 fixes the following issues:\n\n A dump/restore is not required for those running 10.X. However, if you\n use the adminpack extension, you should update it as per the first\n changelog entry below. Also, if the function marking mistakes mentioned in\n the second and third changelog entries below affect you, you will want to\n take steps to correct your database catalogs.\n\n Security issues fixed:\n\n - CVE-2018-1115: Remove public execute privilege from contrib/adminpack's\n pg_logfile_rotate() function pg_logfile_rotate() is a deprecated wrapper\n for the core function pg_rotate_logfile(). When that function was\n changed to rely on SQL privileges for access control rather than a\n hard-coded superuser check, pg_logfile_rotate() should have been updated\n as well, but the need for this was missed. Hence, if adminpack is\n installed, any user could request a logfile rotation, creating a minor\n security issue. After installing this update, administrators should\n update adminpack by performing ALTER EXTENSION adminpack UPDATE in each\n database in which adminpack is installed (bsc#1091610).\n\n - CVE-2018-10915: libpq failed to properly reset its internal state\n between connections. If an affected version of libpq was used with\n 'host' or 'hostaddr' connection parameters from untrusted input,\n attackers could have bypassed client-side connection security features,\n obtain access to higher privileged connections or potentially cause\n other impact SQL injection, by causing the PQescape() functions to\n malfunction (bsc#1104199)\n\n - CVE-2018-10925: Add missing authorization check on certain statements\n involved with 'INSERT ... ON CONFLICT DO UPDATE'. An attacker with\n 'CREATE TABLE' privileges could have exploited this to read arbitrary\n bytes server memory. If the attacker also had certain 'INSERT' and\n limited 'UPDATE' privileges to a particular table, they could have\n exploited this to update\n other columns in the same table (bsc#1104202).\n\n This update was imported from the SUSE:SLE-15:Update update project.\n\n Patch Instructions:\n\n To install this openSUSE Security Update use the SUSE recommended\n installation methods\n like YaST online_update or 'zypper patch'.\n\n Alternatively you can run the command listed for your product:\n\n - openSUSE Leap 15.0:\n\n zypper in -t patch openSUSE-2018-955=1\");\n\n script_tag(name:\"affected\", value:\"postgresql10 on openSUSE Leap 15.0.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"openSUSELeap15.0\") {\n if(!isnull(res = isrpmvuln(pkg:\"libecpg6\", rpm:\"libecpg6~10.5~lp150.3.3.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libecpg6-debuginfo\", rpm:\"libecpg6-debuginfo~10.5~lp150.3.3.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libpq5\", rpm:\"libpq5~10.5~lp150.3.3.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libpq5-debuginfo\", rpm:\"libpq5-debuginfo~10.5~lp150.3.3.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"postgresql10\", rpm:\"postgresql10~10.5~lp150.3.3.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"postgresql10-contrib\", rpm:\"postgresql10-contrib~10.5~lp150.3.3.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"postgresql10-contrib-debuginfo\", rpm:\"postgresql10-contrib-debuginfo~10.5~lp150.3.3.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"postgresql10-debuginfo\", rpm:\"postgresql10-debuginfo~10.5~lp150.3.3.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"postgresql10-debugsource\", rpm:\"postgresql10-debugsource~10.5~lp150.3.3.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"postgresql10-devel\", rpm:\"postgresql10-devel~10.5~lp150.3.3.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"postgresql10-devel-debuginfo\", rpm:\"postgresql10-devel-debuginfo~10.5~lp150.3.3.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"postgresql10-plperl\", rpm:\"postgresql10-plperl~10.5~lp150.3.3.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"postgresql10-plperl-debuginfo\", rpm:\"postgresql10-plperl-debuginfo~10.5~lp150.3.3.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"postgresql10-plpython\", rpm:\"postgresql10-plpython~10.5~lp150.3.3.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"postgresql10-plpython-debuginfo\", rpm:\"postgresql10-plpython-debuginfo~10.5~lp150.3.3.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"postgresql10-pltcl\", rpm:\"postgresql10-pltcl~10.5~lp150.3.3.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"postgresql10-pltcl-debuginfo\", rpm:\"postgresql10-pltcl-debuginfo~10.5~lp150.3.3.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"postgresql10-server\", rpm:\"postgresql10-server~10.5~lp150.3.3.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"postgresql10-server-debuginfo\", rpm:\"postgresql10-server-debuginfo~10.5~lp150.3.3.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"postgresql10-test\", rpm:\"postgresql10-test~10.5~lp150.3.3.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libecpg6-32bit\", rpm:\"libecpg6-32bit~10.5~lp150.3.3.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libecpg6-32bit-debuginfo\", rpm:\"libecpg6-32bit-debuginfo~10.5~lp150.3.3.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libpq5-32bit\", rpm:\"libpq5-32bit~10.5~lp150.3.3.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libpq5-32bit-debuginfo\", rpm:\"libpq5-32bit-debuginfo~10.5~lp150.3.3.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"postgresql10-docs\", rpm:\"postgresql10-docs~10.5~lp150.3.3.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2019-05-29T18:33:05", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2018-08-15T00:00:00", "type": "openvas", "title": "Fedora Update for postgresql FEDORA-2018-5d1f7bd2d7", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-10925", "CVE-2018-10915"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310874941", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310874941", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_fedora_2018_5d1f7bd2d7_postgresql_fc28.nasl 14223 2019-03-15 13:49:35Z cfischer $\n#\n# Fedora Update for postgresql FEDORA-2018-5d1f7bd2d7\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.874941\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2018-08-15 06:36:13 +0200 (Wed, 15 Aug 2018)\");\n script_cve_id(\"CVE-2018-10915\", \"CVE-2018-10925\");\n script_tag(name:\"cvss_base\", value:\"6.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:S/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for postgresql FEDORA-2018-5d1f7bd2d7\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'postgresql'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present\non the target host.\");\n script_tag(name:\"affected\", value:\"postgresql on Fedora 28\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n\n script_xref(name:\"FEDORA\", value:\"2018-5d1f7bd2d7\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NILDSRUA5O7DXVC37DFF3KBOK56YMSY3\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC28\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC28\")\n{\n\n if ((res = isrpmvuln(pkg:\"postgresql\", rpm:\"postgresql~10.5~1.fc28\", rls:\"FC28\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 6.0, "vector": "AV:N/AC:M/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:33:20", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2018-08-17T00:00:00", "type": "openvas", "title": "Ubuntu Update for postgresql-10 USN-3744-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-10925", "CVE-2018-10915"], "modified": "2019-03-18T00:00:00", "id": "OPENVAS:1361412562310843619", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310843619", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_3744_1.nasl 14288 2019-03-18 16:34:17Z cfischer $\n#\n# Ubuntu Update for postgresql-10 USN-3744-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.843619\");\n script_version(\"$Revision: 14288 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-18 17:34:17 +0100 (Mon, 18 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2018-08-17 05:57:27 +0200 (Fri, 17 Aug 2018)\");\n script_cve_id(\"CVE-2018-10915\", \"CVE-2018-10925\");\n script_tag(name:\"cvss_base\", value:\"6.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:S/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Ubuntu Update for postgresql-10 USN-3744-1\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'postgresql-10'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"Andrew Krasichkov discovered that the PostgreSQL\nclient library incorrectly reset its internal state between connections. A remote\nattacker could possibly use this issue to bypass certain client-side connection security\nfeatures. This issue only affected Ubuntu 16.04 LTS and Ubuntu 18.04 LTS.\n(CVE-2018-10915)\n\nIt was discovered that PostgreSQL incorrectly checked authorization on\ncertain statements. A remote attacker could possibly use this issue to\nread arbitrary server memory or alter certain data. (CVE-2018-10925)\");\n script_tag(name:\"affected\", value:\"postgresql-10 on Ubuntu 18.04 LTS,\n Ubuntu 16.04 LTS,\n Ubuntu 14.04 LTS\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n\n script_xref(name:\"USN\", value:\"3744-1\");\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-3744-1/\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU(14\\.04 LTS|18\\.04 LTS|16\\.04 LTS)\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU14.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"postgresql-9.3\", ver:\"9.3.24-0ubuntu0.14.04\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU18.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"postgresql-10\", ver:\"10.5-0ubuntu0.18.04\", rls:\"UBUNTU18.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU16.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"postgresql-9.5\", ver:\"9.5.14-0ubuntu0.16.04\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 6.0, "vector": "AV:N/AC:M/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2019-07-04T18:55:34", "description": "Two vulnerabilities have been found in the PostgreSQL database system:\n\nCVE-2018-10915\nAndrew Krasichkov discovered that libpq did not reset all its\nconnection state during reconnects.\n\nCVE-2018-10925It was discovered that some CREATE TABLE\nstatements could disclose server memory.", "cvss3": {}, "published": "2018-08-10T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 4269-1 (postgresql-9.6 - security update)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-10925", "CVE-2018-10915"], "modified": "2019-07-04T00:00:00", "id": "OPENVAS:1361412562310704269", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310704269", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Auto-generated from advisory DSA 4269-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2018 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License as published by\n# the Free Software Foundation; either version 2 of the License, or\n# (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.704269\");\n script_version(\"2019-07-04T09:25:28+0000\");\n script_cve_id(\"CVE-2018-10915\", \"CVE-2018-10925\");\n script_name(\"Debian Security Advisory DSA 4269-1 (postgresql-9.6 - security update)\");\n script_tag(name:\"last_modification\", value:\"2019-07-04 09:25:28 +0000 (Thu, 04 Jul 2019)\");\n script_tag(name:\"creation_date\", value:\"2018-08-10 00:00:00 +0200 (Fri, 10 Aug 2018)\");\n script_tag(name:\"cvss_base\", value:\"6.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:S/C:P/I:P/A:P\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n script_xref(name:\"URL\", value:\"https://www.debian.org/security/2018/dsa-4269.html\");\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2018 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB9\");\n script_tag(name:\"affected\", value:\"postgresql-9.6 on Debian Linux\");\n script_tag(name:\"solution\", value:\"For the stable distribution (stretch), these problems have been fixed in\nversion 9.6.10-0+deb9u1.\n\nWe recommend that you upgrade your postgresql-9.6 packages.\");\n\n script_xref(name:\"URL\", value:\"https://security-tracker.debian.org/tracker/postgresql-9.6\");\n script_tag(name:\"summary\", value:\"Two vulnerabilities have been found in the PostgreSQL database system:\n\nCVE-2018-10915\nAndrew Krasichkov discovered that libpq did not reset all its\nconnection state during reconnects.\n\nCVE-2018-10925It was discovered that some CREATE TABLE\nstatements could disclose server memory.\");\n script_tag(name:\"vuldetect\", value:\"This check tests the installed software version using the apt package manager.\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif(!isnull(res = isdpkgvuln(pkg:\"libecpg-compat3\", ver:\"9.6.10-0+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libecpg-dev\", ver:\"9.6.10-0+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libecpg6\", ver:\"9.6.10-0+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libpgtypes3\", ver:\"9.6.10-0+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libpq-dev\", ver:\"9.6.10-0+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libpq5\", ver:\"9.6.10-0+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"postgresql-9.6\", ver:\"9.6.10-0+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"postgresql-9.6-dbg\", ver:\"9.6.10-0+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"postgresql-client-9.6\", ver:\"9.6.10-0+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"postgresql-contrib-9.6\", ver:\"9.6.10-0+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"postgresql-doc-9.6\", ver:\"9.6.10-0+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"postgresql-plperl-9.6\", ver:\"9.6.10-0+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"postgresql-plpython-9.6\", ver:\"9.6.10-0+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"postgresql-plpython3-9.6\", ver:\"9.6.10-0+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"postgresql-pltcl-9.6\", ver:\"9.6.10-0+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"postgresql-server-dev-9.6\", ver:\"9.6.10-0+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if(__pkg_match) {\n exit(99);\n}", "cvss": {"score": 6.0, "vector": "AV:N/AC:M/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2020-01-31T17:33:53", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2018-10-26T00:00:00", "type": "openvas", "title": "openSUSE: Security Advisory for postgresql96 (openSUSE-SU-2018:3449-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-10925", "CVE-2018-10915"], "modified": "2020-01-31T00:00:00", "id": "OPENVAS:1361412562310852079", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310852079", "sourceData": "# Copyright (C) 2018 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of their respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.852079\");\n script_version(\"2020-01-31T08:23:39+0000\");\n script_cve_id(\"CVE-2018-10915\", \"CVE-2018-10925\");\n script_tag(name:\"cvss_base\", value:\"6.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:S/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-01-31 08:23:39 +0000 (Fri, 31 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2018-10-26 06:42:14 +0200 (Fri, 26 Oct 2018)\");\n script_name(\"openSUSE: Security Advisory for postgresql96 (openSUSE-SU-2018:3449-1)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=openSUSELeap42\\.3\");\n\n script_xref(name:\"openSUSE-SU\", value:\"2018:3449-1\");\n script_xref(name:\"URL\", value:\"https://lists.opensuse.org/opensuse-security-announce/2018-10/msg00067.html\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'postgresql96'\n package(s) announced via the openSUSE-SU-2018:3449-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"This update for postgresql96 to 9.6.10 fixes the following issues:\n\n These security issues were fixed:\n\n - CVE-2018-10915: libpq failed to properly reset its internal state\n between connections. If an affected version of libpq was used with\n 'host' or 'hostaddr' connection parameters from untrusted input,\n attackers could have bypassed client-side connection security features,\n obtain access to higher privileged connections or potentially cause\n other impact SQL injection, by causing the PQescape() functions to\n malfunction (bsc#1104199)\n\n - CVE-2018-10925: Add missing authorization check on certain statements\n involved with 'INSERT ... ON CONFLICT DO UPDATE'. An attacker with\n 'CREATE TABLE' privileges could have exploited this to read arbitrary\n bytes server memory. If the attacker also had certain 'INSERT' and\n limited 'UPDATE' privileges to a particular table, they could have\n exploited this to update\n other columns in the same table (bsc#1104202)\n\n This update was imported from the SUSE:SLE-12:Update update project.\n Patch Instructions:\n\n To install this openSUSE Security Update use the SUSE recommended\n installation methods\n like YaST online_update or 'zypper patch'.\n\n Alternatively you can run the command listed for your product:\n\n - openSUSE Leap 42.3:\n\n zypper in -t patch openSUSE-2018-1278=1\");\n\n script_tag(name:\"affected\", value:\"postgresql96 on openSUSE Leap 42.3.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"openSUSELeap42.3\") {\n if(!isnull(res = isrpmvuln(pkg:\"postgresql96\", rpm:\"postgresql96~9.6.10~21.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"postgresql96-contrib\", rpm:\"postgresql96-contrib~9.6.10~21.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"postgresql96-contrib-debuginfo\", rpm:\"postgresql96-contrib-debuginfo~9.6.10~21.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"postgresql96-debuginfo\", rpm:\"postgresql96-debuginfo~9.6.10~21.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"postgresql96-debugsource\", rpm:\"postgresql96-debugsource~9.6.10~21.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"postgresql96-devel\", rpm:\"postgresql96-devel~9.6.10~21.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"postgresql96-devel-debuginfo\", rpm:\"postgresql96-devel-debuginfo~9.6.10~21.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"postgresql96-libs-debugsource\", rpm:\"postgresql96-libs-debugsource~9.6.10~21.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"postgresql96-plperl\", rpm:\"postgresql96-plperl~9.6.10~21.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"postgresql96-plperl-debuginfo\", rpm:\"postgresql96-plperl-debuginfo~9.6.10~21.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"postgresql96-plpython\", rpm:\"postgresql96-plpython~9.6.10~21.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"postgresql96-plpython-debuginfo\", rpm:\"postgresql96-plpython-debuginfo~9.6.10~21.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"postgresql96-pltcl\", rpm:\"postgresql96-pltcl~9.6.10~21.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"postgresql96-pltcl-debuginfo\", rpm:\"postgresql96-pltcl-debuginfo~9.6.10~21.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"postgresql96-server\", rpm:\"postgresql96-server~9.6.10~21.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"postgresql96-server-debuginfo\", rpm:\"postgresql96-server-debuginfo~9.6.10~21.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"postgresql96-test\", rpm:\"postgresql96-test~9.6.10~21.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"postgresql96-docs\", rpm:\"postgresql96-docs~9.6.10~21.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 6.0, "vector": "AV:N/AC:M/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:33:09", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2018-08-19T00:00:00", "type": "openvas", "title": "Fedora Update for postgresql FEDORA-2018-d8f5aea89d", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-10925", "CVE-2017-15097", "CVE-2018-10915"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310874971", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310874971", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_fedora_2018_d8f5aea89d_postgresql_fc27.nasl 14223 2019-03-15 13:49:35Z cfischer $\n#\n# Fedora Update for postgresql FEDORA-2018-d8f5aea89d\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.874971\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2018-08-19 06:51:21 +0200 (Sun, 19 Aug 2018)\");\n script_cve_id(\"CVE-2018-10915\", \"CVE-2018-10925\", \"CVE-2017-15097\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for postgresql FEDORA-2018-d8f5aea89d\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'postgresql'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present\non the target host.\");\n script_tag(name:\"affected\", value:\"postgresql on Fedora 27\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n\n script_xref(name:\"FEDORA\", value:\"2018-d8f5aea89d\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5O3TG4AQRQP7AH3KLCI73OTJC76DNUM6\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC27\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC27\")\n{\n\n if ((res = isrpmvuln(pkg:\"postgresql\", rpm:\"postgresql~9.6.10~1.fc27\", rls:\"FC27\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-01-29T19:32:51", "description": "This host is running PostgreSQL and is\n prone to information disclosure and missing authentication vulnerabilities.", "cvss3": {}, "published": "2018-08-13T00:00:00", "type": "openvas", "title": "PostgreSQL Information Disclosure And Missing Authentication Vulnerabilities Aug18 (Linux)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-10925"], "modified": "2020-01-28T00:00:00", "id": "OPENVAS:1361412562310813754", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310813754", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# PostgreSQL Information Disclosure And Missing Authentication Vulnerabilities Aug18 (Linux)\n#\n# Authors:\n# Shakeel <bshakeel@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:postgresql:postgresql\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.813754\");\n script_version(\"2020-01-28T13:26:39+0000\");\n script_cve_id(\"CVE-2018-10925\");\n script_bugtraq_id(105052);\n script_tag(name:\"cvss_base\", value:\"5.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:S/C:P/I:P/A:N\");\n script_tag(name:\"last_modification\", value:\"2020-01-28 13:26:39 +0000 (Tue, 28 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2018-08-13 18:20:47 +0530 (Mon, 13 Aug 2018)\");\n script_tag(name:\"qod_type\", value:\"remote_banner_unreliable\");\n script_name(\"PostgreSQL Information Disclosure And Missing Authentication Vulnerabilities Aug18 (Linux)\");\n\n script_tag(name:\"summary\", value:\"This host is running PostgreSQL and is\n prone to information disclosure and missing authentication vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws exists due to a missing\n authorization on certain statements involved with 'INSERT ... ON CONFLICT\n DO UPDATE'.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow an attacker\n to read arbitrary bytes of server memory and update other columns which should\n have been restricted otherwise.\");\n\n script_tag(name:\"affected\", value:\"PostgreSQL versions before 10.5, 9.6.10\n and 9.5.14.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to PostgreSQL version 10.5 or 9.6.10\n or 9.5.14 or later. Please see the references for more information.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_xref(name:\"URL\", value:\"https://www.postgresql.org/about/news/1878\");\n script_xref(name:\"URL\", value:\"https://www.postgresql.org/docs/10/static/release-10-5.html#id-1.11.6.5.5\");\n script_xref(name:\"URL\", value:\"https://www.postgresql.org/docs/10/static/release-9-6-10.html#id-1.11.6.11.5\");\n script_xref(name:\"URL\", value:\"https://www.postgresql.org/docs/10/static/release-9-5-14.html#id-1.11.6.22.5\");\n\n\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_category(ACT_GATHER_INFO);\n script_family(\"Databases\");\n script_dependencies(\"postgresql_detect.nasl\", \"secpod_postgresql_detect_lin.nasl\", \"secpod_postgresql_detect_win.nasl\", \"os_detection.nasl\");\n script_mandatory_keys(\"postgresql/detected\", \"Host/runs_unixoide\");\n exit(0);\n}\n\ninclude(\"version_func.inc\");\ninclude(\"host_details.inc\");\n\nif(isnull(port = get_app_port(cpe:CPE)))\n exit(0);\n\nif(!infos = get_app_version_and_location(cpe:CPE, port:port, exit_no_version:TRUE))\n exit(0);\n\nvers = infos[\"version\"];\nloc = infos[\"location\"];\n\nif(vers =~ \"^9\\.5\\.\") {\n if(version_is_less(version:vers, test_version: \"9.5.14\")) {\n fix = \"9.5.14\";\n }\n}\n\nelse if(vers =~ \"^9\\.6\\.\") {\n if(version_is_less(version:vers, test_version: \"9.6.10\")) {\n fix = \"9.6.10\";\n }\n}\n\nelse if(vers =~ \"^10\\.\") {\n if(version_is_less(version:vers, test_version: \"10.5\")) {\n fix = \"10.5\";\n }\n}\n\nif(fix) {\n report = report_fixed_ver(installed_version:vers, fixed_version:fix, install_path:loc);\n security_message(port:port, data: report);\n exit(0);\n}\n\nexit(99);\n", "cvss": {"score": 5.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:N"}}, {"lastseen": "2020-01-29T19:32:51", "description": "This host is running PostgreSQL and is\n prone to information disclosure and missing authentication vulnerabilities.", "cvss3": {}, "published": "2018-08-13T00:00:00", "type": "openvas", "title": "PostgreSQL Information Disclosure And Missing Authentication Vulnerabilities Aug18 (Windows)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-10925"], "modified": "2020-01-28T00:00:00", "id": "OPENVAS:1361412562310813753", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310813753", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# PostgreSQL Information Disclosure And Missing Authentication Vulnerabilities Aug18 (Windows)\n#\n# Authors:\n# Shakeel <bshakeel@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:postgresql:postgresql\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.813753\");\n script_version(\"2020-01-28T13:26:39+0000\");\n script_cve_id(\"CVE-2018-10925\");\n script_bugtraq_id(105052);\n script_tag(name:\"cvss_base\", value:\"5.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:S/C:P/I:P/A:N\");\n script_tag(name:\"last_modification\", value:\"2020-01-28 13:26:39 +0000 (Tue, 28 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2018-08-13 12:44:42 +0530 (Mon, 13 Aug 2018)\");\n script_tag(name:\"qod_type\", value:\"remote_banner\");\n script_name(\"PostgreSQL Information Disclosure And Missing Authentication Vulnerabilities Aug18 (Windows)\");\n\n script_tag(name:\"summary\", value:\"This host is running PostgreSQL and is\n prone to information disclosure and missing authentication vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws exists due to a missing\n authorization on certain statements involved with 'INSERT ... ON CONFLICT\n DO UPDATE'.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow an attacker\n to read arbitrary bytes of server memory and update other columns which should\n have been restricted otherwise.\");\n\n script_tag(name:\"affected\", value:\"PostgreSQL versions before 10.5, 9.6.10\n and 9.5.14.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to PostgreSQL version 10.5 or 9.6.10\n or 9.5.14 or later. Please see the references for more information.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_xref(name:\"URL\", value:\"https://www.postgresql.org/about/news/1878\");\n script_xref(name:\"URL\", value:\"https://www.postgresql.org/docs/10/static/release-10-5.html#id-1.11.6.5.5\");\n script_xref(name:\"URL\", value:\"https://www.postgresql.org/docs/10/static/release-9-6-10.html#id-1.11.6.11.5\");\n script_xref(name:\"URL\", value:\"https://www.postgresql.org/docs/10/static/release-9-5-14.html#id-1.11.6.22.5\");\n\n\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_category(ACT_GATHER_INFO);\n script_family(\"Databases\");\n script_dependencies(\"postgresql_detect.nasl\", \"secpod_postgresql_detect_lin.nasl\", \"secpod_postgresql_detect_win.nasl\", \"os_detection.nasl\");\n script_mandatory_keys(\"postgresql/detected\", \"Host/runs_windows\");\n exit(0);\n}\n\ninclude(\"version_func.inc\");\ninclude(\"host_details.inc\");\n\nif(isnull(port = get_app_port(cpe:CPE)))\n exit(0);\n\nif(!infos = get_app_version_and_location(cpe:CPE, port:port, exit_no_version:TRUE))\n exit(0);\n\nvers = infos[\"version\"];\nloc = infos[\"location\"];\n\nif(vers =~ \"^9\\.5\\.\") {\n if(version_is_less(version:vers, test_version: \"9.5.14\")) {\n fix = \"9.5.14\";\n }\n}\n\nelse if(vers =~ \"^9\\.6\\.\") {\n if(version_is_less(version:vers, test_version: \"9.6.10\")) {\n fix = \"9.6.10\";\n }\n}\n\nelse if(vers =~ \"^10\\.\") {\n if(version_is_less(version:vers, test_version: \"10.5\")) {\n fix = \"10.5\";\n }\n}\n\nif(fix) {\n report = report_fixed_ver(installed_version:vers, fixed_version:fix, install_path:loc);\n security_message(port:port, data: report);\n exit(0);\n}\n\nexit(99);\n", "cvss": {"score": 5.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:N"}}, {"lastseen": "2020-01-29T19:32:51", "description": "This host is running PostgreSQL and is\n prone to security bypass vulnerability.", "cvss3": {}, "published": "2018-08-13T00:00:00", "type": "openvas", "title": "PostgreSQL 'libpq' Security Bypass Vulnerability Aug18 (Linux)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-10915"], "modified": "2020-01-28T00:00:00", "id": "OPENVAS:1361412562310813752", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310813752", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# PostgreSQL 'libpq' Security Bypass Vulnerability Aug18 (Linux)\n#\n# Authors:\n# Shakeel <bshakeel@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:postgresql:postgresql\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.813752\");\n script_version(\"2020-01-28T13:26:39+0000\");\n script_cve_id(\"CVE-2018-10915\");\n script_bugtraq_id(105054);\n script_tag(name:\"cvss_base\", value:\"6.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:S/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-01-28 13:26:39 +0000 (Tue, 28 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2018-08-13 18:05:39 +0530 (Mon, 13 Aug 2018)\");\n script_tag(name:\"qod_type\", value:\"remote_banner_unreliable\");\n script_name(\"PostgreSQL 'libpq' Security Bypass Vulnerability Aug18 (Linux)\");\n\n script_tag(name:\"summary\", value:\"This host is running PostgreSQL and is\n prone to security bypass vulnerability.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The flaw exists due to an internal issue in\n the 'libpq' the client connection API for PostgreSQL where it did not reset\n all of its connection state variables when attempting to reconnect. In\n particular, the state variable that determined whether or not a password is\n needed for a connection would not be reset.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow an attacker\n to bypass client-side connection security features and obtain access to higher\n privileged connections or potentially cause other possible impact.\");\n\n script_tag(name:\"affected\", value:\"PostgreSQL versions before 10.5, 9.6.10,\n 9.5.14, 9.4.19 and 9.3.24.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to PostgreSQL version 10.5 or 9.6.10\n or 9.5.14 or 9.4.19 or 9.3.24 or later. Please see the references for more information.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_xref(name:\"URL\", value:\"https://www.postgresql.org/about/news/1878\");\n script_xref(name:\"URL\", value:\"https://www.postgresql.org/docs/10/static/release-10-5.html#id-1.11.6.5.5\");\n script_xref(name:\"URL\", value:\"https://www.postgresql.org/docs/10/static/release-9-6-10.html#id-1.11.6.11.5\");\n script_xref(name:\"URL\", value:\"https://www.postgresql.org/docs/10/static/release-9-5-14.html#id-1.11.6.22.5\");\n script_xref(name:\"URL\", value:\"https://www.postgresql.org/docs/10/static/release-9-4-19.html#id-1.11.6.37.5\");\n script_xref(name:\"URL\", value:\"https://www.postgresql.org/docs/10/static/release-9-3-24.html#id-1.11.6.57.6\");\n\n\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_category(ACT_GATHER_INFO);\n script_family(\"Databases\");\n script_dependencies(\"postgresql_detect.nasl\", \"secpod_postgresql_detect_lin.nasl\", \"secpod_postgresql_detect_win.nasl\", \"os_detection.nasl\");\n script_mandatory_keys(\"postgresql/detected\", \"Host/runs_unixoide\");\n exit(0);\n}\n\ninclude(\"version_func.inc\");\ninclude(\"host_details.inc\");\n\nif(isnull(port = get_app_port(cpe:CPE)))\n exit(0);\n\nif(!infos = get_app_version_and_location(cpe:CPE, port:port, exit_no_version:TRUE))\n exit(0);\n\nvers = infos[\"version\"];\nloc = infos[\"location\"];\n\nif(vers =~ \"^9\\.3\\.\") {\n if(version_is_less(version:vers, test_version: \"9.3.24\")) {\n fix = \"9.3.24\";\n }\n}\n\nelse if(vers =~ \"^9\\.4\\.\") {\n if(version_is_less(version:vers, test_version: \"9.4.19\")) {\n fix = \"9.4.19\";\n }\n}\n\nelse if(vers =~ \"^9\\.5\\.\") {\n if(version_is_less(version:vers, test_version: \"9.5.14\")) {\n fix = \"9.5.14\";\n }\n}\n\nelse if(vers =~ \"^9\\.6\\.\") {\n if(version_is_less(version:vers, test_version: \"9.6.10\")) {\n fix = \"9.6.10\";\n }\n}\n\nelse if(vers =~ \"^10\\.\") {\n if(version_is_less(version:vers, test_version: \"10.5\")) {\n fix = \"10.5\";\n }\n}\n\nif(fix) {\n report = report_fixed_ver(installed_version:vers, fixed_version:fix, install_path:loc);\n security_message(port:port, data: report);\n exit(0);\n}\n\nexit(99);\n", "cvss": {"score": 6.0, "vector": "AV:N/AC:M/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2020-01-27T18:37:18", "description": "The remote host is missing an update for the Huawei EulerOS\n ", "cvss3": {}, "published": "2020-01-23T00:00:00", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for postgresql (EulerOS-SA-2018-1311)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-10915"], "modified": "2020-01-23T00:00:00", "id": "OPENVAS:1361412562311220181311", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220181311", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2018.1311\");\n script_version(\"2020-01-23T11:21:29+0000\");\n script_cve_id(\"CVE-2018-10915\");\n script_tag(name:\"cvss_base\", value:\"6.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:S/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-01-23 11:21:29 +0000 (Thu, 23 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-23 11:21:29 +0000 (Thu, 23 Jan 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for postgresql (EulerOS-SA-2018-1311)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROS-2\\.0SP2\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2018-1311\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2018-1311\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'postgresql' package(s) announced via the EulerOS-SA-2018-1311 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"postgresql: Certain host connection parameters defeat client-side security defenses (CVE-2018-10915)\");\n\n script_tag(name:\"affected\", value:\"'postgresql' package(s) on Huawei EulerOS V2.0SP2.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROS-2.0SP2\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"postgresql\", rpm:\"postgresql~9.2.24~1\", rls:\"EULEROS-2.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"postgresql-contrib\", rpm:\"postgresql-contrib~9.2.24~1\", rls:\"EULEROS-2.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"postgresql-devel\", rpm:\"postgresql-devel~9.2.24~1\", rls:\"EULEROS-2.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"postgresql-docs\", rpm:\"postgresql-docs~9.2.24~1\", rls:\"EULEROS-2.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"postgresql-libs\", rpm:\"postgresql-libs~9.2.24~1\", rls:\"EULEROS-2.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"postgresql-plperl\", rpm:\"postgresql-plperl~9.2.24~1\", rls:\"EULEROS-2.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"postgresql-plpython\", rpm:\"postgresql-plpython~9.2.24~1\", rls:\"EULEROS-2.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"postgresql-pltcl\", rpm:\"postgresql-pltcl~9.2.24~1\", rls:\"EULEROS-2.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"postgresql-server\", rpm:\"postgresql-server~9.2.24~1\", rls:\"EULEROS-2.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"postgresql-test\", rpm:\"postgresql-test~9.2.24~1\", rls:\"EULEROS-2.0SP2\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 6.0, "vector": "AV:N/AC:M/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:33:26", "description": "Check the version of postgresql", "cvss3": {}, "published": "2018-08-29T00:00:00", "type": "openvas", "title": "CentOS Update for postgresql CESA-2018:2557 centos7", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-10915"], "modified": "2019-03-08T00:00:00", "id": "OPENVAS:1361412562310882943", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310882943", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_CESA-2018_2557_postgresql_centos7.nasl 14058 2019-03-08 13:25:52Z cfischer $\n#\n# CentOS Update for postgresql CESA-2018:2557 centos7\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.882943\");\n script_version(\"$Revision: 14058 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-08 14:25:52 +0100 (Fri, 08 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2018-08-29 07:13:24 +0200 (Wed, 29 Aug 2018)\");\n script_cve_id(\"CVE-2018-10915\");\n script_tag(name:\"cvss_base\", value:\"6.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:S/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"CentOS Update for postgresql CESA-2018:2557 centos7\");\n script_tag(name:\"summary\", value:\"Check the version of postgresql\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"PostgreSQL is an advanced object-relational database management system\n(DBMS).\n\nThe following packages have been upgraded to a later upstream version:\npostgresql (9.2.24). (BZ#1612667)\n\nSecurity Fix(es):\n\n * postgresql: Certain host connection parameters defeat client-side\nsecurity defenses (CVE-2018-10915)\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, and other related information, refer to the CVE page(s) listed in\nthe References section.\n\nRed Hat would like to thank the PostgreSQL project for reporting this\nissue. Upstream acknowledges Andrew Krasichkov as the original reporter.\");\n script_tag(name:\"affected\", value:\"postgresql on CentOS 7\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n\n script_xref(name:\"CESA\", value:\"2018:2557\");\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2018-August/023017.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS7\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS7\")\n{\n\n if ((res = isrpmvuln(pkg:\"postgresql\", rpm:\"postgresql~9.2.24~1.el7_5\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"postgresql-contrib\", rpm:\"postgresql-contrib~9.2.24~1.el7_5\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"postgresql-devel\", rpm:\"postgresql-devel~9.2.24~1.el7_5\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"postgresql-docs\", rpm:\"postgresql-docs~9.2.24~1.el7_5\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"postgresql-libs\", rpm:\"postgresql-libs~9.2.24~1.el7_5\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"postgresql-plperl\", rpm:\"postgresql-plperl~9.2.24~1.el7_5\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"postgresql-plpython\", rpm:\"postgresql-plpython~9.2.24~1.el7_5\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"postgresql-pltcl\", rpm:\"postgresql-pltcl~9.2.24~1.el7_5\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"postgresql-server\", rpm:\"postgresql-server~9.2.24~1.el7_5\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"postgresql-static\", rpm:\"postgresql-static~9.2.24~1.el7_5\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"postgresql-test\", rpm:\"postgresql-test~9.2.24~1.el7_5\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"postgresql-upgrade\", rpm:\"postgresql-upgrade~9.2.24~1.el7_5\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 6.0, "vector": "AV:N/AC:M/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2020-01-29T19:32:51", "description": "This host is running PostgreSQL and is\n prone to security bypass vulnerability.", "cvss3": {}, "published": "2018-08-13T00:00:00", "type": "openvas", "title": "PostgreSQL 'libpq' Security Bypass Vulnerability Aug18 (Windows)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-10915"], "modified": "2020-01-28T00:00:00", "id": "OPENVAS:1361412562310813751", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310813751", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# PostgreSQL 'libpq' Security Bypass Vulnerability Aug18 (Windows)\n#\n# Authors:\n# Shakeel <bshakeel@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:postgresql:postgresql\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.813751\");\n script_version(\"2020-01-28T13:26:39+0000\");\n script_cve_id(\"CVE-2018-10915\");\n script_bugtraq_id(105054);\n script_tag(name:\"cvss_base\", value:\"6.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:S/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-01-28 13:26:39 +0000 (Tue, 28 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2018-08-13 12:44:42 +0530 (Mon, 13 Aug 2018)\");\n script_tag(name:\"qod_type\", value:\"remote_banner\");\n script_name(\"PostgreSQL 'libpq' Security Bypass Vulnerability Aug18 (Windows)\");\n\n script_tag(name:\"summary\", value:\"This host is running PostgreSQL and is\n prone to security bypass vulnerability.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The flaw exists due to an internal issue in\n the 'libpq' the client connection API for PostgreSQL where it did not reset\n all of its connection state variables when attempting to reconnect. In\n particular, the state variable that determined whether or not a password is\n needed for a connection would not be reset.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow an attacker\n to bypass client-side connection security features and obtain access to higher\n privileged connections or potentially cause other possible impact.\");\n\n script_tag(name:\"affected\", value:\"PostgreSQL versions before 10.5, 9.6.10,\n 9.5.14, 9.4.19 and 9.3.24.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to PostgreSQL version 10.5 or 9.6.10\n or 9.5.14 or 9.4.19 or 9.3.24 or later. Please see the references for more information.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_xref(name:\"URL\", value:\"https://www.postgresql.org/about/news/1878\");\n script_xref(name:\"URL\", value:\"https://www.postgresql.org/docs/10/static/release-10-5.html#id-1.11.6.5.5\");\n script_xref(name:\"URL\", value:\"https://www.postgresql.org/docs/10/static/release-9-6-10.html#id-1.11.6.11.5\");\n script_xref(name:\"URL\", value:\"https://www.postgresql.org/docs/10/static/release-9-5-14.html#id-1.11.6.22.5\");\n script_xref(name:\"URL\", value:\"https://www.postgresql.org/docs/10/static/release-9-4-19.html#id-1.11.6.37.5\");\n script_xref(name:\"URL\", value:\"https://www.postgresql.org/docs/10/static/release-9-3-24.html#id-1.11.6.57.6\");\n\n\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_category(ACT_GATHER_INFO);\n script_family(\"Databases\");\n script_dependencies(\"postgresql_detect.nasl\", \"secpod_postgresql_detect_lin.nasl\", \"secpod_postgresql_detect_win.nasl\", \"os_detection.nasl\");\n script_mandatory_keys(\"postgresql/detected\", \"Host/runs_windows\");\n exit(0);\n}\n\ninclude(\"version_func.inc\");\ninclude(\"host_details.inc\");\n\nif(isnull(port = get_app_port(cpe:CPE)))\n exit(0);\n\nif(!infos = get_app_version_and_location(cpe:CPE, port:port, exit_no_version:TRUE))\n exit(0);\n\nvers = infos[\"version\"];\nloc = infos[\"location\"];\n\nif(vers =~ \"^9\\.3\\.\") {\n if(version_is_less(version:vers, test_version: \"9.3.24\")) {\n fix = \"9.3.24\";\n }\n}\n\nelse if(vers =~ \"^9\\.4\\.\") {\n if(version_is_less(version:vers, test_version: \"9.4.19\")) {\n fix = \"9.4.19\";\n }\n}\n\nelse if(vers =~ \"^9\\.5\\.\") {\n if(version_is_less(version:vers, test_version: \"9.5.14\")) {\n fix = \"9.5.14\";\n }\n}\n\nelse if(vers =~ \"^9\\.6\\.\") {\n if(version_is_less(version:vers, test_version: \"9.6.10\")) {\n fix = \"9.6.10\";\n }\n}\n\nelse if(vers =~ \"^10\\.\") {\n if(version_is_less(version:vers, test_version: \"10.5\")) {\n fix = \"10.5\";\n }\n}\n\nif(fix) {\n report = report_fixed_ver(installed_version:vers, fixed_version:fix, install_path:loc);\n security_message(port:port, data: report);\n exit(0);\n}\n\nexit(99);\n", "cvss": {"score": 6.0, "vector": "AV:N/AC:M/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2020-01-29T20:08:03", "description": "An unprivileged user of dblink or postgres_fdw could bypass the checks\nintended to prevent use of server-side credentials, such as a ~/.pgpass\nfile owned by the operating-system user running the server. Servers\nallowing peer authentication on local connections are particularly\nvulnerable. Other attacks such as SQL injection into a postgres_fdw\nsession are also possible. Attacking postgres_fdw in this way requires\nthe ability to create a foreign server object with selected connection\nparameters, but any user with access to dblink could exploit the\nproblem. In general, an attacker with the ability to select the\nconnection parameters for a libpq-using application could cause\nmischief, though other plausible attack scenarios are harder to think\nof. Our thanks to Andrew Krasichkov for reporting this issue.", "cvss3": {}, "published": "2018-08-15T00:00:00", "type": "openvas", "title": "Debian LTS: Security Advisory for postgresql-9.4 (DLA-1464-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-10915"], "modified": "2020-01-29T00:00:00", "id": "OPENVAS:1361412562310891464", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310891464", "sourceData": "# Copyright (C) 2018 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.891464\");\n script_version(\"2020-01-29T08:22:52+0000\");\n script_cve_id(\"CVE-2018-10915\");\n script_name(\"Debian LTS: Security Advisory for postgresql-9.4 (DLA-1464-1)\");\n script_tag(name:\"last_modification\", value:\"2020-01-29 08:22:52 +0000 (Wed, 29 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2018-08-15 00:00:00 +0200 (Wed, 15 Aug 2018)\");\n script_tag(name:\"cvss_base\", value:\"6.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:S/C:P/I:P/A:P\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n script_xref(name:\"URL\", value:\"https://lists.debian.org/debian-lts-announce/2018/08/msg00012.html\");\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB8\");\n\n script_tag(name:\"affected\", value:\"postgresql-9.4 on Debian Linux\");\n\n script_tag(name:\"solution\", value:\"For Debian 8 'Jessie', this problem has been fixed in version\n9.4.19-0+deb8u1.\n\nWe recommend that you upgrade your postgresql-9.4 packages.\");\n\n script_tag(name:\"summary\", value:\"An unprivileged user of dblink or postgres_fdw could bypass the checks\nintended to prevent use of server-side credentials, such as a ~/.pgpass\nfile owned by the operating-system user running the server. Servers\nallowing peer authentication on local connections are particularly\nvulnerable. Other attacks such as SQL injection into a postgres_fdw\nsession are also possible. Attacking postgres_fdw in this way requires\nthe ability to create a foreign server object with selected connection\nparameters, but any user with access to dblink could exploit the\nproblem. In general, an attacker with the ability to select the\nconnection parameters for a libpq-using application could cause\nmischief, though other plausible attack scenarios are harder to think\nof. Our thanks to Andrew Krasichkov for reporting this issue.\");\n\n script_tag(name:\"vuldetect\", value:\"This check tests the installed software version using the apt package manager.\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif(!isnull(res = isdpkgvuln(pkg:\"libecpg-compat3\", ver:\"9.4.19-0+deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libecpg-dev\", ver:\"9.4.19-0+deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libecpg6\", ver:\"9.4.19-0+deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libpgtypes3\", ver:\"9.4.19-0+deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libpq-dev\", ver:\"9.4.19-0+deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libpq5\", ver:\"9.4.19-0+deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"postgresql-9.4\", ver:\"9.4.19-0+deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"postgresql-9.4-dbg\", ver:\"9.4.19-0+deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"postgresql-client-9.4\", ver:\"9.4.19-0+deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"postgresql-contrib-9.4\", ver:\"9.4.19-0+deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"postgresql-doc-9.4\", ver:\"9.4.19-0+deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"postgresql-plperl-9.4\", ver:\"9.4.19-0+deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"postgresql-plpython-9.4\", ver:\"9.4.19-0+deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"postgresql-plpython3-9.4\", ver:\"9.4.19-0+deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"postgresql-pltcl-9.4\", ver:\"9.4.19-0+deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"postgresql-server-dev-9.4\", ver:\"9.4.19-0+deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if(__pkg_match) {\n exit(99);\n}\n", "cvss": {"score": 6.0, "vector": "AV:N/AC:M/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2020-01-31T17:40:16", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2018-12-10T00:00:00", "type": "openvas", "title": "openSUSE: Security Advisory for postgresql94 (openSUSE-SU-2018:4007-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-10915"], "modified": "2020-01-31T00:00:00", "id": "OPENVAS:1361412562310852156", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310852156", "sourceData": "# Copyright (C) 2018 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of their respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.852156\");\n script_version(\"2020-01-31T08:23:39+0000\");\n script_cve_id(\"CVE-2018-10915\");\n script_tag(name:\"cvss_base\", value:\"6.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:S/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-01-31 08:23:39 +0000 (Fri, 31 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2018-12-10 07:36:25 +0100 (Mon, 10 Dec 2018)\");\n script_name(\"openSUSE: Security Advisory for postgresql94 (openSUSE-SU-2018:4007-1)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=openSUSELeap42\\.3\");\n\n script_xref(name:\"openSUSE-SU\", value:\"2018:4007-1\");\n script_xref(name:\"URL\", value:\"https://lists.opensuse.org/opensuse-security-announce/2018-12/msg00006.html\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'postgresql94'\n package(s) announced via the openSUSE-SU-2018:4007-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"This update for postgresql94 to 9.4.19 fixes\n the following security issue:\n\n - CVE-2018-10915: libpq failed to properly reset its internal state\n between connections. If an affected version of libpq was used with\n 'host' or 'hostaddr' connection parameters from untrusted input,\n attackers could have bypassed client-side connection security features,\n obtain access to higher privileged connections or potentially cause\n other impact SQL injection, by causing the PQescape() functions to\n malfunction (bsc#1104199).\n\n A dump/restore is not required for this update unless you use the\n functions query_to_xml, cursor_to_xml, cursor_to_xmlschema,\n query_to_xmlschema, and query_to_xml_and_xmlschema. In this case please\n see the first entry of\n This update was imported from the SUSE:SLE-12:Update update project.\n\n Patch Instructions:\n\n To install this openSUSE Security Update use the SUSE recommended\n installation methods\n like YaST online_update or 'zypper patch'.\n\n Alternatively you can run the command listed for your product:\n\n - openSUSE Leap 42.3:\n\n zypper in -t patch openSUSE-2018-1482=1\");\n\n script_tag(name:\"affected\", value:\"postgresql94 on openSUSE Leap 42.3.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"openSUSELeap42.3\") {\n if(!isnull(res = isrpmvuln(pkg:\"postgresql94\", rpm:\"postgresql94~9.4.19~24.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"postgresql94-contrib\", rpm:\"postgresql94-contrib~9.4.19~24.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"postgresql94-contrib-debuginfo\", rpm:\"postgresql94-contrib-debuginfo~9.4.19~24.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"postgresql94-debuginfo\", rpm:\"postgresql94-debuginfo~9.4.19~24.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"postgresql94-debugsource\", rpm:\"postgresql94-debugsource~9.4.19~24.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"postgresql94-devel\", rpm:\"postgresql94-devel~9.4.19~24.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"postgresql94-devel-debuginfo\", rpm:\"postgresql94-devel-debuginfo~9.4.19~24.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"postgresql94-libs-debugsource\", rpm:\"postgresql94-libs-debugsource~9.4.19~24.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"postgresql94-plperl\", rpm:\"postgresql94-plperl~9.4.19~24.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"postgresql94-plperl-debuginfo\", rpm:\"postgresql94-plperl-debuginfo~9.4.19~24.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"postgresql94-plpython\", rpm:\"postgresql94-plpython~9.4.19~24.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"postgresql94-plpython-debuginfo\", rpm:\"postgresql94-plpython-debuginfo~9.4.19~24.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"postgresql94-pltcl\", rpm:\"postgresql94-pltcl~9.4.19~24.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"postgresql94-pltcl-debuginfo\", rpm:\"postgresql94-pltcl-debuginfo~9.4.19~24.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"postgresql94-server\", rpm:\"postgresql94-server~9.4.19~24.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"postgresql94-server-debuginfo\", rpm:\"postgresql94-server-debuginfo~9.4.19~24.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"postgresql94-test\", rpm:\"postgresql94-test~9.4.19~24.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"postgresql94-docs\", rpm:\"postgresql94-docs~9.4.19~24.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 6.0, "vector": "AV:N/AC:M/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2020-01-27T18:39:13", "description": "The remote host is missing an update for the Huawei EulerOS\n ", "cvss3": {}, "published": "2020-01-23T00:00:00", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for postgresql (EulerOS-SA-2018-1312)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-10915"], "modified": "2020-01-23T00:00:00", "id": "OPENVAS:1361412562311220181312", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220181312", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2018.1312\");\n script_version(\"2020-01-23T11:21:30+0000\");\n script_cve_id(\"CVE-2018-10915\");\n script_tag(name:\"cvss_base\", value:\"6.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:S/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-01-23 11:21:30 +0000 (Thu, 23 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-23 11:21:30 +0000 (Thu, 23 Jan 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for postgresql (EulerOS-SA-2018-1312)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROS-2\\.0SP3\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2018-1312\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2018-1312\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'postgresql' package(s) announced via the EulerOS-SA-2018-1312 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"postgresql: Certain host connection parameters defeat client-side security defenses (CVE-2018-10915)\");\n\n script_tag(name:\"affected\", value:\"'postgresql' package(s) on Huawei EulerOS V2.0SP3.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROS-2.0SP3\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"postgresql\", rpm:\"postgresql~9.2.24~1\", rls:\"EULEROS-2.0SP3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"postgresql-contrib\", rpm:\"postgresql-contrib~9.2.24~1\", rls:\"EULEROS-2.0SP3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"postgresql-devel\", rpm:\"postgresql-devel~9.2.24~1\", rls:\"EULEROS-2.0SP3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"postgresql-docs\", rpm:\"postgresql-docs~9.2.24~1\", rls:\"EULEROS-2.0SP3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"postgresql-libs\", rpm:\"postgresql-libs~9.2.24~1\", rls:\"EULEROS-2.0SP3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"postgresql-plperl\", rpm:\"postgresql-plperl~9.2.24~1\", rls:\"EULEROS-2.0SP3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"postgresql-plpython\", rpm:\"postgresql-plpython~9.2.24~1\", rls:\"EULEROS-2.0SP3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"postgresql-pltcl\", rpm:\"postgresql-pltcl~9.2.24~1\", rls:\"EULEROS-2.0SP3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"postgresql-server\", rpm:\"postgresql-server~9.2.24~1\", rls:\"EULEROS-2.0SP3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"postgresql-test\", rpm:\"postgresql-test~9.2.24~1\", rls:\"EULEROS-2.0SP3\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 6.0, "vector": "AV:N/AC:M/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2020-01-29T19:32:51", "description": "PostgreSQL is vulnerable in the adminpack extension, the\n pg_catalog.pg_logfile_rotate() function doesn", "cvss3": {}, "published": "2018-05-11T00:00:00", "type": "openvas", "title": "PostgreSQL logrotate Vulnerability - May18 (Linux)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-1115"], "modified": "2020-01-28T00:00:00", "id": "OPENVAS:1361412562310141084", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310141084", "sourceData": "##############################################################################\n# OpenVAS Vulnerability Test\n#\n# PostgreSQL logrotate Vulnerability - May18 (Linux)\n#\n# Authors:\n# Christian Kuersteiner <christian.kuersteiner@greenbone.net>\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License as published by\n# the Free Software Foundation; either version 2 of the License, or\n# (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:postgresql:postgresql\";\n\nif (description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.141084\");\n script_version(\"2020-01-28T13:26:39+0000\");\n script_tag(name:\"last_modification\", value:\"2020-01-28 13:26:39 +0000 (Tue, 28 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2018-05-11 16:05:24 +0700 (Fri, 11 May 2018)\");\n script_tag(name:\"cvss_base\", value:\"6.4\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:P/A:P\");\n\n script_cve_id(\"CVE-2018-1115\");\n\n script_tag(name:\"qod_type\", value:\"remote_banner_unreliable\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_name(\"PostgreSQL logrotate Vulnerability - May18 (Linux)\");\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"Databases\");\n script_dependencies(\"postgresql_detect.nasl\", \"secpod_postgresql_detect_lin.nasl\", \"secpod_postgresql_detect_win.nasl\", \"os_detection.nasl\");\n script_mandatory_keys(\"postgresql/detected\", \"Host/runs_unixoide\");\n\n script_tag(name:\"summary\", value:\"PostgreSQL is vulnerable in the adminpack extension, the\n pg_catalog.pg_logfile_rotate() function doesn't follow the same ACLs than pg_rorate_logfile. If the adminpack is\n added to a database, an attacker able to connect to it could exploit this to force log rotation.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"affected\", value:\"PostgreSQL version 9.3.x, 9.4.x, 9.5.x, 9.6.x and 10.x.\");\n\n script_tag(name:\"solution\", value:\"Update to version 10.4, 9.6.9, 9.5.13, 9.4.18, 9.3.23 or later.\");\n\n script_xref(name:\"URL\", value:\"https://www.postgresql.org/about/news/1851/\");\n\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif (isnull(port = get_app_port(cpe: CPE)))\n exit(0);\n\nif (!infos = get_app_version_and_location(cpe: CPE, port: port, exit_no_version: TRUE))\n exit(0);\n\nversion = infos[\"version\"];\ninstall = infos[\"location\"];\n\nif (version =~ \"^9\\.3\\.\") {\n if (version_is_less(version: version, test_version: \"9.3.23\")) {\n report = report_fixed_ver(installed_version: version, fixed_version: \"9.3.23\", install_path: install);\n security_message(port: port, data: report);\n exit(0);\n }\n}\n\nif (version =~ \"^9\\.4\\.\") {\n if (version_is_less(version: version, test_version: \"9.4.18\")) {\n report = report_fixed_ver(installed_version: version, fixed_version: \"9.4.18\", install_path: install);\n security_message(port: port, data: report);\n exit(0);\n }\n}\n\nif (version =~ \"^9\\.5\\.\") {\n if (version_is_less(version: version, test_version: \"9.5.13\")) {\n report = report_fixed_ver(installed_version: version, fixed_version: \"9.5.13\", install_path: install);\n security_message(port: port, data: report);\n exit(0);\n }\n}\n\nif (version =~ \"^9\\.6\\.\") {\n if (version_is_less(version: version, test_version: \"9.6.9\")) {\n report = report_fixed_ver(installed_version: version, fixed_version: \"9.6.9\", install_path: install);\n security_message(port: port, data: report);\n exit(0);\n }\n}\n\nif (version =~ \"^10\\.\") {\n if (version_is_less(version: version, test_version: \"10.4\")) {\n report = report_fixed_ver(installed_version: version, fixed_version: \"10.4\", install_path: install);\n security_message(port: port, data: report);\n exit(0);\n }\n}\n\nexit(99);\n", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2020-01-29T19:32:51", "description": "PostgreSQL is vulnerable in the adminpack extension, the\n pg_catalog.pg_logfile_rotate() function doesn", "cvss3": {}, "published": "2018-05-11T00:00:00", "type": "openvas", "title": "PostgreSQL logrotate Vulnerability - May18 (Windows)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-1115"], "modified": "2020-01-28T00:00:00", "id": "OPENVAS:1361412562310141083", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310141083", "sourceData": "##############################################################################\n# OpenVAS Vulnerability Test\n#\n# PostgreSQL logrotate Vulnerability - May18 (Windows)\n#\n# Authors:\n# Christian Kuersteiner <christian.kuersteiner@greenbone.net>\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License as published by\n# the Free Software Foundation; either version 2 of the License, or\n# (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:postgresql:postgresql\";\n\nif (description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.141083\");\n script_version(\"2020-01-28T13:26:39+0000\");\n script_tag(name:\"last_modification\", value:\"2020-01-28 13:26:39 +0000 (Tue, 28 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2018-05-11 16:05:24 +0700 (Fri, 11 May 2018)\");\n script_tag(name:\"cvss_base\", value:\"6.4\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:P/A:P\");\n\n script_cve_id(\"CVE-2018-1115\");\n\n script_tag(name:\"qod_type\", value:\"remote_banner\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_name(\"PostgreSQL logrotate Vulnerability - May18 (Windows)\");\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"Databases\");\n script_dependencies(\"postgresql_detect.nasl\", \"secpod_postgresql_detect_lin.nasl\", \"secpod_postgresql_detect_win.nasl\", \"os_detection.nasl\");\n script_mandatory_keys(\"postgresql/detected\", \"Host/runs_windows\");\n\n script_tag(name:\"summary\", value:\"PostgreSQL is vulnerable in the adminpack extension, the\n pg_catalog.pg_logfile_rotate() function doesn't follow the same ACLs than pg_rorate_logfile. If the adminpack is\n added to a database, an attacker able to connect to it could exploit this to force log rotation.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"affected\", value:\"PostgreSQL version 9.3.x, 9.4.x, 9.5.x, 9.6.x and 10.x.\");\n\n script_tag(name:\"solution\", value:\"Update to version 10.4, 9.6.9, 9.5.13, 9.4.18, 9.3.23 or later.\");\n\n script_xref(name:\"URL\", value:\"https://www.postgresql.org/about/news/1851/\");\n\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif (isnull(port = get_app_port(cpe: CPE)))\n exit(0);\n\nif (!infos = get_app_version_and_location(cpe: CPE, port: port, exit_no_version: TRUE))\n exit(0);\n\nversion = infos[\"version\"];\ninstall = infos[\"location\"];\n\nif (version =~ \"^9\\.3\\.\") {\n if (version_is_less(version: version, test_version: \"9.3.23\")) {\n report = report_fixed_ver(installed_version: version, fixed_version: \"9.3.23\", install_path: install);\n security_message(port: port, data: report);\n exit(0);\n }\n}\n\nif (version =~ \"^9\\.4\\.\") {\n if (version_is_less(version: version, test_version: \"9.4.18\")) {\n report = report_fixed_ver(installed_version: version, fixed_version: \"9.4.18\", install_path: install);\n security_message(port: port, data: report);\n exit(0);\n }\n}\n\nif (version =~ \"^9\\.5\\.\") {\n if (version_is_less(version: version, test_version: \"9.5.13\")) {\n report = report_fixed_ver(installed_version: version, fixed_version: \"9.5.13\", install_path: install);\n security_message(port: port, data: report);\n exit(0);\n }\n}\n\nif (version =~ \"^9\\.6\\.\") {\n if (version_is_less(version: version, test_version: \"9.6.9\")) {\n report = report_fixed_ver(installed_version: version, fixed_version: \"9.6.9\", install_path: install);\n security_message(port: port, data: report);\n exit(0);\n }\n}\n\nif (version =~ \"^10\\.\") {\n if (version_is_less(version: version, test_version: \"10.4\")) {\n report = report_fixed_ver(installed_version: version, fixed_version: \"10.4\", install_path: install);\n security_message(port: port, data: report);\n exit(0);\n }\n}\n\nexit(99);\n", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2019-05-29T18:33:06", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2018-05-16T00:00:00", "type": "openvas", "title": "Fedora Update for postgresql FEDORA-2018-08550a9006", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-1115"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310874475", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310874475", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_fedora_2018_08550a9006_postgresql_fc28.nasl 14223 2019-03-15 13:49:35Z cfischer $\n#\n# Fedora Update for postgresql FEDORA-2018-08550a9006\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.874475\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2018-05-16 05:55:45 +0200 (Wed, 16 May 2018)\");\n script_cve_id(\"CVE-2018-1115\");\n script_tag(name:\"cvss_base\", value:\"6.4\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for postgresql FEDORA-2018-08550a9006\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'postgresql'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present\non the target host.\");\n script_tag(name:\"affected\", value:\"postgresql on Fedora 28\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n\n script_xref(name:\"FEDORA\", value:\"2018-08550a9006\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NA2SLO2H3VN7ZFCC5SXF462EOCXC7Q2Q\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC28\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC28\")\n{\n\n if ((res = isrpmvuln(pkg:\"postgresql\", rpm:\"postgresql~10.4~1.fc28\", rls:\"FC28\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2020-06-04T16:41:49", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2018-07-06T00:00:00", "type": "openvas", "title": "openSUSE: Security Advisory for postgresql95 (openSUSE-SU-2018:1900-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-1115"], "modified": "2020-06-03T00:00:00", "id": "OPENVAS:1361412562310851808", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310851808", "sourceData": "# Copyright (C) 2018 Greenbone Networks GmbH\n# Some text descriptions might be excerpted from (a) referenced\n# source(s), and are Copyright (C) by the respective right holder(s).\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.851808\");\n script_version(\"2020-06-03T08:38:58+0000\");\n script_tag(name:\"last_modification\", value:\"2020-06-03 08:38:58 +0000 (Wed, 03 Jun 2020)\");\n script_tag(name:\"creation_date\", value:\"2018-07-06 05:50:39 +0200 (Fri, 06 Jul 2018)\");\n script_cve_id(\"CVE-2018-1115\");\n script_tag(name:\"cvss_base\", value:\"6.4\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"openSUSE: Security Advisory for postgresql95 (openSUSE-SU-2018:1900-1)\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'postgresql95'\n package(s) announced via the referenced advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"This update for postgresql95 fixes the following issues:\n\n - Update to PostgreSQL 9.5.13.\n\n A dump/restore is not required for those running 9.5.X. However, if the\n function marking mistakes mentioned belowpg_logfile_rotate affect you,\n you will want to take steps to correct your database catalogs.\n\n The functions query_to_xml, cursor_to_xml, cursor_to_xmlschema,\n query_to_xmlschema, and query_to_xml_and_xmlschema should be marked\n volatile because they execute user-supplied queries that might contain\n volatile operations. They were not, leading to a risk of incorrect query\n optimization. This has been repaired for new installations by correcting\n the initial catalog data, but existing installations will continue to\n contain the incorrect markings. Practical use of these functions seems to\n pose little hazard, but in case of trouble, it can be fixed by manually\n updating these functions' pg_proc entries, for example: ALTER FUNCTION\n pg_catalog.query_to_xml(text, boolean, boolean, text) VOLATILE. (Note that\n that will need to be done in each database of the installation.) Another\n option is to pg_upgrade the database to a version containing the corrected\n initial data.\n\n Security issue fixed:\n\n - CVE-2018-1115: Remove public execute privilege from contrib/adminpack's\n pg_logfile_rotate() function pg_logfile_rotate() is a deprecated wrapper\n for the core function pg_rotate_logfile(). When that function was\n changed to rely on SQL privileges for access control rather than a\n hard-coded superuser check, pg_logfile_rotate() should have been updated\n as well, but the need for this was missed. Hence, if adminpack is\n installed, any user could request a logfile rotation, creating a minor\n security issue. After installing this update, administrators should\n update adminpack by performing ALTER EXTENSION adminpack UPDATE in each\n database in which adminpack is installed. (bsc#1091610)\n Patch Instructions:\n\n To install this openSUSE Security Update use the SUSE recommended\n installation methods\n like YaST online_update or 'zypper patch'.\n\n Alternatively you can run the command listed for your product:\n\n - openSUSE Leap 42.3:\n\n zypper in -t patch openSUSE-2018-696=1\");\n\n script_tag(name:\"affected\", value:\"postgresql95 on openSUSE Leap 42.3\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_xref(name:\"openSUSE-SU\", value:\"2018:1900-1\");\n script_xref(name:\"URL\", value:\"https://lists.opensuse.org/opensuse-security-announce/2018-07/msg00004.html\");\n script_xref(name:\"URL\", value:\"https://www.postgresql.org/docs/9.5/static/release-9-5-13.html\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=openSUSELeap42\\.3\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"openSUSELeap42.3\") {\n if(!isnull(res = isrpmvuln(pkg:\"postgresql95\", rpm:\"postgresql95~9.5.13~2.9.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"postgresql95-contrib\", rpm:\"postgresql95-contrib~9.5.13~2.9.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"postgresql95-contrib-debuginfo\", rpm:\"postgresql95-contrib-debuginfo~9.5.13~2.9.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"postgresql95-debuginfo\", rpm:\"postgresql95-debuginfo~9.5.13~2.9.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"postgresql95-debugsource\", rpm:\"postgresql95-debugsource~9.5.13~2.9.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"postgresql95-devel\", rpm:\"postgresql95-devel~9.5.13~2.9.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"postgresql95-devel-debuginfo\", rpm:\"postgresql95-devel-debuginfo~9.5.13~2.9.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"postgresql95-libs-debugsource\", rpm:\"postgresql95-libs-debugsource~9.5.13~2.9.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"postgresql95-plperl\", rpm:\"postgresql95-plperl~9.5.13~2.9.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"postgresql95-plperl-debuginfo\", rpm:\"postgresql95-plperl-debuginfo~9.5.13~2.9.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"postgresql95-plpython\", rpm:\"postgresql95-plpython~9.5.13~2.9.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"postgresql95-plpython-debuginfo\", rpm:\"postgresql95-plpython-debuginfo~9.5.13~2.9.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"postgresql95-pltcl\", rpm:\"postgresql95-pltcl~9.5.13~2.9.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"postgresql95-pltcl-debuginfo\", rpm:\"postgresql95-pltcl-debuginfo~9.5.13~2.9.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"postgresql95-server\", rpm:\"postgresql95-server~9.5.13~2.9.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"postgresql95-server-debuginfo\", rpm:\"postgresql95-server-debuginfo~9.5.13~2.9.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"postgresql95-test\", rpm:\"postgresql95-test~9.5.13~2.9.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"postgresql95-docs\", rpm:\"postgresql95-docs~9.5.13~2.9.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2020-06-04T16:47:46", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2018-06-16T00:00:00", "type": "openvas", "title": "openSUSE: Security Advisory for postgresql96 (openSUSE-SU-2018:1709-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-1115"], "modified": "2020-06-03T00:00:00", "id": "OPENVAS:1361412562310851787", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310851787", "sourceData": "# Copyright (C) 2018 Greenbone Networks GmbH\n# Some text descriptions might be excerpted from (a) referenced\n# source(s), and are Copyright (C) by the respective right holder(s).\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.851787\");\n script_version(\"2020-06-03T08:38:58+0000\");\n script_tag(name:\"last_modification\", value:\"2020-06-03 08:38:58 +0000 (Wed, 03 Jun 2020)\");\n script_tag(name:\"creation_date\", value:\"2018-06-16 05:50:32 +0200 (Sat, 16 Jun 2018)\");\n script_cve_id(\"CVE-2018-1115\");\n script_tag(name:\"cvss_base\", value:\"6.4\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"openSUSE: Security Advisory for postgresql96 (openSUSE-SU-2018:1709-1)\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'postgresql96'\n package(s) announced via the referenced advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"PostgreSQL was updated to 9.6.9 fixing bugs and security issues.\n\n A dump/restore is not required for those running 9.6.X. However, if you\n use the adminpack extension, you should update it as per the first\n changelog entry below. Also, if the function marking mistakes mentioned in\n the second and third changelog entries below affect you, you will want to\n take steps to correct your database catalogs.\n\n Security issue fixed:\n\n - CVE-2018-1115: Remove public execute privilege from contrib/adminpack's\n pg_logfile_rotate() function pg_logfile_rotate() is a deprecated wrapper\n for the core function pg_rotate_logfile(). When that function was\n changed to rely on SQL privileges for access control rather than a\n hard-coded superuser check, pg_logfile_rotate() should have been updated\n as well, but the need for this was missed. Hence, if adminpack is\n installed, any user could request a logfile rotation, creating a minor\n security issue. After installing this update, administrators should\n update adminpack by performing ALTER EXTENSION adminpack UPDATE in each\n database in which adminpack is installed. (bsc#1091610)\n\n This update was imported from the SUSE:SLE-12:Update update project.\n Patch Instructions:\n\n To install this openSUSE Security Update use the SUSE recommended\n installation methods\n like YaST online_update or 'zypper patch'.\n\n Alternatively you can run the command listed for your product:\n\n - openSUSE Leap 42.3:\n\n zypper in -t patch openSUSE-2018-638=1\");\n\n script_tag(name:\"affected\", value:\"postgresql96 on openSUSE Leap 42.3\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_xref(name:\"openSUSE-SU\", value:\"2018:1709-1\");\n script_xref(name:\"URL\", value:\"https://lists.opensuse.org/opensuse-security-announce/2018-06/msg00029.html\");\n script_xref(name:\"URL\", value:\"https://www.postgresql.org/about/news/1851/\");\n script_xref(name:\"URL\", value:\"https://www.postgresql.org/docs/current/static/release-9-6-9.html\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=openSUSELeap42\\.3\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"openSUSELeap42.3\") {\n if(!isnull(res = isrpmvuln(pkg:\"libecpg6\", rpm:\"libecpg6~9.6.9~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libecpg6-debuginfo\", rpm:\"libecpg6-debuginfo~9.6.9~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libpq5\", rpm:\"libpq5~9.6.9~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libpq5-debuginfo\", rpm:\"libpq5-debuginfo~9.6.9~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"postgresql96\", rpm:\"postgresql96~9.6.9~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"postgresql96-contrib\", rpm:\"postgresql96-contrib~9.6.9~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"postgresql96-contrib-debuginfo\", rpm:\"postgresql96-contrib-debuginfo~9.6.9~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"postgresql96-debuginfo\", rpm:\"postgresql96-debuginfo~9.6.9~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"postgresql96-debugsource\", rpm:\"postgresql96-debugsource~9.6.9~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"postgresql96-devel\", rpm:\"postgresql96-devel~9.6.9~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"postgresql96-devel-debuginfo\", rpm:\"postgresql96-devel-debuginfo~9.6.9~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"postgresql96-libs-debugsource\", rpm:\"postgresql96-libs-debugsource~9.6.9~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"postgresql96-plperl\", rpm:\"postgresql96-plperl~9.6.9~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"postgresql96-plperl-debuginfo\", rpm:\"postgresql96-plperl-debuginfo~9.6.9~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"postgresql96-plpython\", rpm:\"postgresql96-plpython~9.6.9~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"postgresql96-plpython-debuginfo\", rpm:\"postgresql96-plpython-debuginfo~9.6.9~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"postgresql96-pltcl\", rpm:\"postgresql96-pltcl~9.6.9~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"postgresql96-pltcl-debuginfo\", rpm:\"postgresql96-pltcl-debuginfo~9.6.9~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"postgresql96-server\", rpm:\"postgresql96-server~9.6.9~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"postgresql96-server-debuginfo\", rpm:\"postgresql96-server-debuginfo~9.6.9~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"postgresql96-test\", rpm:\"postgresql96-test~9.6.9~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libecpg6-32bit\", rpm:\"libecpg6-32bit~9.6.9~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libecpg6-debuginfo-32bit\", rpm:\"libecpg6-debuginfo-32bit~9.6.9~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libpq5-32bit\", rpm:\"libpq5-32bit~9.6.9~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libpq5-debuginfo-32bit\", rpm:\"libpq5-debuginfo-32bit~9.6.9~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"postgresql96-docs\", rpm:\"postgresql96-docs~9.6.9~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2019-05-29T18:33:10", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2018-05-22T00:00:00", "type": "openvas", "title": "Fedora Update for postgresql FEDORA-2018-937c789f2a", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-15097", "CVE-2018-1115"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310874590", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310874590", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_fedora_2018_937c789f2a_postgresql_fc27.nasl 14223 2019-03-15 13:49:35Z cfischer $\n#\n# Fedora Update for postgresql FEDORA-2018-937c789f2a\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.874590\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2018-05-22 05:08:38 +0200 (Tue, 22 May 2018)\");\n script_cve_id(\"CVE-2017-15097\", \"CVE-2018-1115\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for postgresql FEDORA-2018-937c789f2a\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'postgresql'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present\non the target host.\");\n script_tag(name:\"affected\", value:\"postgresql on Fedora 27\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n\n script_xref(name:\"FEDORA\", value:\"2018-937c789f2a\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7WZYWTXOZYTG4RUI5ZIF45RBRYQ4QRXO\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC27\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC27\")\n{\n\n if ((res = isrpmvuln(pkg:\"postgresql\", rpm:\"postgresql~9.6.9~1.fc27\", rls:\"FC27\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:33:08", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2018-05-22T00:00:00", "type": "openvas", "title": "Fedora Update for postgresql FEDORA-2018-bd6f9237b5", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-15097", "CVE-2018-1115"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310874591", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310874591", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_fedora_2018_bd6f9237b5_postgresql_fc26.nasl 14223 2019-03-15 13:49:35Z cfischer $\n#\n# Fedora Update for postgresql FEDORA-2018-bd6f9237b5\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.874591\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2018-05-22 05:08:42 +0200 (Tue, 22 May 2018)\");\n script_cve_id(\"CVE-2017-15097\", \"CVE-2018-1115\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for postgresql FEDORA-2018-bd6f9237b5\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'postgresql'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present\non the target host.\");\n script_tag(name:\"affected\", value:\"postgresql on Fedora 26\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n\n script_xref(name:\"FEDORA\", value:\"2018-bd6f9237b5\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/R5BCV35OZRLWMLCQQ7HSUP4S64I4XKWI\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC26\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC26\")\n{\n\n if ((res = isrpmvuln(pkg:\"postgresql\", rpm:\"postgresql~9.6.9~1.fc26\", rls:\"FC26\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}], "amazon": [{"lastseen": "2021-07-25T19:25:27", "description": "**Issue Overview:**\n\nA vulnerability was found in libpq, the default PostgreSQL client library where libpq failed to properly reset its internal state between connections. If an affected version of libpq were used with \"host\" or \"hostaddr\" connection parameters from untrusted input, attackers could bypass client-side connection security features, obtain access to higher privileged connections or potentially cause other impact through SQL injection, by causing the PQescape() functions to malfunction.(CVE-2018-10915)\n\nIt was discovered that PostgreSQL failed to properly check authorization on certain statements involved with \"INSERT ... ON CONFLICT DO UPDATE\". An attacker with \"CREATE TABLE\" privileges could exploit this to read arbitrary bytes server memory. If the attacker also had certain \"INSERT\" and limited \"UPDATE\" privileges to a particular table, they could exploit this to update other columns in the same table.(CVE-2018-10925)\n\nIt was found that pg_catalog.pg_logfile_rotate(), from the adminpack extension, did not follow the same ACLs than pg_rorate_logfile. If the adminpack is added to a database, an attacker able to connect to it could use this flaw to force log rotation.(CVE-2018-1115 )\n\n \n**Affected Packages:** \n\n\npostgresql96\n\n \n**Issue Correction:** \nRun _yum update postgresql96_ to update your system. \n\n\n \n\n\n**New Packages:**\n \n \n i686: \n \u00a0\u00a0\u00a0 postgresql96-devel-9.6.11-1.82.amzn1.i686 \n \u00a0\u00a0\u00a0 postgresql96-test-9.6.11-1.82.amzn1.i686 \n \u00a0\u00a0\u00a0 postgresql96-static-9.6.11-1.82.amzn1.i686 \n \u00a0\u00a0\u00a0 postgresql96-plpython26-9.6.11-1.82.amzn1.i686 \n \u00a0\u00a0\u00a0 postgresql96-debuginfo-9.6.11-1.82.amzn1.i686 \n \u00a0\u00a0\u00a0 postgresql96-server-9.6.11-1.82.amzn1.i686 \n \u00a0\u00a0\u00a0 postgresql96-libs-9.6.11-1.82.amzn1.i686 \n \u00a0\u00a0\u00a0 postgresql96-plpython27-9.6.11-1.82.amzn1.i686 \n \u00a0\u00a0\u00a0 postgresql96-plperl-9.6.11-1.82.amzn1.i686 \n \u00a0\u00a0\u00a0 postgresql96-9.6.11-1.82.amzn1.i686 \n \u00a0\u00a0\u00a0 postgresql96-docs-9.6.11-1.82.amzn1.i686 \n \u00a0\u00a0\u00a0 postgresql96-contrib-9.6.11-1.82.amzn1.i686 \n \n src: \n \u00a0\u00a0\u00a0 postgresql96-9.6.11-1.82.amzn1.src \n \n x86_64: \n \u00a0\u00a0\u00a0 postgresql96-contrib-9.6.11-1.82.amzn1.x86_64 \n \u00a0\u00a0\u00a0 postgresql96-debuginfo-9.6.11-1.82.amzn1.x86_64 \n \u00a0\u00a0\u00a0 postgresql96-static-9.6.11-1.82.amzn1.x86_64 \n \u00a0\u00a0\u00a0 postgresql96-test-9.6.11-1.82.amzn1.x86_64 \n \u00a0\u00a0\u00a0 postgresql96-docs-9.6.11-1.82.amzn1.x86_64 \n \u00a0\u00a0\u00a0 postgresql96-libs-9.6.11-1.82.amzn1.x86_64 \n \u00a0\u00a0\u00a0 postgresql96-plperl-9.6.11-1.82.amzn1.x86_64 \n \u00a0\u00a0\u00a0 postgresql96-devel-9.6.11-1.82.amzn1.x86_64 \n \u00a0\u00a0\u00a0 postgresql96-plpython26-9.6.11-1.82.amzn1.x86_64 \n \u00a0\u00a0\u00a0 postgresql96-plpython27-9.6.11-1.82.amzn1.x86_64 \n \u00a0\u00a0\u00a0 postgresql96-server-9.6.11-1.82.amzn1.x86_64 \n \u00a0\u00a0\u00a0 postgresql96-9.6.11-1.82.amzn1.x86_64 \n \n \n", "edition": 2, "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.1, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.2}, "published": "2018-12-06T16:58:00", "type": "amazon", "title": "Important: postgresql96", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.4, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": true, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-10915", "CVE-2018-10925", "CVE-2018-1115"], "modified": "2018-12-07T01:16:00", "id": "ALAS-2018-1119", "href": "https://alas.aws.amazon.com/ALAS-2018-1119.html", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2021-07-29T02:01:09", "description": "**Issue Overview:**\n\nA vulnerability was found in libpq, the default PostgreSQL client library where libpq failed to properly reset its internal state between connections. If an affected version of libpq were used with \"host\" or \"hostaddr\" connection parameters from untrusted input, attackers could bypass client-side connection security features, obtain access to higher privileged connections or potentially cause other impact through SQL injection, by causing the PQescape() functions to malfunction.(CVE-2018-10915)\n\nIt was discovered that PostgreSQL failed to properly check authorization on certain statements involved with \"INSERT ... ON CONFLICT DO UPDATE\". An attacker with \"CREATE TABLE\" privileges could exploit this to read arbitrary bytes server memory. If the attacker also had certain \"INSERT\" and limited \"UPDATE\" privileges to a particular table, they could exploit this to update other columns in the same table.(CVE-2018-10925)\n\n \n**Affected Packages:** \n\n\npostgresql93, postgresql94, postgresql95\n\n \n**Issue Correction:** \nRun _yum update postgresql93_ to update your system. \nRun _yum update postgresql94_ to update your system. \nRun _yum update postgresql95_ to update your system. \n\n\n \n\n\n**New Packages:**\n \n \n i686: \n \u00a0\u00a0\u00a0 postgresql94-libs-9.4.19-1.75.amzn1.i686 \n \u00a0\u00a0\u00a0 postgresql94-plpython27-9.4.19-1.75.amzn1.i686 \n \u00a0\u00a0\u00a0 postgresql94-9.4.19-1.75.amzn1.i686 \n \u00a0\u00a0\u00a0 postgresql94-debuginfo-9.4.19-1.75.amzn1.i686 \n \u00a0\u00a0\u00a0 postgresql94-plpython26-9.4.19-1.75.amzn1.i686 \n \u00a0\u00a0\u00a0 postgresql94-contrib-9.4.19-1.75.amzn1.i686 \n \u00a0\u00a0\u00a0 postgresql94-devel-9.4.19-1.75.amzn1.i686 \n \u00a0\u00a0\u00a0 postgresql94-test-9.4.19-1.75.amzn1.i686 \n \u00a0\u00a0\u00a0 postgresql94-plperl-9.4.19-1.75.amzn1.i686 \n \u00a0\u00a0\u00a0 postgresql94-docs-9.4.19-1.75.amzn1.i686 \n \u00a0\u00a0\u00a0 postgresql94-server-9.4.19-1.75.amzn1.i686 \n \u00a0\u00a0\u00a0 postgresql93-plpython26-9.3.24-1.71.amzn1.i686 \n \u00a0\u00a0\u00a0 postgresql93-9.3.24-1.71.amzn1.i686 \n \u00a0\u00a0\u00a0 postgresql93-contrib-9.3.24-1.71.amzn1.i686 \n \u00a0\u00a0\u00a0 postgresql93-plperl-9.3.24-1.71.amzn1.i686 \n \u00a0\u00a0\u00a0 postgresql93-docs-9.3.24-1.71.amzn1.i686 \n \u00a0\u00a0\u00a0 postgresql93-pltcl-9.3.24-1.71.amzn1.i686 \n \u00a0\u00a0\u00a0 postgresql93-test-9.3.24-1.71.amzn1.i686 \n \u00a0\u00a0\u00a0 postgresql93-libs-9.3.24-1.71.amzn1.i686 \n \u00a0\u00a0\u00a0 postgresql93-debuginfo-9.3.24-1.71.amzn1.i686 \n \u00a0\u00a0\u00a0 postgresql93-plpython27-9.3.24-1.71.amzn1.i686 \n \u00a0\u00a0\u00a0 postgresql93-server-9.3.24-1.71.amzn1.i686 \n \u00a0\u00a0\u00a0 postgresql93-devel-9.3.24-1.71.amzn1.i686 \n \u00a0\u00a0\u00a0 postgresql95-test-9.5.14-1.79.amzn1.i686 \n \u00a0\u00a0\u00a0 postgresql95-static-9.5.14-1.79.amzn1.i686 \n \u00a0\u00a0\u00a0 postgresql95-server-9.5.14-1.79.amzn1.i686 \n \u00a0\u00a0\u00a0 postgresql95-devel-9.5.14-1.79.amzn1.i686 \n \u00a0\u00a0\u00a0 postgresql95-plpython27-9.5.14-1.79.amzn1.i686 \n \u00a0\u00a0\u00a0 postgresql95-libs-9.5.14-1.79.amzn1.i686 \n \u00a0\u00a0\u00a0 postgresql95-plperl-9.5.14-1.79.amzn1.i686 \n \u00a0\u00a0\u00a0 postgresql95-docs-9.5.14-1.79.amzn1.i686 \n \u00a0\u00a0\u00a0 postgresql95-9.5.14-1.79.amzn1.i686 \n \u00a0\u00a0\u00a0 postgresql95-contrib-9.5.14-1.79.amzn1.i686 \n \u00a0\u00a0\u00a0 postgresql95-debuginfo-9.5.14-1.79.amzn1.i686 \n \u00a0\u00a0\u00a0 postgresql95-plpython26-9.5.14-1.79.amzn1.i686 \n \n src: \n \u00a0\u00a0\u00a0 postgresql94-9.4.19-1.75.amzn1.src \n \u00a0\u00a0\u00a0 postgresql93-9.3.24-1.71.amzn1.src \n \u00a0\u00a0\u00a0 postgresql95-9.5.14-1.79.amzn1.src \n \n x86_64: \n \u00a0\u00a0\u00a0 postgresql94-plpython26-9.4.19-1.75.amzn1.x86_64 \n \u00a0\u00a0\u00a0 postgresql94-contrib-9.4.19-1.75.amzn1.x86_64 \n \u00a0\u00a0\u00a0 postgresql94-plpython27-9.4.19-1.75.amzn1.x86_64 \n \u00a0\u00a0\u00a0 postgresql94-libs-9.4.19-1.75.amzn1.x86_64 \n \u00a0\u00a0\u00a0 postgresql94-docs-9.4.19-1.75.amzn1.x86_64 \n \u00a0\u00a0\u00a0 postgresql94-devel-9.4.19-1.75.amzn1.x86_64 \n \u00a0\u00a0\u00a0 postgresql94-test-9.4.19-1.75.amzn1.x86_64 \n \u00a0\u00a0\u00a0 postgresql94-debuginfo-9.4.19-1.75.amzn1.x86_64 \n \u00a0\u00a0\u00a0 postgresql94-server-9.4.19-1.75.amzn1.x86_64 \n \u00a0\u00a0\u00a0 postgresql94-plperl-9.4.19-1.75.amzn1.x86_64 \n \u00a0\u00a0\u00a0 postgresql94-9.4.19-1.75.amzn1.x86_64 \n \u00a0\u00a0\u00a0 postgresql93-plpython27-9.3.24-1.71.amzn1.x86_64 \n \u00a0\u00a0\u00a0 postgresql93-libs-9.3.24-1.71.amzn1.x86_64 \n \u00a0\u00a0\u00a0 postgresql93-pltcl-9.3.24-1.71.amzn1.x86_64 \n \u00a0\u00a0\u00a0 postgresql93-test-9.3.24-1.71.amzn1.x86_64 \n \u00a0\u00a0\u00a0 postgresql93-9.3.24-1.71.amzn1.x86_64 \n \u00a0\u00a0\u00a0 postgresql93-server-9.3.24-1.71.amzn1.x86_64 \n \u00a0\u00a0\u00a0 postgresql93-debuginfo-9.3.24-1.71.amzn1.x86_64 \n \u00a0\u00a0\u00a0 postgresql93-devel-9.3.24-1.71.amzn1.x86_64 \n \u00a0\u00a0\u00a0 postgresql93-contrib-9.3.24-1.71.amzn1.x86_64 \n \u00a0\u00a0\u00a0 postgresql93-plperl-9.3.24-1.71.amzn1.x86_64 \n \u00a0\u00a0\u00a0 postgresql93-plpython26-9.3.24-1.71.amzn1.x86_64 \n \u00a0\u00a0\u00a0 postgresql93-docs-9.3.24-1.71.amzn1.x86_64 \n \u00a0\u00a0\u00a0 postgresql95-plpython27-9.5.14-1.79.amzn1.x86_64 \n \u00a0\u00a0\u00a0 postgresql95-debuginfo-9.5.14-1.79.amzn1.x86_64 \n \u00a0\u00a0\u00a0 postgresql95-plperl-9.5.14-1.79.amzn1.x86_64 \n \u00a0\u00a0\u00a0 postgresql95-static-9.5.14-1.79.amzn1.x86_64 \n \u00a0\u00a0\u00a0 postgresql95-docs-9.5.14-1.79.amzn1.x86_64 \n \u00a0\u00a0\u00a0 postgresql95-plpython26-9.5.14-1.79.amzn1.x86_64 \n \u00a0\u00a0\u00a0 postgresql95-9.5.14-1.79.amzn1.x86_64 \n \u00a0\u00a0\u00a0 postgresql95-devel-9.5.14-1.79.amzn1.x86_64 \n \u00a0\u00a0\u00a0 postgresql95-libs-9.5.14-1.79.amzn1.x86_64 \n \u00a0\u00a0\u00a0 postgresql95-test-9.5.14-1.79.amzn1.x86_64 \n \u00a0\u00a0\u00a0 postgresql95-server-9.5.14-1.79.amzn1.x86_64 \n \u00a0\u00a0\u00a0 postgresql95-contrib-9.5.14-1.79.amzn1.x86_64 \n \n \n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "baseScore": 8.1, "privilegesRequired": "LOW", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.2}, "published": "2018-09-19T17:04:00", "type": "amazon", "title": "Important: postgresql93, postgresql94, postgresql95", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 6.8, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.0, "vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-10915", "CVE-2018-10925"], "modified": "2018-09-19T23:31:00", "id": "ALAS-2018-1079", "href": "https://alas.aws.amazon.com/ALAS-2018-1079.html", "cvss": {"score": 6.0, "vector": "AV:N/AC:M/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2021-07-29T02:00:28", "description": "**Issue Overview:**\n\nA vulnerability was found in libpq, the default PostgreSQL client library where libpq failed to properly reset its internal state between connections. If an affected version of libpq were used with \"host\" or \"hostaddr\" connection parameters from untrusted input, attackers could bypass client-side connection security features, obtain access to higher privileged connections or potentially cause other impact through SQL injection, by causing the PQescape() functions to malfunction.(CVE-2018-10915)\n\nIt was discovered that PostgreSQL failed to properly check authorization on certain statements involved with \"INSERT ... ON CONFLICT DO UPDATE\". An attacker with \"CREATE TABLE\" privileges could exploit this to read arbitrary bytes server memory. If the attacker also had certain \"INSERT\" and limited \"UPDATE\" privileges to a particular table, they could exploit this to update other columns in the same table.(CVE-2018-10925)\n\n \n**Affected Packages:** \n\n\npostgresql95\n\n \n**Issue Correction:** \nRun _yum update postgresql95_ to update your system. \n\n\n \n\n\n**New Packages:**\n \n \n i686: \n \u00a0\u00a0\u00a0 postgresql95-debuginfo-9.5.15-1.80.amzn1.i686 \n \u00a0\u00a0\u00a0 postgresql95-docs-9.5.15-1.80.amzn1.i686 \n \u00a0\u00a0\u00a0 postgresql95-plpython27-9.5.15-1.80.amzn1.i686 \n \u00a0\u00a0\u00a0 postgresql95-9.5.15-1.80.amzn1.i686 \n \u00a0\u00a0\u00a0 postgresql95-test-9.5.15-1.80.amzn1.i686 \n \u00a0\u00a0\u00a0 postgresql95-server-9.5.15-1.80.amzn1.i686 \n \u00a0\u00a0\u00a0 postgresql95-contrib-9.5.15-1.80.amzn1.i686 \n \u00a0\u00a0\u00a0 postgresql95-devel-9.5.15-1.80.amzn1.i686 \n \u00a0\u00a0\u00a0 postgresql95-plperl-9.5.15-1.80.amzn1.i686 \n \u00a0\u00a0\u00a0 postgresql95-static-9.5.15-1.80.amzn1.i686 \n \u00a0\u00a0\u00a0 postgresql95-plpython26-9.5.15-1.80.amzn1.i686 \n \u00a0\u00a0\u00a0 postgresql95-libs-9.5.15-1.80.amzn1.i686 \n \n src: \n \u00a0\u00a0\u00a0 postgresql95-9.5.15-1.80.amzn1.src \n \n x86_64: \n \u00a0\u00a0\u00a0 postgresql95-static-9.5.15-1.80.amzn1.x86_64 \n \u00a0\u00a0\u00a0 postgresql95-plpython27-9.5.15-1.80.amzn1.x86_64 \n \u00a0\u00a0\u00a0 postgresql95-devel-9.5.15-1.80.amzn1.x86_64 \n \u00a0\u00a0\u00a0 postgresql95-plperl-9.5.15-1.80.amzn1.x86_64 \n \u00a0\u00a0\u00a0 postgresql95-server-9.5.15-1.80.amzn1.x86_64 \n \u00a0\u00a0\u00a0 postgresql95-docs-9.5.15-1.80.amzn1.x86_64 \n \u00a0\u00a0\u00a0 postgresql95-debuginfo-9.5.15-1.80.amzn1.x86_64 \n \u00a0\u00a0\u00a0 postgresql95-contrib-9.5.15-1.80.amzn1.x86_64 \n \u00a0\u00a0\u00a0 postgresql95-libs-9.5.15-1.80.amzn1.x86_64 \n \u00a0\u00a0\u00a0 postgresql95-plpython26-9.5.15-1.80.amzn1.x86_64 \n \u00a0\u00a0\u00a0 postgresql95-test-9.5.15-1.80.amzn1.x86_64 \n \u00a0\u00a0\u00a0 postgresql95-9.5.15-1.80.amzn1.x86_64 \n \n \n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "baseScore": 8.1, "privilegesRequired": "LOW", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.2}, "published": "2018-12-06T16:57:00", "type": "amazon", "title": "Important: postgresql95", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 6.8, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.0, "vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-10915", "CVE-2018-10925"], "modified": "2018-12-07T01:15:00", "id": "ALAS-2018-1118", "href": "https://alas.aws.amazon.com/ALAS-2018-1118.html", "cvss": {"score": 6.0, "vector": "AV:N/AC:M/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2021-07-29T02:01:13", "description": "**Issue Overview:**\n\nA vulnerability was found in libpq, the default PostgreSQL client library where libpq failed to properly reset its internal state between connections. If an affected version of libpq were used with \"host\" or \"hostaddr\" connection parameters from untrusted input, attackers could bypass client-side connection security features, obtain access to higher privileged connections or potentially cause other impact through SQL injection, by causing the PQescape() functions to malfunction.(CVE-2018-10915)\n\nIt was discovered that PostgreSQL failed to properly check authorization on certain statements involved with \"INSERT ... ON CONFLICT DO UPDATE\". An attacker with \"CREATE TABLE\" privileges could exploit this to read arbitrary bytes server memory. If the attacker also had certain \"INSERT\" and limited \"UPDATE\" privileges to a particular table, they could exploit this to update other columns in the same table.(CVE-2018-10925)\n\n \n**Affected Packages:** \n\n\npostgresql96\n\n \n**Issue Correction:** \nRun _yum update postgresql96_ to update your system. \n\n\n \n\n\n**New Packages:**\n \n \n i686: \n \u00a0\u00a0\u00a0 postgresql96-plperl-9.6.10-1.81.amzn1.i686 \n \u00a0\u00a0\u00a0 postgresql96-devel-9.6.10-1.81.amzn1.i686 \n \u00a0\u00a0\u00a0 postgresql96-server-9.6.10-1.81.amzn1.i686 \n \u00a0\u00a0\u00a0 postgresql96-plpython26-9.6.10-1.81.amzn1.i686 \n \u00a0\u00a0\u00a0 postgresql96-debuginfo-9.6.10-1.81.amzn1.i686 \n \u00a0\u00a0\u00a0 postgresql96-test-9.6.10-1.81.amzn1.i686 \n \u00a0\u00a0\u00a0 postgresql96-plpython27-9.6.10-1.81.amzn1.i686 \n \u00a0\u00a0\u00a0 postgresql96-contrib-9.6.10-1.81.amzn1.i686 \n \u00a0\u00a0\u00a0 postgresql96-9.6.10-1.81.amzn1.i686 \n \u00a0\u00a0\u00a0 postgresql96-static-9.6.10-1.81.amzn1.i686 \n \u00a0\u00a0\u00a0 postgresql96-docs-9.6.10-1.81.amzn1.i686 \n \u00a0\u00a0\u00a0 postgresql96-libs-9.6.10-1.81.amzn1.i686 \n \n src: \n \u00a0\u00a0\u00a0 postgresql96-9.6.10-1.81.amzn1.src \n \n x86_64: \n \u00a0\u00a0\u00a0 postgresql96-plpython26-9.6.10-1.81.amzn1.x86_64 \n \u00a0\u00a0\u00a0 postgresql96-docs-9.6.10-1.81.amzn1.x86_64 \n \u00a0\u00a0\u00a0 postgresql96-9.6.10-1.81.amzn1.x86_64 \n \u00a0\u00a0\u00a0 postgresql96-plperl-9.6.10-1.81.amzn1.x86_64 \n \u00a0\u00a0\u00a0 postgresql96-debuginfo-9.6.10-1.81.amzn1.x86_64 \n \u00a0\u00a0\u00a0 postgresql96-test-9.6.10-1.81.amzn1.x86_64 \n \u00a0\u00a0\u00a0 postgresql96-devel-9.6.10-1.81.amzn1.x86_64 \n \u00a0\u00a0\u00a0 postgresql96-plpython27-9.6.10-1.81.amzn1.x86_64 \n \u00a0\u00a0\u00a0 postgresql96-libs-9.6.10-1.81.amzn1.x86_64 \n \u00a0\u00a0\u00a0 postgresql96-contrib-9.6.10-1.81.amzn1.x86_64 \n \u00a0\u00a0\u00a0 postgresql96-static-9.6.10-1.81.amzn1.x86_64 \n \u00a0\u00a0\u00a0 postgresql96-server-9.6.10-1.81.amzn1.x86_64 \n \n \n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "baseScore": 8.1, "privilegesRequired": "LOW", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.2}, "published": "2018-09-05T20:39:00", "type": "amazon", "title": "Important: postgresql96", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 6.8, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.0, "vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-10915", "CVE-2018-10925"], "modified": "2018-09-06T22:02:00", "id": "ALAS-2018-1074", "href": "https://alas.aws.amazon.com/ALAS-2018-1074.html", "cvss": {"score": 6.0, "vector": "AV:N/AC:M/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2021-07-25T19:39:58", "description": "**Issue Overview:**\n\nA vulnerability was found in libpq, the default PostgreSQL client library where libpq failed to properly reset its internal state between connections. If an affected version of libpq were used with \"host\" or \"hostaddr\" connection parameters from untrusted input, attackers could bypass client-side connection security features, obtain access to higher privileged connections or potentially cause other impact through SQL injection, by causing the PQescape() functions to malfunction.(CVE-2018-10915)\n\n \n**Affected Packages:** \n\n\npostgresql\n\n \n**Issue Correction:** \nRun _yum update postgresql_ to update your system. \n\n\n \n\n\n**New Packages:**\n \n \n i686: \n \u00a0\u00a0\u00a0 postgresql-9.2.24-1.amzn2.0.1.i686 \n \u00a0\u00a0\u00a0 postgresql-libs-9.2.24-1.amzn2.0.1.i686 \n \u00a0\u00a0\u00a0 postgresql-server-9.2.24-1.amzn2.0.1.i686 \n \u00a0\u00a0\u00a0 postgresql-docs-9.2.24-1.amzn2.0.1.i686 \n \u00a0\u00a0\u00a0 postgresql-contrib-9.2.24-1.amzn2.0.1.i686 \n \u00a0\u00a0\u00a0 postgresql-devel-9.2.24-1.amzn2.0.1.i686 \n \u00a0\u00a0\u00a0 postgresql-static-9.2.24-1.amzn2.0.1.i686 \n \u00a0\u00a0\u00a0 postgresql-upgrade-9.2.24-1.amzn2.0.1.i686 \n \u00a0\u00a0\u00a0 postgresql-plperl-9.2.24-1.amzn2.0.1.i686 \n \u00a0\u00a0\u00a0 postgresql-plpython-9.2.24-1.amzn2.0.1.i686 \n \u00a0\u00a0\u00a0 postgresql-pltcl-9.2.24-1.amzn2.0.1.i686 \n \u00a0\u00a0\u00a0 postgresql-test-9.2.24-1.amzn2.0.1.i686 \n \u00a0\u00a0\u00a0 postgresql-debuginfo-9.2.24-1.amzn2.0.1.i686 \n \n src: \n \u00a0\u00a0\u00a0 postgresql-9.2.24-1.amzn2.0.1.src \n \n x86_64: \n \u00a0\u00a0\u00a0 postgresql-9.2.24-1.amzn2.0.1.x86_64 \n \u00a0\u00a0\u00a0 postgresql-libs-9.2.24-1.amzn2.0.1.x86_64 \n \u00a0\u00a0\u00a0 postgresql-server-9.2.24-1.amzn2.0.1.x86_64 \n \u00a0\u00a0\u00a0 postgresql-docs-9.2.24-1.amzn2.0.1.x86_64 \n \u00a0\u00a0\u00a0 postgresql-contrib-9.2.24-1.amzn2.0.1.x86_64 \n \u00a0\u00a0\u00a0 postgresql-devel-9.2.24-1.amzn2.0.1.x86_64 \n \u00a0\u00a0\u00a0 postgresql-static-9.2.24-1.amzn2.0.1.x86_64 \n \u00a0\u00a0\u00a0 postgresql-upgrade-9.2.24-1.amzn2.0.1.x86_64 \n \u00a0\u00a0\u00a0 postgresql-plperl-9.2.24-1.amzn2.0.1.x86_64 \n \u00a0\u00a0\u00a0 postgresql-plpython-9.2.24-1.amzn2.0.1.x86_64 \n \u00a0\u00a0\u00a0 postgresql-pltcl-9.2.24-1.amzn2.0.1.x86_64 \n \u00a0\u00a0\u00a0 postgresql-test-9.2.24-1.amzn2.0.1.x86_64 \n \u00a0\u00a0\u00a0 postgresql-debuginfo-9.2.24-1.amzn2.0.1.x86_64 \n \n \n", "edition": 2, "cvss3": {"exploitabilityScore": 1.6, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.5, "privilegesRequired": "LOW", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2018-09-20T18:43:00", "type": "amazon", "title": "Important: postgresql", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 6.8, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.0, "vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-10915"], "modified": "2018-09-25T17:48:00", "id": "ALAS2-2018-1080", "href": "https://alas.aws.amazon.com/AL2/ALAS-2018-1080.html", "cvss": {"score": 6.0, "vector": "AV:N/AC:M/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2021-07-25T19:25:28", "description": "**Issue Overview:**\n\nA vulnerability was found in libpq, the default PostgreSQL client library where libpq failed to properly reset its internal state between connections. If an affected version of libpq were used with \"host\" or \"hostaddr\" connection parameters from untrusted input, attackers could bypass client-side connection security features, obtain access to higher privileged connections or potentially cause other impact through SQL injection, by causing the PQescape() functions to malfunction.(CVE-2018-10915)\n\n \n**Affected Packages:** \n\n\npostgresql93, postgresql94\n\n \n**Issue Correction:** \nRun _yum update postgresql93_ to update your system. \nRun _yum update postgresql94_ to update your system. \n\n\n \n\n\n**New Packages:**\n \n \n i686: \n \u00a0\u00a0\u00a0 postgresql94-test-9.4.20-1.76.amzn1.i686 \n \u00a0\u00a0\u00a0 postgresql94-9.4.20-1.76.amzn1.i686 \n \u00a0\u00a0\u00a0 postgresql94-plpython26-9.4.20-1.76.amzn1.i686 \n \u00a0\u00a0\u00a0 postgresql94-server-9.4.20-1.76.amzn1.i686 \n \u00a0\u00a0\u00a0 postgresql94-devel-9.4.20-1.76.amzn1.i686 \n \u00a0\u00a0\u00a0 postgresql94-libs-9.4.20-1.76.amzn1.i686 \n \u00a0\u00a0\u00a0 postgresql94-plperl-9.4.20-1.76.amzn1.i686 \n \u00a0\u00a0\u00a0 postgresql94-docs-9.4.20-1.76.amzn1.i686 \n \u00a0\u00a0\u00a0 postgresql94-contrib-9.4.20-1.76.amzn1.i686 \n \u00a0\u00a0\u00a0 postgresql94-debuginfo-9.4.20-1.76.amzn1.i686 \n \u00a0\u00a0\u00a0 postgresql94-plpython27-9.4.20-1.76.amzn1.i686 \n \u00a0\u00a0\u00a0 postgresql93-libs-9.3.25-1.72.amzn1.i686 \n \u00a0\u00a0\u00a0 postgresql93-9.3.25-1.72.amzn1.i686 \n \u00a0\u00a0\u00a0 postgresql93-test-9.3.25-1.72.amzn1.i686 \n \u00a0\u00a0\u00a0 postgresql93-docs-9.3.25-1.72.amzn1.i686 \n \u00a0\u00a0\u00a0 postgresql93-devel-9.3.25-1.72.amzn1.i686 \n \u00a0\u00a0\u00a0 postgresql93-debuginfo-9.3.25-1.72.amzn1.i686 \n \u00a0\u00a0\u00a0 postgresql93-pltcl-9.3.25-1.72.amzn1.i686 \n \u00a0\u00a0\u00a0 postgresql93-server-9.3.25-1.72.amzn1.i686 \n \u00a0\u00a0\u00a0 postgresql93-plpython27-9.3.25-1.72.amzn1.i686 \n \u00a0\u00a0\u00a0 postgresql93-contrib-9.3.25-1.72.amzn1.i686 \n \u00a0\u00a0\u00a0 postgresql93-plpython26-9.3.25-1.72.amzn1.i686 \n \u00a0\u00a0\u00a0 postgresql93-plperl-9.3.25-1.72.amzn1.i686 \n \n src: \n \u00a0\u00a0\u00a0 postgresql94-9.4.20-1.76.amzn1.src \n \u00a0\u00a0\u00a0 postgresql93-9.3.25-1.72.amzn1.src \n \n x86_64: \n \u00a0\u00a0\u00a0 postgresql94-server-9.4.20-1.76.amzn1.x86_64 \n \u00a0\u00a0\u00a0 postgresql94-docs-9.4.20-1.76.amzn1.x86_64 \n \u00a0\u00a0\u00a0 postgresql94-9.4.20-1.76.amzn1.x86_64 \n \u00a0\u00a0\u00a0 postgresql94-devel-9.4.20-1.76.amzn1.x86_64 \n \u00a0\u00a0\u00a0 postgresql94-test-9.4.20-1.76.amzn1.x86_64 \n \u00a0\u00a0\u00a0 postgresql94-plpython26-9.4.20-1.76.amzn1.x86_64 \n \u00a0\u00a0\u00a0 postgresql94-contrib-9.4.20-1.76.amzn1.x86_64 \n \u00a0\u00a0\u00a0 postgresql94-plperl-9.4.20-1.76.amzn1.x86_64 \n \u00a0\u00a0\u00a0 postgresql94-plpython27-9.4.20-1.76.amzn1.x86_64 \n \u00a0\u00a0\u00a0 postgresql94-debuginfo-9.4.20-1.76.amzn1.x86_64 \n \u00a0\u00a0\u00a0 postgresql94-libs-9.4.20-1.76.amzn1.x86_64 \n \u00a0\u00a0\u00a0 postgresql93-server-9.3.25-1.72.amzn1.x86_64 \n \u00a0\u00a0\u00a0 postgresql93-contrib-9.3.25-1.72.amzn1.x86_64 \n \u00a0\u00a0\u00a0 postgresql93-9.3.25-1.72.amzn1.x86_64 \n \u00a0\u00a0\u00a0 postgresql93-plperl-9.3.25-1.72.amzn1.x86_64 \n \u00a0\u00a0\u00a0 postgresql93-plpython26-9.3.25-1.72.amzn1.x86_64 \n \u00a0\u00a0\u00a0 postgresql93-debuginfo-9.3.25-1.72.amzn1.x86_64 \n \u00a0\u00a0\u00a0 postgresql93-devel-9.3.25-1.72.amzn1.x86_64 \n \u00a0\u00a0\u00a0 postgresql93-pltcl-9.3.25-1.72.amzn1.x86_64 \n \u00a0\u00a0\u00a0 postgresql93-plpython27-9.3.25-1.72.amzn1.x86_64 \n \u00a0\u00a0\u00a0 postgresql93-libs-9.3.25-1.72.amzn1.x86_64 \n \u00a0\u00a0\u00a0 postgresql93-docs-9.3.25-1.72.amzn1.x86_64 \n \u00a0\u00a0\u00a0 postgresql93-test-9.3.25-1.72.amzn1.x86_64 \n \n \n", "edition": 2, "cvss3": {"exploitabilityScore": 1.6, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.5, "privilegesRequired": "LOW", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2018-12-06T16:55:00", "type": "amazon", "title": "Important: postgresql93, postgresql94", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 6.8, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.0, "vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-10915"], "modified": "2018-12-07T01:14:00", "id": "ALAS-2018-1117", "href": "https://alas.aws.amazon.com/ALAS-2018-1117.html", "cvss": {"score": 6.0, "vector": "AV:N/AC:M/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2021-07-25T19:25:46", "description": "**Issue Overview:**\n\nA vulnerability was found in libpq, the default PostgreSQL client library where libpq failed to properly reset its internal state between connections. If an affected version of libpq were used with \"host\" or \"hostaddr\" connection parameters from untrusted input, attackers could bypass client-side connection security features, obtain access to higher privileged connections or potentially cause other impact through SQL injection, by causing the PQescape() functions to malfunction.(CVE-2018-10915)\n\n \n**Affected Packages:** \n\n\npostgresql92\n\n \n**Issue Correction:** \nRun _yum update postgresql92_ to update your system. \n\n\n \n\n\n**New Packages:**\n \n \n i686: \n \u00a0\u00a0\u00a0 postgresql92-server-9.2.24-2.66.amzn1.i686 \n \u00a0\u00a0\u00a0 postgresql92-libs-9.2.24-2.66.amzn1.i686 \n \u00a0\u00a0\u00a0 postgresql92-server-compat-9.2.24-2.66.amzn1.i686 \n \u00a0\u00a0\u00a0 postgresql92-contrib-9.2.24-2.66.amzn1.i686 \n \u00a0\u00a0\u00a0 postgresql92-plpython27-9.2.24-2.66.amzn1.i686 \n \u00a0\u00a0\u00a0 postgresql92-docs-9.2.24-2.66.amzn1.i686 \n \u00a0\u00a0\u00a0 postgresql92-devel-9.2.24-2.66.amzn1.i686 \n \u00a0\u00a0\u00a0 postgresql92-debuginfo-9.2.24-2.66.amzn1.i686 \n \u00a0\u00a0\u00a0 postgresql92-pltcl-9.2.24-2.66.amzn1.i686 \n \u00a0\u00a0\u00a0 postgresql92-9.2.24-2.66.amzn1.i686 \n \u00a0\u00a0\u00a0 postgresql92-plperl-9.2.24-2.66.amzn1.i686 \n \u00a0\u00a0\u00a0 postgresql92-plpython26-9.2.24-2.66.amzn1.i686 \n \u00a0\u00a0\u00a0 postgresql92-test-9.2.24-2.66.amzn1.i686 \n \n src: \n \u00a0\u00a0\u00a0 postgresql92-9.2.24-2.66.amzn1.src \n \n x86_64: \n \u00a0\u00a0\u00a0 postgresql92-contrib-9.2.24-2.66.amzn1.x86_64 \n \u00a0\u00a0\u00a0 postgresql92-server-9.2.24-2.66.amzn1.x86_64 \n \u00a0\u00a0\u00a0 postgresql92-test-9.2.24-2.66.amzn1.x86_64 \n \u00a0\u00a0\u00a0 postgresql92-libs-9.2.24-2.66.amzn1.x86_64 \n \u00a0\u00a0\u00a0 postgresql92-plpython27-9.2.24-2.66.amzn1.x86_64 \n \u00a0\u00a0\u00a0 postgresql92-debuginfo-9.2.24-2.66.amzn1.x86_64 \n \u00a0\u00a0\u00a0 postgresql92-server-compat-9.2.24-2.66.amzn1.x86_64 \n \u00a0\u00a0\u00a0 postgresql92-pltcl-9.2.24-2.66.amzn1.x86_64 \n \u00a0\u00a0\u00a0 postgresql92-docs-9.2.24-2.66.amzn1.x86_64 \n \u00a0\u00a0\u00a0 postgresql92-9.2.24-2.66.amzn1.x86_64 \n \u00a0\u00a0\u00a0 postgresql92-plpython26-9.2.24-2.66.amzn1.x86_64 \n \u00a0\u00a0\u00a0 postgresql92-plperl-9.2.24-2.66.amzn1.x86_64 \n \u00a0\u00a0\u00a0 postgresql92-devel-9.2.24-2.66.amzn1.x86_64 \n \n \n", "edition": 2, "cvss3": {"exploitabilityScore": 1.6, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.5, "privilegesRequired": "LOW", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2018-09-19T17:08:00", "type": "amazon", "title": "Important: postgresql92", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 6.8, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.0, "vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-10915"], "modified": "2018-09-19T23:32:00", "id": "ALAS-2018-1080", "href": "https://alas.aws.amazon.com/ALAS-2018-1080.html", "cvss": {"score": 6.0, "vector": "AV:N/AC:M/Au:S/C:P/I:P/A:P"}}], "redhat": [{"lastseen": "2021-10-19T20:41:00", "description": "PostgreSQL is an advanced object-relational database management system (DBMS).\n\nThe following packages have been upgraded to a later upstream version: rh-postgresql10-postgresql (10.5). (BZ#1612673, BZ#1614337)\n\nSecurity Fix(es):\n\n* postgresql: Certain host connection parameters defeat client-side security defenses (CVE-2018-10915)\n\n* postgresql: Missing authorization and memory disclosure in INSERT ... ON CONFLICT DO UPDATE statements (CVE-2018-10925)\n\n* postgresql: Too-permissive access control list on function pg_logfile_rotate() (CVE-2018-1115)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.\n\nRed Hat would like to thank the PostgreSQL project for reporting these issues. Upstream acknowledges Andrew Krasichkov as the original reporter of CVE-2018-10915; and Stephen Frost as the original reporter of CVE-2018-1115.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.1, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.2}, "published": "2018-08-27T07:54:02", "type": "redhat", "title": "(RHSA-2018:2565) Important: rh-postgresql10-postgresql security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.4, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": true, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-10915", "CVE-2018-10925", "CVE-2018-1115"], "modified": "2018-08-27T08:00:08", "id": "RHSA-2018:2565", "href": "https://access.redhat.com/errata/RHSA-2018:2565", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2021-10-19T20:39:01", "description": "PostgreSQL is an advanced object-relational database management system (DBMS).\n\nThe following packages have been upgraded to a later upstream version: rh-postgresql96-postgresql (9.6.10). (BZ#1614340)\n\nSecurity Fix(es):\n\n* postgresql: Certain host connection parameters defeat client-side security defenses (CVE-2018-10915)\n\n* postgresql: Missing authorization and memory disclosure in INSERT ... ON CONFLICT DO UPDATE statements (CVE-2018-10925)\n\n* postgresql: Memory disclosure in JSON functions (CVE-2017-15098)\n\n* postgresql: pg_upgrade creates file of sensitive metadata under prevailing umask (CVE-2018-1053)\n\n* postgresql: Uncontrolled search path element in pg_dump and other client applications (CVE-2018-1058)\n\n* postgresql: INSERT ... ON CONFLICT DO UPDATE fails to enforce SELECT privileges (CVE-2017-15099)\n\n* postgresql: Too-permissive access control list on function pg_logfile_rotate() (CVE-2018-1115)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.\n\nRed Hat would like to thank the PostgreSQL project for reporting CVE-2018-10915, CVE-2018-10925, CVE-2017-15098, CVE-2018-1053, CVE-2017-15099, and CVE-2018-1115. Upstream acknowledges Andrew Krasichkov as the original reporter of CVE-2018-10915; David Rowley as the original reporter of CVE-2017-15098; Tom Lane as the original reporter of CVE-2018-1053; Dean Rasheed as the original reporter of CVE-2017-15099; and Stephen Frost as the original reporter of CVE-2018-1115.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.1, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.2}, "published": "2018-08-27T07:54:53", "type": "redhat", "title": "(RHSA-2018:2566) Important: rh-postgresql96-postgresql security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-15098", "CVE-2017-15099", "CVE-2018-1053", "CVE-2018-1058", "CVE-2018-10915", "CVE-2018-10925", "CVE-2018-1115"], "modified": "2018-08-27T08:06:23", "id": "RHSA-2018:2566", "href": "https://access.redhat.com/errata/RHSA-2018:2566", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2021-10-19T20:38:36", "description": "Red Hat CloudForms Management Engine delivers the insight, control, and automation needed to address the challenges of managing virtual environments. CloudForms Management Engine is built on Ruby on Rails, a model-view-controller (MVC) framework for web application development. Action Pack implements the controller and the view components.\n\nSecurity Fix(es):\n\n* postgresql: Certain host connection parameters defeat client-side security defenses (CVE-2018-10915)\n\n* postgresql: Missing authorization and memory disclosure in INSERT ... ON CONFLICT DO UPDATE statements (CVE-2018-10925)\n\n* postgresql: pg_upgrade creates file of sensitive metadata under prevailing umask (CVE-2018-1053)\n\n* postgresql: Uncontrolled search path element in pg_dump and other client applications (CVE-2018-1058)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.\n\nRed Hat would like to thank the PostgreSQL project for reporting CVE-2018-10915, CVE-2018-10925 and CVE-2018-1053. Upstream acknowledges Andrew Krasichkov as the original reporter of CVE-2018-10915; and Tom Lane as the original reporter of CVE-2018-1053.\n\nAdditional Changes:\n\nThis update fixes various bugs and adds enhancements. Documentation for these changes is available from the Release Notes document.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.8, "privilegesRequired": "LOW", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2018-12-13T15:02:54", "type": "redhat", "title": "(RHSA-2018:3816) Important: CloudForms 4.6.6 security, bug fix and enhancement update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-1053", "CVE-2018-1058", "CVE-2018-10915", "CVE-2018-10925"], "modified": "2018-12-13T15:03:33", "id": "RHSA-2018:3816", "href": "https://access.redhat.com/errata/RHSA-2018:3816", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2021-10-19T20:36:47", "description": "PostgreSQL is an advanced object-relational database management system (DBMS).\n\nThe following packages have been upgraded to a later upstream version: rh-postgresql95-postgresql (9.5.14). (BZ#1612671)\n\nSecurity Fix(es):\n\n* postgresql: Certain host connection parameters defeat client-side security defenses (CVE-2018-10915)\n\n* postgresql: Missing authorization and memory disclosure in INSERT ... ON CONFLICT DO UPDATE statements (CVE-2018-10925)\n\n* postgresql: Memory disclosure in JSON functions (CVE-2017-15098)\n\n* postgresql: pg_upgrade creates file of sensitive metadata under prevailing umask (CVE-2018-1053)\n\n* postgresql: Uncontrolled search path element in pg_dump and other client applications (CVE-2018-1058)\n\n* postgresql: INSERT ... ON CONFLICT DO UPDATE fails to enforce SELECT privileges (CVE-2017-15099)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.\n\nRed Hat would like to thank the PostgreSQL project for reporting CVE-2018-10915, CVE-2018-10925, CVE-2017-15098, CVE-2018-1053, and CVE-2017-15099. Upstream acknowledges Andrew Krasichkov as the original reporter of CVE-2018-10915; David Rowley as the original reporter of CVE-2017-15098; Tom Lane as the original reporter of CVE-2018-1053; and Dean Rasheed as the original reporter of CVE-2017-15099.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.8, "privilegesRequired": "LOW", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2018-08-20T10:27:16", "type": "redhat", "title": "(RHSA-2018:2511) Important: rh-postgresql95-postgresql security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-15098", "CVE-2017-15099", "CVE-2018-1053", "CVE-2018-1058", "CVE-2018-10915", "CVE-2018-10925"], "modified": "2018-08-20T10:29:58", "id": "RHSA-2018:2511", "href": "https://access.redhat.com/errata/RHSA-2018:2511", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2021-10-19T20:39:42", "description": "PostgreSQL is an advanced object-relational database management system (DBMS).\n\nThe following packages have been upgraded to a later upstream version: postgresql (9.2.24). (BZ#1612667)\n\nSecurity Fix(es):\n\n* postgresql: Certain host connection parameters defeat client-side security defenses (CVE-2018-10915)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.\n\nRed Hat would like to thank the PostgreSQL project for reporting this issue. Upstream acknowledges Andrew Krasichkov as the original reporter.", "cvss3": {"exploitabilityScore": 1.6, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.5, "privilegesRequired": "LOW", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2018-08-23T14:14:49", "type": "redhat", "title": "(RHSA-2018:2557) Important: postgresql security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 6.8, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.0, "vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-10915"], "modified": "2018-08-23T14:21:15", "id": "RHSA-2018:2557", "href": "https://access.redhat.com/errata/RHSA-2018:2557", "cvss": {"score": 6.0, "vector": "AV:N/AC:M/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2021-10-19T20:38:30", "description": "Red Hat OpenStack Platform provides the facilities for building, deploying\nand monitoring a private or public infrastructure-as-a-service (IaaS) cloud\nrunning on commonly available physical hardware.\n\nSecurity Fix(es):\n\n* openstack-rabbitmq-container: Insecure download of rabbitmq_clusterer during docker build (CVE-2018-14620)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.\n\nThe Red Hat OpenStack Platform container images have been updated to\naddress security advisory/ies: RHSA-2018:2557, RHSA-2018:2710.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2018-09-17T16:37:09", "type": "redhat", "title": "(RHSA-2018:2721) Moderate: Red Hat Enterprise Linux OpenStack Platform security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-10915", "CVE-2018-14620", "CVE-2018-14635"], "modified": "2018-09-17T17:43:32", "id": "RHSA-2018:2721", "href": "https://access.redhat.com/errata/RHSA-2018:2721", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-10-19T20:38:00", "description": "The RHV-M Virtual Appliance automates the process of installing and configuring the Red Hat Virtualization Manager. The appliance is available to download as an OVA file from the Customer Portal.\n\nThe following packages have been upgraded to a later upstream version: rhvm-appliance (4.2). (BZ#1590658, BZ#1591095, BZ#1591096, BZ#1592655, BZ#1594636, BZ#1597534, BZ#1612683)\n\nRed Hat would like to thank the PostgreSQL project for reporting CVE-2018-10915 and Ammarit Thongthua (Deloitte Thailand Pentest team) and Nattakit Intarasorn (Deloitte Thailand Pentest team) for reporting CVE-2018-1067. Upstream acknowledges Andrew Krasichkov as the original reporter of CVE-2018-10915.\n\nSecurity fixes:\n\n* vulnerability: wildfly-core: Path traversal can allow the extraction of .war archives to write arbitrary files (Zip Slip) (CVE-2018-10862)\n\n* vulnerability: apache-cxf: TLS hostname verification does not work correctly with com.sun.net.ssl.* (CVE-2018-8039)\n\n* vulnerability: postgresql: Certain host connection parameters defeat client-side security defenses (CVE-2018-10915)\n\n* vulnerability: undertow: HTTP header injection using CRLF with UTF-8 Encoding (incomplete fix of ) (CVE-2018-1067, CVE-2016-4993)\n\n* vulnerability: undertow: File descriptor leak caused by JarURLConnection.getLastModified() allows attacker to cause a denial of service (CVE-2018-1114)\n\n* vulnerability: guava: Unbounded memory allocation in AtomicDoubleArray and CompoundOrdering classes allow remote attackers to cause a denial of service (CVE-2018-10237)\n\n* vulnerability: bouncycastle: flaw in the low-level interface to RSA key pair generator (CVE-2018-1000180)\n\nFor more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE pages listed in the References section.", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.1, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2018-08-15T11:36:43", "type": "redhat", "title": "(RHSA-2018:2643) Important: rhvm-appliance security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-4993", "CVE-2018-1000180", "CVE-2018-10237", "CVE-2018-1067", "CVE-2018-10862", "CVE-2018-10915", "CVE-2018-1114", "CVE-2018-8039"], "modified": "2018-09-04T13:21:57", "id": "RHSA-2018:2643", "href": "https://access.redhat.com/errata/RHSA-2018:2643", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-10-19T20:39:47", "description": "Red Hat OpenStack Platform provides the facilities for building, deploying and monitoring a private or public infrastructure-as-a-service (IaaS) cloud running on commonly available physical hardware.\n\nSecurity Fix(es):\n\n* openstack-rabbitmq-container: Insecure download of rabbitmq_clusterer during docker build (CVE-2018-14620)\n\nFor more details about the security issue, including the impact, a CVSS score, and other related information, refer to the CVE page listed in the References section.\n\nThe Red Hat OpenStack Platform container images have been updated to address security advisory/ies: RHSA-2018:2439, RHSA-2018:2482, RHSA-2018:2557.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2018-09-19T17:36:53", "type": "redhat", "title": "(RHSA-2018:2729) Moderate: Red Hat Enterprise Linux OpenStack Platform security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-10268", "CVE-2017-10378", "CVE-2017-10379", "CVE-2017-10384", "CVE-2017-3636", "CVE-2017-3641", "CVE-2017-3651", "CVE-2017-3653", "CVE-2018-10892", "CVE-2018-10915", "CVE-2018-14620", "CVE-2018-2562", "CVE-2018-2622", "CVE-2018-2640", "CVE-2018-2665", "CVE-2018-2668", "CVE-2018-2755", "CVE-2018-2761", "CVE-2018-2767", "CVE-2018-2771", "CVE-2018-2781", "CVE-2018-2813", "CVE-2018-2817", "CVE-2018-2819"], "modified": "2018-09-19T18:06:29", "id": "RHSA-2018:2729", "href": "https://access.redhat.com/errata/RHSA-2018:2729", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "mageia": [{"lastseen": "2022-04-18T11:19:34", "description": "A flaw was found in the way Postgresql allowed a user to modify the behavior of a query for other users. An attacker with a user account could use this flaw to execute code with the permissions of superuser in the database (CVE-2018-1058). Postgresql 9.6.x before 9.6.9 is vulnerable in the adminpack extension, the pg_catalog.pg_logfile_rotate() function doesn't follow the same ACLs than pg_rorate_logfile. If the adminpack is added to a database, an attacker able to connect to it could exploit this to force log rotation (CVE-2018-1115). Andrew Krasichkov discovered that libpq did not reset all its connection state during reconnects (CVE-2018-10915). It was discovered that some \"CREATE TABLE\" statements could disclose server memory (CVE-2018-10925). Fully fixing these security issues requires manual intervention. See the upstream advisories for details. \n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.2}, "published": "2018-11-15T22:04:32", "type": "mageia", "title": "Updated postgresql9.4|6 packages fix security vulnerabilities\n", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-1058", "CVE-2018-10915", "CVE-2018-10925", "CVE-2018-1115"], "modified": "2018-11-15T22:04:32", "id": "MGASA-2018-0446", "href": "https://advisories.mageia.org/MGASA-2018-0446.html", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}], "osv": [{"lastseen": "2022-07-21T08:23:49", "description": "\nTwo vulnerabilities have been found in the PostgreSQL database system:\n\n\n* [CVE-2018-10915](https://security-tracker.debian.org/tracker/CVE-2018-10915)\nAndrew Krasichkov discovered that libpq did not reset all its\n connection state during reconnects.\n* [CVE-2018-10925](https://security-tracker.debian.org/tracker/CVE-2018-10925)\nIt was discovered that some CREATE TABLE statements could\n disclose server memory.\n\n\nFor additional information please refer to the upstream announcement\nat <https://www.postgresql.org/about/news/1878/>\n\n\nFor the stable distribution (stretch), these problems have been fixed in\nversion 9.6.10-0+deb9u1.\n\n\nWe recommend that you upgrade your postgresql-9.6 packages.\n\n\nFor the detailed security status of postgresql-9.6 please refer to\nits security tracker page at:\n[\\\nhttps://security-tracker.debian.org/tracker/postgresql-9.6](https://security-tracker.debian.org/tracker/postgresql-9.6)\n\n\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.1, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.2}, "published": "2018-08-10T00:00:00", "type": "osv", "title": "postgresql-9.6 - security update", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 6.8, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.0, "vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-10915", "CVE-2018-10925"], "modified": "2022-07-21T05:49:57", "id": "OSV:DSA-4269-1", "href": "https://osv.dev/vulnerability/DSA-4269-1", "cvss": {"score": 6.0, "vector": "AV:N/AC:M/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2022-07-21T08:19:15", "description": "\nAn unprivileged user of dblink or postgres\\_fdw could bypass the checks\nintended to prevent use of server-side credentials, such as a ~/.pgpass\nfile owned by the operating-system user running the server. Servers\nallowing peer authentication on local connections are particularly\nvulnerable. Other attacks such as SQL injection into a postgres\\_fdw\nsession are also possible. Attacking postgres\\_fdw in this way requires\nthe ability to create a foreign server object with selected connection\nparameters, but any user with access to dblink could exploit the\nproblem. In general, an attacker with the ability to select the\nconnection parameters for a libpq-using application could cause\nmischief, though other plausible attack scenarios are harder to think\nof. Our thanks to Andrew Krasichkov for reporting this issue.\n\n\nFor Debian 8 Jessie, this problem has been fixed in version\n9.4.19-0+deb8u1.\n\n\nWe recommend that you upgrade your postgresql-9.4 packages.\n\n\nFurther information about Debian LTS security advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: <https://wiki.debian.org/LTS>\n\n\n", "cvss3": {"exploitabilityScore": 1.6, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2018-08-15T00:00:00", "type": "osv", "title": "postgresql-9.4 - security update", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 6.8, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.0, "vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-10915"], "modified": "2022-07-21T05:52:14", "id": "OSV:DLA-1464-1", "href": "https://osv.dev/vulnerability/DLA-1464-1", "cvss": {"score": 6.0, "vector": "AV:N/AC:M/Au:S/C:P/I:P/A:P"}}], "kaspersky": [{"lastseen": "2021-08-18T11:12:38", "description": "### *Detect date*:\n08/09/2018\n\n### *Severity*:\nWarning\n\n### *Description*:\nMultiple serious vulnerabilities were found in PostgreSQL. Malicious users can exploit these vulnerabilities to bypass security restrictions and obtain sensitive information.\n\n### *Affected products*:\nPostgreSQL 10.x earlier than 10.5 \nPostgreSQL 9.6.x earlier than 9.6.10 \nPostgreSQL 9.5.x earlier than 9.5.14 \nPostgreSQL 9.4.x earlier than 9.4.19 \nPostgreSQL 9.3.x earlier than 9.3.24\n\n### *Solution*:\nUpdate to the latest version \n[Download PostgreSQL](<https://www.postgresql.org/download/windows/>)\n\n### *Original advisories*:\n[POSTGRESQL 10.5, 9.6.10, 9.5.14, 9.4.19, 9.3.24, AND 11 BETA 3 RELEASED!](<https://www.postgresql.org/about/news/1878/>) \n\n\n### *Impacts*:\nOSI \n\n### *Related products*:\n[PostgreSQL](<https://threats.kaspersky.com/en/product/PostgreSQL/>)\n\n### *CVE-IDS*:\n[CVE-2018-10915](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10915>)6.0High \n[CVE-2018-10925](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10925>)5.5High", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "baseScore": 8.1, "privilegesRequired": "LOW", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.2}, "published": "2018-08-09T00:00:00", "type": "kaspersky", "title": "KLA11300 Multiple vulnerabilities in PostgreSQL", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 6.8, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.0, "vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-10915", "CVE-2018-10925"], "modified": "2020-06-03T00:00:00", "id": "KLA11300", "href": "https://threats.kaspersky.com/en/vulnerability/KLA11300/", "cvss": {"score": 6.0, "vector": "AV:N/AC:M/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2021-08-18T11:13:52", "description": "### *Detect date*:\n05/10/2018\n\n### *Severity*:\nHigh\n\n### *Description*:\nA security bypass vulnerability was found in PostgreSQL. By exploiting this vulnerability malicious users can cause denial of service. This vulnerability can be exploited remotely via a built-in module \u201cadminpack\u201d.\n\n### *Affected products*:\nPostgreSQL 10.x earlier than 10.4 \nPostgreSQL 9.6.x earlier than 9.6.9 \nPostgreSQL 9.5.x earlier than 9.5.13 \nPostgreSQL 9.4.x earlier than 9.4.18 \nPostgreSQL 9.3.x earlier than 9.3.23\n\n### *Solution*:\nUpdate to latest version \n[Download PostgreSQL](<https://www.postgresql.org/download/windows/>)\n\n### *Original advisories*:\n[PostgreSQL 10.4, 9.6.9, 9.5.13, 9.4.18, and 9.3.23 released!](<https://www.postgresql.org/about/news/1851/>) \n\n\n### *Impacts*:\nDoS \n\n### *Related products*:\n[PostgreSQL](<https://threats.kaspersky.com/en/product/PostgreSQL/>)\n\n### *CVE-IDS*:\n[CVE-2018-1115](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1115>)6.4High", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.1, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.2}, "published": "2018-05-10T00:00:00", "type": "kaspersky", "title": "KLA11263 DoS vulnerability in PostgreSQL", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.4, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": true, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-1115"], "modified": "2020-06-03T00:00:00", "id": "KLA11263", "href": "https://threats.kaspersky.com/en/vulnerability/KLA11263/", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:P"}}], "ubuntu": [{"lastseen": "2022-01-04T15:30:56", "description": "Andrew Krasichkov discovered that the PostgreSQL client library incorrectly \nreset its internal state between connections. A remote attacker could \npossibly use this issue to bypass certain client-side connection security \nfeatures. This issue only affected Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. \n(CVE-2018-10915)\n\nIt was discovered that PostgreSQL incorrectly checked authorization on \ncertain statements. A remote attacker could possibly use this issue to \nread arbitrary server memory or alter certain data. (CVE-2018-10925)\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "baseScore": 8.1, "privilegesRequired": "LOW", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.2}, "published": "2018-08-16T00:00:00", "type": "ubuntu", "title": "PostgreSQL vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 6.8, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.0, "vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-10915", "CVE-2018-10925"], "modified": "2018-08-16T00:00:00", "id": "USN-3744-1", "href": "https://ubuntu.com/security/notices/USN-3744-1", "cvss": {"score": 6.0, "vector": "AV:N/AC:M/Au:S/C:P/I:P/A:P"}}], "freebsd": [{"lastseen": "2022-01-19T15:51:31", "description": "\n\nThe PostgreSQL project reports:\n\nCVE-2018-10915: Certain host connection parameters defeat\n\t client-side security defenses\nlibpq, the client connection API for PostgreSQL that is also used\n\t by other connection libraries, had an internal issue where it did not\n\t reset all of its connection state variables when attempting to\n\t reconnect. In particular, the state variable that determined whether\n\t or not a password is needed for a connection would not be reset, which\n\t could allow users of features requiring libpq, such as the \"dblink\" or\n\t \"postgres_fdw\" extensions, to login to servers they should not be able\n\t to access.\nCVE-2018-10925: Memory disclosure and missing authorization in\n\t `INSERT ... ON CONFLICT DO UPDATE`\nAn attacker able to issue CREATE TABLE can read arbitrary bytes of\n\t server memory using an upsert (`INSERT ... ON CONFLICT DO UPDATE`)\n\t query. By default, any user can exploit that. A user that has\n\t specific INSERT privileges and an UPDATE privilege on at least one\n\t column in a given table can also update other columns using a view and\n\t an upsert query.\n\n\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "baseScore": 8.1, "privilegesRequired": "LOW", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.2}, "published": "2018-08-09T00:00:00", "type": "freebsd", "title": "PostgreSQL -- two vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 6.8, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.0, "vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-10915", "CVE-2018-10925"], "modified": "2018-08-09T00:00:00", "id": "96EAB874-9C79-11E8-B34B-6CC21735F730", "href": "https://vuxml.freebsd.org/freebsd/96eab874-9c79-11e8-b34b-6cc21735f730.html", "cvss": {"score": 6.0, "vector": "AV:N/AC:M/Au:S/C:P/I:P/A:P"}}], "debian": [{"lastseen": "2022-02-18T23:53:55", "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-4269-1 security@debian.org\nhttps://www.debian.org/security/ Moritz Muehlenhoff\nAugust 10, 2018 https://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : postgresql-9.6\nCVE ID : CVE-2018-10915 CVE-2018-10925\n\nTwo vulnerabilities have been found in the PostgreSQL database system:\n\nCVE-2018-10915\n\n Andrew Krasichkov discovered that libpq did not reset all its\n connection state during reconnects.\n\nCVE-2018-10925\n\n It was discovered that some "CREATE TABLE" statements could\n disclose server memory.\n\nFor additional information please refer to the upstream announcement\nat https://www.postgresql.org/about/news/1878/\n\nFor the stable distribution (stretch), these problems have been fixed in\nversion 9.6.10-0+deb9u1.\n\nWe recommend that you upgrade your postgresql-9.6 packages.\n\nFor the detailed security status of postgresql-9.6 please refer to\nits security tracker page at:\nhttps://security-tracker.debian.org/tracker/postgresql-9.6\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "baseScore": 8.1, "privilegesRequired": "LOW", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.2}, "published": "2018-08-10T20:38:25", "type": "debian", "title": "[SECURITY] [DSA 4269-1] postgresql-9.6 security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 6.8, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.0, "vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-10915", "CVE-2018-10925"], "modified": "2018-08-10T20:38:25", "id": "DEBIAN:DSA-4269-1:4963D", "href": "https://lists.debian.org/debian-security-announce/2018/msg00198.html", "cvss": {"score": 6.0, "vector": "AV:N/AC:M/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2021-10-22T12:54:21", "description": "Package : postgresql-9.4\nVersion : 9.4.19-0+deb8u1\nCVE ID : CVE-2018-10915\n\nAn unprivileged user of dblink or postgres_fdw could bypass the checks\nintended to prevent use of server-side credentials, such as a ~/.pgpass\nfile owned by the operating-system user running the server. Servers\nallowing peer authentication on local connections are particularly\nvulnerable. Other attacks such as SQL injection into a postgres_fdw\nsession are also possible. Attacking postgres_fdw in this way requires\nthe ability to create a foreign server object with selected connection\nparameters, but any user with access to dblink could exploit the\nproblem. In general, an attacker with the ability to select the\nconnection parameters for a libpq-using application could cause\nmischief, though other plausible attack scenarios are harder to think\nof. Our thanks to Andrew Krasichkov for reporting this issue.\n\nFor Debian 8 "Jessie", this problem has been fixed in version\n9.4.19-0+deb8u1.\n\nWe recommend that you upgrade your postgresql-9.4 packages.\n\nFurther information about Debian LTS security advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://wiki.debian.org/LTS", "cvss3": {"exploitabilityScore": 1.6, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.5, "privilegesRequired": "LOW", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2018-08-15T10:04:13", "type": "debian", "title": "[SECURITY] [DLA 1464-1] postgresql-9.4 security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 6.8, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.0, "vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-10915"], "modified": "2018-08-15T10:04:13", "id": "DEBIAN:DLA-1464-1:8FAE2", "href": "https://lists.debian.org/debian-lts-announce/2018/08/msg00012.html", "cvss": {"score": 6.0, "vector": "AV:N/AC:M/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2021-11-30T15:55:47", "description": "Package : postgresql-9.4\nVersion : 9.4.19-0+deb8u1\nCVE ID : CVE-2018-10915\n\nAn unprivileged user of dblink or postgres_fdw could bypass the checks\nintended to prevent use of server-side credentials, such as a ~/.pgpass\nfile owned by the operating-system user running the server. Servers\nallowing peer authentication on local connections are particularly\nvulnerable. Other attacks such as SQL injection into a postgres_fdw\nsession are also possible. Attacking postgres_fdw in this way requires\nthe ability to create a foreign server object with selected connection\nparameters, but any user with access to dblink could exploit the\nproblem. In general, an attacker with the ability to select the\nconnection parameters for a libpq-using application could cause\nmischief, though other plausible attack scenarios are harder to think\nof. Our thanks to Andrew Krasichkov for reporting this issue.\n\nFor Debian 8 "Jessie", this problem has been fixed in version\n9.4.19-0+deb8u1.\n\nWe recommend that you upgrade your postgresql-9.4 packages.\n\nFurther information about Debian LTS security advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://wiki.debian.org/LTS", "cvss3": {"exploitabilityScore": 1.6, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.5, "privilegesRequired": "LOW", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2018-08-15T10:04:13", "type": "debian", "title": "[SECURITY] [DLA 1464-1] postgresql-9.4 security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 6.8, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.0, "vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-10915"], "modified": "2018-08-15T10:04:13", "id": "DEBIAN:DLA-1464-1:9FEF5", "href": "https://lists.debian.org/debian-lts-announce/2018/08/msg00012.html", "cvss": {"score": 6.0, "vector": "AV:N/AC:M/Au:S/C:P/I:P/A:P"}}], "f5": [{"lastseen": "2020-04-06T22:39:56", "description": "\nF5 Product Development has evaluated the currently supported releases for potential vulnerability, and no F5 products were found to be vulnerable.\n\nNone\n\n * [K51812227: Understanding Security Advisory versioning](<https://support.f5.com/csp/article/K51812227>)\n * [K41942608: Overview of AskF5 Security Advisory articles](<https://support.f5.com/csp/article/K41942608>)\n * [K4602: Overview of the F5 security vulnerability response policy](<https://support.f5.com/csp/article/K4602>)\n * [K9970: Subscribing to email notifications regarding F5 products](<https://support.f5.com/csp/article/K9970>)\n * [K9957: Creating a custom RSS feed to view new and updated documents](<https://support.f5.com/csp/article/K9957>)\n", "cvss3": {"exploitabilityScore": 1.6, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.5, "privilegesRequired": "LOW", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2018-10-05T08:47:00", "type": "f5", "title": "PostgreSQL vulnerabilities CVE-2018-10915 and CVE-2018-10925", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 6.8, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.0, "vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-10925", "CVE-2018-10915"], "modified": "2018-10-05T08:47:00", "id": "F5:K48209417", "href": "https://support.f5.com/csp/article/K48209417", "cvss": {"score": 6.0, "vector": "AV:N/AC:M/Au:S/C:P/I:P/A:P"}}], "fedora": [{"lastseen": "2021-07-28T18:41:37", "description": "PostgreSQL is an advanced Object-Relational database management system (DBM S). The base postgresql package contains the client programs that you'll need to access a PostgreSQL DBMS server, as well as HTML documentation for the whole system. These client programs can be located on the same machine as the PostgreSQL server, or on a remote machine that accesses a PostgreSQL server over a network connection. The PostgreSQL server can be found in the postgresql-server sub-package. ", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "baseScore": 8.1, "privilegesRequired": "LOW", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.2}, "published": "2018-08-14T21:14:19", "type": "fedora", "title": "[SECURITY] Fedora 28 Update: postgresql-10.5-1.fc28", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 6.8, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.0, "vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-10915", "CVE-2018-10925"], "modified": "2018-08-14T21:14:19", "id": "FEDORA:0F51861122EE", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/NILDSRUA5O7DXVC37DFF3KBOK56YMSY3/", "cvss": {"score": 6.0, "vector": "AV:N/AC:M/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2021-07-28T18:41:37", "description": "PostgreSQL is an advanced Object-Relational database management system (DBM S). The base postgresql package contains the client programs that you'll need to access a PostgreSQL DBMS server, as well as HTML documentation for the whole system. These client programs can be located on the same machine as the PostgreSQL server, or on a remote machine that accesses a PostgreSQL server over a network connection. The PostgreSQL server can be found in the postgresql-server sub-package. ", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "baseScore": 8.1, "privilegesRequired": "LOW", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.2}, "published": "2018-08-16T07:24:52", "type": "fedora", "title": "[SECURITY] Fedora 27 Update: postgresql-9.6.10-1.fc27", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-15097", "CVE-2018-10915", "CVE-2018-10925"], "modified": "2018-08-16T07:24:52", "id": "FEDORA:F2CC660D2A1B", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/5O3TG4AQRQP7AH3KLCI73OTJC76DNUM6/", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-21T08:17:54", "description": "PostgreSQL is an advanced Object-Relational database management system (DBM S). The base postgresql package contains the client programs that you'll need to access a PostgreSQL DBMS server, as well as HTML documentation for the whole system. These client programs can be located on the same machine as the PostgreSQL server, or on a remote machine that accesses a PostgreSQL server over a network connection. The PostgreSQL server can be found in the postgresql-server sub-package. ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.1, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.2}, "published": "2018-05-12T18:23:18", "type": "fedora", "title": "[SECURITY] Fedora 28 Update: postgresql-10.4-1.fc28", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.4, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": true, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-1115"], "modified": "2018-05-12T18:23:18", "id": "FEDORA:7FADD604D40F", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/NA2SLO2H3VN7ZFCC5SXF462EOCXC7Q2Q/", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2020-12-21T08:17:54", "description": "PostgreSQL is an advanced Object-Relational database management system (DBM S). The base postgresql package contains the client programs that you'll need to access a PostgreSQL DBMS server, as well as HTML documentation for the whole system. These client programs can be located on the same machine as the PostgreSQL server, or on a remote machine that accesses a PostgreSQL server over a network connection. The PostgreSQL server can be found in the postgresql-server sub-package. ", "cvss3": {"exploitabilityScore": 0.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 6.7, "privilegesRequired": "HIGH", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2018-05-21T14:01:30", "type": "fedora", "title": "[SECURITY] Fedora 26 Update: postgresql-9.6.9-1.fc26", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-15097", "CVE-2018-1115"], "modified": "2018-05-21T14:01:30", "id": "FEDORA:1EF0760608FF", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/R5BCV35OZRLWMLCQQ7HSUP4S64I4XKWI/", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-21T08:17:54", "description": "PostgreSQL is an advanced Object-Relational database management system (DBM S). The base postgresql package contains the client programs that you'll need to access a PostgreSQL DBMS server, as well as HTML documentation for the whole system. These client programs can be located on the same machine as the PostgreSQL server, or on a remote machine that accesses a PostgreSQL server over a network connection. The PostgreSQL server can be found in the postgresql-server sub-package. ", "cvss3": {"exploitabilityScore": 0.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 6.7, "privilegesRequired": "HIGH", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2018-05-21T14:20:53", "type": "fedora", "title": "[SECURITY] Fedora 27 Update: postgresql-9.6.9-1.fc27", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-15097", "CVE-2018-1115"], "modified": "2018-05-21T14:20:53", "id": "FEDORA:44D0E60603F2", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/7WZYWTXOZYTG4RUI5ZIF45RBRYQ4QRXO/", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}], "photon": [{"lastseen": "2021-11-03T12:09:22", "description": "An update of {'krb5', 'postgresql'} packages of Photon OS has been released.\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "baseScore": 8.1, "privilegesRequired": "LOW", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.2}, "published": "2018-08-24T00:00:00", "type": "photon", "title": "Home\nDownload Photon OS\nUser Documentation\nFAQ\nSecurity Advisories\nRelated Information\n\nLightwave - PHSA-2018-2.0-0087", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 6.8, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.0, "vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-10915", "CVE-2018-10925", "CVE-2018-5730"], "modified": "2018-08-24T00:00:00", "id": "PHSA-2018-2.0-0087", "href": "https://github.com/vmware/photon/wiki/Security-Updates-2-87", "cvss": {"score": 6.0, "vector": "AV:N/AC:M/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2022-05-12T18:29:25", "description": "Updates of ['krb5', 'postgresql'] packages of Photon OS have been released.\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.1, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.2}, "published": "2018-08-27T00:00:00", "type": "photon", "title": "Important Photon OS Security Update - PHSA-2018-0087", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 6.8, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.0, "vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-10915", "CVE-2018-10925", "CVE-2018-5730"], "modified": "2018-08-27T00:00:00", "id": "PHSA-2018-0087", "href": "https://github.com/vmware/photon/wiki/Security-Update-2.0-87", "cvss": {"score": 6.0, "vector": "AV:N/AC:M/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2021-11-03T08:51:21", "description": "An update of {'python2', 'strongswan', 'python3', 'postgresql'} packages of Photon OS has been released.\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "baseScore": 8.1, "privilegesRequired": "LOW", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.2}, "published": "2018-08-23T00:00:00", "type": "photon", "title": "Home\nDownload Photon OS\nUser Documentation\nFAQ\nSecurity Advisories\nRelated Information\n\nLightwave - PHSA-2018-1.0-0178", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 6.8, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.0, "vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-1060", "CVE-2018-1061", "CVE-2018-10811", "CVE-2018-10915", "CVE-2018-10925"], "modified": "2018-08-23T00:00:00", "id": "PHSA-2018-1.0-0178", "href": "https://github.com/vmware/photon/wiki/Security-Updates-1.0-178", "cvss": {"score": 6.0, "vector": "AV:N/AC:M/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2022-05-12T18:05:52", "description": "Updates of ['strongswan', 'postgresql', 'python2', 'python3'] packages of Photon OS have been released.\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.1, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.2}, "published": "2018-08-23T00:00:00", "type": "photon", "title": "Important Photon OS Security Update - PHSA-2018-0178", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 6.8, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.0, "vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-1060", "CVE-2018-1061", "CVE-2018-10811", "CVE-2018-10915", "CVE-2018-10925"], "modified": "2018-08-23T00:00:00", "id": "PHSA-2018-0178", "href": "https://github.com/vmware/photon/wiki/Security-Update-1.0-178", "cvss": {"score": 6.0, "vector": "AV:N/AC:M/Au:S/C:P/I:P/A:P"}}], "postgresql": [{"lastseen": "2021-07-28T14:33:18", "description": "Memory disclosure and missing authorization in INSERT ... ON CONFLICT DO UPDATE.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "baseScore": 8.1, "privilegesRequired": "LOW", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.2}, "published": "2018-08-09T21:29:00", "type": "postgresql", "title": "Vulnerability in core server (CVE-2018-10925)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-10925"], "modified": "2018-08-09T21:29:00", "id": "POSTGRESQL:CVE-2018-10925", "href": "https://www.postgresql.org/support/security/", "cvss": {"score": 5.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:N"}}, {"lastseen": "2021-07-28T14:33:18", "description": "Certain host connection parameters defeat client-side security defenses", "cvss3": {"exploitabilityScore": 1.6, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.5, "privilegesRequired": "LOW", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2018-08-09T20:29:00", "type": "postgresql", "title": "Vulnerability in client (CVE-2018-10915)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 6.8, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.0, "vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-10915"], "modified": "2018-08-09T20:29:00", "id": "POSTGRESQL:CVE-2018-10915", "href": "https://www.postgresql.org/support/security/", "cvss": {"score": 6.0, "vector": "AV:N/AC:M/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2021-07-28T14:33:18", "description": "Too-permissive access control list on function pg_logfile_rotate()", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.1, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.2}, "published": "2018-05-10T19:29:00", "type": "postgresql", "title": "Vulnerability in contrib module (CVE-2018-1115)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.4, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": true, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-1115"], "modified": "2018-05-10T19:29:00", "id": "POSTGRESQL:CVE-2018-1115", "href": "https://www.postgresql.org/support/security/", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:P"}}], "cve": [{"lastseen": "2022-03-23T12:11:07", "description": "It was discovered that PostgreSQL versions before 10.5, 9.6.10, 9.5.14, 9.4.19, and 9.3.24 failed to properly check authorization on certain statements involved with \"INSERT ... ON CONFLICT DO UPDATE\". An attacker with \"CREATE TABLE\" privileges could exploit this to read arbitrary bytes server memory. If the attacker also had certain \"INSERT\" and limited \"UPDATE\" privileges to a particular table, they could exploit this to update other columns in the same table.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.1, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.2}, "published": "2018-08-09T21:29:00", "type": "cve", "title": "CVE-2018-10925", "cwe": ["CWE-863"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-10925"], "modified": "2020-08-17T19:15:00", "cpe": ["cpe:/o:canonical:ubuntu_linux:14.04", "cpe:/o:debian:debian_linux:9.0", "cpe:/o:canonical:ubuntu_linux:16.04", "cpe:/o:canonical:ubuntu_linux:18.04"], "id": "CVE-2018-10925", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-10925", "cvss": {"score": 5.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:N"}, "cpe23": ["cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*"]}, {"lastseen": "2022-03-23T12:10:54", "description": "A vulnerability was found in libpq, the default PostgreSQL client library where libpq failed to properly reset its internal state between connections. If an affected version of libpq was used with \"host\" or \"hostaddr\" connection parameters from untrusted input, attackers could bypass client-side connection security features, obtain access to higher privileged connections or potentially cause other impact through SQL injection, by causing the PQescape() functions to malfunction. Postgresql versions before 10.5, 9.6.10, 9.5.14, 9.4.19, and 9.3.24 are affected.", "cvss3": {"exploitabilityScore": 1.6, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2018-08-09T20:29:00", "type": "cve", "title": "CVE-2018-10915", "cwe": ["CWE-89"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 6.8, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.0, "vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-10915"], "modified": "2021-08-04T17:14:00", "cpe": ["cpe:/o:canonical:ubuntu_linux:16.04", "cpe:/a:redhat:virtualization:4.0", "cpe:/o:canonical:ubuntu_linux:18.04", "cpe:/o:redhat:enterprise_linux_workstation:7.0", "cpe:/o:redhat:enterprise_linux_server:7.0", "cpe:/o:debian:debian_linux:8.0", "cpe:/o:redhat:enterprise_linux_desktop:7.0", "cpe:/o:canonical:ubuntu_linux:14.04", "cpe:/o:debian:debian_linux:9.0", "cpe:/o:redhat:enterprise_linux_server_eus:7.5", "cpe:/a:redhat:openstack:12", "cpe:/a:redhat:openstack:13"], "id": "CVE-2018-10915", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-10915", "cvss": {"score": 6.0, "vector": "AV:N/AC:M/Au:S/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:a:redhat:virtualization:4.0:*:*:*:*:*:*:*", "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:openstack:13:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "cpe:2.3:a:redhat:openstack:12:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*"]}, {"lastseen": "2022-03-23T12:15:03", "description": "postgresql before versions 10.4, 9.6.9 is vulnerable in the adminpack extension, the pg_catalog.pg_logfile_rotate() function doesn't follow the same ACLs than pg_rorate_logfile. If the adminpack is added to a database, an attacker able to connect to it could exploit this to force log rotation.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.2}, "published": "2018-05-10T19:29:00", "type": "cve", "title": "CVE-2018-1115", "cwe": ["CWE-732"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.4, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-1115"], "modified": "2020-12-04T18:15:00", "cpe": ["cpe:/o:opensuse:leap:15.1"], "id": "CVE-2018-1115", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-1115", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:P"}, "cpe23": ["cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*"]}], "debiancve": [{"lastseen": "2021-12-14T17:51:55", "description": "It was discovered that PostgreSQL versions before 10.5, 9.6.10, 9.5.14, 9.4.19, and 9.3.24 failed to properly check authorization on certain statements involved with \"INSERT ... ON CONFLICT DO UPDATE\". An attacker with \"CREATE TABLE\" privileges could exploit this to read arbitrary bytes server memory. If the attacker also had certain \"INSERT\" and limited \"UPDATE\" privileges to a particular table, they could exploit this to update other columns in the same table.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "baseScore": 8.1, "privilegesRequired": "LOW", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.2}, "published": "2018-08-09T21:29:00", "type": "debiancve", "title": "CVE-2018-10925", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-10925"], "modified": "2018-08-09T21:29:00", "id": "DEBIANCVE:CVE-2018-10925", "href": "https://security-tracker.debian.org/tracker/CVE-2018-10925", "cvss": {"score": 5.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:N"}}, {"lastseen": "2021-12-14T17:51:55", "description": "A vulnerability was found in libpq, the default PostgreSQL client library where libpq failed to properly reset its internal state between connections. If an affected version of libpq was used with \"host\" or \"hostaddr\" connection parameters from untrusted input, attackers could bypass client-side connection security features, obtain access to higher privileged connections or potentially cause other impact through SQL injection, by causing the PQescape() functions to malfunction. Postgresql versions before 10.5, 9.6.10, 9.5.14, 9.4.19, and 9.3.24 are affected.", "cvss3": {"exploitabilityScore": 1.6, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.5, "privilegesRequired": "LOW", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2018-08-09T20:29:00", "type": "debiancve", "title": "CVE-2018-10915", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 6.8, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.0, "vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-10915"], "modified": "2018-08-09T20:29:00", "id": "DEBIANCVE:CVE-2018-10915", "href": "https://security-tracker.debian.org/tracker/CVE-2018-10915", "cvss": {"score": 6.0, "vector": "AV:N/AC:M/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2021-12-14T17:51:55", "description": "postgresql before versions 10.4, 9.6.9 is vulnerable in the adminpack extension, the pg_catalog.pg_logfile_rotate() function doesn't follow the same ACLs than pg_rorate_logfile. If the adminpack is added to a database, an attacker able to connect to it could exploit this to force log rotation.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.1, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.2}, "published": "2018-05-10T19:29:00", "type": "debiancve", "title": "CVE-2018-1115", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.4, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": true, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-1115"], "modified": "2018-05-10T19:29:00", "id": "DEBIANCVE:CVE-2018-1115", "href": "https://security-tracker.debian.org/tracker/CVE-2018-1115", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:P"}}], "redhatcve": [{"lastseen": "2022-07-07T11:09:47", "description": "It was discovered that PostgreSQL failed to properly check authorization on certain statements involved with \"INSERT ... ON CONFLICT DO UPDATE\". An attacker with \"CREATE TABLE\" privileges could exploit this to read arbitrary bytes server memory. If the attacker also had certain \"INSERT\" and limited \"UPDATE\" privileges to a particular table, they could exploit this to update other columns in the same table.\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.1, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.2}, "published": "2020-03-24T01:51:36", "type": "redhatcve", "title": "CVE-2018-10925", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-10925"], "modified": "2022-07-07T10:15:32", "id": "RH:CVE-2018-10925", "href": "https://access.redhat.com/security/cve/cve-2018-10925", "cvss": {"score": 5.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:N"}}, {"lastseen": "2022-07-07T11:09:48", "description": "A vulnerability was found in libpq, the default PostgreSQL client library where libpq failed to properly reset its internal state between connections. If an affected version of libpq were used with \"host\" or \"hostaddr\" connection parameters from untrusted input, attackers could bypass client-side connection security features, obtain access to higher privileged connections or potentially cause other impact through SQL injection, by causing the PQescape() functions to malfunction.\n", "cvss3": {"exploitabilityScore": 1.6, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-01-03T03:30:52", "type": "redhatcve", "title": "CVE-2018-10915", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 6.8, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.0, "vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-10915"], "modified": "2022-07-07T10:15:16", "id": "RH:CVE-2018-10915", "href": "https://access.redhat.com/security/cve/cve-2018-10915", "cvss": {"score": 6.0, "vector": "AV:N/AC:M/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2022-07-07T11:10:23", "description": "It was found that pg_catalog.pg_logfile_rotate(), from the adminpack extension, did not follow the same ACLs than pg_rorate_logfile. If the adminpack is added to a database, an attacker able to connect to it could use this flaw to force log rotation.\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.2}, "published": "2020-03-12T13:20:24", "type": "redhatcve", "title": "CVE-2018-1115", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.4, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-1115"], "modified": "2022-07-07T10:11:38", "id": "RH:CVE-2018-1115", "href": "https://access.redhat.com/security/cve/cve-2018-1115", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:P"}}], "ubuntucve": [{"lastseen": "2022-08-04T13:47:15", "description": "It was discovered that PostgreSQL versions before 10.5, 9.6.10, 9.5.14,\n9.4.19, and 9.3.24 failed to properly check authorization on certain\nstatements involved with \"INSERT ... ON CONFLICT DO UPDATE\". An attacker\nwith \"CREATE TABLE\" privileges could exploit this to read arbitrary bytes\nserver memory. If the attacker also had certain \"INSERT\" and limited\n\"UPDATE\" privileges to a particular table, they could exploit this to\nupdate other columns in the same table.\n\n#### Notes\n\nAuthor| Note \n---|--- \n[debian](<https://launchpad.net/~debian>) | Only affects PostgreSQL 9.5 onwards\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.1, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.2}, "published": "2018-08-09T00:00:00", "type": "ubuntucve", "title": "CVE-2018-10925", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-10925"], "modified": "2018-08-09T00:00:00", "id": "UB:CVE-2018-10925", "href": "https://ubuntu.com/security/CVE-2018-10925", "cvss": {"score": 5.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:N"}}, {"lastseen": "2022-08-04T13:47:15", "description": "A vulnerability was found in libpq, the default PostgreSQL client library\nwhere libpq failed to properly reset its internal state between\nconnections. If an affected version of libpq was used with \"host\" or\n\"hostaddr\" connection parameters from untrusted input, attackers could\nbypass client-side connection security features, obtain access to higher\nprivileged connections or potentially cause other impact through SQL\ninjection, by causing the PQescape() functions to malfunction. Postgresql\nversions before 10.5, 9.6.10, 9.5.14, 9.4.19, and 9.3.24 are affected.", "cvss3": {"exploitabilityScore": 1.6, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2018-08-09T00:00:00", "type": "ubuntucve", "title": "CVE-2018-10915", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 6.8, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.0, "vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-10915"], "modified": "2018-08-09T00:00:00", "id": "UB:CVE-2018-10915", "href": "https://ubuntu.com/security/CVE-2018-10915", "cvss": {"score": 6.0, "vector": "AV:N/AC:M/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2022-08-04T13:49:51", "description": "postgresql before versions 10.4, 9.6.9 is vulnerable in the adminpack\nextension, the pg_catalog.pg_logfile_rotate() function doesn't follow the\nsame ACLs than pg_rorate_logfile. If the adminpack is added to a database,\nan attacker able to connect to it could exploit this to force log rotation.\n\n#### Bugs\n\n * <https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-1115>\n\n\n#### Notes\n\nAuthor| Note \n---|--- \n[mdeslaur](<https://launchpad.net/~mdeslaur>) | 9.6 and 10 only\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.2}, "published": "2018-05-10T00:00:00", "type": "ubuntucve", "title": "CVE-2018-1115", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.4, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-1115"], "modified": "2018-05-10T00:00:00", "id": "UB:CVE-2018-1115", "href": "https://ubuntu.com/security/CVE-2018-1115", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:P"}}], "oraclelinux": [{"lastseen": "2021-07-28T14:24:28", "description": "[9.2.24-1]\n- update to the latest 9.2 release\n- fix CVE-2018-10915", "cvss3": {"exploitabilityScore": 1.6, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.5, "privilegesRequired": "LOW", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2018-08-23T00:00:00", "type": "oraclelinux", "title": "postgresql security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 6.8, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.0, "vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-10915"], "modified": "2018-08-23T00:00:00", "id": "ELSA-2018-2557", "href": "http://linux.oracle.com/errata/ELSA-2018-2557.html", "cvss": {"score": 6.0, "vector": "AV:N/AC:M/Au:S/C:P/I:P/A:P"}}], "centos": [{"lastseen": "2022-02-27T11:50:59", "description": "**CentOS Errata and Security Advisory** CESA-2018:2557\n\n\nPostgreSQL is an advanced object-relational database management system (DBMS).\n\nThe following packages have been upgraded to a later upstream version: postgresql (9.2.24). (BZ#1612667)\n\nSecurity Fix(es):\n\n* postgresql: Certain host connection parameters defeat client-side security defenses (CVE-2018-10915)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.\n\nRed Hat would like to thank the PostgreSQL project for reporting this issue. Upstream acknowledges Andrew Krasichkov as the original reporter.\n\n**Merged security bulletin from advisories:**\nhttps://lists.centos.org/pipermail/centos-announce/2018-August/059936.html\n\n**Affected packages:**\npostgresql\npostgresql-contrib\npostgresql-devel\npostgresql-docs\npostgresql-libs\npostgresql-plperl\npostgresql-plpython\npostgresql-pltcl\npostgresql-server\npostgresql-static\npostgresql-test\npostgresql-upgrade\n\n**Upstream details at:**\nhttps://access.redhat.com/errata/RHSA-2018:2557", "cvss3": {"exploitabilityScore": 1.6, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.5, "privilegesRequired": "LOW", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2018-08-28T15:47:41", "type": "centos", "title": "postgresql security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 6.8, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.0, "vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-10915"], "modified": "2018-08-28T15:47:41", "id": "CESA-2018:2557", "href": "https://lists.centos.org/pipermail/centos-announce/2018-August/059936.html", "cvss": {"score": 6.0, "vector": "AV:N/AC:M/Au:S/C:P/I:P/A:P"}}], "altlinux": [{"lastseen": "2022-06-10T03:06:06", "description": "9.6.9-alt0.M80P.1 built May 18, 2018 Alexei Takaseev in task [#205920](<https://git.altlinux.org/tasks/205920/>) \n--- \nMay 9, 2018 Alexei Takaseev \n \n \n - 9.6.9\n - (Fixes CVE-2018-1115)\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.2}, "published": "2018-05-18T00:00:00", "type": "altlinux", "title": "Security fix for the ALT Linux 8 package postgresql9.6 version 9.6.9-alt0.M80P.1", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.4, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-1115"], "modified": "2018-05-18T00:00:00", "id": "EAD4050F7D8442CA4AC68B5BD083F89C", "href": "https://packages.altlinux.org/en/p8/srpms/postgresql9.6/2261986839894094244", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2022-06-10T03:06:40", "description": "9.3.23-alt0.M70P.1 built May 22, 2018 Alexei Takaseev in task [#205931](<https://git.altlinux.org/tasks/205931/>) \n--- \nMay 9, 2018 Alexei Takaseev \n \n \n - 9.3.23\n - Fix CVE-2018-1115\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.2}, "published": "2018-05-22T00:00:00", "type": "altlinux", "title": "Security fix for the ALT Linux 7 package postgresql9.3 version 9.3.23-alt0.M70P.1", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.4, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-1115"], "modified": "2018-05-22T00:00:00", "id": "7B02354C0BC6D76C3892BF9DF91A7B2C", "href": "https://packages.altlinux.org/en/p7/srpms/postgresql9.3/2263318467437155330", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2022-06-10T03:06:41", "description": "9.4.18-alt0.M70P.1 built May 22, 2018 Alexei Takaseev in task [#205931](<https://git.altlinux.org/tasks/205931/>) \n--- \nMay 9, 2018 Alexei Takaseev \n \n \n - 9.4.18\n - Fix CVE-2018-1115\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.2}, "published": "2018-05-22T00:00:00", "type": "altlinux", "title": "Security fix for the ALT Linux 7 package postgresql9.4 version 9.4.18-alt0.M70P.1", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.4, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-1115"], "modified": "2018-05-22T00:00:00", "id": "1439985FB2BBD6F818D68C0558B49CBF", "href": "https://packages.altlinux.org/en/p7/srpms/postgresql9.4/2263314323701718895", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2022-06-10T03:06:43", "description": "9.5.13-alt0.M70P.1 built May 22, 2018 Alexei Takaseev in task [#205931](<https://git.altlinux.org/tasks/205931/>) \n--- \nMay 9, 2018 Alexei Takaseev \n \n \n - 9.5.13\n - Fix CVE-2018-1115\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.2}, "published": "2018-05-22T00:00:00", "type": "altlinux", "title": "Security fix for the ALT Linux 7 package postgresql9.5 version 9.5.13-alt0.M70P.1", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.4, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-1115"], "modified": "2018-05-22T00:00:00", "id": "6534D818C5F5A107890D02B31E442296", "href": "https://packages.altlinux.org/en/p7/srpms/postgresql9.5/2263310052771801399", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2022-06-10T03:06:45", "description": "9.6.9-alt0.M70P.1 built May 22, 2018 Alexei Takaseev in task [#205931](<https://git.altlinux.org/tasks/205931/>) \n--- \nMay 9, 2018 Alexei Takaseev \n \n \n - 9.6.9\n - Fix CVE-2018-1115\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.2}, "published": "2018-05-22T00:00:00", "type": "altlinux", "title": "Security fix for the ALT Linux 7 package postgresql9.6 version 9.6.9-alt0.M70P.1", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.4, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-1115"], "modified": "2018-05-22T00:00:00", "id": "B4D0A4D27A15718EF93F1B5E22394CE9", "href": "https://packages.altlinux.org/en/p7/srpms/postgresql9.6/2263305346357030828", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2022-06-10T03:06:38", "description": "10.4-alt0.M70P.1 built May 22, 2018 Alexei Takaseev in task [#205931](<https://git.altlinux.org/tasks/205931/>) \n--- \nMay 9, 2018 Alexei Takaseev \n \n \n - 10.4\n - Fix CVE-2018-1115\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.2}, "published": "2018-05-22T00:00:00", "type": "altlinux", "title": "Security fix for the ALT Linux 7 package postgresql10 version 10.4-alt0.M70P.1", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.4, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-1115"], "modified": "2018-05-22T00:00:00", "id": "AA8ACE971A07DD6AF2FE7B20E5FEC4D1", "href": "https://packages.altlinux.org/en/p7/srpms/postgresql10/2263323205103686825", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2022-06-10T03:06:47", "description": "9.6.9-alt0.M70P.1 built May 22, 2018 Alexei Takaseev in task [#205931](<https://git.altlinux.org/tasks/205931/>) \n--- \nMay 9, 2018 Alexei Takaseev \n \n \n - 9.6.9\n - Fix CVE-2018-1115\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.2}, "published": "2018-05-22T00:00:00", "type": "altlinux", "title": "Security fix for the ALT Linux 7 package postgresql9.6-1C version 9.6.9-alt0.M70P.1", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.4, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-1115"], "modified": "2018-05-22T00:00:00", "id": "8DA449A8BBEDF97F8E87B61EC6E9A58E", "href": "https://packages.altlinux.org/en/p7/srpms/postgresql9.6-1C/2263300752582126115", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2022-06-10T03:06:03", "description": "10.4-alt0.M80P.1 built May 18, 2018 Alexei Takaseev in task [#205920](<https://git.altlinux.org/tasks/205920/>) \n--- \nMay 9, 2018 Alexei Takaseev \n \n \n - 10.4\n - (Fixes CVE-2018-1115)\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.2}, "published": "2018-05-18T00:00:00", "type": "altlinux", "title": "Security fix for the ALT Linux 8 package postgresql10 version 10.4-alt0.M80P.1", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.4, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-1115"], "modified": "2018-05-18T00:00:00", "id": "5DD94B5885CE9E10B1AB50DB58BF4495", "href": "https://packages.altlinux.org/en/p8/srpms/postgresql10/2262001780076876511", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:P"}}], "ibm": [{"lastseen": "2022-06-28T22:02:43", "description": "## Summary\n\nIBM Security Access Manager Appliance has addressed the following vulnerabilities.\n\n## Vulnerability Details\n\n**CVEID:** [CVE-2018-10915](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10915>) \n**DESCRIPTION:** PostgreSQL could allow a remote attacker to bypass security restrictions, caused by an issue with improperly resting internal state in between connections in the libpq library. By sending a specially-crafted request, an attacker could exploit this vulnerability to bypass client-side connection security features. \nCVSS Base Score: 7.5 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/148225> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N)\n\n**CVEID:** [CVE-2018-0732](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-0732>) \n**DESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by the sending of a very large prime value to the client by a malicious server during key agreement in a TLS handshake. By spending an unreasonably long period of time generating a key for this prime, a remote attacker could exploit this vulnerability to cause the client to hang. \nCVSS Base Score: 3.7 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/144658> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\n**CVEID:** [CVE-2018-0739](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-0739>) \n**DESCRIPTION:** OpenSSL is vulnerable to a denial of service. By sending specially crafted ASN.1 data with a recursive definition, a remote attacker could exploit this vulnerability to consume excessive stack memory. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/140847> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\n**CVEID:** [CVE-2019-3815](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3815>) \n**DESCRIPTION:** systemd is vulnerable to a denial of service, caused by a memory leak in the function dispatch_message_real() in journald-server.c. A local attacker could exploit this vulnerability to make systemd-journald crash. \nCVSS Base Score: 4 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/156227> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\n**CVEID:** [CVE-2017-3735](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3735>) \n**DESCRIPTION:** OpenSSL could allow a remote attacker to obtain sensitive information, caused by an error while parsing an IPAdressFamily extension in an X.509 certificate. An attacker could exploit this vulnerability to trigger an out-of-bounds read, resulting in an incorrect text display of the certificate. \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/131047> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N)\n\n**CVEID:** [CVE-2018-13033](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-13033>) \n**DESCRIPTION:** GNU Binutils is vulnerable to a denial of service, caused by an error in the _bfd_elf_parse_attributes in elf-attrs.c and bfd_malloc in libbfd.c in GNU libiberty. By persuading a victim to open a specially crafted ELF file, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/145673> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\n**CVEID:** [CVE-2018-8945](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8945>) \n**DESCRIPTION:** GNU Binutils libbfd is vulnerable to a denial of service, caused by an error in the bfd_section_from_shdr function in elf.c in the Binary File Descriptor (BFD) library (aka libbfd). By using a large attribute section, a remote attacker could exploit this vulnerability to cause a segmentation fault. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/140738> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\n**CVEID:** [CVE-2018-10845](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10845>) \n**DESCRIPTION:** GnuTLS could allow a remote attacker to obtain sensitive information, caused by a flaw in the implementation of HMAC-SHA-384. By sending a specially-crafted packet, a remote attacker could exploit this vulnerability to obtain information. \nCVSS Base Score: 5.9 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/148730> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N)\n\n**CVEID:** [CVE-2018-10844](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10844>) \n**DESCRIPTION:** GnuTLS could allow a remote attacker to obtain sensitive information, caused by a flaw in the implementation of HMAC-SHA-256. By sending a specially-crafted packet, a remote attacker could exploit this vulnerability to obtain information. \nCVSS Base Score: 5.9 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/148731> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N)\n\n**CVEID:** [CVE-2018-5730](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5730>) \n**DESCRIPTION:** MIT krb5 could allow a remote authenticated attacker to bypass security restrictions, caused by a flaw in the LDAP Kerberos database. By sending a specially-crafted request, an attacker could exploit this vulnerability to bypass DN container check. \nCVSS Base Score: 6.5 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/139970> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N)\n\n**CVEID:** [CVE-2018-5729](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5729>) \n**DESCRIPTION:** MIT krb5 is vulnerable to a denial of service, caused by a NULL pointer dereference in the LDAP Kerberos database. By sending specially-crafted data, a remote authenticated attacker could exploit this vulnerability to cause a denial of service. \nCVSS Base Score: 6.5 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/139969> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H)\n\n**CVEID:** [CVE-2018-1000301](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000301>) \n**DESCRIPTION:** curl is vulnerable to a denial of service, caused by heap-based buffer over-read. By sending a specially crafted RTSP response, a remote attacker could overflow a buffer and possibly obtain sensitive information or cause the application to crash. \nCVSS Base Score: 6.5 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/143390> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L)\n\n**CVEID:** [CVE-2018-1000122](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000122>) \n**DESCRIPTION:** curl could allow a remote attacker to obtain sensitive information, caused by a buffer over-read in the RTSP+RTP handling code. An attacker could exploit this vulnerability to obtain sensitive information or cause a denial of service. \nCVSS Base Score: 6.5 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/140316> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L)\n\n**CVEID:** [CVE-2018-1000007](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000007>) \n**DESCRIPTION:** cURL libcurl could allow a remote attacker to obtain sensitive information, caused by a flaw when passing on custom Authorization: headers. By sending a specially-crafted HTTP redirects request, a remote attacker could exploit this vulnerability to obtain sensitive information. \nCVSS Base Score: 7.5 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/138218> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N)\n\n**CVEID:** [CVE-2019-3863](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3863>) \n**DESCRIPTION:** libssh2 could allow a remote attacker to execute arbitrary code on the system, caused by an integer overflow in user authenticate keyboard interactive. By sending a specially crafted message, a remote attacker could exploit this vulnerability to trigger an out-of-bounds write and execute arbitrary code on the client system. \nCVSS Base Score: 7.5 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/158347> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H)\n\n**CVEID:** [CVE-2019-3857](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3857>) \n**DESCRIPTION:** libssh2 could allow a remote attacker to execute arbitrary code on the system, caused by an integer overflow. By sending a specially crafted SSH_MSG_CHANNEL_REQUEST packet with an exit signal message, a remote attacker could exploit this vulnerability to trigger an out-of-bounds write and execute arbitrary code on the client system. \nCVSS Base Score: 7.5 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/158341> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H)\n\n**CVEID:** [CVE-2019-3856](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3856>) \n**DESCRIPTION:** libssh2 could allow a remote attacker to execute arbitrary code on the system, caused by an integer overflow in keyboard interactive handling. By sending a specially crafted request, a remote attacker could exploit this vulnerability to trigger an out-of-bounds write and execute arbitrary code on the client system. \nCVSS Base Score: 7.5 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/158340> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H)\n\n**CVEID:** [CVE-2019-3855](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3855>) \n**DESCRIPTION:** libssh2 could allow a remote attacker to execute arbitrary code on the system, caused by an integer overflow in transport read. By sending specially crafted packets, a remote attacker could exploit this vulnerability to trigger an out-of-bounds read and execute arbitrary code on the client system. \nCVSS Base Score: 7.5 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/158339> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H)\n\n**CVEID:** [CVE-2018-18311](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18311>) \n**DESCRIPTION:** Perl is vulnerable to a heap-based buffer overflow, caused by an integer overflow in the Perl_my_setenv function. By sending a specially-crafted request, a local attacker could overflow a buffer and execute arbitrary code or cause a denial of service condition. \nCVSS Base Score: 8.4 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/153586> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)\n\n## Affected Products and Versions\n\n**Affected IBM Security Access Manager Appliance**\n\n| \n\n**Affected Versions** \n \n---|--- \nIBM Security Access Manager | 9.0.3.0 - 9.0.5.0 \n \n## Remediation/Fixes\n\n**Product** | **VRMF** | **APAR** | **Remediation** \n---|---|---|--- \nIBM Security Access Manager | 9.0.3.0 - 9.0.5.0 | - | \n\n1\\. For versions prior to 9.0.6.0, upgrade to 9.0.6.0:\n\n[9.0.6.0-ISS-ISAM-IF0002](<https://www-945.ibm.com/support/fixcentral/swg/downloadFixes?parent=IBM%20Security&product=ibm/Tivoli/Tivoli+Access+Manager+for+e-business&release=9.0.6.0&platform=Linux&function=fixId&fixids=9.0.6.0-ISS-ISAM-IF0002&includeRequisites=1&includeSupersedes=0&downloadMethod=http&login=true&login=true>) \n \n## Workarounds and Mitigations\n\nNone\n\n## Get Notified about Future Security Bulletins\n\nSubscribe to [My Notifications](< http://www-01.ibm.com/software/support/einfo.html>) to be notified of important product support alerts like this.\n\n### References \n\n[Complete CVSS v3 Guide](<http://www.first.org/cvss/user-guide> \"Link resides outside of ibm.com\" ) \n[On-line Calculator v3](<http://www.first.org/cvss/calculator/3.0> \"Link resides outside of ibm.com\" )\n\nOff \n\n## Related Information\n\n[IBM Secure Engineering Web Portal](<http://www.ibm.com/security/secure-engineering/bulletins.html>) \n[IBM Product Security Incident Response Blog](<http://www.ibm.com/blogs/psirt>)\n\n## Change History\n\n30 May 2019: First Publish\n\n*The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Security Bulletin.\n\n## Disclaimer\n\nAccording to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an \"industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response.\" IBM PROVIDES THE CVSS SCORES \"\"AS IS\"\" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY. In addition to other efforts to address potential vulnerabilities, IBM periodically updates the record of components contained in our product offerings. As part of that effort, if IBM identifies previously unidentified packages in a product/service inventory, we address relevant vulnerabilities regardless of CVE date. Inclusion of an older CVEID does not demonstrate that the referenced product has been used by IBM since that date, nor that IBM was aware of a vulnerability as of that date. We are making clients aware of relevant vulnerabilities as we become aware of them. \"Affected Products and Versions\" referenced in IBM Security Bulletins are intended to be only products and versions that are supported by IBM and have not passed their end-of-support or warranty date. Thus, failure to reference unsupported or extended-support products and versions in this Security Bulletin does not constitute a determination by IBM that they are unaffected by the vulnerability. Reference to one or more unsupported versions in this Security Bulletin shall not create an obligation for IBM to provide fixes for any unsupported or extended-support products or versions.\n\n## Internal Use Only\n\nFixes for the following Product Records\n\nAdvisory PRID \n13192 120968 \n13963 126047 \n12976 126079 \n14006 126303 \n14095 126430 \n14107 126450 \n14927 130541 \n15000 129876 \n15746 134136\n\n[{\"Business Unit\":{\"code\":\"BU059\",\"label\":\"IBM Software w\\/o TPS\"},\"Product\":{\"code\":\"SSQRZH\",\"label\":\"IBM Security Access Manager Appliance\"},\"Component\":\"\",\"Platform\":[{\"code\":\"PF004\",\"label\":\"Appliance\"}],\"Version\":\"9.0.3.0;9.0.4.0;9.0.5.0\",\"Edition\":\"\",\"Line of Business\":{\"code\":\"LOB24\",\"label\":\"Security Software\"}},{\"Business Unit\":{\"code\":\"BU059\",\"label\":\"IBM Software w\\/o TPS\"},\"Product\":{\"code\":\"SSPREK\",\"label\":\"Tivoli Access Manager for e-business\"},\"Component\":\"\",\"Platform\":[{\"code\":\"PF004\",\"label\":\"Appliance\"}],\"Version\":\"9.0.3.0;9.0.4.0;9.0.5.0\",\"Edition\":\"\",\"Line of Business\":{\"code\":\"LOB24\",\"label\":\"Security Software\"}},{\"Business Unit\":{\"code\":\"BU059\",\"label\":\"IBM Software w\\/o TPS\"},\"Product\":{\"code\":\"SSELE6\",\"label\":\"IBM Security Access Manager for Mobile\"},\"Component\":\"\",\"Platform\":[{\"code\":\"PF004\",\"label\":\"Appliance\"}],\"Version\":\"9.0.3.0;9.0.4.0;9.0.5.0\",\"Edition\":\"\",\"Line of Business\":{\"code\":\"LOB24\",\"label\":\"Security Software\"}}]", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-05-30T21:45:01", "type": "ibm", "title": "Security Bulletin: Multiple Security vulnerabilities have been fixed in the IBM Security Access Manager Appliance", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-3735", "CVE-2018-0732", "CVE-2018-0739", "CVE-2018-1000007", "CVE-2018-1000122", "CVE-2018-1000301", "CVE-2018-10844", "CVE-2018-10845", "CVE-2018-10915", "CVE-2018-13033", "CVE-2018-18311", "CVE-2018-5729", "CVE-2018-5730", "CVE-2018-8945", "CVE-2019-3815", "CVE-2019-3855", "CVE-2019-3856", "CVE-2019-3857", "CVE-2019-3863"], "modified": "2019-05-30T21:45:01", "id": "5A23BE34322F36780B2821378B1628B3331997E99E3A9C4B3B0067399EEBC3F5", "href": "https://www.ibm.com/support/pages/node/886247", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-06-28T22:04:38", "description": "## Summary\n\nIBM has announced a release for IBM Security Identity Governance and Intelligence (IGI) in response to multiple security vulnerabilities. There are multiple vulnerabilities fixes to open source libraries distributed with IGI, other less secure algorithms for crypto, xss attacks and click jacking attacks.\n\n## Vulnerability Details\n\n**CVEID:** [CVE-2018-0124](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-0124>) \n**DESCRIPTION:** Cisco Unified Communications Domain Manager could allow a remote attacker to execute arbitrary code on the system, caused by insecure key generation during application configuration. By sending arbitrary requests using the insecure key, an attacker could exploit this vulnerability to bypass security protections, gain elevated privileges and execute arbitrary code on the system. \nCVSS Base Score: 9.8 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/139282> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)\n\n**CVEID:** [CVE-2018-0125](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-0125>) \n**DESCRIPTION:** Cisco RV132W ADSL2+ Wireless-N VPN and RV134W VDSL2 Wireless-AC VPN Routers could allow a remote attacker to execute arbitrary code on the system, caused by an incomplete input validation on user-controlled input in an HTTP request in the Web interface. By sending a specially crafted HTTP request, an attacker could exploit this vulnerability to execute arbitrary code with root privileges or cause the device to reload. \nCVSS Base Score: 9.8 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/138770> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)\n\n**CVEID:** [CVE-2015-5237](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5237>) \n**DESCRIPTION:** Google Protocol Buffers could allow a remote attacker to execute arbitrary code on the system, caused by an integer overflow in MessageLite::SerializeToString. A remote attacker could exploit this vulnerability to execute arbitrary code on the vulnerable system or cause a denial of service. \nCVSS Base Score: 6.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/105989> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L)\n\n**CVEID:** [CVE-2013-4517](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4517>) \n**DESCRIPTION:** Apache Santuario XML Security for Java is vulnerable to a denial of service, caused by an out of memory error when allowing Document Type Definitions (DTDs). A remote attacker could exploit this vulnerability via XML Signature transforms to cause a denial of service. \nCVSS Base Score: 5 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/89891> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P)\n\n**CVEID:** [CVE-2014-3596](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3596>) \n**DESCRIPTION:** Apache Axis and Axis2 could allow a remote attacker to conduct spoofing attacks, caused by and incomplete fix related to the failure to verify that the server hostname matches a domain name in the subject''s Common Name (CN) field of the X.509 certificate. By persuading a victim to visit a Web site containing a specially-crafted certificate, an attacker could exploit this vulnerability using man-in-the-middle techniques to spoof an SSL server. \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/95377> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:M/Au:N/C:N/I:P/A:N)\n\n**CVEID:** [CVE-2012-5784](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5784>) \n**DESCRIPTION:** Apache Axis 1.4, as used in multiple products, could allow a remote attacker to conduct spoofing attacks, caused by the failure to verify that the server hostname matches a domain name in the subject''s Common Name (CN) field of the X.509 certificate. An attacker could exploit this vulnerability using man-in-the-middle techniques to spoof an SSL server and launch further attacks against a vulnerable target. \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/79829> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:M/Au:N/C:N/I:P/A:N)\n\n**CVEID:** [CVE-2013-2186](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2186>) \n**DESCRIPTION:** Apache commons-fileupload could allow a remote attacker to overwrite arbitrary files on the system, caused by a NULL byte in the implementation of the DiskFileItem class. By sending a serialized instance of the DiskFileItem class, an attacker could exploit this vulnerability to write or overwrite arbitrary files on the system. \nCVSS Base Score: 6.4 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/88133> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:P/A:P)\n\n**CVEID:** [CVE-2016-3092](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3092>) \n**DESCRIPTION:** Apache Tomcat is vulnerable to a denial of service, caused by an error in the Apache Commons FileUpload component. By sending file upload requests, an attacker could exploit this vulnerability to cause the server to become unresponsive. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/114336> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\n**CVEID:** [CVE-2016-1000031](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1000031>) \n**DESCRIPTION:** Apache Commons FileUpload, as used in Novell NetIQ Sentinel and other products, could allow a remote attacker to execute arbitrary code on the system, caused by deserialization of untrusted data in DiskFileItem class of the FileUpload library. A remote attacker could exploit this vulnerability to execute arbitrary code under the context of the current process. \nCVSS Base Score: 9.8 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/117957> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)\n\n**CVEID:** [CVE-2014-0050](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0050>) \n**DESCRIPTION:** Apache Commons FileUpload, as used in Apache Tomcat, Solr, and other products is vulnerable to a denial of service, caused by the improper handling of Content-Type HTTP header for multipart requests by MultipartStream.java. An attacker could exploit this vulnerability using a specially crafted Content-Type header to cause the application to enter into an infinite loop. \nCVSS Base Score: 5 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/90987> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P)\n\n**CVEID:** [CVE-2013-4517](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4517>) \n**DESCRIPTION:** Apache Santuario XML Security for Java is vulnerable to a denial of service, caused by an out of memory error when allowing Document Type Definitions (DTDs). A remote attacker could exploit this vulnerability via XML Signature transforms to cause a denial of service. \nCVSS Base Score: 5 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/89891> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P)\n\n**CVEID:** [CVE-2013-2172](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2172>) \n**DESCRIPTION:** Apache Santuario XML Security for Java could allow a remote attacker to conduct spoofing attacks, caused by the failure to restrict canonicalization algorithms to be applied to the CanonicalizationMethod parameter. An attacker could exploit this vulnerability to spoof the XML signature. \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/85323> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:M/Au:N/C:N/I:P/A:N)\n\n**CVEID:** [CVE-2016-3092](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3092>) \n**DESCRIPTION:** Apache Tomcat is vulnerable to a denial of service, caused by an error in the Apache Commons FileUpload component. By sending file upload requests, an attacker could exploit this vulnerability to cause the server to become unresponsive. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/114336> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\n**CVEID:** [CVE-2016-1000031](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1000031>) \n**DESCRIPTION:** Apache Commons FileUpload, as used in Novell NetIQ Sentinel and other products, could allow a remote attacker to execute arbitrary code on the system, caused by deserialization of untrusted data in DiskFileItem class of the FileUpload library. A remote attacker could exploit this vulnerability to execute arbitrary code under the context of the current process. \nCVSS Base Score: 9.8 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/117957> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)\n\n**CVEID:** [CVE-2014-0050](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0050>) \n**DESCRIPTION:** Apache Commons FileUpload, as used in Apache Tomcat, Solr, and other products is vulnerable to a denial of service, caused by the improper handling of Content-Type HTTP header for multipart requests by MultipartStream.java. An attacker could exploit this vulnerability using a specially crafted Content-Type header to cause the application to enter into an infinite loop. \nCVSS Base Score: 5 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/90987> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P)\n\n**CVEID:** [CVE-2013-0248](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0248>) \n**DESCRIPTION:** Apache Commons FileUpload could allow a local attacker to launch a symlink attack. Temporary files are created insecurely. A local attacker could exploit this vulnerability by creating a symbolic link from a temporary file to various files on the system, which could allow the attacker to overwrite arbitrary files on the system with elevated privileges. \nCVSS Base Score: 3.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/82618> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:L/AC:M/Au:N/C:N/I:P/A:P)\n\n**CVEID:** [CVE-2016-3092](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3092>) \n**DESCRIPTION:** Apache Tomcat is vulnerable to a denial of service, caused by an error in the Apache Commons FileUpload component. By sending file upload requests, an attacker could exploit this vulnerability to cause the server to become unresponsive. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/114336> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\n**CVEID:** [CVE-2016-1000031](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1000031>) \n**DESCRIPTION:** Apache Commons FileUpload, as used in Novell NetIQ Sentinel and other products, could allow a remote attacker to execute arbitrary code on the system, caused by deserialization of untrusted data in DiskFileItem class of the FileUpload library. A remote attacker could exploit this vulnerability to execute arbitrary code under the context of the current process. \nCVSS Base Score: 9.8 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/117957> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)\n\n**CVEID:** [CVE-2014-0050](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0050>) \n**DESCRIPTION:** Apache Commons FileUpload, as used in Apache Tomcat, Solr, and other products is vulnerable to a denial of service, caused by the improper handling of Content-Type HTTP header for multipart requests by MultipartStream.java. An attacker could exploit this vulnerability using a specially crafted Content-Type header to cause the application to enter into an infinite loop. \nCVSS Base Score: 5 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/90987> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P)\n\n**CVEID:** [CVE-2013-0248](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0248>) \n**DESCRIPTION:** Apache Commons FileUpload could allow a local attacker to launch a symlink attack. Temporary files are created insecurely. A local attacker could exploit this vulnerability by creating a symbolic link from a temporary file to various files on the system, which could allow the attacker to overwrite arbitrary files on the system with elevated privileges. \nCVSS Base Score: 3.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/82618> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:L/AC:M/Au:N/C:N/I:P/A:P)\n\n**CVEID:** [CVE-2016-3092](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3092>) \n**DESCRIPTION:** Apache Tomcat is vulnerable to a denial of service, caused by an error in the Apache Commons FileUpload component. By sending file upload requests, an attacker could exploit this vulnerability to cause the server to become unresponsive. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/114336> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\n**CVEID:** [CVE-2016-1000031](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1000031>) \n**DESCRIPTION:** Apache Commons FileUpload, as used in Novell NetIQ Sentinel and other products, could allow a remote attacker to execute arbitrary code on the system, caused by deserialization of untrusted data in DiskFileItem class of the FileUpload library. A remote attacker could exploit this vulnerability to execute arbitrary code under the con