CentOS 7 : postgresql (CESA-2017:3402)

2017-12-11T00:00:00

Description

An update for postgresql is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. PostgreSQL is an advanced object-relational database management system (DBMS). Security Fix(es) : * Privilege escalation flaws were found in the initialization scripts of PostgreSQL. An attacker with access to the postgres user account could use these flaws to obtain root access on the server machine. (CVE-2017-12172, CVE-2017-15097) Note: This patch drops the script privileges from root to the postgres user. Therefore, this update works properly only if the postgres user has write access to the postgres' home directory, such as the one in the default configuration (/var/lib/pgsql). Red Hat would like to thank the PostgreSQL project for reporting CVE-2017-12172. The CVE-2017-15097 issue was discovered by Pedro Barbosa (Red Hat) and the PostgreSQL project. Upstream acknowledges Antoine Scemama (Brainloop) as the original reporter of these issues.

{"id": "CENTOS_RHSA-2017-3402.NASL", "type": "nessus", "bulletinFamily": "scanner", "title": "CentOS 7 : postgresql (CESA-2017:3402)", "description": "An update for postgresql is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\nPostgreSQL is an advanced object-relational database management system (DBMS).\n\nSecurity Fix(es) :\n\n* Privilege escalation flaws were found in the initialization scripts of PostgreSQL. An attacker with access to the postgres user account could use these flaws to obtain root access on the server machine.\n(CVE-2017-12172, CVE-2017-15097)\n\nNote: This patch drops the script privileges from root to the postgres user. Therefore, this update works properly only if the postgres user has write access to the postgres' home directory, such as the one in the default configuration (/var/lib/pgsql).\n\nRed Hat would like to thank the PostgreSQL project for reporting CVE-2017-12172. The CVE-2017-15097 issue was discovered by Pedro Barbosa (Red Hat) and the PostgreSQL project. Upstream acknowledges Antoine Scemama (Brainloop) as the original reporter of these issues.", "published": "2017-12-11T00:00:00", "modified": "2021-01-04T00:00:00", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}, "cvss2": {}, "cvss3": {"score": 6.7, "vector": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"}, "href": "https://www.tenable.com/plugins/nessus/105114", "reporter": "This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.", "references": ["http://www.nessus.org/u?65b722b1", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15097", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12172"], "cvelist": ["CVE-2017-12172", "CVE-2017-15097"], "immutableFields": [], "lastseen": "2021-08-19T12:34:31", "viewCount": 11, "enchantments": {"dependencies": {"references": [{"type": "amazon", "idList": ["ALAS-2017-930", "ALAS-2017-931"]}, {"type": "centos", "idList": ["CESA-2017:3402"]}, {"type": "cve", "idList": ["CVE-2017-12172", "CVE-2017-15097"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2017-12172"]}, {"type": "fedora", "idList": ["FEDORA:1EF0760608FF", "FEDORA:44D0E60603F2", "FEDORA:F2CC660D2A1B"]}, {"type": "ibm", "idList": ["CC5089F9744A6B5AF776C8A1234A9BCA32E0798D396B5C631C8D215B02EA08AB"]}, {"type": "kaspersky", "idList": ["KLA11147"]}, {"type": "mageia", "idList": ["MGASA-2017-0428"]}, {"type": "nessus", "idList": ["ALA_ALAS-2017-930.NASL", "ALA_ALAS-2017-931.NASL", "EULEROS_SA-2017-1340.NASL", "EULEROS_SA-2017-1341.NASL", "JUNIPER_SPACE_JSA_10838.NASL", "NEWSTART_CGSL_NS-SA-2019-0006_POSTGRESQL.NASL", "OPENSUSE-2018-38.NASL", "ORACLELINUX_ELSA-2017-3402.NASL", "PHOTONOS_PHSA-2017-0048.NASL", "POSTGRESQL_20171109.NASL", "REDHAT-RHSA-2017-3402.NASL", "SL_20171219_POSTGRESQL_ON_SL7_X.NASL", "SUSE_SU-2018-0077-1.NASL", "SUSE_SU-2018-0081-1.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310812313", "OPENVAS:1361412562310812314", "OPENVAS:1361412562310812341", "OPENVAS:1361412562310874590", "OPENVAS:1361412562310874591", "OPENVAS:1361412562310874971", "OPENVAS:1361412562310882819", "OPENVAS:1361412562311220171340", "OPENVAS:1361412562311220171341"]}, {"type": "oraclelinux", "idList": ["ELSA-2017-3402"]}, {"type": "postgresql", "idList": ["POSTGRESQL:CVE-2017-12172"]}, {"type": "redhat", "idList": ["RHSA-2017:3402", "RHSA-2017:3403", "RHSA-2017:3404", "RHSA-2017:3405"]}, {"type": "redhatcve", "idList": ["RH:CVE-2017-12172", "RH:CVE-2017-15097"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2017-12172", "UB:CVE-2017-8806"]}]}, "score": {"value": -0.4, "vector": "NONE"}, "backreferences": {"references": [{"type": "amazon", "idList": ["ALAS-2017-930", "ALAS-2017-931"]}, {"type": "centos", "idList": ["CESA-2017:3402"]}, {"type": "cve", "idList": ["CVE-2017-12172"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2017-12172"]}, {"type": "fedora", "idList": ["FEDORA:1EF0760608FF", "FEDORA:44D0E60603F2", "FEDORA:F2CC660D2A1B"]}, {"type": "kaspersky", "idList": ["KLA11147"]}, {"type": "nessus", "idList": ["ALA_ALAS-2017-930.NASL", "ALA_ALAS-2017-931.NASL", "EULEROS_SA-2017-1340.NASL", "EULEROS_SA-2017-1341.NASL", "ORACLELINUX_ELSA-2017-3402.NASL", "POSTGRESQL_20171109.NASL", "REDHAT-RHSA-2017-3402.NASL", "SL_20171219_POSTGRESQL_ON_SL7_X.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310812313", "OPENVAS:1361412562310812314", "OPENVAS:1361412562310812341", "OPENVAS:1361412562310882819"]}, {"type": "oraclelinux", "idList": ["ELSA-2017-3402"]}, {"type": "postgresql", "idList": ["POSTGRESQL:CVE-2017-12172"]}, {"type": "redhat", "idList": ["RHSA-2017:3404"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2017-12172"]}]}, "exploitation": null, "vulnersScore": -0.4}, "pluginID": "105114", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2017:3402 and \n# CentOS Errata and Security Advisory 2017:3402 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(105114);\n script_version(\"3.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2017-12172\", \"CVE-2017-15097\");\n script_xref(name:\"RHSA\", value:\"2017:3402\");\n\n script_name(english:\"CentOS 7 : postgresql (CESA-2017:3402)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An update for postgresql is now available for Red Hat Enterprise Linux\n7.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Moderate. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nPostgreSQL is an advanced object-relational database management system\n(DBMS).\n\nSecurity Fix(es) :\n\n* Privilege escalation flaws were found in the initialization scripts\nof PostgreSQL. An attacker with access to the postgres user account\ncould use these flaws to obtain root access on the server machine.\n(CVE-2017-12172, CVE-2017-15097)\n\nNote: This patch drops the script privileges from root to the postgres\nuser. Therefore, this update works properly only if the postgres user\nhas write access to the postgres' home directory, such as the one in\nthe default configuration (/var/lib/pgsql).\n\nRed Hat would like to thank the PostgreSQL project for reporting\nCVE-2017-12172. The CVE-2017-15097 issue was discovered by Pedro\nBarbosa (Red Hat) and the PostgreSQL project. Upstream acknowledges\nAntoine Scemama (Brainloop) as the original reporter of these issues.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2017-December/022690.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?65b722b1\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected postgresql packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2017-12172\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:postgresql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:postgresql-contrib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:postgresql-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:postgresql-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:postgresql-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:postgresql-plperl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:postgresql-plpython\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:postgresql-pltcl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:postgresql-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:postgresql-static\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:postgresql-test\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:postgresql-upgrade\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:7\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/11/22\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/12/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/12/11\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 7.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"postgresql-9.2.23-3.el7_4\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"postgresql-contrib-9.2.23-3.el7_4\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"postgresql-devel-9.2.23-3.el7_4\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"postgresql-docs-9.2.23-3.el7_4\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"postgresql-libs-9.2.23-3.el7_4\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"postgresql-plperl-9.2.23-3.el7_4\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"postgresql-plpython-9.2.23-3.el7_4\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"postgresql-pltcl-9.2.23-3.el7_4\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"postgresql-server-9.2.23-3.el7_4\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"postgresql-static-9.2.23-3.el7_4\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"postgresql-test-9.2.23-3.el7_4\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"postgresql-upgrade-9.2.23-3.el7_4\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"postgresql / postgresql-contrib / postgresql-devel / etc\");\n}\n", "naslFamily": "CentOS Local Security Checks", "cpe": ["p-cpe:/a:centos:centos:postgresql", "p-cpe:/a:centos:centos:postgresql-contrib", "p-cpe:/a:centos:centos:postgresql-devel", "p-cpe:/a:centos:centos:postgresql-docs", "p-cpe:/a:centos:centos:postgresql-libs", "p-cpe:/a:centos:centos:postgresql-plperl", "p-cpe:/a:centos:centos:postgresql-plpython", "p-cpe:/a:centos:centos:postgresql-pltcl", "p-cpe:/a:centos:centos:postgresql-server", "p-cpe:/a:centos:centos:postgresql-static", "p-cpe:/a:centos:centos:postgresql-test", "p-cpe:/a:centos:centos:postgresql-upgrade", "cpe:/o:centos:centos:7"], "solution": "Update the affected postgresql packages.", "nessusSeverity": "High", "cvssScoreSource": "CVE-2017-12172", "vpr": {"risk factor": "Medium", "score": "5.9"}, "exploitAvailable": false, "exploitEase": "No known exploits are available", "patchPublicationDate": "2017-12-08T00:00:00", "vulnerabilityPublicationDate": "2017-11-22T00:00:00", "exploitableWith": [], "_state": {"dependencies": 1659976447, "score": 1659904768}, "_internal": {"score_hash": "e9be02ce09e866a1c76ec487d6b5dd35"}}

{"openvas": [{"lastseen": "2020-01-27T18:34:28", "description": "The remote host is missing an update for the Huawei EulerOS\n ", "cvss3": {}, "published": "2020-01-23T00:00:00", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for postgresql (EulerOS-SA-2017-1340)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-12172", "CVE-2017-15097"], "modified": "2020-01-23T00:00:00", "id": "OPENVAS:1361412562311220171340", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220171340", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2017.1340\");\n script_version(\"2020-01-23T11:07:48+0000\");\n script_cve_id(\"CVE-2017-12172\", \"CVE-2017-15097\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-01-23 11:07:48 +0000 (Thu, 23 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-23 11:07:48 +0000 (Thu, 23 Jan 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for postgresql (EulerOS-SA-2017-1340)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROS-2\\.0SP1\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2017-1340\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2017-1340\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'postgresql' package(s) announced via the EulerOS-SA-2017-1340 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Privilege escalation flaws were found in the initialization scripts of PostgreSQL. An attacker with access to the postgres user account could use these flaws to obtain root access on the server machine. (CVE-2017-12172, CVE-2017-15097)\");\n\n script_tag(name:\"affected\", value:\"'postgresql' package(s) on Huawei EulerOS V2.0SP1.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROS-2.0SP1\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"postgresql\", rpm:\"postgresql~9.2.23~3\", rls:\"EULEROS-2.0SP1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"postgresql-contrib\", rpm:\"postgresql-contrib~9.2.23~3\", rls:\"EULEROS-2.0SP1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"postgresql-devel\", rpm:\"postgresql-devel~9.2.23~3\", rls:\"EULEROS-2.0SP1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"postgresql-docs\", rpm:\"postgresql-docs~9.2.23~3\", rls:\"EULEROS-2.0SP1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"postgresql-libs\", rpm:\"postgresql-libs~9.2.23~3\", rls:\"EULEROS-2.0SP1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"postgresql-plperl\", rpm:\"postgresql-plperl~9.2.23~3\", rls:\"EULEROS-2.0SP1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"postgresql-plpython\", rpm:\"postgresql-plpython~9.2.23~3\", rls:\"EULEROS-2.0SP1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"postgresql-pltcl\", rpm:\"postgresql-pltcl~9.2.23~3\", rls:\"EULEROS-2.0SP1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"postgresql-server\", rpm:\"postgresql-server~9.2.23~3\", rls:\"EULEROS-2.0SP1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"postgresql-test\", rpm:\"postgresql-test~9.2.23~3\", rls:\"EULEROS-2.0SP1\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-01-27T18:36:54", "description": "The remote host is missing an update for the Huawei EulerOS\n ", "cvss3": {}, "published": "2020-01-23T00:00:00", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for postgresql (EulerOS-SA-2017-1341)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-12172", "CVE-2017-15097"], "modified": "2020-01-23T00:00:00", "id": "OPENVAS:1361412562311220171341", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220171341", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2017.1341\");\n script_version(\"2020-01-23T11:07:49+0000\");\n script_cve_id(\"CVE-2017-12172\", \"CVE-2017-15097\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-01-23 11:07:49 +0000 (Thu, 23 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-23 11:07:49 +0000 (Thu, 23 Jan 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for postgresql (EulerOS-SA-2017-1341)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROS-2\\.0SP2\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2017-1341\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2017-1341\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'postgresql' package(s) announced via the EulerOS-SA-2017-1341 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Privilege escalation flaws were found in the initialization scripts of PostgreSQL. An attacker with access to the postgres user account could use these flaws to obtain root access on the server machine. (CVE-2017-12172, CVE-2017-15097)\");\n\n script_tag(name:\"affected\", value:\"'postgresql' package(s) on Huawei EulerOS V2.0SP2.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROS-2.0SP2\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"postgresql\", rpm:\"postgresql~9.2.23~3\", rls:\"EULEROS-2.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"postgresql-contrib\", rpm:\"postgresql-contrib~9.2.23~3\", rls:\"EULEROS-2.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"postgresql-devel\", rpm:\"postgresql-devel~9.2.23~3\", rls:\"EULEROS-2.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"postgresql-docs\", rpm:\"postgresql-docs~9.2.23~3\", rls:\"EULEROS-2.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"postgresql-libs\", rpm:\"postgresql-libs~9.2.23~3\", rls:\"EULEROS-2.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"postgresql-plperl\", rpm:\"postgresql-plperl~9.2.23~3\", rls:\"EULEROS-2.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"postgresql-plpython\", rpm:\"postgresql-plpython~9.2.23~3\", rls:\"EULEROS-2.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"postgresql-pltcl\", rpm:\"postgresql-pltcl~9.2.23~3\", rls:\"EULEROS-2.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"postgresql-server\", rpm:\"postgresql-server~9.2.23~3\", rls:\"EULEROS-2.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"postgresql-test\", rpm:\"postgresql-test~9.2.23~3\", rls:\"EULEROS-2.0SP2\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:34:51", "description": "Check the version of postgresql", "cvss3": {}, "published": "2017-12-09T00:00:00", "type": "openvas", "title": "CentOS Update for postgresql CESA-2017:3402 centos7", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-12172", "CVE-2017-15097"], "modified": "2019-03-08T00:00:00", "id": "OPENVAS:1361412562310882819", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310882819", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_CESA-2017_3402_postgresql_centos7.nasl 14058 2019-03-08 13:25:52Z cfischer $\n#\n# CentOS Update for postgresql CESA-2017:3402 centos7\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2017 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.882819\");\n script_version(\"$Revision: 14058 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-08 14:25:52 +0100 (Fri, 08 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2017-12-09 07:38:12 +0100 (Sat, 09 Dec 2017)\");\n script_cve_id(\"CVE-2017-12172\", \"CVE-2017-15097\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"CentOS Update for postgresql CESA-2017:3402 centos7\");\n script_tag(name:\"summary\", value:\"Check the version of postgresql\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"PostgreSQL is an advanced object-relational\ndatabase management system (DBMS).\n\nSecurity Fix(es):\n\n * Privilege escalation flaws were found in the initialization scripts of\nPostgreSQL. An attacker with access to the postgres user account could use\nthese flaws to obtain root access on the server machine. (CVE-2017-12172,\nCVE-2017-15097)\n\nNote: This patch drops the script privileges from root to the postgres\nuser. Therefore, this update works properly only if the postgres user has\nwrite access to the postgres' home directory, such as the one in the\ndefault configuration (/var/lib/pgsql).\n\nRed Hat would like to thank the PostgreSQL project for reporting\nCVE-2017-12172. The CVE-2017-15097 issue was discovered by Pedro Barbosa\n(Red Hat) and the PostgreSQL project. Upstream acknowledges Antoine Scemama\n(Brainloop) as the original reporter of these issues.\");\n script_tag(name:\"affected\", value:\"postgresql on CentOS 7\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n\n script_xref(name:\"CESA\", value:\"2017:3402\");\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2017-December/022690.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2017 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS7\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS7\")\n{\n\n if ((res = isrpmvuln(pkg:\"postgresql\", rpm:\"postgresql~9.2.23~3.el7_4\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"postgresql-contrib\", rpm:\"postgresql-contrib~9.2.23~3.el7_4\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"postgresql-devel\", rpm:\"postgresql-devel~9.2.23~3.el7_4\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"postgresql-docs\", rpm:\"postgresql-docs~9.2.23~3.el7_4\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"postgresql-libs\", rpm:\"postgresql-libs~9.2.23~3.el7_4\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"postgresql-plperl\", rpm:\"postgresql-plperl~9.2.23~3.el7_4\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"postgresql-plpython\", rpm:\"postgresql-plpython~9.2.23~3.el7_4\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"postgresql-pltcl\", rpm:\"postgresql-pltcl~9.2.23~3.el7_4\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"postgresql-server\", rpm:\"postgresql-server~9.2.23~3.el7_4\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"postgresql-static\", rpm:\"postgresql-static~9.2.23~3.el7_4\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"postgresql-test\", rpm:\"postgresql-test~9.2.23~3.el7_4\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"postgresql-upgrade\", rpm:\"postgresql-upgrade~9.2.23~3.el7_4\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:34:53", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2017-12-08T00:00:00", "type": "openvas", "title": "RedHat Update for postgresql RHSA-2017:3402-01", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-12172", "CVE-2017-15097"], "modified": "2018-11-23T00:00:00", "id": "OPENVAS:1361412562310812341", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310812341", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_RHSA-2017_3402-01_postgresql.nasl 12497 2018-11-23 08:28:21Z cfischer $\n#\n# RedHat Update for postgresql RHSA-2017:3402-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2017 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.812341\");\n script_version(\"$Revision: 12497 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-23 09:28:21 +0100 (Fri, 23 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2017-12-08 07:03:42 +0100 (Fri, 08 Dec 2017)\");\n script_cve_id(\"CVE-2017-12172\", \"CVE-2017-15097\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"RedHat Update for postgresql RHSA-2017:3402-01\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'postgresql'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"PostgreSQL is an advanced object-relational\ndatabase management system (DBMS).\n\nSecurity Fix(es):\n\n * Privilege escalation flaws were found in the initialization scripts of\nPostgreSQL. An attacker with access to the postgres user account could use\nthese flaws to obtain root access on the server machine. (CVE-2017-12172,\nCVE-2017-15097)\n\nNote: This patch drops the script privileges from root to the postgres\nuser. Therefore, this update works properly only if the postgres user has\nwrite access to the postgres' home directory, such as the one in the\ndefault configuration (/var/lib/pgsql).\n\nRed Hat would like to thank the PostgreSQL project for reporting\nCVE-2017-12172. The CVE-2017-15097 issue was discovered by Pedro Barbosa\n(Red Hat) and the PostgreSQL project. Upstream acknowledges Antoine Scemama\n(Brainloop) as the original reporter of these issues.\");\n script_tag(name:\"affected\", value:\"postgresql on Red Hat Enterprise Linux Server (v. 7)\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n\n script_xref(name:\"RHSA\", value:\"2017:3402-01\");\n script_xref(name:\"URL\", value:\"https://www.redhat.com/archives/rhsa-announce/2017-December/msg00011.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2017 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\", re:\"ssh/login/release=RHENT_7\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"RHENT_7\")\n{\n\n if ((res = isrpmvuln(pkg:\"postgresql\", rpm:\"postgresql~9.2.23~3.el7_4\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"postgresql-contrib\", rpm:\"postgresql-contrib~9.2.23~3.el7_4\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"postgresql-debuginfo\", rpm:\"postgresql-debuginfo~9.2.23~3.el7_4\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"postgresql-devel\", rpm:\"postgresql-devel~9.2.23~3.el7_4\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"postgresql-docs\", rpm:\"postgresql-docs~9.2.23~3.el7_4\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"postgresql-libs\", rpm:\"postgresql-libs~9.2.23~3.el7_4\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"postgresql-plperl\", rpm:\"postgresql-plperl~9.2.23~3.el7_4\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"postgresql-plpython\", rpm:\"postgresql-plpython~9.2.23~3.el7_4\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"postgresql-pltcl\", rpm:\"postgresql-pltcl~9.2.23~3.el7_4\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"postgresql-server\", rpm:\"postgresql-server~9.2.23~3.el7_4\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"postgresql-test\", rpm:\"postgresql-test~9.2.23~3.el7_4\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-01-29T20:25:15", "description": "This host is running PostgreSQL and is\n prone to a privilege escalation vulnerability.", "cvss3": {}, "published": "2017-12-04T00:00:00", "type": "openvas", "title": "PostgreSQL Privilege Escalation Vulnerability-Dec17 (Linux)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-12172"], "modified": "2020-01-28T00:00:00", "id": "OPENVAS:1361412562310812314", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310812314", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# PostgreSQL Privilege Escalation Vulnerability-Dec17 (Linux)\n#\n# Authors:\n# Shakeel <bshakeel@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2017 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:postgresql:postgresql\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.812314\");\n script_version(\"2020-01-28T13:26:39+0000\");\n script_cve_id(\"CVE-2017-12172\");\n script_bugtraq_id(101949);\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-01-28 13:26:39 +0000 (Tue, 28 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2017-12-04 16:58:49 +0530 (Mon, 04 Dec 2017)\");\n script_tag(name:\"qod_type\", value:\"remote_banner_unreliable\");\n script_name(\"PostgreSQL Privilege Escalation Vulnerability-Dec17 (Linux)\");\n\n script_tag(name:\"summary\", value:\"This host is running PostgreSQL and is\n prone to a privilege escalation vulnerability.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The flaw exists as PostgreSQL runs under a\n non-root operating system account, and database superusers have effective ability\n to run arbitrary code under that system account. PostgreSQL provides a script for\n starting the database server during system boot. Packages of PostgreSQL for many\n operating systems provide their own, packager-authored startup implementations.\n Several implementations use a log file name that the database superuser can\n replace with a symbolic link. As root, they open(), chmod() and/or chown() this\n log file name. This often suffices for the database superuser to escalate to root\n privileges when root starts the server.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow a local user\n to modify files on the target system.\");\n\n script_tag(name:\"affected\", value:\"PostgreSQL version 9.2.x before 9.2.24, 9.3.x\n before 9.3.20, 9.4.x before 9.4.15, 9.5.x before 9.5.10, 9.6.x before 9.6.6 and\n 10.x before 10.1.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to PostgreSQL version 10.1 or 9.6.6\n or 9.5.10 or 9.4.15 or 9.3.20 or 9.2.24 or later.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_xref(name:\"URL\", value:\"https://www.postgresql.org/about/news/1801\");\n script_xref(name:\"URL\", value:\"https://www.postgresql.org/support/security\");\n\n script_copyright(\"Copyright (C) 2017 Greenbone Networks GmbH\");\n script_category(ACT_GATHER_INFO);\n script_family(\"Databases\");\n script_dependencies(\"postgresql_detect.nasl\", \"secpod_postgresql_detect_lin.nasl\", \"secpod_postgresql_detect_win.nasl\", \"os_detection.nasl\");\n script_mandatory_keys(\"postgresql/detected\", \"Host/runs_unixoide\");\n\n exit(0);\n}\n\ninclude(\"version_func.inc\");\ninclude(\"host_details.inc\");\n\nif(isnull(port = get_app_port(cpe:CPE)))\n exit(0);\n\nif(!infos = get_app_version_and_location(cpe:CPE, port:port, exit_no_version:TRUE))\n exit(0);\n\nvers = infos[\"version\"];\nloc = infos[\"location\"];\n\nif(vers =~ \"^9\\.2\") {\n if(version_is_less(version:vers, test_version:\"9.2.24\")) {\n fix = \"9.2.24\";\n }\n}\n\nelse if(vers =~ \"^9\\.3\") {\n if(version_is_less(version:vers, test_version:\"9.3.20\")) {\n fix = \"9.3.20\";\n }\n}\n\nelse if(vers =~ \"^9\\.4\") {\n if(version_is_less(version:vers, test_version:\"9.4.15\")) {\n fix = \"9.4.15\";\n }\n}\n\nelse if(vers =~ \"^9\\.5\") {\n if(version_is_less(version:vers, test_version:\"9.5.10\")) {\n fix = \"9.5.10\";\n }\n}\n\nelse if(vers =~ \"^9\\.6\") {\n if(version_is_less(version:vers, test_version:\"9.6.6\")) {\n fix = \"9.6.6\";\n }\n}\n\nelse if(vers =~ \"^10\\.\") {\n if(version_is_less(version:vers, test_version:\"10.1\")) {\n fix = \"10.1\";\n }\n}\n\nif(fix) {\n report = report_fixed_ver(installed_version:vers, fixed_version:fix, install_path:loc);\n security_message(port:port, data: report);\n exit(0);\n}\n\nexit(99);\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-01-29T20:25:15", "description": "This host is running PostgreSQL and is\n prone to a privilege escalation vulnerability.", "cvss3": {}, "published": "2017-12-04T00:00:00", "type": "openvas", "title": "PostgreSQL Privilege Escalation Vulnerability-Dec17 (Windows)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-12172"], "modified": "2020-01-28T00:00:00", "id": "OPENVAS:1361412562310812313", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310812313", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# PostgreSQL Privilege Escalation Vulnerability-Dec17 (Windows)\n#\n# Authors:\n# Shakeel <bshakeel@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2017 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:postgresql:postgresql\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.812313\");\n script_version(\"2020-01-28T13:26:39+0000\");\n script_cve_id(\"CVE-2017-12172\");\n script_bugtraq_id(101949);\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-01-28 13:26:39 +0000 (Tue, 28 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2017-12-04 16:50:41 +0530 (Mon, 04 Dec 2017)\");\n script_tag(name:\"qod_type\", value:\"remote_banner\");\n script_name(\"PostgreSQL Privilege Escalation Vulnerability-Dec17 (Windows)\");\n\n script_tag(name:\"summary\", value:\"This host is running PostgreSQL and is\n prone to a privilege escalation vulnerability.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The flaw exists as PostgreSQL runs under a\n non-root operating system account, and database superusers have effective ability\n to run arbitrary code under that system account. PostgreSQL provides a script for\n starting the database server during system boot. Packages of PostgreSQL for many\n operating systems provide their own, packager-authored startup implementations.\n Several implementations use a log file name that the database superuser can\n replace with a symbolic link. As root, they open(), chmod() and/or chown() this\n log file name. This often suffices for the database superuser to escalate to root\n privileges when root starts the server.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow a local user\n to modify files on the target system.\");\n\n script_tag(name:\"affected\", value:\"PostgreSQL version 9.2.x before 9.2.24, 9.3.x\n before 9.3.20, 9.4.x before 9.4.15, 9.5.x before 9.5.10, 9.6.x before 9.6.6 and\n 10.x before 10.1.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to PostgreSQL version 10.1 or 9.6.6\n or 9.5.10 or 9.4.15 or 9.3.20 or 9.2.24 or later.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_xref(name:\"URL\", value:\"https://www.postgresql.org/about/news/1801\");\n script_xref(name:\"URL\", value:\"https://www.postgresql.org/support/security\");\n\n script_copyright(\"Copyright (C) 2017 Greenbone Networks GmbH\");\n script_category(ACT_GATHER_INFO);\n script_family(\"Databases\");\n script_dependencies(\"postgresql_detect.nasl\", \"secpod_postgresql_detect_lin.nasl\", \"secpod_postgresql_detect_win.nasl\", \"os_detection.nasl\");\n script_mandatory_keys(\"postgresql/detected\", \"Host/runs_windows\");\n\n exit(0);\n}\n\ninclude(\"version_func.inc\");\ninclude(\"host_details.inc\");\n\nif(isnull(port = get_app_port(cpe:CPE)))\n exit(0);\n\nif(!infos = get_app_version_and_location(cpe:CPE, port:port, exit_no_version:TRUE))\n exit(0);\n\nvers = infos[\"version\"];\nloc = infos[\"location\"];\n\nif(vers =~ \"^9\\.2\") {\n if(version_is_less(version:vers, test_version:\"9.2.24\")) {\n fix = \"9.2.24\";\n }\n}\n\nelse if(vers =~ \"^9\\.3\") {\n if(version_is_less(version:vers, test_version:\"9.3.20\")) {\n fix = \"9.3.20\";\n }\n}\n\nelse if(vers =~ \"^9\\.4\") {\n if(version_is_less(version:vers, test_version:\"9.4.15\")) {\n fix = \"9.4.15\";\n }\n}\n\nelse if(vers =~ \"^9\\.5\") {\n if(version_is_less(version:vers, test_version:\"9.5.10\")) {\n fix = \"9.5.10\";\n }\n}\n\nelse if(vers =~ \"^9\\.6\") {\n if(version_is_less(version:vers, test_version:\"9.6.6\")) {\n fix = \"9.6.6\";\n }\n}\n\nelse if(vers =~ \"^10\\.\") {\n if(version_is_less(version:vers, test_version:\"10.1\")) {\n fix = \"10.1\";\n }\n}\n\n\nif(fix) {\n report = report_fixed_ver(installed_version:vers, fixed_version:fix, install_path:loc);\n security_message(port:port, data: report);\n exit(0);\n}\n\nexit(99);\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:33:10", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2018-05-22T00:00:00", "type": "openvas", "title": "Fedora Update for postgresql FEDORA-2018-937c789f2a", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-15097", "CVE-2018-1115"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310874590", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310874590", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_fedora_2018_937c789f2a_postgresql_fc27.nasl 14223 2019-03-15 13:49:35Z cfischer $\n#\n# Fedora Update for postgresql FEDORA-2018-937c789f2a\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.874590\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2018-05-22 05:08:38 +0200 (Tue, 22 May 2018)\");\n script_cve_id(\"CVE-2017-15097\", \"CVE-2018-1115\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for postgresql FEDORA-2018-937c789f2a\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'postgresql'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present\non the target host.\");\n script_tag(name:\"affected\", value:\"postgresql on Fedora 27\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n\n script_xref(name:\"FEDORA\", value:\"2018-937c789f2a\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7WZYWTXOZYTG4RUI5ZIF45RBRYQ4QRXO\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC27\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC27\")\n{\n\n if ((res = isrpmvuln(pkg:\"postgresql\", rpm:\"postgresql~9.6.9~1.fc27\", rls:\"FC27\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:33:08", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2018-05-22T00:00:00", "type": "openvas", "title": "Fedora Update for postgresql FEDORA-2018-bd6f9237b5", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-15097", "CVE-2018-1115"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310874591", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310874591", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_fedora_2018_bd6f9237b5_postgresql_fc26.nasl 14223 2019-03-15 13:49:35Z cfischer $\n#\n# Fedora Update for postgresql FEDORA-2018-bd6f9237b5\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.874591\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2018-05-22 05:08:42 +0200 (Tue, 22 May 2018)\");\n script_cve_id(\"CVE-2017-15097\", \"CVE-2018-1115\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for postgresql FEDORA-2018-bd6f9237b5\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'postgresql'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present\non the target host.\");\n script_tag(name:\"affected\", value:\"postgresql on Fedora 26\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n\n script_xref(name:\"FEDORA\", value:\"2018-bd6f9237b5\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/R5BCV35OZRLWMLCQQ7HSUP4S64I4XKWI\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC26\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC26\")\n{\n\n if ((res = isrpmvuln(pkg:\"postgresql\", rpm:\"postgresql~9.6.9~1.fc26\", rls:\"FC26\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:33:09", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2018-08-19T00:00:00", "type": "openvas", "title": "Fedora Update for postgresql FEDORA-2018-d8f5aea89d", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-10925", "CVE-2017-15097", "CVE-2018-10915"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310874971", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310874971", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_fedora_2018_d8f5aea89d_postgresql_fc27.nasl 14223 2019-03-15 13:49:35Z cfischer $\n#\n# Fedora Update for postgresql FEDORA-2018-d8f5aea89d\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.874971\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2018-08-19 06:51:21 +0200 (Sun, 19 Aug 2018)\");\n script_cve_id(\"CVE-2018-10915\", \"CVE-2018-10925\", \"CVE-2017-15097\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for postgresql FEDORA-2018-d8f5aea89d\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'postgresql'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present\non the target host.\");\n script_tag(name:\"affected\", value:\"postgresql on Fedora 27\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n\n script_xref(name:\"FEDORA\", value:\"2018-d8f5aea89d\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5O3TG4AQRQP7AH3KLCI73OTJC76DNUM6\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC27\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC27\")\n{\n\n if ((res = isrpmvuln(pkg:\"postgresql\", rpm:\"postgresql~9.6.10~1.fc27\", rls:\"FC27\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}], "nessus": [{"lastseen": "2021-08-19T12:34:35", "description": "According to the versions of the postgresql packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :\n\n - Privilege escalation flaws were found in the initialization scripts of PostgreSQL. An attacker with access to the postgres user account could use these flaws to obtain root access on the server machine.\n (CVE-2017-12172, CVE-2017-15097)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 6.7, "vector": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"}, "published": "2017-12-18T00:00:00", "type": "nessus", "title": "EulerOS 2.0 SP2 : postgresql (EulerOS-SA-2017-1341)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-12172", "CVE-2017-15097"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:postgresql", "p-cpe:/a:huawei:euleros:postgresql-contrib", "p-cpe:/a:huawei:euleros:postgresql-devel", "p-cpe:/a:huawei:euleros:postgresql-docs", "p-cpe:/a:huawei:euleros:postgresql-libs", "p-cpe:/a:huawei:euleros:postgresql-plperl", "p-cpe:/a:huawei:euleros:postgresql-plpython", "p-cpe:/a:huawei:euleros:postgresql-pltcl", "p-cpe:/a:huawei:euleros:postgresql-server", "p-cpe:/a:huawei:euleros:postgresql-test", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2017-1341.NASL", "href": "https://www.tenable.com/plugins/nessus/105322", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(105322);\n script_version(\"3.16\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\n \"CVE-2017-12172\",\n \"CVE-2017-15097\"\n );\n\n script_name(english:\"EulerOS 2.0 SP2 : postgresql (EulerOS-SA-2017-1341)\");\n script_summary(english:\"Checks the rpm output for the updated packages.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the postgresql packages installed, the\nEulerOS installation on the remote host is affected by the following\nvulnerabilities :\n\n - Privilege escalation flaws were found in the\n initialization scripts of PostgreSQL. An attacker with\n access to the postgres user account could use these\n flaws to obtain root access on the server machine.\n (CVE-2017-12172, CVE-2017-15097)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2017-1341\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?06772c28\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected postgresql packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/12/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/12/18\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:postgresql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:postgresql-contrib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:postgresql-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:postgresql-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:postgresql-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:postgresql-plperl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:postgresql-plpython\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:postgresql-pltcl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:postgresql-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:postgresql-test\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0\");\n\nsp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(2)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP2\");\n\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP2\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nflag = 0;\n\npkgs = [\"postgresql-9.2.23-3\",\n \"postgresql-contrib-9.2.23-3\",\n \"postgresql-devel-9.2.23-3\",\n \"postgresql-docs-9.2.23-3\",\n \"postgresql-libs-9.2.23-3\",\n \"postgresql-plperl-9.2.23-3\",\n \"postgresql-plpython-9.2.23-3\",\n \"postgresql-pltcl-9.2.23-3\",\n \"postgresql-server-9.2.23-3\",\n \"postgresql-test-9.2.23-3\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"2\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"postgresql\");\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T12:34:23", "description": "According to the versions of the postgresql packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :\n\n - Privilege escalation flaws were found in the initialization scripts of PostgreSQL. An attacker with access to the postgres user account could use these flaws to obtain root access on the server machine.\n (CVE-2017-12172, CVE-2017-15097)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 6.7, "vector": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"}, "published": "2017-12-18T00:00:00", "type": "nessus", "title": "EulerOS 2.0 SP1 : postgresql (EulerOS-SA-2017-1340)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-12172", "CVE-2017-15097"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:postgresql", "p-cpe:/a:huawei:euleros:postgresql-contrib", "p-cpe:/a:huawei:euleros:postgresql-devel", "p-cpe:/a:huawei:euleros:postgresql-docs", "p-cpe:/a:huawei:euleros:postgresql-libs", "p-cpe:/a:huawei:euleros:postgresql-plperl", "p-cpe:/a:huawei:euleros:postgresql-plpython", "p-cpe:/a:huawei:euleros:postgresql-pltcl", "p-cpe:/a:huawei:euleros:postgresql-server", "p-cpe:/a:huawei:euleros:postgresql-test", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2017-1340.NASL", "href": "https://www.tenable.com/plugins/nessus/105321", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(105321);\n script_version(\"3.16\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\n \"CVE-2017-12172\",\n \"CVE-2017-15097\"\n );\n\n script_name(english:\"EulerOS 2.0 SP1 : postgresql (EulerOS-SA-2017-1340)\");\n script_summary(english:\"Checks the rpm output for the updated packages.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the postgresql packages installed, the\nEulerOS installation on the remote host is affected by the following\nvulnerabilities :\n\n - Privilege escalation flaws were found in the\n initialization scripts of PostgreSQL. An attacker with\n access to the postgres user account could use these\n flaws to obtain root access on the server machine.\n (CVE-2017-12172, CVE-2017-15097)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2017-1340\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?3a35dd05\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected postgresql packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/12/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/12/18\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:postgresql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:postgresql-contrib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:postgresql-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:postgresql-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:postgresql-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:postgresql-plperl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:postgresql-plpython\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:postgresql-pltcl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:postgresql-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:postgresql-test\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0\");\n\nsp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(1)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP1\");\n\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP1\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nflag = 0;\n\npkgs = [\"postgresql-9.2.23-3\",\n \"postgresql-contrib-9.2.23-3\",\n \"postgresql-devel-9.2.23-3\",\n \"postgresql-docs-9.2.23-3\",\n \"postgresql-libs-9.2.23-3\",\n \"postgresql-plperl-9.2.23-3\",\n \"postgresql-plpython-9.2.23-3\",\n \"postgresql-pltcl-9.2.23-3\",\n \"postgresql-server-9.2.23-3\",\n \"postgresql-test-9.2.23-3\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"1\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"postgresql\");\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T12:34:29", "description": "Security Fix(es) :\n\n - Privilege escalation flaws were found in the initialization scripts of PostgreSQL. An attacker with access to the postgres user account could use these flaws to obtain root access on the server machine.\n (CVE-2017-12172, CVE-2017-15097)\n\nNote: This patch drops the script privileges from root to the postgres user. Therefore, this update works properly only if the postgres user has write access to the postgres' home directory, such as the one in the default configuration (/var/lib/pgsql).", "cvss3": {"score": 6.7, "vector": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"}, "published": "2017-12-20T00:00:00", "type": "nessus", "title": "Scientific Linux Security Update : postgresql on SL7.x x86_64 (20171219)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-12172", "CVE-2017-15097"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:fermilab:scientific_linux:postgresql", "p-cpe:/a:fermilab:scientific_linux:postgresql-contrib", "p-cpe:/a:fermilab:scientific_linux:postgresql-debuginfo", "p-cpe:/a:fermilab:scientific_linux:postgresql-devel", "p-cpe:/a:fermilab:scientific_linux:postgresql-docs", "p-cpe:/a:fermilab:scientific_linux:postgresql-libs", "p-cpe:/a:fermilab:scientific_linux:postgresql-plperl", "p-cpe:/a:fermilab:scientific_linux:postgresql-plpython", "p-cpe:/a:fermilab:scientific_linux:postgresql-pltcl", "p-cpe:/a:fermilab:scientific_linux:postgresql-server", "p-cpe:/a:fermilab:scientific_linux:postgresql-static", "p-cpe:/a:fermilab:scientific_linux:postgresql-test", "p-cpe:/a:fermilab:scientific_linux:postgresql-upgrade", "x-cpe:/o:fermilab:scientific_linux"], "id": "SL_20171219_POSTGRESQL_ON_SL7_X.NASL", "href": "https://www.tenable.com/plugins/nessus/105387", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(105387);\n script_version(\"3.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2017-12172\", \"CVE-2017-15097\");\n\n script_name(english:\"Scientific Linux Security Update : postgresql on SL7.x x86_64 (20171219)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Security Fix(es) :\n\n - Privilege escalation flaws were found in the\n initialization scripts of PostgreSQL. An attacker with\n access to the postgres user account could use these\n flaws to obtain root access on the server machine.\n (CVE-2017-12172, CVE-2017-15097)\n\nNote: This patch drops the script privileges from root to the postgres\nuser. Therefore, this update works properly only if the postgres user\nhas write access to the postgres' home directory, such as the one in\nthe default configuration (/var/lib/pgsql).\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1712&L=scientific-linux-errata&F=&S=&P=9502\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?d7024ab5\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:postgresql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:postgresql-contrib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:postgresql-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:postgresql-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:postgresql-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:postgresql-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:postgresql-plperl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:postgresql-plpython\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:postgresql-pltcl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:postgresql-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:postgresql-static\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:postgresql-test\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:postgresql-upgrade\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/11/22\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/12/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/12/20\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nos_ver = pregmatch(pattern: \"Scientific Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Scientific Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Scientific Linux 7.x\", \"Scientific Linux \" + os_ver);\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\nif (\"x86_64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"postgresql-9.2.23-3.el7_4\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"postgresql-contrib-9.2.23-3.el7_4\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"postgresql-debuginfo-9.2.23-3.el7_4\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"postgresql-devel-9.2.23-3.el7_4\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"postgresql-docs-9.2.23-3.el7_4\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"postgresql-libs-9.2.23-3.el7_4\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"postgresql-plperl-9.2.23-3.el7_4\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"postgresql-plpython-9.2.23-3.el7_4\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"postgresql-pltcl-9.2.23-3.el7_4\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"postgresql-server-9.2.23-3.el7_4\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"postgresql-static-9.2.23-3.el7_4\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"postgresql-test-9.2.23-3.el7_4\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"postgresql-upgrade-9.2.23-3.el7_4\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"postgresql / postgresql-contrib / postgresql-debuginfo / etc\");\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T12:20:35", "description": "The remote NewStart CGSL host, running version MAIN 5.04, has postgresql packages installed that are affected by multiple vulnerabilities:\n\n - Privilege escalation flaws were found in the Red Hat initialization scripts of PostgreSQL. An attacker with access to the postgres user account could use these flaws to obtain root access on the server machine.\n (CVE-2017-15097)\n\n - Privilege escalation flaws were found in the initialization scripts of PostgreSQL. An attacker with access to the postgres user account could use these flaws to obtain root access on the server machine.\n (CVE-2017-12172)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 6.7, "vector": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"}, "published": "2019-08-12T00:00:00", "type": "nessus", "title": "NewStart CGSL MAIN 5.04 : postgresql Multiple Vulnerabilities (NS-SA-2019-0006)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-12172", "CVE-2017-15097"], "modified": "2021-01-14T00:00:00", "cpe": [], "id": "NEWSTART_CGSL_NS-SA-2019-0006_POSTGRESQL.NASL", "href": "https://www.tenable.com/plugins/nessus/127150", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\n# The descriptive text and package checks in this plugin were\n# extracted from ZTE advisory NS-SA-2019-0006. The text\n# itself is copyright (C) ZTE, Inc.\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(127150);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2017-12172\", \"CVE-2017-15097\");\n\n script_name(english:\"NewStart CGSL MAIN 5.04 : postgresql Multiple Vulnerabilities (NS-SA-2019-0006)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote machine is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote NewStart CGSL host, running version MAIN 5.04, has postgresql packages installed that are affected by\nmultiple vulnerabilities:\n\n - Privilege escalation flaws were found in the Red Hat\n initialization scripts of PostgreSQL. An attacker with\n access to the postgres user account could use these\n flaws to obtain root access on the server machine.\n (CVE-2017-15097)\n\n - Privilege escalation flaws were found in the\n initialization scripts of PostgreSQL. An attacker with\n access to the postgres user account could use these\n flaws to obtain root access on the server machine.\n (CVE-2017-12172)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/notice/NS-SA-2019-0006\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade the vulnerable CGSL postgresql packages. Note that updated packages may not be available yet. Please contact ZTE\nfor more information.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2017-15097\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/11/22\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/07/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/08/12\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"NewStart CGSL Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/ZTE-CGSL/release\", \"Host/ZTE-CGSL/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/ZTE-CGSL/release\");\nif (isnull(release) || release !~ \"^CGSL (MAIN|CORE)\") audit(AUDIT_OS_NOT, \"NewStart Carrier Grade Server Linux\");\n\nif (release !~ \"CGSL MAIN 5.04\")\n audit(AUDIT_OS_NOT, 'NewStart CGSL MAIN 5.04');\n\nif (!get_kb_item(\"Host/ZTE-CGSL/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"NewStart Carrier Grade Server Linux\", cpu);\n\nflag = 0;\n\npkgs = {\n \"CGSL MAIN 5.04\": [\n \"postgresql-9.2.23-3.el7_4\",\n \"postgresql-contrib-9.2.23-3.el7_4\",\n \"postgresql-debuginfo-9.2.23-3.el7_4\",\n \"postgresql-devel-9.2.23-3.el7_4\",\n \"postgresql-docs-9.2.23-3.el7_4\",\n \"postgresql-libs-9.2.23-3.el7_4\",\n \"postgresql-plperl-9.2.23-3.el7_4\",\n \"postgresql-plpython-9.2.23-3.el7_4\",\n \"postgresql-pltcl-9.2.23-3.el7_4\",\n \"postgresql-server-9.2.23-3.el7_4\",\n \"postgresql-static-9.2.23-3.el7_4\",\n \"postgresql-test-9.2.23-3.el7_4\",\n \"postgresql-upgrade-9.2.23-3.el7_4\"\n ]\n};\npkg_list = pkgs[release];\n\nforeach (pkg in pkg_list)\n if (rpm_check(release:\"ZTE \" + release, reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"postgresql\");\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T12:34:37", "description": "An update for postgresql is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\nPostgreSQL is an advanced object-relational database management system (DBMS).\n\nSecurity Fix(es) :\n\n* Privilege escalation flaws were found in the initialization scripts of PostgreSQL. An attacker with access to the postgres user account could use these flaws to obtain root access on the server machine.\n(CVE-2017-12172, CVE-2017-15097)\n\nNote: This patch drops the script privileges from root to the postgres user. Therefore, this update works properly only if the postgres user has write access to the postgres' home directory, such as the one in the default configuration (/var/lib/pgsql).\n\nRed Hat would like to thank the PostgreSQL project for reporting CVE-2017-12172. The CVE-2017-15097 issue was discovered by Pedro Barbosa (Red Hat) and the PostgreSQL project. Upstream acknowledges Antoine Scemama (Brainloop) as the original reporter of these issues.", "cvss3": {"score": 6.7, "vector": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"}, "published": "2017-12-08T00:00:00", "type": "nessus", "title": "RHEL 7 : postgresql (RHSA-2017:3402)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-12172", "CVE-2017-15097"], "modified": "2019-10-24T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:postgresql", "p-cpe:/a:redhat:enterprise_linux:postgresql-contrib", "p-cpe:/a:redhat:enterprise_linux:postgresql-debuginfo", "p-cpe:/a:redhat:enterprise_linux:postgresql-devel", "p-cpe:/a:redhat:enterprise_linux:postgresql-docs", "p-cpe:/a:redhat:enterprise_linux:postgresql-libs", "p-cpe:/a:redhat:enterprise_linux:postgresql-plperl", "p-cpe:/a:redhat:enterprise_linux:postgresql-plpython", "p-cpe:/a:redhat:enterprise_linux:postgresql-pltcl", "p-cpe:/a:redhat:enterprise_linux:postgresql-server", "p-cpe:/a:redhat:enterprise_linux:postgresql-static", "p-cpe:/a:redhat:enterprise_linux:postgresql-test", "p-cpe:/a:redhat:enterprise_linux:postgresql-upgrade", "cpe:/o:redhat:enterprise_linux:7", "cpe:/o:redhat:enterprise_linux:7.4", "cpe:/o:redhat:enterprise_linux:7.5", "cpe:/o:redhat:enterprise_linux:7.6", "cpe:/o:redhat:enterprise_linux:7.7"], "id": "REDHAT-RHSA-2017-3402.NASL", "href": "https://www.tenable.com/plugins/nessus/105092", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2017:3402. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(105092);\n script_version(\"3.14\");\n script_cvs_date(\"Date: 2019/10/24 15:35:44\");\n\n script_cve_id(\"CVE-2017-12172\", \"CVE-2017-15097\");\n script_xref(name:\"RHSA\", value:\"2017:3402\");\n\n script_name(english:\"RHEL 7 : postgresql (RHSA-2017:3402)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An update for postgresql is now available for Red Hat Enterprise Linux\n7.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Moderate. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nPostgreSQL is an advanced object-relational database management system\n(DBMS).\n\nSecurity Fix(es) :\n\n* Privilege escalation flaws were found in the initialization scripts\nof PostgreSQL. An attacker with access to the postgres user account\ncould use these flaws to obtain root access on the server machine.\n(CVE-2017-12172, CVE-2017-15097)\n\nNote: This patch drops the script privileges from root to the postgres\nuser. Therefore, this update works properly only if the postgres user\nhas write access to the postgres' home directory, such as the one in\nthe default configuration (/var/lib/pgsql).\n\nRed Hat would like to thank the PostgreSQL project for reporting\nCVE-2017-12172. The CVE-2017-15097 issue was discovered by Pedro\nBarbosa (Red Hat) and the PostgreSQL project. Upstream acknowledges\nAntoine Scemama (Brainloop) as the original reporter of these issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2017:3402\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2017-12172\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2017-15097\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:postgresql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:postgresql-contrib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:postgresql-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:postgresql-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:postgresql-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:postgresql-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:postgresql-plperl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:postgresql-plpython\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:postgresql-pltcl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:postgresql-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:postgresql-static\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:postgresql-test\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:postgresql-upgrade\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.7\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/11/22\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/12/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/12/08\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 7.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2017:3402\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL7\", reference:\"postgresql-9.2.23-3.el7_4\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"postgresql-contrib-9.2.23-3.el7_4\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"postgresql-contrib-9.2.23-3.el7_4\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"postgresql-debuginfo-9.2.23-3.el7_4\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"postgresql-devel-9.2.23-3.el7_4\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"postgresql-docs-9.2.23-3.el7_4\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"postgresql-docs-9.2.23-3.el7_4\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"postgresql-libs-9.2.23-3.el7_4\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"postgresql-plperl-9.2.23-3.el7_4\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"postgresql-plperl-9.2.23-3.el7_4\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"postgresql-plpython-9.2.23-3.el7_4\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"postgresql-plpython-9.2.23-3.el7_4\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"postgresql-pltcl-9.2.23-3.el7_4\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"postgresql-pltcl-9.2.23-3.el7_4\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"postgresql-server-9.2.23-3.el7_4\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"postgresql-server-9.2.23-3.el7_4\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"postgresql-static-9.2.23-3.el7_4\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"postgresql-test-9.2.23-3.el7_4\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"postgresql-test-9.2.23-3.el7_4\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"postgresql-upgrade-9.2.23-3.el7_4\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"postgresql-upgrade-9.2.23-3.el7_4\")) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"postgresql / postgresql-contrib / postgresql-debuginfo / etc\");\n }\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T12:34:26", "description": "From Red Hat Security Advisory 2017:3402 :\n\nAn update for postgresql is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\nPostgreSQL is an advanced object-relational database management system (DBMS).\n\nSecurity Fix(es) :\n\n* Privilege escalation flaws were found in the initialization scripts of PostgreSQL. An attacker with access to the postgres user account could use these flaws to obtain root access on the server machine.\n(CVE-2017-12172, CVE-2017-15097)\n\nNote: This patch drops the script privileges from root to the postgres user. Therefore, this update works properly only if the postgres user has write access to the postgres' home directory, such as the one in the default configuration (/var/lib/pgsql).\n\nRed Hat would like to thank the PostgreSQL project for reporting CVE-2017-12172. The CVE-2017-15097 issue was discovered by Pedro Barbosa (Red Hat) and the PostgreSQL project. Upstream acknowledges Antoine Scemama (Brainloop) as the original reporter of these issues.", "cvss3": {"score": 6.7, "vector": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"}, "published": "2017-12-11T00:00:00", "type": "nessus", "title": "Oracle Linux 7 : postgresql (ELSA-2017-3402)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-12172", "CVE-2017-15097"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:oracle:linux:postgresql", "p-cpe:/a:oracle:linux:postgresql-contrib", "p-cpe:/a:oracle:linux:postgresql-devel", "p-cpe:/a:oracle:linux:postgresql-docs", "p-cpe:/a:oracle:linux:postgresql-libs", "p-cpe:/a:oracle:linux:postgresql-plperl", "p-cpe:/a:oracle:linux:postgresql-plpython", "p-cpe:/a:oracle:linux:postgresql-pltcl", "p-cpe:/a:oracle:linux:postgresql-server", "p-cpe:/a:oracle:linux:postgresql-static", "p-cpe:/a:oracle:linux:postgresql-test", "p-cpe:/a:oracle:linux:postgresql-upgrade", "cpe:/o:oracle:linux:7"], "id": "ORACLELINUX_ELSA-2017-3402.NASL", "href": "https://www.tenable.com/plugins/nessus/105142", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2017:3402 and \n# Oracle Linux Security Advisory ELSA-2017-3402 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(105142);\n script_version(\"3.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2017-12172\", \"CVE-2017-15097\");\n script_xref(name:\"RHSA\", value:\"2017:3402\");\n\n script_name(english:\"Oracle Linux 7 : postgresql (ELSA-2017-3402)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2017:3402 :\n\nAn update for postgresql is now available for Red Hat Enterprise Linux\n7.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Moderate. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nPostgreSQL is an advanced object-relational database management system\n(DBMS).\n\nSecurity Fix(es) :\n\n* Privilege escalation flaws were found in the initialization scripts\nof PostgreSQL. An attacker with access to the postgres user account\ncould use these flaws to obtain root access on the server machine.\n(CVE-2017-12172, CVE-2017-15097)\n\nNote: This patch drops the script privileges from root to the postgres\nuser. Therefore, this update works properly only if the postgres user\nhas write access to the postgres' home directory, such as the one in\nthe default configuration (/var/lib/pgsql).\n\nRed Hat would like to thank the PostgreSQL project for reporting\nCVE-2017-12172. The CVE-2017-15097 issue was discovered by Pedro\nBarbosa (Red Hat) and the PostgreSQL project. Upstream acknowledges\nAntoine Scemama (Brainloop) as the original reporter of these issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2017-December/007404.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected postgresql packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:postgresql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:postgresql-contrib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:postgresql-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:postgresql-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:postgresql-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:postgresql-plperl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:postgresql-plpython\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:postgresql-pltcl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:postgresql-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:postgresql-static\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:postgresql-test\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:postgresql-upgrade\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:7\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/11/22\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/12/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/12/11\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 7\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\nif (\"x86_64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"postgresql-9.2.23-3.el7_4\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"postgresql-contrib-9.2.23-3.el7_4\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"postgresql-devel-9.2.23-3.el7_4\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"postgresql-docs-9.2.23-3.el7_4\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"postgresql-libs-9.2.23-3.el7_4\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"postgresql-plperl-9.2.23-3.el7_4\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"postgresql-plpython-9.2.23-3.el7_4\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"postgresql-pltcl-9.2.23-3.el7_4\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"postgresql-server-9.2.23-3.el7_4\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"postgresql-static-9.2.23-3.el7_4\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"postgresql-test-9.2.23-3.el7_4\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"postgresql-upgrade-9.2.23-3.el7_4\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"postgresql / postgresql-contrib / postgresql-devel / etc\");\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T12:34:16", "description": "This update for postgresql94 fixes the following issues: Security issues fixed :\n\n - CVE-2017-15098: Fix crash due to rowtype mismatch in json{b}_populate_recordset() (bsc#1067844).\n\n - CVE-2017-12172: Start scripts permit database administrator to modify root-owned files. This issue did not affect SUSE (bsc#1062538). Bug fixes :\n\n - Update to version 9.4.15\n\n - https://www.postgresql.org/docs/9.4/static/release-9-4-15.html\n\n - https://www.postgresql.org/docs/9.4/static/release-9-4-14.html\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 8.1, "vector": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H"}, "published": "2018-01-15T00:00:00", "type": "nessus", "title": "SUSE SLES11 Security Update : postgresql94 (SUSE-SU-2018:0077-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-12172", "CVE-2017-15098"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:libecpg6", "p-cpe:/a:novell:suse_linux:libpq5", "p-cpe:/a:novell:suse_linux:postgresql94", "p-cpe:/a:novell:suse_linux:postgresql94-contrib", "p-cpe:/a:novell:suse_linux:postgresql94-docs", "p-cpe:/a:novell:suse_linux:postgresql94-server", "cpe:/o:novell:suse_linux:11"], "id": "SUSE_SU-2018-0077-1.NASL", "href": "https://www.tenable.com/plugins/nessus/106047", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2018:0077-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(106047);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2017-12172\", \"CVE-2017-15098\");\n\n script_name(english:\"SUSE SLES11 Security Update : postgresql94 (SUSE-SU-2018:0077-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for postgresql94 fixes the following issues: Security\nissues fixed :\n\n - CVE-2017-15098: Fix crash due to rowtype mismatch in\n json{b}_populate_recordset() (bsc#1067844).\n\n - CVE-2017-12172: Start scripts permit database\n administrator to modify root-owned files. This issue did\n not affect SUSE (bsc#1062538). Bug fixes :\n\n - Update to version 9.4.15\n\n - https://www.postgresql.org/docs/9.4/static/release-9-4-15.html\n\n - https://www.postgresql.org/docs/9.4/static/release-9-4-14.html\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1062538\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1067844\"\n );\n # https://www.postgresql.org/docs/9.4/static/release-9-4-14.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.postgresql.org/docs/9.4/release-9-4-14.html\"\n );\n # https://www.postgresql.org/docs/9.4/static/release-9-4-15.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.postgresql.org/docs/9.4/release-9-4-15.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-12172/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-15098/\"\n );\n # https://www.suse.com/support/update/announcement/2018/suse-su-20180077-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?d4739d63\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"To install this SUSE Security Update use YaST online_update.\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Software Development Kit 11-SP4:zypper in -t\npatch sdksp4-postgresql94-13411=1\n\nSUSE Linux Enterprise Server 11-SP4:zypper in -t patch\nslessp4-postgresql94-13411=1\n\nSUSE Linux Enterprise Debuginfo 11-SP4:zypper in -t patch\ndbgsp4-postgresql94-13411=1\n\nTo bring your system up-to-date, use 'zypper patch'.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libecpg6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libpq5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:postgresql94\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:postgresql94-contrib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:postgresql94-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:postgresql94-server\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:11\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/11/22\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/01/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/01/15\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES11)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES11\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES11\" && (! preg(pattern:\"^(4)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES11 SP4\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES11\", sp:\"4\", cpu:\"x86_64\", reference:\"libpq5-32bit-9.4.15-0.23.10.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", cpu:\"s390x\", reference:\"libpq5-32bit-9.4.15-0.23.10.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"libecpg6-9.4.15-0.23.10.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"libpq5-9.4.15-0.23.10.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"postgresql94-9.4.15-0.23.10.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"postgresql94-contrib-9.4.15-0.23.10.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"postgresql94-docs-9.4.15-0.23.10.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"postgresql94-server-9.4.15-0.23.10.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"postgresql94\");\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T12:34:04", "description": "This update for postgresql94 fixes the following issues: Security issues fixed :\n\n - CVE-2017-15098: Fix crash due to rowtype mismatch in json{b}_populate_recordset() (bsc#1067844).\n\n - CVE-2017-12172: Start scripts permit database administrator to modify root-owned files. This issue did not affect SUSE (bsc#1062538). Bug fixes :\n\n - Update to version 9.4.15\n\n - https://www.postgresql.org/docs/9.4/static/release-9-4-15.html\n\n - https://www.postgresql.org/docs/9.4/static/release-9-4-14.html\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 8.1, "vector": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H"}, "published": "2018-01-15T00:00:00", "type": "nessus", "title": "SUSE SLED12 / SLES12 Security Update : postgresql94 (SUSE-SU-2018:0081-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-12172", "CVE-2017-15098"], "modified": "2019-09-10T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:postgresql94", "p-cpe:/a:novell:suse_linux:postgresql94-contrib", "p-cpe:/a:novell:suse_linux:postgresql94-contrib-debuginfo", "p-cpe:/a:novell:suse_linux:postgresql94-debuginfo", "p-cpe:/a:novell:suse_linux:postgresql94-debugsource", "p-cpe:/a:novell:suse_linux:postgresql94-server", "p-cpe:/a:novell:suse_linux:postgresql94-server-debuginfo", "cpe:/o:novell:suse_linux:12"], "id": "SUSE_SU-2018-0081-1.NASL", "href": "https://www.tenable.com/plugins/nessus/106049", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2018:0081-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(106049);\n script_version(\"1.9\");\n script_cvs_date(\"Date: 2019/09/10 13:51:46\");\n\n script_cve_id(\"CVE-2017-12172\", \"CVE-2017-15098\");\n\n script_name(english:\"SUSE SLED12 / SLES12 Security Update : postgresql94 (SUSE-SU-2018:0081-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for postgresql94 fixes the following issues: Security\nissues fixed :\n\n - CVE-2017-15098: Fix crash due to rowtype mismatch in\n json{b}_populate_recordset() (bsc#1067844).\n\n - CVE-2017-12172: Start scripts permit database\n administrator to modify root-owned files. This issue did\n not affect SUSE (bsc#1062538). Bug fixes :\n\n - Update to version 9.4.15\n\n - https://www.postgresql.org/docs/9.4/static/release-9-4-15.html\n\n - https://www.postgresql.org/docs/9.4/static/release-9-4-14.html\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1062538\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1067844\"\n );\n # https://www.postgresql.org/docs/9.4/static/release-9-4-14.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.postgresql.org/docs/9.4/release-9-4-14.html\"\n );\n # https://www.postgresql.org/docs/9.4/static/release-9-4-15.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.postgresql.org/docs/9.4/release-9-4-15.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-12172/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-15098/\"\n );\n # https://www.suse.com/support/update/announcement/2018/suse-su-20180081-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?0572631b\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"To install this SUSE Security Update use YaST online_update.\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Software Development Kit 12-SP2:zypper in -t\npatch SUSE-SLE-SDK-12-SP2-2018-63=1\n\nSUSE Linux Enterprise Server for Raspberry Pi 12-SP2:zypper in -t\npatch SUSE-SLE-RPI-12-SP2-2018-63=1\n\nSUSE Linux Enterprise Server 12-SP2:zypper in -t patch\nSUSE-SLE-SERVER-12-SP2-2018-63=1\n\nSUSE Linux Enterprise Desktop 12-SP2:zypper in -t patch\nSUSE-SLE-DESKTOP-12-SP2-2018-63=1\n\nTo bring your system up-to-date, use 'zypper patch'.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:postgresql94\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:postgresql94-contrib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:postgresql94-contrib-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:postgresql94-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:postgresql94-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:postgresql94-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:postgresql94-server-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/11/22\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/01/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/01/15\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLED12|SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLED12 / SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(2)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP2\", os_ver + \" SP\" + sp);\nif (os_ver == \"SLED12\" && (! preg(pattern:\"^(2)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLED12 SP2\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"postgresql94-9.4.15-21.13.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"postgresql94-contrib-9.4.15-21.13.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"postgresql94-contrib-debuginfo-9.4.15-21.13.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"postgresql94-debuginfo-9.4.15-21.13.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"postgresql94-debugsource-9.4.15-21.13.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"postgresql94-server-9.4.15-21.13.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"postgresql94-server-debuginfo-9.4.15-21.13.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"2\", cpu:\"x86_64\", reference:\"postgresql94-9.4.15-21.13.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"2\", cpu:\"x86_64\", reference:\"postgresql94-debuginfo-9.4.15-21.13.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"2\", cpu:\"x86_64\", reference:\"postgresql94-debugsource-9.4.15-21.13.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"postgresql94\");\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T12:34:11", "description": "This update for postgresql94 fixes the following issues :\n\nSecurity issues fixed :\n\n - CVE-2017-15098: Fix crash due to rowtype mismatch in json(b)_populate_recordset() (bsc#1067844).\n\n - CVE-2017-12172: Start scripts permit database administrator to modify root-owned files. This issue did not affect SUSE (bsc#1062538).\n\nBug fixes :\n\n - Update to version 9.4.15\n\n - https://www.postgresql.org/docs/9.4/static/release-9-4-15.html\n\n - https://www.postgresql.org/docs/9.4/static/release-9-4-14.html\n\nThis update was imported from the SUSE:SLE-12:Update update project.", "cvss3": {"score": 8.1, "vector": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H"}, "published": "2018-01-16T00:00:00", "type": "nessus", "title": "openSUSE Security Update : postgresql94 (openSUSE-2018-38)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-12172", "CVE-2017-15098"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:postgresql94", "p-cpe:/a:novell:opensuse:postgresql94-contrib", "p-cpe:/a:novell:opensuse:postgresql94-contrib-debuginfo", "p-cpe:/a:novell:opensuse:postgresql94-debuginfo", "p-cpe:/a:novell:opensuse:postgresql94-debugsource", "p-cpe:/a:novell:opensuse:postgresql94-devel", "p-cpe:/a:novell:opensuse:postgresql94-devel-debuginfo", "p-cpe:/a:novell:opensuse:postgresql94-libs-debugsource", "p-cpe:/a:novell:opensuse:postgresql94-plperl", "p-cpe:/a:novell:opensuse:postgresql94-plperl-debuginfo", "p-cpe:/a:novell:opensuse:postgresql94-plpython", "p-cpe:/a:novell:opensuse:postgresql94-plpython-debuginfo", "p-cpe:/a:novell:opensuse:postgresql94-pltcl", "p-cpe:/a:novell:opensuse:postgresql94-pltcl-debuginfo", "p-cpe:/a:novell:opensuse:postgresql94-server", "p-cpe:/a:novell:opensuse:postgresql94-server-debuginfo", "p-cpe:/a:novell:opensuse:postgresql94-test", "cpe:/o:novell:opensuse:42.2", "cpe:/o:novell:opensuse:42.3"], "id": "OPENSUSE-2018-38.NASL", "href": "https://www.tenable.com/plugins/nessus/106067", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2018-38.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(106067);\n script_version(\"3.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2017-12172\", \"CVE-2017-15098\");\n\n script_name(english:\"openSUSE Security Update : postgresql94 (openSUSE-2018-38)\");\n script_summary(english:\"Check for the openSUSE-2018-38 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for postgresql94 fixes the following issues :\n\nSecurity issues fixed :\n\n - CVE-2017-15098: Fix crash due to rowtype mismatch in\n json(b)_populate_recordset() (bsc#1067844).\n\n - CVE-2017-12172: Start scripts permit database\n administrator to modify root-owned files. This issue did\n not affect SUSE (bsc#1062538).\n\nBug fixes :\n\n - Update to version 9.4.15\n\n - https://www.postgresql.org/docs/9.4/static/release-9-4-15.html\n\n - https://www.postgresql.org/docs/9.4/static/release-9-4-14.html\n\nThis update was imported from the SUSE:SLE-12:Update update project.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1062538\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1067844\"\n );\n # https://www.postgresql.org/docs/9.4/static/release-9-4-14.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.postgresql.org/docs/9.4/release-9-4-14.html\"\n );\n # https://www.postgresql.org/docs/9.4/static/release-9-4-15.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.postgresql.org/docs/9.4/release-9-4-15.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected postgresql94 packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql94\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql94-contrib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql94-contrib-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql94-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql94-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql94-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql94-devel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql94-libs-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql94-plperl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql94-plperl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql94-plpython\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql94-plpython-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql94-pltcl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql94-pltcl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql94-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql94-server-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql94-test\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:42.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:42.3\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/11/22\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/01/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/01/16\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE42\\.2|SUSE42\\.3)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"42.2 / 42.3\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE42.2\", reference:\"postgresql94-9.4.15-9.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"postgresql94-contrib-9.4.15-9.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"postgresql94-contrib-debuginfo-9.4.15-9.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"postgresql94-debuginfo-9.4.15-9.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"postgresql94-debugsource-9.4.15-9.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"postgresql94-devel-9.4.15-9.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"postgresql94-devel-debuginfo-9.4.15-9.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"postgresql94-libs-debugsource-9.4.15-9.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"postgresql94-plperl-9.4.15-9.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"postgresql94-plperl-debuginfo-9.4.15-9.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"postgresql94-plpython-9.4.15-9.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"postgresql94-plpython-debuginfo-9.4.15-9.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"postgresql94-pltcl-9.4.15-9.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"postgresql94-pltcl-debuginfo-9.4.15-9.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"postgresql94-server-9.4.15-9.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"postgresql94-server-debuginfo-9.4.15-9.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"postgresql94-test-9.4.15-9.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"postgresql94-9.4.15-15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"postgresql94-contrib-9.4.15-15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"postgresql94-contrib-debuginfo-9.4.15-15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"postgresql94-debuginfo-9.4.15-15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"postgresql94-debugsource-9.4.15-15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"postgresql94-devel-9.4.15-15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"postgresql94-devel-debuginfo-9.4.15-15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"postgresql94-libs-debugsource-9.4.15-15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"postgresql94-plperl-9.4.15-15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"postgresql94-plperl-debuginfo-9.4.15-15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"postgresql94-plpython-9.4.15-15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"postgresql94-plpython-debuginfo-9.4.15-15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"postgresql94-pltcl-9.4.15-15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"postgresql94-pltcl-debuginfo-9.4.15-15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"postgresql94-server-9.4.15-15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"postgresql94-server-debuginfo-9.4.15-15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"postgresql94-test-9.4.15-15.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"postgresql94-devel / postgresql94-devel-debuginfo / etc\");\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-10-16T01:01:56", "description": "Privilege escalation flaws were found in the initialization scripts of PostgreSQL. A remote attacker with access to the postgres user account could use these flaws to obtain root access on the server machine.( CVE-2017-12172)\n\nInvalid json_populate_recordset or jsonb_populate_recordset function calls in PostgreSQL can crash the server or disclose a few bytes of server memory.(CVE-2017-15098)", "cvss3": {"score": 8.1, "vector": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H"}, "published": "2017-12-07T00:00:00", "type": "nessus", "title": "Amazon Linux AMI : postgresql92 / postgresql93,postgresql94 (ALAS-2017-931)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-12172", "CVE-2017-15098"], "modified": "2018-04-18T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:postgresql92", "p-cpe:/a:amazon:linux:postgresql92-contrib", "p-cpe:/a:amazon:linux:postgresql92-debuginfo", "p-cpe:/a:amazon:linux:postgresql92-devel", "p-cpe:/a:amazon:linux:postgresql92-docs", "p-cpe:/a:amazon:linux:postgresql92-libs", "p-cpe:/a:amazon:linux:postgresql92-plperl", "p-cpe:/a:amazon:linux:postgresql92-plpython26", "p-cpe:/a:amazon:linux:postgresql92-plpython27", "p-cpe:/a:amazon:linux:postgresql92-pltcl", "p-cpe:/a:amazon:linux:postgresql92-server", "p-cpe:/a:amazon:linux:postgresql92-server-compat", "p-cpe:/a:amazon:linux:postgresql92-test", "p-cpe:/a:amazon:linux:postgresql93", "p-cpe:/a:amazon:linux:postgresql93-contrib", "p-cpe:/a:amazon:linux:postgresql93-debuginfo", "p-cpe:/a:amazon:linux:postgresql93-devel", "p-cpe:/a:amazon:linux:postgresql93-docs", "p-cpe:/a:amazon:linux:postgresql93-libs", "p-cpe:/a:amazon:linux:postgresql93-plperl", "p-cpe:/a:amazon:linux:postgresql93-plpython26", "p-cpe:/a:amazon:linux:postgresql93-plpython27", "p-cpe:/a:amazon:linux:postgresql93-pltcl", "p-cpe:/a:amazon:linux:postgresql93-server", "p-cpe:/a:amazon:linux:postgresql93-test", "p-cpe:/a:amazon:linux:postgresql94", "p-cpe:/a:amazon:linux:postgresql94-contrib", "p-cpe:/a:amazon:linux:postgresql94-debuginfo", "p-cpe:/a:amazon:linux:postgresql94-devel", "p-cpe:/a:amazon:linux:postgresql94-docs", "p-cpe:/a:amazon:linux:postgresql94-libs", "p-cpe:/a:amazon:linux:postgresql94-plperl", "p-cpe:/a:amazon:linux:postgresql94-plpython26", "p-cpe:/a:amazon:linux:postgresql94-plpython27", "p-cpe:/a:amazon:linux:postgresql94-server", "p-cpe:/a:amazon:linux:postgresql94-test", "cpe:/o:amazon:linux"], "id": "ALA_ALAS-2017-931.NASL", "href": "https://www.tenable.com/plugins/nessus/105055", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux AMI Security Advisory ALAS-2017-931.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(105055);\n script_version(\"3.8\");\n script_cvs_date(\"Date: 2018/04/18 15:09:36\");\n\n script_cve_id(\"CVE-2017-12172\", \"CVE-2017-15098\");\n script_xref(name:\"ALAS\", value:\"2017-931\");\n\n script_name(english:\"Amazon Linux AMI : postgresql92 / postgresql93,postgresql94 (ALAS-2017-931)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Amazon Linux AMI host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Privilege escalation flaws were found in the initialization scripts of\nPostgreSQL. A remote attacker with access to the postgres user account\ncould use these flaws to obtain root access on the server machine.(\nCVE-2017-12172)\n\nInvalid json_populate_recordset or jsonb_populate_recordset function\ncalls in PostgreSQL can crash the server or disclose a few bytes of\nserver memory.(CVE-2017-15098)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://alas.aws.amazon.com/ALAS-2017-931.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Run 'yum update postgresql92' to update your system.\n\nRun 'yum update postgresql93' to update your system.\n\nRun 'yum update postgresql94' to update your system.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:postgresql92\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:postgresql92-contrib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:postgresql92-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:postgresql92-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:postgresql92-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:postgresql92-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:postgresql92-plperl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:postgresql92-plpython26\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:postgresql92-plpython27\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:postgresql92-pltcl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:postgresql92-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:postgresql92-server-compat\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:postgresql92-test\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:postgresql93\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:postgresql93-contrib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:postgresql93-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:postgresql93-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:postgresql93-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:postgresql93-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:postgresql93-plperl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:postgresql93-plpython26\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:postgresql93-plpython27\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:postgresql93-pltcl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:postgresql93-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:postgresql93-test\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:postgresql94\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:postgresql94-contrib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:postgresql94-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:postgresql94-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:postgresql94-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:postgresql94-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:postgresql94-plperl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:postgresql94-plpython26\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:postgresql94-plpython27\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:postgresql94-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:postgresql94-test\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/12/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/12/07\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nos_ver = pregmatch(pattern: \"^AL(A|\\d)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"A\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux AMI\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (rpm_check(release:\"ALA\", reference:\"postgresql92-9.2.24-1.65.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"postgresql92-contrib-9.2.24-1.65.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"postgresql92-debuginfo-9.2.24-1.65.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"postgresql92-devel-9.2.24-1.65.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"postgresql92-docs-9.2.24-1.65.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"postgresql92-libs-9.2.24-1.65.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"postgresql92-plperl-9.2.24-1.65.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"postgresql92-plpython26-9.2.24-1.65.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"postgresql92-plpython27-9.2.24-1.65.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"postgresql92-pltcl-9.2.24-1.65.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"postgresql92-server-9.2.24-1.65.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"postgresql92-server-compat-9.2.24-1.65.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"postgresql92-test-9.2.24-1.65.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"postgresql93-9.3.20-1.69.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"postgresql93-contrib-9.3.20-1.69.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"postgresql93-debuginfo-9.3.20-1.69.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"postgresql93-devel-9.3.20-1.69.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"postgresql93-docs-9.3.20-1.69.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"postgresql93-libs-9.3.20-1.69.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"postgresql93-plperl-9.3.20-1.69.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"postgresql93-plpython26-9.3.20-1.69.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"postgresql93-plpython27-9.3.20-1.69.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"postgresql93-pltcl-9.3.20-1.69.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"postgresql93-server-9.3.20-1.69.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"postgresql93-test-9.3.20-1.69.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"postgresql94-9.4.15-1.73.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"postgresql94-contrib-9.4.15-1.73.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"postgresql94-debuginfo-9.4.15-1.73.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"postgresql94-devel-9.4.15-1.73.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"postgresql94-docs-9.4.15-1.73.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"postgresql94-libs-9.4.15-1.73.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"postgresql94-plperl-9.4.15-1.73.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"postgresql94-plpython26-9.4.15-1.73.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"postgresql94-plpython27-9.4.15-1.73.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"postgresql94-server-9.4.15-1.73.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"postgresql94-test-9.4.15-1.73.amzn1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"postgresql92 / postgresql92-contrib / postgresql92-debuginfo / etc\");\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-10-16T01:02:08", "description": "Privilege escalation flaws were found in the initialization scripts of PostgreSQL. A remote attacker with access to the postgres user account could use these flaws to obtain root access on the server machine.(CVE-2017-12172)\n\nINSERT ... ON CONFLICT DO UPDATE commands in PostgreSQL disclose table contents that the invoker lacks privilege to read. These exploits affect only tables where the attacker lacks full read access but has both INSERT and UPDATE privileges. Exploits bypass row level security policies and lack of SELECT privilege.(CVE-2017-15099)\n\nInvalid json_populate_recordset or jsonb_populate_recordset function calls in PostgreSQL can crash the server or disclose a few bytes of server memory.(CVE-2017-15098)", "cvss3": {"score": 8.1, "vector": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H"}, "published": "2017-12-07T00:00:00", "type": "nessus", "title": "Amazon Linux AMI : postgresql95 / postgresql96 (ALAS-2017-930)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-12172", "CVE-2017-15098", "CVE-2017-15099"], "modified": "2018-04-18T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:postgresql95", "p-cpe:/a:amazon:linux:postgresql95-contrib", "p-cpe:/a:amazon:linux:postgresql95-debuginfo", "p-cpe:/a:amazon:linux:postgresql95-devel", "p-cpe:/a:amazon:linux:postgresql95-docs", "p-cpe:/a:amazon:linux:postgresql95-libs", "p-cpe:/a:amazon:linux:postgresql95-plperl", "p-cpe:/a:amazon:linux:postgresql95-plpython26", "p-cpe:/a:amazon:linux:postgresql95-plpython27", "p-cpe:/a:amazon:linux:postgresql95-server", "p-cpe:/a:amazon:linux:postgresql95-static", "p-cpe:/a:amazon:linux:postgresql95-test", "p-cpe:/a:amazon:linux:postgresql96", "p-cpe:/a:amazon:linux:postgresql96-contrib", "p-cpe:/a:amazon:linux:postgresql96-debuginfo", "p-cpe:/a:amazon:linux:postgresql96-devel", "p-cpe:/a:amazon:linux:postgresql96-docs", "p-cpe:/a:amazon:linux:postgresql96-libs", "p-cpe:/a:amazon:linux:postgresql96-plperl", "p-cpe:/a:amazon:linux:postgresql96-plpython26", "p-cpe:/a:amazon:linux:postgresql96-plpython27", "p-cpe:/a:amazon:linux:postgresql96-server", "p-cpe:/a:amazon:linux:postgresql96-static", "p-cpe:/a:amazon:linux:postgresql96-test", "cpe:/o:amazon:linux"], "id": "ALA_ALAS-2017-930.NASL", "href": "https://www.tenable.com/plugins/nessus/105054", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux AMI Security Advisory ALAS-2017-930.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(105054);\n script_version(\"3.8\");\n script_cvs_date(\"Date: 2018/04/18 15:09:36\");\n\n script_cve_id(\"CVE-2017-12172\", \"CVE-2017-15098\", \"CVE-2017-15099\");\n script_xref(name:\"ALAS\", value:\"2017-930\");\n\n script_name(english:\"Amazon Linux AMI : postgresql95 / postgresql96 (ALAS-2017-930)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Amazon Linux AMI host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Privilege escalation flaws were found in the initialization scripts of\nPostgreSQL. A remote attacker with access to the postgres user account\ncould use these flaws to obtain root access on the server\nmachine.(CVE-2017-12172)\n\nINSERT ... ON CONFLICT DO UPDATE commands in PostgreSQL disclose table\ncontents that the invoker lacks privilege to read. These exploits\naffect only tables where the attacker lacks full read access but has\nboth INSERT and UPDATE privileges. Exploits bypass row level security\npolicies and lack of SELECT privilege.(CVE-2017-15099)\n\nInvalid json_populate_recordset or jsonb_populate_recordset function\ncalls in PostgreSQL can crash the server or disclose a few bytes of\nserver memory.(CVE-2017-15098)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://alas.aws.amazon.com/ALAS-2017-930.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Run 'yum update postgresql95' to update your system.\n\nRun 'yum update postgresql96' to update your system.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:postgresql95\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:postgresql95-contrib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:postgresql95-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:postgresql95-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:postgresql95-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:postgresql95-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:postgresql95-plperl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:postgresql95-plpython26\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:postgresql95-plpython27\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:postgresql95-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:postgresql95-static\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:postgresql95-test\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:postgresql96\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:postgresql96-contrib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:postgresql96-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:postgresql96-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:postgresql96-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:postgresql96-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:postgresql96-plperl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:postgresql96-plpython26\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:postgresql96-plpython27\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:postgresql96-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:postgresql96-static\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:postgresql96-test\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/12/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/12/07\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nos_ver = pregmatch(pattern: \"^AL(A|\\d)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"A\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux AMI\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (rpm_check(release:\"ALA\", reference:\"postgresql95-9.5.10-1.77.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"postgresql95-contrib-9.5.10-1.77.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"postgresql95-debuginfo-9.5.10-1.77.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"postgresql95-devel-9.5.10-1.77.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"postgresql95-docs-9.5.10-1.77.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"postgresql95-libs-9.5.10-1.77.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"postgresql95-plperl-9.5.10-1.77.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"postgresql95-plpython26-9.5.10-1.77.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"postgresql95-plpython27-9.5.10-1.77.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"postgresql95-server-9.5.10-1.77.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"postgresql95-static-9.5.10-1.77.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"postgresql95-test-9.5.10-1.77.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"postgresql96-9.6.6-1.79.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"postgresql96-contrib-9.6.6-1.79.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"postgresql96-debuginfo-9.6.6-1.79.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"postgresql96-devel-9.6.6-1.79.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"postgresql96-docs-9.6.6-1.79.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"postgresql96-libs-9.6.6-1.79.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"postgresql96-plperl-9.6.6-1.79.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"postgresql96-plpython26-9.6.6-1.79.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"postgresql96-plpython27-9.6.6-1.79.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"postgresql96-server-9.6.6-1.79.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"postgresql96-static-9.6.6-1.79.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"postgresql96-test-9.6.6-1.79.amzn1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"postgresql95 / postgresql95-contrib / postgresql95-debuginfo / etc\");\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-04-12T16:20:55", "description": "The version of PostgreSQL installed on the remote host is 9.2.x prior to 9.2.24, 9.3.x prior to 9.3.20, 9.4.x prior to 9.4.15, 9.5.x prior to 9.5.10, 9.6.x prior to 9.6.6, or 10.x prior to 10.1. It is, therefore, affected by multiple vulnerabilities including a denial of service attack.", "cvss3": {"score": 6.7, "vector": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"}, "published": "2017-11-15T00:00:00", "type": "nessus", "title": "PostgreSQL 9.2.x < 9.2.24 / 9.3.x < 9.3.20 / 9.4.x < 9.4.15 / 9.5.x < 9.5.10 / 9.6.x < 9.6.6 / 10.x < 10.1 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-12172", "CVE-2017-15098", "CVE-2017-15099"], "modified": "2022-04-11T00:00:00", "cpe": ["cpe:/a:postgresql:postgresql"], "id": "POSTGRESQL_20171109.NASL", "href": "https://www.tenable.com/plugins/nessus/104574", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(104574);\n script_version(\"1.16\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/04/11\");\n\n script_cve_id(\"CVE-2017-12172\", \"CVE-2017-15098\", \"CVE-2017-15099\");\n\n script_name(english:\"PostgreSQL 9.2.x < 9.2.24 / 9.3.x < 9.3.20 / 9.4.x < 9.4.15 / 9.5.x < 9.5.10 / 9.6.x < 9.6.6 / 10.x < 10.1 Multiple Vulnerabilities\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote database server is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of PostgreSQL installed on the remote host is 9.2.x prior\nto 9.2.24, 9.3.x prior to 9.3.20, 9.4.x prior to 9.4.15, 9.5.x prior\nto 9.5.10, 9.6.x prior to 9.6.6, or 10.x prior to 10.1. It is,\ntherefore, affected by multiple vulnerabilities including a denial of\nservice attack.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.postgresql.org/about/news/1801/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.postgresql.org/docs/current/release-9-2-24.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.postgresql.org/docs/current/release-9-3-20.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.postgresql.org/docs/current/release-9-4-15.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.postgresql.org/docs/current/release-9-5-10.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.postgresql.org/docs/current/release-9-6-6.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.postgresql.org/docs/current/release-10-1.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to PostgreSQL version 9.2.24 / 9.3.20 / 9.4.15 / 9.5.10 /\n9.6.6 / 10.1 or later.\");\n script_set_attribute(attribute:\"agent\", value:\"all\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2017-12172\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/11/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/11/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/11/15\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:postgresql:postgresql\");\n script_set_attribute(attribute:\"thorough_tests\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Databases\");\n\n script_copyright(english:\"This script is Copyright (C) 2017-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"postgres_installed_windows.nbin\", \"postgres_installed_nix.nbin\", \"postgresql_version.nbin\");\n script_require_ports(\"Services/postgresql\", 5432, \"installed_sw/PostgreSQL\");\n\n exit(0);\n}\n\ninclude('vcf_extras_postgresql.inc');\n\nvar app = 'PostgreSQL';\nvar win_local = TRUE;\n\nif (!get_kb_item('SMB/Registry/Enumerated'))\n win_local = FALSE;\n\nvar port = get_service(svc:'postgresql', default:5432);\nvar kb_base = 'database/' + port + '/postgresql/';\nvar kb_ver = NULL;\nvar kb_path = kb_base + 'version';\nvar ver = get_kb_item(kb_path);\nif (!empty_or_null(ver)) kb_ver = kb_path;\n\napp_info = vcf::postgresql::get_app_info(app:app, port:port, kb_ver:kb_ver, kb_base:kb_base, win_local:win_local);\nvcf::check_granularity(app_info:app_info, sig_segments:2);\n\n# 9.2.24 / 9.3.20 / 9.4.15 / 9.5.10 / 9.6.6 / 10.1\nconstraints = [\n { \"min_version\" : \"9.2\", \"fixed_version\" : \"9.2.24\" },\n { \"min_version\" : \"9.3\", \"fixed_version\" : \"9.3.20\" },\n { \"min_version\" : \"9.4\", \"fixed_version\" : \"9.4.15\" },\n { \"min_version\" : \"9.5\", \"fixed_version\" : \"9.5.10\" },\n { \"min_version\" : \"9.6\", \"fixed_version\" : \"9.6.6\" },\n { \"min_version\" : \"10.0\", \"fixed_version\" : \"10.1\" }\n];\n\nvcf::postgresql::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_HOLE);\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T12:31:34", "description": "An update of [curl,glibc,postgresql] packages of photonOS has been released.", "cvss3": {"score": 6.7, "vector": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"}, "published": "2018-08-17T00:00:00", "type": "nessus", "title": "Photon OS 1.0: Curl / Glibc PHSA-2017-0048 (deprecated)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-5180", "CVE-2017-12172", "CVE-2017-15098", "CVE-2017-15099", "CVE-2017-1000257"], "modified": "2019-02-07T00:00:00", "cpe": ["p-cpe:/a:vmware:photonos:curl", "p-cpe:/a:vmware:photonos:glibc", "cpe:/o:vmware:photonos:1.0"], "id": "PHOTONOS_PHSA-2017-0048.NASL", "href": "https://www.tenable.com/plugins/nessus/111897", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# @DEPRECATED@\n#\n# Disabled on 2/7/2019\n#\n\n# The descriptive text and package checks in this plugin were\n# extracted from VMware Security Advisory PHSA-2017-0048. The text\n# itself is copyright (C) VMware, Inc.\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(111897);\n script_version(\"1.2\");\n script_cvs_date(\"Date: 2019/02/07 18:59:50\");\n\n script_cve_id(\n \"CVE-2015-5180\",\n \"CVE-2017-12172\",\n \"CVE-2017-15098\",\n \"CVE-2017-15099\",\n \"CVE-2017-1000257\"\n );\n\n script_name(english:\"Photon OS 1.0: Curl / Glibc PHSA-2017-0048 (deprecated)\");\n script_summary(english:\"Checks the rpm output for the updated packages.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"This plugin has been deprecated.\");\n script_set_attribute(attribute:\"description\", value:\n\"An update of [curl,glibc,postgresql] packages of photonOS has been\nreleased.\");\n # https://github.com/vmware/photon/wiki/Security-Updates-88\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?9bcff977\");\n script_set_attribute(attribute:\"solution\", value:\"n/a.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2017-12172\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/11/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/08/17\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:vmware:photonos:curl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:vmware:photonos:glibc\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:vmware:photonos:1.0\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"PhotonOS Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/PhotonOS/release\", \"Host/PhotonOS/rpm-list\");\n\n exit(0);\n}\n\nexit(0, \"This plugin has been deprecated.\");\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/PhotonOS/release\");\nif (isnull(release) || release !~ \"^VMware Photon\") audit(AUDIT_OS_NOT, \"PhotonOS\");\nif (release !~ \"^VMware Photon (?:Linux|OS) 1\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"PhotonOS 1.0\");\n\nif (!get_kb_item(\"Host/PhotonOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"PhotonOS\", cpu);\n\nflag = 0;\n\npkgs = [\n \"curl-7.54.0-5.ph1\",\n \"curl-debuginfo-7.54.0-5.ph1\",\n \"glibc-2.22-16.ph1\",\n \"glibc-devel-2.22-16.ph1\",\n \"glibc-lang-2.22-16.ph1\"\n];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"PhotonOS-1.0\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"curl / glibc\");\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-06-16T16:17:22", "description": "According to its self-reported version number, the remote Junos Space version is prior to 17.2R1. It is, therefore, affected by multiple vulnerabilities.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2018-03-21T00:00:00", "type": "nessus", "title": "Juniper Junos Space < 17.2R1 Multiple Vulnerabilities (JSA10838)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-5174", "CVE-2015-5188", "CVE-2015-5220", "CVE-2015-5304", "CVE-2015-7236", "CVE-2015-7501", "CVE-2016-2141", "CVE-2016-8743", "CVE-2017-1000111", "CVE-2017-1000112", "CVE-2017-12172", "CVE-2017-14106", "CVE-2017-15098", "CVE-2017-3167", "CVE-2017-3169", "CVE-2017-5645", "CVE-2017-5664", "CVE-2017-7668", "CVE-2017-7679", "CVE-2017-9788", "CVE-2017-9798", "CVE-2018-0011", "CVE-2018-0012", "CVE-2018-0013"], "modified": "2019-06-11T00:00:00", "cpe": ["cpe:/a:juniper:junos_space"], "id": "JUNIPER_SPACE_JSA_10838.NASL", "href": "https://www.tenable.com/plugins/nessus/108520", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(108520);\n script_version(\"1.7\");\n script_cvs_date(\"Date: 2019/06/11 15:17:50\");\n\n script_cve_id(\n \"CVE-2015-5174\",\n \"CVE-2015-5188\",\n \"CVE-2015-5220\",\n \"CVE-2015-5304\",\n \"CVE-2015-7236\",\n \"CVE-2015-7501\",\n \"CVE-2016-2141\",\n \"CVE-2016-8743\",\n \"CVE-2017-1000111\",\n \"CVE-2017-1000112\",\n \"CVE-2017-12172\",\n \"CVE-2017-14106\",\n \"CVE-2017-15098\",\n \"CVE-2017-3167\",\n \"CVE-2017-3169\",\n \"CVE-2017-5645\",\n \"CVE-2017-5664\",\n \"CVE-2017-7668\",\n \"CVE-2017-7679\",\n \"CVE-2017-9788\",\n \"CVE-2017-9798\",\n \"CVE-2018-0011\",\n \"CVE-2018-0012\",\n \"CVE-2018-0013\"\n );\n script_bugtraq_id(\n 57974,\n 76771,\n 77345,\n 78215,\n 79788,\n 83329,\n 91481,\n 95077,\n 97702,\n 98888,\n 99134,\n 99135,\n 99137,\n 99170,\n 99569,\n 100262,\n 100267,\n 100872,\n 100878,\n 101781,\n 101949\n );\n\n script_name(english:\"Juniper Junos Space < 17.2R1 Multiple Vulnerabilities (JSA10838)\");\n script_summary(english:\"Checks the version.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote device is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its self-reported version number, the remote Junos Space\nversion is prior to 17.2R1. It is, therefore, affected by multiple\nvulnerabilities.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10838\");\n script_set_attribute(attribute:\"solution\", value:\"Upgrade to Junos Space 17.2R1 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Linux Kernel UDP Fragmentation Offset (UFO) Privilege Escalation');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'CANVAS');\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/10/27\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/01/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/03/21\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:juniper:junos_space\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Junos Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/Junos_Space/version\");\n\n exit(0);\n}\n\ninclude(\"junos.inc\");\ninclude(\"misc_func.inc\");\n\nver = get_kb_item_or_exit('Host/Junos_Space/version');\n\ncheck_junos_space(ver:ver, fix:'17.2R1', severity:SECURITY_HOLE);\n", "cvss": {"score": 10, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "redhat": [{"lastseen": "2021-10-19T20:38:45", "description": "PostgreSQL is an advanced object-relational database management system (DBMS).\n\nSecurity Fix(es):\n\n* Privilege escalation flaws were found in the initialization scripts of PostgreSQL. An attacker with access to the postgres user account could use these flaws to obtain root access on the server machine. (CVE-2017-12172, CVE-2017-15097)\n\nNote: This patch drops the script privileges from root to the postgres user. Therefore, we dropped the --new-systemd-unit option for security reasons. Please use the root-only script postgresql-new-systemd-unit.\n\nRed Hat would like to thank the PostgreSQL project for reporting CVE-2017-12172. The CVE-2017-15097 issue was discovered by Pedro Barbosa (Red Hat) and the PostgreSQL project. Upstream acknowledges Antoine Scemama (Brainloop) as the original reporter of these issues.", "cvss3": {"exploitabilityScore": 0.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 6.7, "privilegesRequired": "HIGH", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2017-12-08T02:19:58", "type": "redhat", "title": "(RHSA-2017:3405) Moderate: rh-postgresql96-postgresql security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-12172", "CVE-2017-15097"], "modified": "2018-06-12T21:28:20", "id": "RHSA-2017:3405", "href": "https://access.redhat.com/errata/RHSA-2017:3405", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-10-19T20:36:07", "description": "PostgreSQL is an advanced object-relational database management system (DBMS).\n\nSecurity Fix(es):\n\n* Privilege escalation flaws were found in the initialization scripts of PostgreSQL. An attacker with access to the postgres user account could use these flaws to obtain root access on the server machine. (CVE-2017-12172, CVE-2017-15097)\n\nNote: This patch drops the script privileges from root to the postgres user. Therefore, we dropped the --new-systemd-unit option for security reasons. Please use the root-only script postgresql-new-systemd-unit.\n\nRed Hat would like to thank the PostgreSQL project for reporting CVE-2017-12172. The CVE-2017-15097 issue was discovered by Pedro Barbosa (Red Hat) and the PostgreSQL project. Upstream acknowledges Antoine Scemama (Brainloop) as the original reporter of these issues.", "cvss3": {"exploitabilityScore": 0.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 6.7, "privilegesRequired": "HIGH", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2017-12-08T02:19:35", "type": "redhat", "title": "(RHSA-2017:3404) Moderate: rh-postgresql95-postgresql security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-12172", "CVE-2017-15097"], "modified": "2018-06-12T21:28:16", "id": "RHSA-2017:3404", "href": "https://access.redhat.com/errata/RHSA-2017:3404", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-10-21T04:45:11", "description": "PostgreSQL is an advanced object-relational database management system (DBMS).\n\nSecurity Fix(es):\n\n* Privilege escalation flaws were found in the initialization scripts of PostgreSQL. An attacker with access to the postgres user account could use these flaws to obtain root access on the server machine. (CVE-2017-12172, CVE-2017-15097)\n\nNote: This patch drops the script privileges from root to the postgres user. Therefore, this update works properly only if the postgres user has write access to the postgres' home directory, such as the one in the default configuration (/var/lib/pgsql).\n\nRed Hat would like to thank the PostgreSQL project for reporting CVE-2017-12172. The CVE-2017-15097 issue was discovered by Pedro Barbosa (Red Hat) and the PostgreSQL project. Upstream acknowledges Antoine Scemama (Brainloop) as the original reporter of these issues.", "cvss3": {"exploitabilityScore": 0.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 6.7, "privilegesRequired": "HIGH", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2017-12-08T01:35:24", "type": "redhat", "title": "(RHSA-2017:3402) Moderate: postgresql security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-12172", "CVE-2017-15097"], "modified": "2018-04-11T23:33:11", "id": "RHSA-2017:3402", "href": "https://access.redhat.com/errata/RHSA-2017:3402", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-10-19T20:41:10", "description": "PostgreSQL is an advanced object-relational database management system (DBMS).\n\nSecurity Fix(es):\n\n* Privilege escalation flaws were found in the initialization scripts of PostgreSQL. An attacker with access to the postgres user account could use these flaws to obtain root access on the server machine. (CVE-2017-12172, CVE-2017-15097)\n\nNote: This patch drops the script privileges from root to the postgres user. Therefore, we dropped the --new-systemd-unit option for security reasons. Please use the root-only script postgresql-new-systemd-unit.\n\nRed Hat would like to thank the PostgreSQL project for reporting CVE-2017-12172. The CVE-2017-15097 issue was discovered by Pedro Barbosa (Red Hat) and the PostgreSQL project. Upstream acknowledges Antoine Scemama (Brainloop) as the original reporter of these issues.", "cvss3": {"exploitabilityScore": 0.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 6.7, "privilegesRequired": "HIGH", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2017-12-08T02:19:09", "type": "redhat", "title": "(RHSA-2017:3403) Moderate: rh-postgresql94-postgresql security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-12172", "CVE-2017-15097"], "modified": "2018-06-12T21:28:17", "id": "RHSA-2017:3403", "href": "https://access.redhat.com/errata/RHSA-2017:3403", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}], "oraclelinux": [{"lastseen": "2021-07-28T14:25:09", "description": "[9.2.23-3]\n- setup: keep PGSETUP_* variables after switching to not-privileged user\n[9.2.23-2]\n- fix CVE-2017-12172", "cvss3": {"exploitabilityScore": 0.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 6.7, "privilegesRequired": "HIGH", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2017-12-07T00:00:00", "type": "oraclelinux", "title": "postgresql security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-12172", "CVE-2017-15097"], "modified": "2017-12-07T00:00:00", "id": "ELSA-2017-3402", "href": "http://linux.oracle.com/errata/ELSA-2017-3402.html", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}], "centos": [{"lastseen": "2022-02-27T11:51:21", "description": "**CentOS Errata and Security Advisory** CESA-2017:3402\n\n\nPostgreSQL is an advanced object-relational database management system (DBMS).\n\nSecurity Fix(es):\n\n* Privilege escalation flaws were found in the initialization scripts of PostgreSQL. An attacker with access to the postgres user account could use these flaws to obtain root access on the server machine. (CVE-2017-12172, CVE-2017-15097)\n\nNote: This patch drops the script privileges from root to the postgres user. Therefore, this update works properly only if the postgres user has write access to the postgres' home directory, such as the one in the default configuration (/var/lib/pgsql).\n\nRed Hat would like to thank the PostgreSQL project for reporting CVE-2017-12172. The CVE-2017-15097 issue was discovered by Pedro Barbosa (Red Hat) and the PostgreSQL project. Upstream acknowledges Antoine Scemama (Brainloop) as the original reporter of these issues.\n\n**Merged security bulletin from advisories:**\nhttps://lists.centos.org/pipermail/centos-announce/2017-December/059609.html\n\n**Affected packages:**\npostgresql\npostgresql-contrib\npostgresql-devel\npostgresql-docs\npostgresql-libs\npostgresql-plperl\npostgresql-plpython\npostgresql-pltcl\npostgresql-server\npostgresql-static\npostgresql-test\npostgresql-upgrade\n\n**Upstream details at:**\nhttps://access.redhat.com/errata/RHSA-2017:3402", "cvss3": {"exploitabilityScore": 0.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 6.7, "privilegesRequired": "HIGH", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2017-12-09T01:12:18", "type": "centos", "title": "postgresql security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-12172", "CVE-2017-15097"], "modified": "2017-12-09T01:12:18", "id": "CESA-2017:3402", "href": "https://lists.centos.org/pipermail/centos-announce/2017-December/059609.html", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}], "cve": [{"lastseen": "2022-03-23T14:00:26", "description": "Privilege escalation flaws were found in the Red Hat initialization scripts of PostgreSQL. An attacker with access to the postgres user account could use these flaws to obtain root access on the server machine.", "cvss3": {"exploitabilityScore": 0.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "baseScore": 6.7, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2018-07-27T20:29:00", "type": "cve", "title": "CVE-2017-15097", "cwe": ["CWE-59"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-15097"], "modified": "2019-10-09T23:24:00", "cpe": ["cpe:/o:redhat:enterprise_linux_server_eus:7.4", "cpe:/o:redhat:enterprise_linux_workstation:7.0", "cpe:/o:redhat:enterprise_linux_desktop:7.0", "cpe:/o:redhat:enterprise_linux_server_eus:7.5", "cpe:/o:redhat:enterprise_linux_server:7.0", "cpe:/o:redhat:enterprise_linux_server_aus:7.4"], "id": "CVE-2017-15097", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-15097", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*"]}, {"lastseen": "2022-03-23T12:47:30", "description": "PostgreSQL 10.x before 10.1, 9.6.x before 9.6.6, 9.5.x before 9.5.10, 9.4.x before 9.4.15, 9.3.x before 9.3.20, and 9.2.x before 9.2.24 runs under a non-root operating system account, and database superusers have effective ability to run arbitrary code under that system account. PostgreSQL provides a script for starting the database server during system boot. Packages of PostgreSQL for many operating systems provide their own, packager-authored startup implementations. Several implementations use a log file name that the database superuser can replace with a symbolic link. As root, they open(), chmod() and/or chown() this log file name. This often suffices for the database superuser to escalate to root privileges when root starts the server.", "cvss3": {"exploitabilityScore": 0.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "baseScore": 6.7, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2017-11-22T19:29:00", "type": "cve", "title": "CVE-2017-12172", "cwe": ["CWE-59"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-12172"], "modified": "2019-10-09T23:22:00", "cpe": ["cpe:/a:postgresql:postgresql:9.5.3", "cpe:/a:postgresql:postgresql:9.2.22", "cpe:/a:postgresql:postgresql:9.5.5", "cpe:/a:postgresql:postgresql:9.2.11", "cpe:/a:postgresql:postgresql:9.3.3", "cpe:/a:postgresql:postgresql:9.2.1", "cpe:/a:postgresql:postgresql:9.2.12", "cpe:/a:postgresql:postgresql:9.2.7", "cpe:/a:postgresql:postgresql:9.2.9", "cpe:/a:postgresql:postgresql:9.4.14", "cpe:/a:postgresql:postgresql:9.6", "cpe:/a:postgresql:postgresql:9.3.19", "cpe:/a:postgresql:postgresql:9.5.7", "cpe:/a:postgresql:postgresql:9.3.15", "cpe:/a:postgresql:postgresql:9.3.16", "cpe:/a:postgresql:postgresql:9.2.14", "cpe:/a:postgresql:postgresql:9.2.2", "cpe:/a:postgresql:postgresql:9.4.5", "cpe:/a:postgresql:postgresql:9.4", "cpe:/a:postgresql:postgresql:9.5.2", "cpe:/a:postgresql:postgresql:9.3.18", "cpe:/a:postgresql:postgresql:9.4.1", "cpe:/a:postgresql:postgresql:9.4.4", "cpe:/a:postgresql:postgresql:9.5.9", "cpe:/a:postgresql:postgresql:9.3.13", "cpe:/a:postgresql:postgresql:9.2.16", "cpe:/a:postgresql:postgresql:9.5", "cpe:/a:postgresql:postgresql:9.2.21", "cpe:/a:postgresql:postgresql:9.4.10", "cpe:/a:postgresql:postgresql:9.2.19", "cpe:/a:postgresql:postgresql:9.2.10", "cpe:/a:postgresql:postgresql:9.2.8", "cpe:/a:postgresql:postgresql:9.6.2", "cpe:/a:postgresql:postgresql:9.6.3", "cpe:/a:postgresql:postgresql:9.2.4", "cpe:/a:postgresql:postgresql:9.5.4", "cpe:/a:postgresql:postgresql:9.2", "cpe:/a:postgresql:postgresql:9.3.9", "cpe:/a:postgresql:postgresql:9.2.20", "cpe:/a:postgresql:postgresql:9.3.1", "cpe:/a:postgresql:postgresql:10", "cpe:/a:postgresql:postgresql:9.4.3", "cpe:/a:postgresql:postgresql:9.4.12", "cpe:/a:postgresql:postgresql:9.3.17", "cpe:/a:postgresql:postgresql:9.2.6", "cpe:/a:postgresql:postgresql:9.2.13", "cpe:/a:postgresql:postgresql:9.3.10", "cpe:/a:postgresql:postgresql:9.6.1", "cpe:/a:postgresql:postgresql:9.3.14", "cpe:/a:postgresql:postgresql:9.2.5", "cpe:/a:postgresql:postgresql:9.3", "cpe:/a:postgresql:postgresql:9.3.12", "cpe:/a:postgresql:postgresql:9.2.17", "cpe:/a:postgresql:postgresql:9.4.8", "cpe:/a:postgresql:postgresql:9.3.11", "cpe:/a:postgresql:postgresql:9.6.5", "cpe:/a:postgresql:postgresql:9.4.13", "cpe:/a:postgresql:postgresql:9.2.15", "cpe:/a:postgresql:postgresql:9.5.8", "cpe:/a:postgresql:postgresql:9.5.1", "cpe:/a:postgresql:postgresql:9.5.6", "cpe:/a:postgresql:postgresql:9.4.9", "cpe:/a:postgresql:postgresql:9.3.6", "cpe:/a:postgresql:postgresql:9.3.2", "cpe:/a:postgresql:postgresql:9.2.3", "cpe:/a:postgresql:postgresql:9.6.4", "cpe:/a:postgresql:postgresql:9.4.2", "cpe:/a:postgresql:postgresql:9.2.18", "cpe:/a:postgresql:postgresql:9.3.8", "cpe:/a:postgresql:postgresql:9.4.11", "cpe:/a:postgresql:postgresql:9.4.7", "cpe:/a:postgresql:postgresql:9.2.23", "cpe:/a:postgresql:postgresql:9.3.5", "cpe:/a:postgresql:postgresql:9.4.6", "cpe:/a:postgresql:postgresql:9.3.4", "cpe:/a:postgresql:postgresql:9.3.7"], "id": "CVE-2017-12172", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-12172", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:a:postgresql:postgresql:9.3.6:*:*:*:*:*:*:*", "cpe:2.3:a:postgresql:postgresql:9.4.10:*:*:*:*:*:*:*", "cpe:2.3:a:postgresql:postgresql:9.5.3:*:*:*:*:*:*:*", "cpe:2.3:a:postgresql:postgresql:9.6.1:*:*:*:*:*:*:*", "cpe:2.3:a:postgresql:postgresql:9.3.2:*:*:*:*:*:*:*", "cpe:2.3:a:postgresql:postgresql:9.4.11:*:*:*:*:*:*:*", "cpe:2.3:a:postgresql:postgresql:10:*:*:*:*:*:*:*", "cpe:2.3:a:postgresql:postgresql:9.2.4:*:*:*:*:*:*:*", "cpe:2.3:a:postgresql:postgresql:9.3.19:*:*:*:*:*:*:*", "cpe:2.3:a:postgresql:postgresql:9.3.16:*:*:*:*:*:*:*", "cpe:2.3:a:postgresql:postgresql:9.5.6:*:*:*:*:*:*:*", "cpe:2.3:a:postgresql:postgresql:9.5.1:*:*:*:*:*:*:*", "cpe:2.3:a:postgresql:postgresql:9.3.1:*:*:*:*:*:*:*", "cpe:2.3:a:postgresql:postgresql:9.2.11:*:*:*:*:*:*:*", "cpe:2.3:a:postgresql:postgresql:9.3.7:*:*:*:*:*:*:*", "cpe:2.3:a:postgresql:postgresql:9.4.3:*:*:*:*:*:*:*", "cpe:2.3:a:postgresql:postgresql:9.5.2:*:*:*:*:*:*:*", "cpe:2.3:a:postgresql:postgresql:9.4.1:*:*:*:*:*:*:*", "cpe:2.3:a:postgresql:postgresql:9.4.14:*:*:*:*:*:*:*", "cpe:2.3:a:postgresql:postgresql:9.6:*:*:*:*:*:*:*", "cpe:2.3:a:postgresql:postgresql:9.4.5:*:*:*:*:*:*:*", "cpe:2.3:a:postgresql:postgresql:9.2.13:*:*:*:*:*:*:*", "cpe:2.3:a:postgresql:postgresql:9.4.8:*:*:*:*:*:*:*", "cpe:2.3:a:postgresql:postgresql:9.3.17:*:*:*:*:*:*:*", "cpe:2.3:a:postgresql:postgresql:9.2.17:*:*:*:*:*:*:*", "cpe:2.3:a:postgresql:postgresql:9.2.14:*:*:*:*:*:*:*", "cpe:2.3:a:postgresql:postgresql:9.3.3:*:*:*:*:*:*:*", "cpe:2.3:a:postgresql:postgresql:9.2.3:*:*:*:*:*:*:*", "cpe:2.3:a:postgresql:postgresql:9.3.8:*:*:*:*:*:*:*", "cpe:2.3:a:postgresql:postgresql:9.2.8:*:*:*:*:*:*:*", "cpe:2.3:a:postgresql:postgresql:9.5.4:*:*:*:*:*:*:*", "cpe:2.3:a:postgresql:postgresql:9.2.9:*:*:*:*:*:*:*", "cpe:2.3:a:postgresql:postgresql:9.2.7:*:*:*:*:*:*:*", "cpe:2.3:a:postgresql:postgresql:9.4:*:*:*:*:*:*:*", "cpe:2.3:a:postgresql:postgresql:9.3:*:*:*:*:*:*:*", "cpe:2.3:a:postgresql:postgresql:9.2.12:*:*:*:*:*:*:*", "cpe:2.3:a:postgresql:postgresql:9.3.5:*:*:*:*:*:*:*", "cpe:2.3:a:postgresql:postgresql:9.6.5:*:*:*:*:*:*:*", "cpe:2.3:a:postgresql:postgresql:9.4.7:*:*:*:*:*:*:*", "cpe:2.3:a:postgresql:postgresql:9.2:*:*:*:*:*:*:*", "cpe:2.3:a:postgresql:postgresql:9.3.11:*:*:*:*:*:*:*", "cpe:2.3:a:postgresql:postgresql:9.2.18:*:*:*:*:*:*:*", "cpe:2.3:a:postgresql:postgresql:9.3.13:*:*:*:*:*:*:*", "cpe:2.3:a:postgresql:postgresql:9.4.2:*:*:*:*:*:*:*", "cpe:2.3:a:postgresql:postgresql:9.2.19:*:*:*:*:*:*:*", "cpe:2.3:a:postgresql:postgresql:9.5.9:*:*:*:*:*:*:*", "cpe:2.3:a:postgresql:postgresql:9.2.16:*:*:*:*:*:*:*", "cpe:2.3:a:postgresql:postgresql:9.2.6:*:*:*:*:*:*:*", "cpe:2.3:a:postgresql:postgresql:9.3.15:*:*:*:*:*:*:*", "cpe:2.3:a:postgresql:postgresql:9.2.10:*:*:*:*:*:*:*", "cpe:2.3:a:postgresql:postgresql:9.5:*:*:*:*:*:*:*", "cpe:2.3:a:postgresql:postgresql:9.2.2:*:*:*:*:*:*:*", "cpe:2.3:a:postgresql:postgresql:9.4.13:*:*:*:*:*:*:*", "cpe:2.3:a:postgresql:postgresql:9.2.23:*:*:*:*:*:*:*", "cpe:2.3:a:postgresql:postgresql:9.3.12:*:*:*:*:*:*:*", "cpe:2.3:a:postgresql:postgresql:9.4.4:*:*:*:*:*:*:*", "cpe:2.3:a:postgresql:postgresql:9.3.9:*:*:*:*:*:*:*", "cpe:2.3:a:postgresql:postgresql:9.2.15:*:*:*:*:*:*:*", "cpe:2.3:a:postgresql:postgresql:9.6.3:*:*:*:*:*:*:*", "cpe:2.3:a:postgresql:postgresql:9.5.5:*:*:*:*:*:*:*", "cpe:2.3:a:postgresql:postgresql:9.2.21:*:*:*:*:*:*:*", "cpe:2.3:a:postgresql:postgresql:9.5.8:*:*:*:*:*:*:*", "cpe:2.3:a:postgresql:postgresql:9.2.5:*:*:*:*:*:*:*", "cpe:2.3:a:postgresql:postgresql:9.4.9:*:*:*:*:*:*:*", "cpe:2.3:a:postgresql:postgresql:9.6.2:*:*:*:*:*:*:*", "cpe:2.3:a:postgresql:postgresql:9.3.10:*:*:*:*:*:*:*", "cpe:2.3:a:postgresql:postgresql:9.3.4:*:*:*:*:*:*:*", "cpe:2.3:a:postgresql:postgresql:9.2.1:*:*:*:*:*:*:*", "cpe:2.3:a:postgresql:postgresql:9.3.18:*:*:*:*:*:*:*", "cpe:2.3:a:postgresql:postgresql:9.2.20:*:*:*:*:*:*:*", "cpe:2.3:a:postgresql:postgresql:9.6.4:*:*:*:*:*:*:*", "cpe:2.3:a:postgresql:postgresql:9.5.7:*:*:*:*:*:*:*", "cpe:2.3:a:postgresql:postgresql:9.3.14:*:*:*:*:*:*:*", "cpe:2.3:a:postgresql:postgresql:9.4.6:*:*:*:*:*:*:*", "cpe:2.3:a:postgresql:postgresql:9.4.12:*:*:*:*:*:*:*", "cpe:2.3:a:postgresql:postgresql:9.2.22:*:*:*:*:*:*:*"]}], "redhatcve": [{"lastseen": "2022-07-07T11:11:25", "description": "Privilege escalation flaws were found in the Red Hat initialization scripts of PostgreSQL. An attacker with access to the postgres user account could use these flaws to obtain root access on the server machine.\n", "cvss3": {"exploitabilityScore": 0.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "baseScore": 6.7, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-11-03T16:27:44", "type": "redhatcve", "title": "CVE-2017-15097", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-15097"], "modified": "2022-07-07T09:09:15", "id": "RH:CVE-2017-15097", "href": "https://access.redhat.com/security/cve/cve-2017-15097", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-07-07T11:11:36", "description": "Privilege escalation flaws were found in the initialization scripts of PostgreSQL. An attacker with access to the postgres user account could use these flaws to obtain root access on the server machine.\n", "cvss3": {"exploitabilityScore": 0.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "baseScore": 6.7, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2017-11-10T15:49:28", "type": "redhatcve", "title": "CVE-2017-12172", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-12172"], "modified": "2022-07-07T08:52:17", "id": "RH:CVE-2017-12172", "href": "https://access.redhat.com/security/cve/cve-2017-12172", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}], "postgresql": [{"lastseen": "2021-07-28T14:33:18", "description": "Start scripts permit database administrator to modify root-owned files", "cvss3": {"exploitabilityScore": 0.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 6.7, "privilegesRequired": "HIGH", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2017-11-22T19:29:00", "type": "postgresql", "title": "Vulnerability in contrib module (CVE-2017-12172)", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-12172"], "modified": "2017-11-22T19:29:00", "id": "POSTGRESQL:CVE-2017-12172", "href": "https://www.postgresql.org/support/security/", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}], "ubuntucve": [{"lastseen": "2022-08-04T13:54:37", "description": "PostgreSQL 10.x before 10.1, 9.6.x before 9.6.6, 9.5.x before 9.5.10, 9.4.x\nbefore 9.4.15, 9.3.x before 9.3.20, and 9.2.x before 9.2.24 runs under a\nnon-root operating system account, and database superusers have effective\nability to run arbitrary code under that system account. PostgreSQL\nprovides a script for starting the database server during system boot.\nPackages of PostgreSQL for many operating systems provide their own,\npackager-authored startup implementations. Several implementations use a\nlog file name that the database superuser can replace with a symbolic link.\nAs root, they open(), chmod() and/or chown() this log file name. This often\nsuffices for the database superuser to escalate to root privileges when\nroot starts the server.\n\n#### Notes\n\nAuthor| Note \n---|--- \n[mdeslaur](<https://launchpad.net/~mdeslaur>) | this script isn't installed by the packaging\n", "cvss3": {"exploitabilityScore": 0.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "baseScore": 6.7, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2017-11-22T00:00:00", "type": "ubuntucve", "title": "CVE-2017-12172", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-12172"], "modified": "2017-11-22T00:00:00", "id": "UB:CVE-2017-12172", "href": "https://ubuntu.com/security/CVE-2017-12172", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-08-04T13:55:12", "description": "The Debian pg_ctlcluster, pg_createcluster, and pg_upgradecluster scripts,\nas distributed in the Debian postgresql-common package before 181+deb9u1\nfor PostgreSQL (and other packages related to Debian and Ubuntu), handled\nsymbolic links insecurely, which could result in local denial of service by\noverwriting arbitrary files.\n\n#### Bugs\n\n * <https://bugs.launchpad.net/ubuntu/+source/postgresql-common/+bug/1727209>\n\n\n#### Notes\n\nAuthor| Note \n---|--- \n[mdeslaur](<https://launchpad.net/~mdeslaur>) | PostgreSQL will use CVE-2017-12172 for contrib/start-scripts This is related to CVE-2016-1255\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 5.5, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2017-11-09T00:00:00", "type": "ubuntucve", "title": "CVE-2017-8806", "bulletinFamily": "info", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 3.6, "vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-1255", "CVE-2017-12172", "CVE-2017-8806"], "modified": "2017-11-09T00:00:00", "id": "UB:CVE-2017-8806", "href": "https://ubuntu.com/security/CVE-2017-8806", "cvss": {"score": 3.6, "vector": "AV:L/AC:L/Au:N/C:N/I:P/A:P"}}], "debiancve": [{"lastseen": "2021-12-14T17:51:55", "description": "PostgreSQL 10.x before 10.1, 9.6.x before 9.6.6, 9.5.x before 9.5.10, 9.4.x before 9.4.15, 9.3.x before 9.3.20, and 9.2.x before 9.2.24 runs under a non-root operating system account, and database superusers have effective ability to run arbitrary code under that system account. PostgreSQL provides a script for starting the database server during system boot. Packages of PostgreSQL for many operating systems provide their own, packager-authored startup implementations. Several implementations use a log file name that the database superuser can replace with a symbolic link. As root, they open(), chmod() and/or chown() this log file name. This often suffices for the database superuser to escalate to root privileges when root starts the server.", "cvss3": {"exploitabilityScore": 0.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 6.7, "privilegesRequired": "HIGH", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2017-11-22T19:29:00", "type": "debiancve", "title": "CVE-2017-12172", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-12172"], "modified": "2017-11-22T19:29:00", "id": "DEBIANCVE:CVE-2017-12172", "href": "https://security-tracker.debian.org/tracker/CVE-2017-12172", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}], "fedora": [{"lastseen": "2020-12-21T08:17:54", "description": "PostgreSQL is an advanced Object-Relational database management system (DBM S). The base postgresql package contains the client programs that you'll need to access a PostgreSQL DBMS server, as well as HTML documentation for the whole system. These client programs can be located on the same machine as the PostgreSQL server, or on a remote machine that accesses a PostgreSQL server over a network connection. The PostgreSQL server can be found in the postgresql-server sub-package. ", "cvss3": {"exploitabilityScore": 0.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 6.7, "privilegesRequired": "HIGH", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2018-05-21T14:01:30", "type": "fedora", "title": "[SECURITY] Fedora 26 Update: postgresql-9.6.9-1.fc26", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-15097", "CVE-2018-1115"], "modified": "2018-05-21T14:01:30", "id": "FEDORA:1EF0760608FF", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/R5BCV35OZRLWMLCQQ7HSUP4S64I4XKWI/", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-21T08:17:54", "description": "PostgreSQL is an advanced Object-Relational database management system (DBM S). The base postgresql package contains the client programs that you'll need to access a PostgreSQL DBMS server, as well as HTML documentation for the whole system. These client programs can be located on the same machine as the PostgreSQL server, or on a remote machine that accesses a PostgreSQL server over a network connection. The PostgreSQL server can be found in the postgresql-server sub-package. ", "cvss3": {"exploitabilityScore": 0.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 6.7, "privilegesRequired": "HIGH", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2018-05-21T14:20:53", "type": "fedora", "title": "[SECURITY] Fedora 27 Update: postgresql-9.6.9-1.fc27", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-15097", "CVE-2018-1115"], "modified": "2018-05-21T14:20:53", "id": "FEDORA:44D0E60603F2", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/7WZYWTXOZYTG4RUI5ZIF45RBRYQ4QRXO/", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-07-28T18:41:37", "description": "PostgreSQL is an advanced Object-Relational database management system (DBM S). The base postgresql package contains the client programs that you'll need to access a PostgreSQL DBMS server, as well as HTML documentation for the whole system. These client programs can be located on the same machine as the PostgreSQL server, or on a remote machine that accesses a PostgreSQL server over a network connection. The PostgreSQL server can be found in the postgresql-server sub-package. ", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "baseScore": 8.1, "privilegesRequired": "LOW", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.2}, "published": "2018-08-16T07:24:52", "type": "fedora", "title": "[SECURITY] Fedora 27 Update: postgresql-9.6.10-1.fc27", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-15097", "CVE-2018-10915", "CVE-2018-10925"], "modified": "2018-08-16T07:24:52", "id": "FEDORA:F2CC660D2A1B", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/5O3TG4AQRQP7AH3KLCI73OTJC76DNUM6/", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}], "amazon": [{"lastseen": "2021-07-29T02:02:17", "description": "**Issue Overview:**\n\nPrivilege escalation flaws were found in the initialization scripts of PostgreSQL. A remote attacker with access to the postgres user account could use these flaws to obtain root access on the server machine.( CVE-2017-12172)\n\nInvalid json_populate_recordset or jsonb_populate_recordset function calls in PostgreSQL can crash the server or disclose a few bytes of server memory.(CVE-2017-15098)\n\n \n**Affected Packages:** \n\n\npostgresql92, postgresql93, postgresql94\n\n \n**Issue Correction:** \nRun _yum update postgresql92_ to update your system. \nRun _yum update postgresql93_ to update your system. \nRun _yum update postgresql94_ to update your system. \n\n\n \n\n\n**New Packages:**\n \n \n i686: \n \u00a0\u00a0\u00a0 postgresql92-plperl-9.2.24-1.65.amzn1.i686 \n \u00a0\u00a0\u00a0 postgresql92-debuginfo-9.2.24-1.65.amzn1.i686 \n \u00a0\u00a0\u00a0 postgresql92-server-compat-9.2.24-1.65.amzn1.i686 \n \u00a0\u00a0\u00a0 postgresql92-plpython27-9.2.24-1.65.amzn1.i686 \n \u00a0\u00a0\u00a0 postgresql92-devel-9.2.24-1.65.amzn1.i686 \n \u00a0\u00a0\u00a0 postgresql92-server-9.2.24-1.65.amzn1.i686 \n \u00a0\u00a0\u00a0 postgresql92-libs-9.2.24-1.65.amzn1.i686 \n \u00a0\u00a0\u00a0 postgresql92-contrib-9.2.24-1.65.amzn1.i686 \n \u00a0\u00a0\u00a0 postgresql92-9.2.24-1.65.amzn1.i686 \n \u00a0\u00a0\u00a0 postgresql92-test-9.2.24-1.65.amzn1.i686 \n \u00a0\u00a0\u00a0 postgresql92-pltcl-9.2.24-1.65.amzn1.i686 \n \u00a0\u00a0\u00a0 postgresql92-plpython26-9.2.24-1.65.amzn1.i686 \n \u00a0\u00a0\u00a0 postgresql92-docs-9.2.24-1.65.amzn1.i686 \n \u00a0\u00a0\u00a0 postgresql94-plpython27-9.4.15-1.73.amzn1.i686 \n \u00a0\u00a0\u00a0 postgresql94-debuginfo-9.4.15-1.73.amzn1.i686 \n \u00a0\u00a0\u00a0 postgresql94-docs-9.4.15-1.73.amzn1.i686 \n \u00a0\u00a0\u00a0 postgresql94-libs-9.4.15-1.73.amzn1.i686 \n \u00a0\u00a0\u00a0 postgresql94-devel-9.4.15-1.73.amzn1.i686 \n \u00a0\u00a0\u00a0 postgresql94-server-9.4.15-1.73.amzn1.i686 \n \u00a0\u00a0\u00a0 postgresql94-plperl-9.4.15-1.73.amzn1.i686 \n \u00a0\u00a0\u00a0 postgresql94-9.4.15-1.73.amzn1.i686 \n \u00a0\u00a0\u00a0 postgresql94-test-9.4.15-1.73.amzn1.i686 \n \u00a0\u00a0\u00a0 postgresql94-plpython26-9.4.15-1.73.amzn1.i686 \n \u00a0\u00a0\u00a0 postgresql94-contrib-9.4.15-1.73.amzn1.i686 \n \u00a0\u00a0\u00a0 postgresql93-pltcl-9.3.20-1.69.amzn1.i686 \n \u00a0\u00a0\u00a0 postgresql93-test-9.3.20-1.69.amzn1.i686 \n \u00a0\u00a0\u00a0 postgresql93-plpython26-9.3.20-1.69.amzn1.i686 \n \u00a0\u00a0\u00a0 postgresql93-libs-9.3.20-1.69.amzn1.i686 \n \u00a0\u00a0\u00a0 postgresql93-server-9.3.20-1.69.amzn1.i686 \n \u00a0\u00a0\u00a0 postgresql93-docs-9.3.20-1.69.amzn1.i686 \n \u00a0\u00a0\u00a0 postgresql93-contrib-9.3.20-1.69.amzn1.i686 \n \u00a0\u00a0\u00a0 postgresql93-devel-9.3.20-1.69.amzn1.i686 \n \u00a0\u00a0\u00a0 postgresql93-debuginfo-9.3.20-1.69.amzn1.i686 \n \u00a0\u00a0\u00a0 postgresql93-plpython27-9.3.20-1.69.amzn1.i686 \n \u00a0\u00a0\u00a0 postgresql93-9.3.20-1.69.amzn1.i686 \n \u00a0\u00a0\u00a0 postgresql93-plperl-9.3.20-1.69.amzn1.i686 \n \n src: \n \u00a0\u00a0\u00a0 postgresql92-9.2.24-1.65.amzn1.src \n \u00a0\u00a0\u00a0 postgresql94-9.4.15-1.73.amzn1.src \n \u00a0\u00a0\u00a0 postgresql93-9.3.20-1.69.amzn1.src \n \n x86_64: \n \u00a0\u00a0\u00a0 postgresql92-docs-9.2.24-1.65.amzn1.x86_64 \n \u00a0\u00a0\u00a0 postgresql92-plpython27-9.2.24-1.65.amzn1.x86_64 \n \u00a0\u00a0\u00a0 postgresql92-test-9.2.24-1.65.amzn1.x86_64 \n \u00a0\u00a0\u00a0 postgresql92-9.2.24-1.65.amzn1.x86_64 \n \u00a0\u00a0\u00a0 postgresql92-server-compat-9.2.24-1.65.amzn1.x86_64 \n \u00a0\u00a0\u00a0 postgresql92-pltcl-9.2.24-1.65.amzn1.x86_64 \n \u00a0\u00a0\u00a0 postgresql92-plperl-9.2.24-1.65.amzn1.x86_64 \n \u00a0\u00a0\u00a0 postgresql92-devel-9.2.24-1.65.amzn1.x86_64 \n \u00a0\u00a0\u00a0 postgresql92-server-9.2.24-1.65.amzn1.x86_64 \n \u00a0\u00a0\u00a0 postgresql92-libs-9.2.24-1.65.amzn1.x86_64 \n \u00a0\u00a0\u00a0 postgresql92-contrib-9.2.24-1.65.amzn1.x86_64 \n \u00a0\u00a0\u00a0 postgresql92-plpython26-9.2.24-1.65.amzn1.x86_64 \n \u00a0\u00a0\u00a0 postgresql92-debuginfo-9.2.24-1.65.amzn1.x86_64 \n \u00a0\u00a0\u00a0 postgresql94-contrib-9.4.15-1.73.amzn1.x86_64 \n \u00a0\u00a0\u00a0 postgresql94-plperl-9.4.15-1.73.amzn1.x86_64 \n \u00a0\u00a0\u00a0 postgresql94-devel-9.4.15-1.73.amzn1.x86_64 \n \u00a0\u00a0\u00a0 postgresql94-server-9.4.15-1.73.amzn1.x86_64 \n \u00a0\u00a0\u00a0 postgresql94-libs-9.4.15-1.73.amzn1.x86_64 \n \u00a0\u00a0\u00a0 postgresql94-plpython26-9.4.15-1.73.amzn1.x86_64 \n \u00a0\u00a0\u00a0 postgresql94-debuginfo-9.4.15-1.73.amzn1.x86_64 \n \u00a0\u00a0\u00a0 postgresql94-plpython27-9.4.15-1.73.amzn1.x86_64 \n \u00a0\u00a0\u00a0 postgresql94-test-9.4.15-1.73.amzn1.x86_64 \n \u00a0\u00a0\u00a0 postgresql94-9.4.15-1.73.amzn1.x86_64 \n \u00a0\u00a0\u00a0 postgresql94-docs-9.4.15-1.73.amzn1.x86_64 \n \u00a0\u00a0\u00a0 postgresql93-server-9.3.20-1.69.amzn1.x86_64 \n \u00a0\u00a0\u00a0 postgresql93-devel-9.3.20-1.69.amzn1.x86_64 \n \u00a0\u00a0\u00a0 postgresql93-test-9.3.20-1.69.amzn1.x86_64 \n \u00a0\u00a0\u00a0 postgresql93-plperl-9.3.20-1.69.amzn1.x86_64 \n \u00a0\u00a0\u00a0 postgresql93-plpython27-9.3.20-1.69.amzn1.x86_64 \n \u00a0\u00a0\u00a0 postgresql93-docs-9.3.20-1.69.amzn1.x86_64 \n \u00a0\u00a0\u00a0 postgresql93-9.3.20-1.69.amzn1.x86_64 \n \u00a0\u00a0\u00a0 postgresql93-pltcl-9.3.20-1.69.amzn1.x86_64 \n \u00a0\u00a0\u00a0 postgresql93-contrib-9.3.20-1.69.amzn1.x86_64 \n \u00a0\u00a0\u00a0 postgresql93-plpython26-9.3.20-1.69.amzn1.x86_64 \n \u00a0\u00a0\u00a0 postgresql93-libs-9.3.20-1.69.amzn1.x86_64 \n \u00a0\u00a0\u00a0 postgresql93-debuginfo-9.3.20-1.69.amzn1.x86_64 \n \n \n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 8.1, "privilegesRequired": "LOW", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.2}, "published": "2017-12-05T22:19:00", "type": "amazon", "title": "Medium: postgresql92, postgresql93, postgresql94", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-12172", "CVE-2017-15098"], "modified": "2017-12-06T21:36:00", "id": "ALAS-2017-931", "href": "https://alas.aws.amazon.com/ALAS-2017-931.html", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-07-29T02:02:19", "description": "**Issue Overview:**\n\nPrivilege escalation flaws were found in the initialization scripts of PostgreSQL. A remote attacker with access to the postgres user account could use these flaws to obtain root access on the server machine.(CVE-2017-12172)\n\nINSERT ... ON CONFLICT DO UPDATE commands in PostgreSQL disclose table contents that the invoker lacks privilege to read. These exploits affect only tables where the attacker lacks full read access but has both INSERT and UPDATE privileges. Exploits bypass row level security policies and lack of SELECT privilege.(CVE-2017-15099)\n\nInvalid json_populate_recordset or jsonb_populate_recordset function calls in PostgreSQL can crash the server or disclose a few bytes of server memory.(CVE-2017-15098)\n\n \n**Affected Packages:** \n\n\npostgresql95, postgresql96\n\n \n**Issue Correction:** \nRun _yum update postgresql95_ to update your system. \nRun _yum update postgresql96_ to update your system. \n\n\n \n\n\n**New Packages:**\n \n \n i686: \n \u00a0\u00a0\u00a0 postgresql95-plperl-9.5.10-1.77.amzn1.i686 \n \u00a0\u00a0\u00a0 postgresql95-libs-9.5.10-1.77.amzn1.i686 \n \u00a0\u00a0\u00a0 postgresql95-debuginfo-9.5.10-1.77.amzn1.i686 \n \u00a0\u00a0\u00a0 postgresql95-devel-9.5.10-1.77.amzn1.i686 \n \u00a0\u00a0\u00a0 postgresql95-test-9.5.10-1.77.amzn1.i686 \n \u00a0\u00a0\u00a0 postgresql95-contrib-9.5.10-1.77.amzn1.i686 \n \u00a0\u00a0\u00a0 postgresql95-docs-9.5.10-1.77.amzn1.i686 \n \u00a0\u00a0\u00a0 postgresql95-9.5.10-1.77.amzn1.i686 \n \u00a0\u00a0\u00a0 postgresql95-plpython26-9.5.10-1.77.amzn1.i686 \n \u00a0\u00a0\u00a0 postgresql95-static-9.5.10-1.77.amzn1.i686 \n \u00a0\u00a0\u00a0 postgresql95-server-9.5.10-1.77.amzn1.i686 \n \u00a0\u00a0\u00a0 postgresql95-plpython27-9.5.10-1.77.amzn1.i686 \n \u00a0\u00a0\u00a0 postgresql96-plperl-9.6.6-1.79.amzn1.i686 \n \u00a0\u00a0\u00a0 postgresql96-plpython26-9.6.6-1.79.amzn1.i686 \n \u00a0\u00a0\u00a0 postgresql96-plpython27-9.6.6-1.79.amzn1.i686 \n \u00a0\u00a0\u00a0 postgresql96-devel-9.6.6-1.79.amzn1.i686 \n \u00a0\u00a0\u00a0 postgresql96-contrib-9.6.6-1.79.amzn1.i686 \n \u00a0\u00a0\u00a0 postgresql96-static-9.6.6-1.79.amzn1.i686 \n \u00a0\u00a0\u00a0 postgresql96-docs-9.6.6-1.79.amzn1.i686 \n \u00a0\u00a0\u00a0 postgresql96-libs-9.6.6-1.79.amzn1.i686 \n \u00a0\u00a0\u00a0 postgresql96-debuginfo-9.6.6-1.79.amzn1.i686 \n \u00a0\u00a0\u00a0 postgresql96-test-9.6.6-1.79.amzn1.i686 \n \u00a0\u00a0\u00a0 postgresql96-9.6.6-1.79.amzn1.i686 \n \u00a0\u00a0\u00a0 postgresql96-server-9.6.6-1.79.amzn1.i686 \n \n src: \n \u00a0\u00a0\u00a0 postgresql95-9.5.10-1.77.amzn1.src \n \u00a0\u00a0\u00a0 postgresql96-9.6.6-1.79.amzn1.src \n \n x86_64: \n \u00a0\u00a0\u00a0 postgresql95-server-9.5.10-1.77.amzn1.x86_64 \n \u00a0\u00a0\u00a0 postgresql95-devel-9.5.10-1.77.amzn1.x86_64 \n \u00a0\u00a0\u00a0 postgresql95-contrib-9.5.10-1.77.amzn1.x86_64 \n \u00a0\u00a0\u00a0 postgresql95-9.5.10-1.77.amzn1.x86_64 \n \u00a0\u00a0\u00a0 postgresql95-static-9.5.10-1.77.amzn1.x86_64 \n \u00a0\u00a0\u00a0 postgresql95-plpython27-9.5.10-1.77.amzn1.x86_64 \n \u00a0\u00a0\u00a0 postgresql95-libs-9.5.10-1.77.amzn1.x86_64 \n \u00a0\u00a0\u00a0 postgresql95-docs-9.5.10-1.77.amzn1.x86_64 \n \u00a0\u00a0\u00a0 postgresql95-plpython26-9.5.10-1.77.amzn1.x86_64 \n \u00a0\u00a0\u00a0 postgresql95-plperl-9.5.10-1.77.amzn1.x86_64 \n \u00a0\u00a0\u00a0 postgresql95-debuginfo-9.5.10-1.77.amzn1.x86_64 \n \u00a0\u00a0\u00a0 postgresql95-test-9.5.10-1.77.amzn1.x86_64 \n \u00a0\u00a0\u00a0 postgresql96-static-9.6.6-1.79.amzn1.x86_64 \n \u00a0\u00a0\u00a0 postgresql96-docs-9.6.6-1.79.amzn1.x86_64 \n \u00a0\u00a0\u00a0 postgresql96-plperl-9.6.6-1.79.amzn1.x86_64 \n \u00a0\u00a0\u00a0 postgresql96-libs-9.6.6-1.79.amzn1.x86_64 \n \u00a0\u00a0\u00a0 postgresql96-test-9.6.6-1.79.amzn1.x86_64 \n \u00a0\u00a0\u00a0 postgresql96-debuginfo-9.6.6-1.79.amzn1.x86_64 \n \u00a0\u00a0\u00a0 postgresql96-9.6.6-1.79.amzn1.x86_64 \n \u00a0\u00a0\u00a0 postgresql96-contrib-9.6.6-1.79.amzn1.x86_64 \n \u00a0\u00a0\u00a0 postgresql96-server-9.6.6-1.79.amzn1.x86_64 \n \u00a0\u00a0\u00a0 postgresql96-plpython26-9.6.6-1.79.amzn1.x86_64 \n \u00a0\u00a0\u00a0 postgresql96-devel-9.6.6-1.79.amzn1.x86_64 \n \u00a0\u00a0\u00a0 postgresql96-plpython27-9.6.6-1.79.amzn1.x86_64 \n \n \n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 8.1, "privilegesRequired": "LOW", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.2}, "published": "2017-12-05T22:18:00", "type": "amazon", "title": "Medium: postgresql95, postgresql96", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-12172", "CVE-2017-15098", "CVE-2017-15099"], "modified": "2017-12-06T21:35:00", "id": "ALAS-2017-930", "href": "https://alas.aws.amazon.com/ALAS-2017-930.html", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}], "kaspersky": [{"lastseen": "2021-08-18T11:15:46", "description": "### *Detect date*:\n11/09/2017\n\n### *Severity*:\nHigh\n\n### *Description*:\nMultiple serious vulnerabilities have been found in PostgreSQL. Vulnerabilities in core server and contrib module components can be exploit remotely to gain privileges.\n\n### *Affected products*:\nPostgreSQL 9.2 earlier than 9.2.24 \nPostgreSQL 9.3 earlier than 9.3.20 \nPostgreSQL 9.5 earlier than 9.5.10 \nPostgreSQL 9.6 earlier than 9.6.6 \nPostgreSQL 10 earlier than 10.1\n\n### *Solution*:\nUpdate to the latest version \n[Download PostgreSQL](<https://www.postgresql.org/download/>)\n\n### *Original advisories*:\n[Security Information](<https://www.postgresql.org/support/security/>) \n\n\n### *Impacts*:\nPE \n\n### *Related products*:\n[PostgreSQL](<https://threats.kaspersky.com/en/product/PostgreSQL/>)\n\n### *CVE-IDS*:\n[CVE-2017-12172](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12172>)7.2High \n[CVE-2017-15098](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15098>)5.5High \n[CVE-2017-15099](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15099>)4.0Warning", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 8.1, "privilegesRequired": "LOW", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.2}, "published": "2017-11-09T00:00:00", "type": "kaspersky", "title": "KLA11147 Multiple vulnerabilities in PostgreSQL", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-12172", "CVE-2017-15098", "CVE-2017-15099"], "modified": "2020-06-03T00:00:00", "id": "KLA11147", "href": "https://threats.kaspersky.com/en/vulnerability/KLA11147/", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}], "mageia": [{"lastseen": "2022-04-18T11:19:34", "description": "The startup log file for the postmaster (in newer releases, \"postgres\") process was opened while the process was still owned by root. With this setup, the database owner could specify a file that they did not have access to and cause the file to be corrupted with logged data (CVE-2017-12172). Crash due to rowtype mismatch in json{b}_populate_recordset(). These functions used the result rowtype specified in the FROM ... AS clause without checking that it matched the actual rowtype of the supplied tuple value. If it didn't, that would usually result in a crash, though disclosure of server memory contents seems possible as well (CVE-2017-15098). The \"INSERT ... ON CONFLICT DO UPDATE\" would not check to see if the executing user had permission to perform a \"SELECT\" on the index performing the conflicting check. Additionally, in a table with row-level security enabled, the \"INSERT ... ON CONFLICT DO UPDATE\" would not check the SELECT policies for that table before performing the update (CVE-2017-15099). \n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 8.1, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.2}, "published": "2017-11-29T18:52:42", "type": "mageia", "title": "Updated postgresql packages fix security vulnerabilities\n", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-12172", "CVE-2017-15098", "CVE-2017-15099"], "modified": "2017-11-29T18:52:42", "id": "MGASA-2017-0428", "href": "https://advisories.mageia.org/MGASA-2017-0428.html", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}], "ibm": [{"lastseen": "2022-06-28T22:02:40", "description": "## Summary\n\nMultiple Security vulnerabilities have been fixed in the 9.0.7 IBM Security Access Manager (ISAM) appliance.\n\n## Vulnerability Details\n\n**CVEID:** [CVE-2018-0732](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-0732>) \n**DESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by the sending of a very large prime value to the client by a malicious server during key agreement in a TLS handshake. By spending an unreasonably long period of time generating a key for this prime, a remote attacker could exploit this vulnerability to cause the client to hang. \nCVSS Base Score: 3.7 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/144658> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\n**CVEID:** [CVE-2018-0739](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-0739>) \n**DESCRIPTION:** OpenSSL is vulnerable to a denial of service. By sending specially crafted ASN.1 data with a recursive definition, a remote attacker could exploit this vulnerability to consume excessive stack memory. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/140847> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\n**CVEID:** [CVE-2017-3735](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3735>) \n**DESCRIPTION:** OpenSSL could allow a remote attacker to obtain sensitive information, caused by an error while parsing an IPAdressFamily extension in an X.509 certificate. An attacker could exploit this vulnerability to trigger an out-of-bounds read, resulting in an incorrect text display of the certificate. \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/131047> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N)\n\n**CVEID:** [CVE-2019-4152](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-4152>) \n**DESCRIPTION:** IBM Security Access Manager Appliance does not invalidate session tokens in a timely manner. The lack of proper session expiration may allow attackers with local access to login into a closed browser session. \nCVSS Base Score: 5.1 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/158515> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N)\n\n**CVEID:** [CVE-2019-4151](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-4151>) \n**DESCRIPTION:** IBM Security Access Manager Appliance uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. \nCVSS Base Score: 5.9 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/158512> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N)\n\n**CVEID:** [CVE-2019-4150](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-4150>) \n**DESCRIPTION:** IBM Security Access Manager Appliance does not validate, or incorrectly validates, a certificate which could allow an attacker to spoof a trusted entity by using a man-in-the-middle (MITM) attack. \nCVSS Base Score: 3.7 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/158510> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n**CVEID:** [CVE-2019-4153](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-4153>) \n**DESCRIPTION:** IBM Security Access Manager Appliance could allow a remote attacker to conduct phishing attacks, using an open redirect attack. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability to spoof the URL displayed to redirect a user to a malicious Web site that would appear to be trusted. This could allow the attacker to obtain highly sensitive information or conduct further attacks against the victim. \nCVSS Base Score: 6.8 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/158517> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:N/I:H/A:N)\n\n**CVEID:** [CVE-2019-4156](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-4156>) \n**DESCRIPTION:** IBM Security Access Manager Appliance uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. \nCVSS Base Score: 5.9 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/158572> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N)\n\n**CVEID:** [CVE-2019-4157](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-4157>) \n**DESCRIPTION:** IBM Security Access Manager Appliance is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. \nCVSS Base Score: 6.1 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/158573> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N)\n\n**CVEID:** [CVE-2019-4158](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-4158>) \n**DESCRIPTION:** IBM Security Access Manager Appliance does not prove that a user's identity is correct which can lead to the exposure of resources or functionality to unintended actors. \nCVSS Base Score: 5.4 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/158574> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N)\n\n**CVEID:** [CVE-2019-5953](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5953>) \n**DESCRIPTION:** GNU Wget is vulnerable to a buffer overflow, caused by improper bounds checking. A remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash. \nCVSS Base Score: 8.8 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/159154> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H)\n\n**CVEID:** [CVE-2019-9636](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9636>) \n**DESCRIPTION:** Python urllib.parse.urlsplit and urllib.parse.urlparse components could allow a remote attacker to obtain sensitive information, caused by improper unicode encoding handling in NFKC normalization. By using a specially-crafted URL, an attacker could exploit this vulnerability to obtain sensitive information. \nCVSS Base Score: 7.5 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/158114> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N)\n\n**CVEID:** [CVE-2019-4135](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-4135>) \n**DESCRIPTION:** IBM Security Access Manager Appliance is affected by a security vulnerability that could allow authenticated users to impersonate other users. \nCVSS Base Score: 7.5 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/158331> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H)\n\n**CVEID:** [CVE-2013-2197](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2197>) \n**DESCRIPTION:** Login Security module for Drupal is vulnerable to a denial of service caused by an error when the delay feature is configured. A remote attacker could exploit this vulnerability by frequent or concurrent failed attempts to login which can cause the application to crash. \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/85134> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:M/Au:N/C:N/I:N/A:P)\n\n**CVEID:** [CVE-2016-10542](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10542>) \n**DESCRIPTION:** Node.js ws module is vulnerable to a denial of service, caused by improper size limitation of payload. By sending a large payload, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base Score: 7.5 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/149138> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n**CVEID:** [CVE-2016-5725](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5725>) \n**DESCRIPTION:** JSch could allow a remote attacker to traverse directories on the system. An attacker could send a specially-crafted URL request to the implementation for recursive sftp-get containing \"dot dot\" sequences (/../) to download the malicious files outside the client download base directory. \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/117122> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N)\n\n**CVEID:** [CVE-2018-16850](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16850>) \n**DESCRIPTION:** PostgreSQL is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements to view, add, modify or delete information in the back-end database. \nCVSS Base Score: 6.5 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/152915> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N)\n\n**CVEID:** [CVE-2017-7546](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7546>) \n**DESCRIPTION:** PostgreSQL could allow a remote attacker to bypass security restrictions, caused by a flaw in the libpq. By setting an empty password, an attacker could exploit this vulnerability to bypass access restrictions and log in to the system. \nCVSS Base Score: 7.5 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/130240> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N)\n\n**CVEID:** [CVE-2017-12172](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12172>) \n**DESCRIPTION:** PostgreSQL could allow a local authenticated attacker to bypass security restrictions, caused by a flaw in the start scripts. By creating a symbolic link from the $PGLOG file to a critical file, an attacker could exploit this vulnerability to modify root-owned files. \nCVSS Base Score: 7.8 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/134712> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)\n\n**CVEID:** [CVE-2016-7048](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7048>) \n**DESCRIPTION:** PostgreSQL could allow a remote attacker to execute arbitrary code on the system, caused by a flaw in the Interactive installer. By persuading victim to download a specially-crafted file, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base Score: 7.5 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/148749> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H)\n\n**CVEID:** [CVE-2016-0766](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0766>) \n**DESCRIPTION:** PostgreSQL could allow a remote authenticated attacker to gain elevated privileges on the system, caused by the failure to restrict configuration settings (GUCS) for PL/Java. By modifying the settings, an attacker could exploit this vulnerability to gain elevated privileges on the system. \nCVSS Base Score: 8.8 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/110627> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)\n\n**CVEID:** [CVE-2019-4145](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-4145>) \n**DESCRIPTION:** IBM Security Access Manager Appliance could reveal highly sensitive in specialized conditions to a local user which could be used in further attacks against the system. \nCVSS Base Score: 7.7 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/158400> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N)\n\n## Affected Products and Versions\n\nISAM 9.0.1, 9.0.2 9.0.3, 9.0.4, 9.0.5, 9.0.6\n\nISAM Appliance 9.0.1, 9.0.2 9.0.3, 9.0.4, 9.0.5, 9.0.6\n\n## Remediation/Fixes\n\nProduct | VRMF | Remediation/First Fix \n---|---|--- \nISAM | 9.0.1 -9.0.6 | [ISAM 9.0.7.0](<https://www-945.ibm.com/support/fixcentral/swg/downloadFixes?parent=IBM%20Security&product=ibm/Tivoli/Tivoli+Access+Manager+for+e-business&release=9.0.5.0&platform=Linux&function=fixId&fixids=9.0.7-ISS-ISAM-FP0000&includeRequisites=1&includeSupersedes=0&downloadMethod=http&login=true&login=true>) \n \n## Workarounds and Mitigations\n\nNone\n\n## Get Notified about Future Security Bulletins\n\nSubscribe to [My Notifications](< http://www-01.ibm.com/software/support/einfo.html>) to be notified of important product support alerts like this.\n\n### References \n\n[Complete CVSS v3 Guide](<http://www.first.org/cvss/user-guide> \"Link resides outside of ibm.com\" ) \n[On-line Calculator v3](<http://www.first.org/cvss/calculator/3.0> \"Link resides outside of ibm.com\" )\n\nOff \n\n## Related Information\n\n[IBM Secure Engineering Web Portal](<http://www.ibm.com/security/secure-engineering/bulletins.html>) \n[IBM Product Security Incident Response Blog](<http://www.ibm.com/blogs/psirt>)\n\n## Acknowledgement\n\nIBM X-Force Ethical Hacking Team: Warren Moynihan, Jonathan Fitz-Gerald, John Zuccato, Rodney Ryan, Chris Shepherd, Dmitriy Beryoza, Matt McCarty, Vincent Dragnea, Troy Fisher, Nathan Roane\n\n## Change History\n\n21 June 2019: First version published.\n\n*The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Security Bulletin.\n\n## Disclaimer\n\nAccording to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an \"industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response.\" IBM PROVIDES THE CVSS SCORES \"\"AS IS\"\" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY. In addition to other efforts to address potential vulnerabilities, IBM periodically updates the record of components contained in our product offerings. As part of that effort, if IBM identifies previously unidentified packages in a product/service inventory, we address relevant vulnerabilities regardless of CVE date. Inclusion of an older CVEID does not demonstrate that the referenced product has been used by IBM since that date, nor that IBM was aware of a vulnerability as of that date. We are making clients aware of relevant vulnerabilities as we become aware of them. \"Affected Products and Versions\" referenced in IBM Security Bulletins are intended to be only products and versions that are supported by IBM and have not passed their end-of-support or warranty date. Thus, failure to reference unsupported or extended-support products and versions in this Security Bulletin does not constitute a determination by IBM that they are unaffected by the vulnerability. Reference to one or more unsupported versions in this Security Bulletin shall not create an obligation for IBM to provide fixes for any unsupported or extended-support products or versions.\n\n## Internal Use Only\n\nAdvisories: 13963, 15533, 15534, 15535, 15537, 15575, 15576, 15577, 15578, 13128, 15499, 14228, 16424, 15876, 15392, 15500, 15501\n\nProduct Records: 126047, 133096, 133097, 133098 133099, 133266, 133267 133268, 133269,130313, 132944, 127298, 137192, 134825, 132173, 123945, 132947\n\n## Document Location\n\nWorldwide\n\n[{\"Business Unit\":{\"code\":\"BU059\",\"label\":\"IBM Software w\\/o TPS\"},\"Product\":{\"code\":\"SSZU8Q\",\"label\":\"IBM Security Access Manager\"},\"Component\":\"\",\"Platform\":[{\"code\":\"PF016\",\"label\":\"Linux\"}],\"Version\":\"9.0.1;9.0.2;9.0.3;9.0.4;9.0.5;9.0.6\",\"Edition\":\"\",\"Line of Business\":{\"code\":\"LOB24\",\"label\":\"Security Software\"}},{\"Business Unit\":{\"code\":\"BU059\",\"label\":\"IBM Software w\\/o TPS\"},\"Product\":{\"code\":\"SSQRZH\",\"label\":\"IBM Security Access Manager Appliance\"},\"Component\":\"\",\"Platform\":[{\"code\":\"PF016\",\"label\":\"Linux\"}],\"Version\":\"9.0.1;9.0.2;9.0.3;9.0.4;9.0.5;9.0.6\",\"Edition\":\"\",\"Line of Business\":{\"code\":\"LOB24\",\"label\":\"Security Software\"}}]", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-06-21T20:05:01", "type": "ibm", "title": "Security Bulletin: Multiple Security Vulnerabilities fixed in IBM Security Access Manager Appliance", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-2197", "CVE-2016-0766", "CVE-2016-10542", "CVE-2016-5725", "CVE-2016-7048", "CVE-2017-12172", "CVE-2017-3735", "CVE-2017-7546", "CVE-2018-0732", "CVE-2018-0739", "CVE-2018-16850", "CVE-2019-4135", "CVE-2019-4145", "CVE-2019-4150", "CVE-2019-4151", "CVE-2019-4152", "CVE-2019-4153", "CVE-2019-4156", "CVE-2019-4157", "CVE-2019-4158", "CVE-2019-5953", "CVE-2019-9636"], "modified": "2019-06-21T20:05:01", "id": "CC5089F9744A6B5AF776C8A1234A9BCA32E0798D396B5C631C8D215B02EA08AB", "href": "https://www.ibm.com/support/pages/node/888379", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}]}