Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusUbuntu Security Notice (C) 2021-2023 Canonical, Inc. / NASL script (C) 2021-2023 and is owned by Tenable, Inc. or an Affiliate thereof.UBUNTU_USN-4972-1.NASL
HistoryJun 01, 2021 - 12:00 a.m.

Ubuntu 18.04 LTS / 20.04 LTS : PostgreSQL vulnerabilities (USN-4972-1)

2021-06-0100:00:00
Ubuntu Security Notice (C) 2021-2023 Canonical, Inc. / NASL script (C) 2021-2023 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
28
JSON

The remote Ubuntu 18.04 LTS / 20.04 LTS / 20.10 / 21.04 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4972-1 advisory.

  • A flaw was found in postgresql in versions before 13.3, before 12.7, before 11.12, before 10.17 and before 9.6.22. While modifying certain SQL array values, missing bounds checks let authenticated database users write arbitrary bytes to a wide area of server memory. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. (CVE-2021-32027)

Note that Nessus has not tested for this issue but has instead relied only on the application’s self-reported version number.

#%NASL_MIN_LEVEL 70300
##
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Ubuntu Security Notice USN-4972-1. The text
# itself is copyright (C) Canonical, Inc. See
# <https://ubuntu.com/security/notices>. Ubuntu(R) is a registered
# trademark of Canonical, Inc.
##

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(150129);
  script_version("1.7");
  script_set_attribute(attribute:"plugin_modification_date", value:"2023/10/16");

  script_cve_id("CVE-2021-32027", "CVE-2021-32028", "CVE-2021-32029");
  script_xref(name:"USN", value:"4972-1");
  script_xref(name:"IAVB", value:"2021-B-0036-S");

  script_name(english:"Ubuntu 18.04 LTS / 20.04 LTS : PostgreSQL vulnerabilities (USN-4972-1)");

  script_set_attribute(attribute:"synopsis", value:
"The remote Ubuntu host is missing one or more security updates.");
  script_set_attribute(attribute:"description", value:
"The remote Ubuntu 18.04 LTS / 20.04 LTS / 20.10 / 21.04 host has packages installed that are affected by multiple
vulnerabilities as referenced in the USN-4972-1 advisory.

  - A flaw was found in postgresql in versions before 13.3, before 12.7, before 11.12, before 10.17 and before
    9.6.22. While modifying certain SQL array values, missing bounds checks let authenticated database users
    write arbitrary bytes to a wide area of server memory. The highest threat from this vulnerability is to
    data confidentiality and integrity as well as system availability. (CVE-2021-32027)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version
number.");
  script_set_attribute(attribute:"see_also", value:"https://ubuntu.com/security/notices/USN-4972-1");
  script_set_attribute(attribute:"solution", value:
"Update the affected packages.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2021-32027");

  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");

  script_set_attribute(attribute:"vuln_publication_date", value:"2021/05/13");
  script_set_attribute(attribute:"patch_publication_date", value:"2021/06/01");
  script_set_attribute(attribute:"plugin_publication_date", value:"2021/06/01");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:18.04:-:lts");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:20.04:-:lts");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libecpg-compat3");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libecpg-dev");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libecpg6");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libpgtypes3");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libpq-dev");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libpq5");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:postgresql-10");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:postgresql-12");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:postgresql-client-10");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:postgresql-client-12");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:postgresql-plperl-10");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:postgresql-plperl-12");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:postgresql-plpython-10");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:postgresql-plpython3-10");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:postgresql-plpython3-12");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:postgresql-pltcl-10");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:postgresql-pltcl-12");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:postgresql-server-dev-10");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:postgresql-server-dev-12");
  script_set_attribute(attribute:"stig_severity", value:"I");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Ubuntu Local Security Checks");

  script_copyright(english:"Ubuntu Security Notice (C) 2021-2023 Canonical, Inc. / NASL script (C) 2021-2023 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/cpu", "Host/Ubuntu", "Host/Ubuntu/release", "Host/Debian/dpkg-l");

  exit(0);
}

include('debian_package.inc');

if ( ! get_kb_item('Host/local_checks_enabled') ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
var os_release = get_kb_item('Host/Ubuntu/release');
if ( isnull(os_release) ) audit(AUDIT_OS_NOT, 'Ubuntu');
os_release = chomp(os_release);
if (! ('18.04' >< os_release || '20.04' >< os_release)) audit(AUDIT_OS_NOT, 'Ubuntu 18.04 / 20.04', 'Ubuntu ' + os_release);
if ( ! get_kb_item('Host/Debian/dpkg-l') ) audit(AUDIT_PACKAGE_LIST_MISSING);

var cpu = get_kb_item('Host/cpu');
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ('x86_64' >!< cpu && cpu !~ "^i[3-6]86$" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Ubuntu', cpu);

var pkgs = [
    {'osver': '18.04', 'pkgname': 'libecpg-compat3', 'pkgver': '10.17-0ubuntu0.18.04.1'},
    {'osver': '18.04', 'pkgname': 'libecpg-dev', 'pkgver': '10.17-0ubuntu0.18.04.1'},
    {'osver': '18.04', 'pkgname': 'libecpg6', 'pkgver': '10.17-0ubuntu0.18.04.1'},
    {'osver': '18.04', 'pkgname': 'libpgtypes3', 'pkgver': '10.17-0ubuntu0.18.04.1'},
    {'osver': '18.04', 'pkgname': 'libpq-dev', 'pkgver': '10.17-0ubuntu0.18.04.1'},
    {'osver': '18.04', 'pkgname': 'libpq5', 'pkgver': '10.17-0ubuntu0.18.04.1'},
    {'osver': '18.04', 'pkgname': 'postgresql-10', 'pkgver': '10.17-0ubuntu0.18.04.1'},
    {'osver': '18.04', 'pkgname': 'postgresql-client-10', 'pkgver': '10.17-0ubuntu0.18.04.1'},
    {'osver': '18.04', 'pkgname': 'postgresql-plperl-10', 'pkgver': '10.17-0ubuntu0.18.04.1'},
    {'osver': '18.04', 'pkgname': 'postgresql-plpython-10', 'pkgver': '10.17-0ubuntu0.18.04.1'},
    {'osver': '18.04', 'pkgname': 'postgresql-plpython3-10', 'pkgver': '10.17-0ubuntu0.18.04.1'},
    {'osver': '18.04', 'pkgname': 'postgresql-pltcl-10', 'pkgver': '10.17-0ubuntu0.18.04.1'},
    {'osver': '18.04', 'pkgname': 'postgresql-server-dev-10', 'pkgver': '10.17-0ubuntu0.18.04.1'},
    {'osver': '20.04', 'pkgname': 'libecpg-compat3', 'pkgver': '12.7-0ubuntu0.20.04.1'},
    {'osver': '20.04', 'pkgname': 'libecpg-dev', 'pkgver': '12.7-0ubuntu0.20.04.1'},
    {'osver': '20.04', 'pkgname': 'libecpg6', 'pkgver': '12.7-0ubuntu0.20.04.1'},
    {'osver': '20.04', 'pkgname': 'libpgtypes3', 'pkgver': '12.7-0ubuntu0.20.04.1'},
    {'osver': '20.04', 'pkgname': 'libpq-dev', 'pkgver': '12.7-0ubuntu0.20.04.1'},
    {'osver': '20.04', 'pkgname': 'libpq5', 'pkgver': '12.7-0ubuntu0.20.04.1'},
    {'osver': '20.04', 'pkgname': 'postgresql-12', 'pkgver': '12.7-0ubuntu0.20.04.1'},
    {'osver': '20.04', 'pkgname': 'postgresql-client-12', 'pkgver': '12.7-0ubuntu0.20.04.1'},
    {'osver': '20.04', 'pkgname': 'postgresql-plperl-12', 'pkgver': '12.7-0ubuntu0.20.04.1'},
    {'osver': '20.04', 'pkgname': 'postgresql-plpython3-12', 'pkgver': '12.7-0ubuntu0.20.04.1'},
    {'osver': '20.04', 'pkgname': 'postgresql-pltcl-12', 'pkgver': '12.7-0ubuntu0.20.04.1'},
    {'osver': '20.04', 'pkgname': 'postgresql-server-dev-12', 'pkgver': '12.7-0ubuntu0.20.04.1'}
];

var flag = 0;
foreach package_array ( pkgs ) {
  var osver = NULL;
  var pkgname = NULL;
  var pkgver = NULL;
  if (!empty_or_null(package_array['osver'])) osver = package_array['osver'];
  if (!empty_or_null(package_array['pkgname'])) pkgname = package_array['pkgname'];
  if (!empty_or_null(package_array['pkgver'])) pkgver = package_array['pkgver'];
  if (osver && pkgname && pkgver) {
    if (ubuntu_check(osver:osver, pkgname:pkgname, pkgver:pkgver)) flag++;
  }
}

if (flag)
{
  security_report_v4(
    port       : 0,
    severity   : SECURITY_WARNING,
    extra      : ubuntu_report_get()
  );
  exit(0);
}
else
{
  var tested = ubuntu_pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'libecpg-compat3 / libecpg-dev / libecpg6 / libpgtypes3 / libpq-dev / etc');
}
VendorProductVersionCPE
canonicalubuntu_linux18.04cpe:/o:canonical:ubuntu_linux:18.04:-:lts
canonicalubuntu_linux20.04cpe:/o:canonical:ubuntu_linux:20.04:-:lts
canonicalubuntu_linuxlibecpg-compat3p-cpe:/a:canonical:ubuntu_linux:libecpg-compat3
canonicalubuntu_linuxlibecpg-devp-cpe:/a:canonical:ubuntu_linux:libecpg-dev
canonicalubuntu_linuxlibecpg6p-cpe:/a:canonical:ubuntu_linux:libecpg6
canonicalubuntu_linuxlibpgtypes3p-cpe:/a:canonical:ubuntu_linux:libpgtypes3
canonicalubuntu_linuxlibpq-devp-cpe:/a:canonical:ubuntu_linux:libpq-dev
canonicalubuntu_linuxlibpq5p-cpe:/a:canonical:ubuntu_linux:libpq5
canonicalubuntu_linuxpostgresql-10p-cpe:/a:canonical:ubuntu_linux:postgresql-10
canonicalubuntu_linuxpostgresql-12p-cpe:/a:canonical:ubuntu_linux:postgresql-12
Rows per page:
1-10 of 211

Related

nessus 59
altlinux 15
openvas 26
ubuntu 1
suse 4
redos 8
osv 16
debian 2
mageia 1
archlinux 1
oraclelinux 6
almalinux 4
rocky 4
kaspersky 1
redhat 13
ics 1
freebsd 2
ibm 11
postgresql 3
alpinelinux 3
cve 3
prion 2
veracode 3
redhatcve 3
debiancve 3
ubuntucve 3
amazon 1
nessus
nessus
SUSE SLED15 / SLES15 Security Update : postgresql12 (SUSE-SU-2021:1994-1)
2021-06-21 00:00:00
Amazon Linux 2 : postgresql (ALASPOSTGRESQL13-2023-003)
2023-09-27 00:00:00
RHEL 8 : postgresql:13 (RHSA-2021:2375)
2021-06-16 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 9 package postgresql11 version 11.12-alt0.M90P.1
2021-05-24 00:00:00
Security fix for the ALT Linux 8 package postgresql12 version 12.7-alt0.M80P.1
2021-06-04 00:00:00
Security fix for the ALT Linux 9 package postgresql12-1C version 12.6-alt1.M90P.1
2021-05-24 00:00:00
openvas
openvas
Debian: Security Advisory (DSA-4915-1)
2021-05-14 00:00:00
openSUSE: Security Advisory for postgresql13 (openSUSE-SU-2021:1785-1)
2021-07-13 00:00:00
SUSE: Security Advisory (SUSE-SU-2021:1784-1)
2021-06-09 00:00:00
ubuntu
ubuntu
PostgreSQL vulnerabilities
2021-06-01 00:00:00
suse
suse
Security update for postgresql12 (moderate)
2021-07-10 00:00:00
Security update for postgresql13 (moderate)
2021-07-11 00:00:00
Security update for postgresql10 (moderate)
2021-07-11 00:00:00
redos
redos
ROS-2-580
2021-12-24 00:00:00
ROS-2-470
2021-09-08 00:00:00
ROS-2-544
2021-12-24 00:00:00
osv
osv
postgresql-11 - security update
2021-05-13 00:00:00
Important: postgresql:13 security update
2021-06-10 09:54:30
Important: postgresql:13 security update
2021-06-10 09:54:30
debian
debian
[SECURITY] [DSA 4915-1] postgresql-11 security update
2021-05-13 17:39:06
[SECURITY] [DLA 2662-1] postgresql-9.6 security update
2021-05-15 06:35:07
mageia
mageia
Updated postgresql packages fix security vulnerabilities
2021-05-23 21:45:17
archlinux
archlinux
[ASA-202106-15] postgresql: multiple issues
2021-06-01 00:00:00
oraclelinux
oraclelinux
postgresql:13 security update
2021-06-11 00:00:00
postgresql:12 security update
2021-06-11 00:00:00
rh-postgresql10-postgresql security update
2021-08-23 00:00:00
almalinux
almalinux
Important: postgresql:13 security update
2021-06-10 09:54:30
Important: postgresql:12 security update
2021-06-10 08:45:14
Important: postgresql:9.6 security update
2021-06-09 11:21:04
rocky
rocky
postgresql:13 security update
2021-06-10 09:54:30
postgresql:12 security update
2021-06-10 08:45:14
postgresql:10 security update
2021-06-09 11:21:16
kaspersky
kaspersky
KLA12177 Multiple vulnerabilities in PostgreSQL
2021-05-13 00:00:00
redhat
redhat
(RHSA-2021:2396) Important: rh-postgresql13-postgresql security update
2021-06-14 07:23:36
(RHSA-2021:2375) Important: postgresql:13 security update
2021-06-10 09:54:30
(RHSA-2021:2389) Important: postgresql:12 security update
2021-06-14 07:19:46
ics
ics
Hitachi Energy MicroSCADA X DMS600
2022-10-25 12:00:00
freebsd
freebsd
PostgreSQL server -- two security issues
2021-05-13 00:00:00
PostgreSQL -- Memory disclosure in partitioned-table UPDATE ... RETURNING
2021-05-13 00:00:00
ibm
ibm
Security Bulletin: PostgreSQL as used by IBM QRadar SIEM is vulnerable to information disclosure (CVE-2021-32028, CVE-2021-32027)
2021-12-03 18:41:44
Security Bulletin: Due to use of PostgreSQL, IBM Robotic Process Automation with Automation Anywhere is vulnerable to data confidentiality (CVE-2021-32029)
2022-04-01 15:07:31
Security Bulletin: PostgreSQL Sensitive Information Exposure Vulnerability Affects IBM Connect:Direct Web Services (CVE-2021-32029)
2021-11-23 04:15:36
postgresql
postgresql
Vulnerability in core server (CVE-2021-32029)
2021-10-08 17:15:00
Vulnerability in core server (CVE-2021-32028)
2021-10-11 17:15:00
Vulnerability in core server (CVE-2021-32027)
2021-06-01 14:15:00
alpinelinux
alpinelinux
CVE-2021-32029
2021-10-08 17:15:00
CVE-2021-32028
2021-10-11 17:15:00
CVE-2021-32027
2021-06-01 14:15:00
cve
cve
CVE-2021-32029
2021-10-08 17:15:00
CVE-2021-32028
2021-10-11 17:15:00
CVE-2021-32027
2021-06-01 14:15:00
prion
prion
Design/Logic Flaw
2021-10-08 17:15:00
Design/Logic Flaw
2021-10-11 17:15:00
veracode
veracode
Information Disclosure
2021-05-14 22:08:09
Information Disclosure
2021-05-14 22:08:05
Denial Of Service (DoS)
2021-05-14 22:08:11
redhatcve
redhatcve
CVE-2021-32029
2021-05-19 00:27:51
CVE-2021-32027
2021-05-19 00:27:47
CVE-2021-32028
2021-05-20 14:13:02
debiancve
debiancve
CVE-2021-32029
2021-10-08 17:15:00
CVE-2021-32028
2021-10-11 17:15:00
CVE-2021-32027
2021-06-01 14:15:00
ubuntucve
ubuntucve
CVE-2021-32029
2021-05-13 00:00:00
CVE-2021-32028
2021-05-13 00:00:00
CVE-2021-32027
2021-05-14 00:00:00
amazon
amazon
Important: postgresql96
2021-07-08 18:38:00
JSON
Related for UBUNTU_USN-4972-1.NASL
nessus59altlinux15openvas26ubuntu1suse4redos8osv16debian2mageia1archlinux1oraclelinux6almalinux4rocky4kaspersky1redhat13ics1freebsd2ibm11postgresql3alpinelinux3cve3prion2veracode3redhatcve3debiancve3ubuntucve3amazon1