Search...

Debian Security Advisory DSA 2418-1 (postgresql-8.4)

2012-03-12T00:00:00

ID OPENVAS:136141256231071146
Type openvas
Reporter Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com
Modified 2019-03-18T00:00:00

Description

The remote host is missing an update to postgresql-8.4 announced via advisory DSA 2418-1.

                                        
                                            # OpenVAS Vulnerability Test
# $Id: deb_2418_1.nasl 14275 2019-03-18 14:39:45Z cfischer $
# Description: Auto-generated from advisory DSA 2418-1 (postgresql-8.4)
#
# Authors:
# Thomas Reinke &lt;reinke@securityspace.com&gt;
#
# Copyright:
# Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com
# Text descriptions are largely excerpted from the referenced
# advisory, and are Copyright (c) the respective author(s)
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License version 2,
# or at your option, GNU General Public License version 3,
# as published by the Free Software Foundation
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
#

if(description)
{
  script_oid("1.3.6.1.4.1.25623.1.0.71146");
  script_cve_id("CVE-2012-0866", "CVE-2012-0867", "CVE-2012-0868");
  script_tag(name:"cvss_base", value:"6.8");
  script_tag(name:"cvss_base_vector", value:"AV:N/AC:M/Au:N/C:P/I:P/A:P");
  script_version("$Revision: 14275 $");
  script_tag(name:"last_modification", value:"$Date: 2019-03-18 15:39:45 +0100 (Mon, 18 Mar 2019) $");
  script_tag(name:"creation_date", value:"2012-03-12 11:32:17 -0400 (Mon, 12 Mar 2012)");
  script_name("Debian Security Advisory DSA 2418-1 (postgresql-8.4)");
  script_category(ACT_GATHER_INFO);
  script_copyright("Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com");
  script_family("Debian Local Security Checks");
  script_dependencies("gather-package-list.nasl");
  script_mandatory_keys("ssh/login/debian_linux", "ssh/login/packages", re:"ssh/login/release=DEB6");
  script_xref(name:"URL", value:"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%202418-1");
  script_tag(name:"insight", value:"Several local vulnerabilities have been discovered in PostgreSQL, an
object-relational SQL database. The Common Vulnerabilities and Exposures
project identifies the following problems:

CVE-2012-0866

It was discovered that the permissions of a function called by a
trigger are not checked. This could result in privilege escalation.

CVE-2012-0867

It was discovered that only the first 32 characters of a host name
are checked when validating host names through SSL certificates.
This could result in spoofing the connection in limited
circumstances.

CVE-2012-0868

It was discovered that pg_dump did not sanitise object names.
This could result in arbitrary SQL command execution if a
malformed dump file is opened.

For the stable distribution (squeeze), this problem has been fixed in
version 8.4.11-0squeeze1.

For the unstable distribution (sid), this problem has been fixed in
version 8.4.11-1.");

  script_tag(name:"solution", value:"We recommend that you upgrade your postgresql-8.4 packages.");
  script_tag(name:"summary", value:"The remote host is missing an update to postgresql-8.4
announced via advisory DSA 2418-1.");
  script_tag(name:"qod_type", value:"package");
  script_tag(name:"solution_type", value:"VendorFix");

  exit(0);
}

include("revisions-lib.inc");
include("pkg-lib-deb.inc");

res = "";
report = "";
if((res = isdpkgvuln(pkg:"libecpg-compat3", ver:"8.4.11-0squeeze1", rls:"DEB6")) != NULL) {
  report += res;
}
if((res = isdpkgvuln(pkg:"libecpg-dev", ver:"8.4.11-0squeeze1", rls:"DEB6")) != NULL) {
  report += res;
}
if((res = isdpkgvuln(pkg:"libecpg6", ver:"8.4.11-0squeeze1", rls:"DEB6")) != NULL) {
  report += res;
}
if((res = isdpkgvuln(pkg:"libpgtypes3", ver:"8.4.11-0squeeze1", rls:"DEB6")) != NULL) {
  report += res;
}
if((res = isdpkgvuln(pkg:"libpq-dev", ver:"8.4.11-0squeeze1", rls:"DEB6")) != NULL) {
  report += res;
}
if((res = isdpkgvuln(pkg:"libpq5", ver:"8.4.11-0squeeze1", rls:"DEB6")) != NULL) {
  report += res;
}
if((res = isdpkgvuln(pkg:"postgresql", ver:"8.4.11-0squeeze1", rls:"DEB6")) != NULL) {
  report += res;
}
if((res = isdpkgvuln(pkg:"postgresql-8.4", ver:"8.4.11-0squeeze1", rls:"DEB6")) != NULL) {
  report += res;
}
if((res = isdpkgvuln(pkg:"postgresql-client", ver:"8.4.11-0squeeze1", rls:"DEB6")) != NULL) {
  report += res;
}
if((res = isdpkgvuln(pkg:"postgresql-client-8.4", ver:"8.4.11-0squeeze1", rls:"DEB6")) != NULL) {
  report += res;
}
if((res = isdpkgvuln(pkg:"postgresql-contrib", ver:"8.4.11-0squeeze1", rls:"DEB6")) != NULL) {
  report += res;
}
if((res = isdpkgvuln(pkg:"postgresql-contrib-8.4", ver:"8.4.11-0squeeze1", rls:"DEB6")) != NULL) {
  report += res;
}
if((res = isdpkgvuln(pkg:"postgresql-doc", ver:"8.4.11-0squeeze1", rls:"DEB6")) != NULL) {
  report += res;
}
if((res = isdpkgvuln(pkg:"postgresql-doc-8.4", ver:"8.4.11-0squeeze1", rls:"DEB6")) != NULL) {
  report += res;
}
if((res = isdpkgvuln(pkg:"postgresql-plperl-8.4", ver:"8.4.11-0squeeze1", rls:"DEB6")) != NULL) {
  report += res;
}
if((res = isdpkgvuln(pkg:"postgresql-plpython-8.4", ver:"8.4.11-0squeeze1", rls:"DEB6")) != NULL) {
  report += res;
}
if((res = isdpkgvuln(pkg:"postgresql-pltcl-8.4", ver:"8.4.11-0squeeze1", rls:"DEB6")) != NULL) {
  report += res;
}
if((res = isdpkgvuln(pkg:"postgresql-server-dev-8.4", ver:"8.4.11-0squeeze1", rls:"DEB6")) != NULL) {
  report += res;
}

if(report != "") {
  security_message(data:report);
} else if (__pkg_match) {
  exit(99);
}

JSON Vulners Source

Initial Source

{"id": "OPENVAS:136141256231071146", "type": "openvas", "bulletinFamily": "scanner", "title": "Debian Security Advisory DSA 2418-1 (postgresql-8.4)", "description": "The remote host is missing an update to postgresql-8.4\nannounced via advisory DSA 2418-1.", "published": "2012-03-12T00:00:00", "modified": "2019-03-18T00:00:00", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "href": "http://plugins.openvas.org/nasl.php?oid=136141256231071146", "reporter": "Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com", "references": ["https://secure1.securityspace.com/smysecure/catid.html?in=DSA%202418-1"], "cvelist": ["CVE-2012-0867", "CVE-2012-0866", "CVE-2012-0868"], "lastseen": "2019-05-29T18:38:47", "viewCount": 0, "enchantments": {"dependencies": {"references": [{"type": "cve", "idList": ["CVE-2012-0868", "CVE-2012-0867", "CVE-2012-0866"]}, {"type": "ubuntu", "idList": ["USN-1378-1"]}, {"type": "centos", "idList": ["CESA-2012:0678", "CESA-2012:0677"]}, {"type": "redhat", "idList": ["RHSA-2012:0677", "RHSA-2012:0678"]}, {"type": "oraclelinux", "idList": ["ELSA-2012-0677", "ELSA-2012-1037", "ELSA-2012-0678"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:VULN:12234", "SECURITYVULNS:DOC:27726"]}, {"type": "freebsd", "idList": ["174B8864-6237-11E1-BE18-14DAE938EC40"]}, {"type": "amazon", "idList": ["ALAS-2012-082"]}, {"type": "debian", "idList": ["DEBIAN:DSA-2418-1:BCB26"]}, {"type": "fedora", "idList": ["FEDORA:D603620A52", "FEDORA:4F98D20FC9", "FEDORA:9A8E620A7B", "FEDORA:BAE1220E52", "FEDORA:9467F210F8", "FEDORA:6E94E22587", "FEDORA:3EA7E20EC6"]}, {"type": "seebug", "idList": ["SSV:30152"]}, {"type": "openvas", "idList": ["OPENVAS:71146", "OPENVAS:1361412562310863762", "OPENVAS:864388", "OPENVAS:881063", "OPENVAS:840921", "OPENVAS:1361412562310870595", "OPENVAS:71164", "OPENVAS:864094", "OPENVAS:1361412562310864388", "OPENVAS:136141256231071164"]}, {"type": "nessus", "idList": ["FEDORA_2012-2591.NASL", "FREEBSD_PKG_174B8864623711E1BE1814DAE938EC40.NASL", "FEDORA_2012-2508.NASL", "MANDRIVA_MDVSA-2012-026.NASL", "DEBIAN_DSA-2418.NASL", "REDHAT-RHSA-2012-0678.NASL", "ALA_ALAS-2012-82.NASL", "SL_20120521_POSTGRESQL_AND_POSTGRESQL84_ON_SL5_X.NASL", "POSTGRESQL_20120227.NASL", "CENTOS_RHSA-2012-0678.NASL"]}, {"type": "postgresql", "idList": ["POSTGRESQL:CVE-2012-0866", "POSTGRESQL:CVE-2012-0868", "POSTGRESQL:CVE-2012-0867"]}, {"type": "gentoo", "idList": ["GLSA-201209-24"]}], "modified": "2019-05-29T18:38:47", "rev": 2}, "score": {"value": 7.7, "vector": "NONE", "modified": "2019-05-29T18:38:47", "rev": 2}, "vulnersScore": 7.7}, "pluginID": "136141256231071146", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_2418_1.nasl 14275 2019-03-18 14:39:45Z cfischer $\n# Description: Auto-generated from advisory DSA 2418-1 (postgresql-8.4)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.71146\");\n script_cve_id(\"CVE-2012-0866\", \"CVE-2012-0867\", \"CVE-2012-0868\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_version(\"$Revision: 14275 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-18 15:39:45 +0100 (Mon, 18 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-03-12 11:32:17 -0400 (Mon, 12 Mar 2012)\");\n script_name(\"Debian Security Advisory DSA 2418-1 (postgresql-8.4)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB6\");\n script_xref(name:\"URL\", value:\"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%202418-1\");\n script_tag(name:\"insight\", value:\"Several local vulnerabilities have been discovered in PostgreSQL, an\nobject-relational SQL database. The Common Vulnerabilities and Exposures\nproject identifies the following problems:\n\nCVE-2012-0866\n\nIt was discovered that the permissions of a function called by a\ntrigger are not checked. This could result in privilege escalation.\n\nCVE-2012-0867\n\nIt was discovered that only the first 32 characters of a host name\nare checked when validating host names through SSL certificates.\nThis could result in spoofing the connection in limited\ncircumstances.\n\nCVE-2012-0868\n\nIt was discovered that pg_dump did not sanitise object names.\nThis could result in arbitrary SQL command execution if a\nmalformed dump file is opened.\n\nFor the stable distribution (squeeze), this problem has been fixed in\nversion 8.4.11-0squeeze1.\n\nFor the unstable distribution (sid), this problem has been fixed in\nversion 8.4.11-1.\");\n\n script_tag(name:\"solution\", value:\"We recommend that you upgrade your postgresql-8.4 packages.\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update to postgresql-8.4\nannounced via advisory DSA 2418-1.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif((res = isdpkgvuln(pkg:\"libecpg-compat3\", ver:\"8.4.11-0squeeze1\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libecpg-dev\", ver:\"8.4.11-0squeeze1\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libecpg6\", ver:\"8.4.11-0squeeze1\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libpgtypes3\", ver:\"8.4.11-0squeeze1\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libpq-dev\", ver:\"8.4.11-0squeeze1\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libpq5\", ver:\"8.4.11-0squeeze1\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"postgresql\", ver:\"8.4.11-0squeeze1\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"postgresql-8.4\", ver:\"8.4.11-0squeeze1\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"postgresql-client\", ver:\"8.4.11-0squeeze1\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"postgresql-client-8.4\", ver:\"8.4.11-0squeeze1\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"postgresql-contrib\", ver:\"8.4.11-0squeeze1\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"postgresql-contrib-8.4\", ver:\"8.4.11-0squeeze1\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"postgresql-doc\", ver:\"8.4.11-0squeeze1\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"postgresql-doc-8.4\", ver:\"8.4.11-0squeeze1\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"postgresql-plperl-8.4\", ver:\"8.4.11-0squeeze1\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"postgresql-plpython-8.4\", ver:\"8.4.11-0squeeze1\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"postgresql-pltcl-8.4\", ver:\"8.4.11-0squeeze1\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"postgresql-server-dev-8.4\", ver:\"8.4.11-0squeeze1\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99);\n}", "naslFamily": "Debian Local Security Checks"}

{"cve": [{"lastseen": "2021-02-02T05:59:46", "description": "CREATE TRIGGER in PostgreSQL 8.3.x before 8.3.18, 8.4.x before 8.4.11, 9.0.x before 9.0.7, and 9.1.x before 9.1.3 does not properly check the execute permission for trigger functions marked SECURITY DEFINER, which allows remote authenticated users to execute otherwise restricted triggers on arbitrary data by installing the trigger on an attacker-owned table.", "edition": 4, "cvss3": {}, "published": "2012-07-18T23:55:00", "title": "CVE-2012-0866", "type": "cve", "cwe": ["CWE-264"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-0866"], "modified": "2016-12-08T03:02:00", "cpe": ["cpe:/a:postgresql:postgresql:9.0.1", "cpe:/a:postgresql:postgresql:9.0.4", "cpe:/a:postgresql:postgresql:8.4.8", "cpe:/a:postgresql:postgresql:8.4.4", "cpe:/a:postgresql:postgresql:9.1.1", "cpe:/a:postgresql:postgresql:8.3.7", "cpe:/a:postgresql:postgresql:8.3.12", "cpe:/a:postgresql:postgresql:8.3.1", "cpe:/a:postgresql:postgresql:9.0.3", "cpe:/a:postgresql:postgresql:9.1", "cpe:/a:postgresql:postgresql:8.3.11", "cpe:/a:postgresql:postgresql:9.1.2", "cpe:/a:postgresql:postgresql:8.4.7", "cpe:/a:postgresql:postgresql:9.0.2", "cpe:/a:postgresql:postgresql:8.3.6", "cpe:/a:postgresql:postgresql:8.3.17", "cpe:/a:postgresql:postgresql:8.4.9", "cpe:/a:postgresql:postgresql:8.3.13", "cpe:/a:postgresql:postgresql:8.3", "cpe:/a:postgresql:postgresql:8.3.8", "cpe:/a:postgresql:postgresql:8.4.3", "cpe:/a:postgresql:postgresql:8.4.5", "cpe:/a:postgresql:postgresql:8.4.10", "cpe:/a:postgresql:postgresql:8.4.6", "cpe:/a:postgresql:postgresql:8.3.10", "cpe:/a:postgresql:postgresql:9.0", "cpe:/a:postgresql:postgresql:8.4.2", "cpe:/a:postgresql:postgresql:9.0.5", "cpe:/a:postgresql:postgresql:8.3.3", "cpe:/a:postgresql:postgresql:8.3.14", "cpe:/a:postgresql:postgresql:8.3.16", "cpe:/a:postgresql:postgresql:9.0.6", "cpe:/a:postgresql:postgresql:8.3.4", "cpe:/a:postgresql:postgresql:8.3.2", "cpe:/a:postgresql:postgresql:8.4", "cpe:/a:postgresql:postgresql:8.3.9", "cpe:/a:postgresql:postgresql:8.3.5", "cpe:/a:postgresql:postgresql:8.4.1", "cpe:/a:postgresql:postgresql:8.3.15"], "id": "CVE-2012-0866", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-0866", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:a:postgresql:postgresql:9.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:postgresql:postgresql:8.4.9:*:*:*:*:*:*:*", "cpe:2.3:a:postgresql:postgresql:9.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:postgresql:postgresql:8.3.4:*:*:*:*:*:*:*", "cpe:2.3:a:postgresql:postgresql:8.4.4:*:*:*:*:*:*:*", "cpe:2.3:a:postgresql:postgresql:8.3.7:*:*:*:*:*:*:*", "cpe:2.3:a:postgresql:postgresql:8.3.6:*:*:*:*:*:*:*", "cpe:2.3:a:postgresql:postgresql:8.4.1:*:*:*:*:*:*:*", "cpe:2.3:a:postgresql:postgresql:8.3.10:*:*:*:*:*:*:*", "cpe:2.3:a:postgresql:postgresql:9.0.6:*:*:*:*:*:*:*", "cpe:2.3:a:postgresql:postgresql:8.3.12:*:*:*:*:*:*:*", "cpe:2.3:a:postgresql:postgresql:9.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:postgresql:postgresql:8.3.2:*:*:*:*:*:*:*", "cpe:2.3:a:postgresql:postgresql:8.4.2:*:*:*:*:*:*:*", "cpe:2.3:a:postgresql:postgresql:8.3.5:*:*:*:*:*:*:*", "cpe:2.3:a:postgresql:postgresql:8.3:*:*:*:*:*:*:*", "cpe:2.3:a:postgresql:postgresql:8.4.8:*:*:*:*:*:*:*", "cpe:2.3:a:postgresql:postgresql:8.3.3:*:*:*:*:*:*:*", "cpe:2.3:a:postgresql:postgresql:8.3.11:*:*:*:*:*:*:*", "cpe:2.3:a:postgresql:postgresql:8.3.1:*:*:*:*:*:*:*", "cpe:2.3:a:postgresql:postgresql:8.3.14:*:*:*:*:*:*:*", "cpe:2.3:a:postgresql:postgresql:9.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:postgresql:postgresql:8.4.7:*:*:*:*:*:*:*", "cpe:2.3:a:postgresql:postgresql:8.3.17:*:*:*:*:*:*:*", "cpe:2.3:a:postgresql:postgresql:8.4.5:*:*:*:*:*:*:*", "cpe:2.3:a:postgresql:postgresql:9.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:postgresql:postgresql:9.0:*:*:*:*:*:*:*", "cpe:2.3:a:postgresql:postgresql:8.4:*:*:*:*:*:*:*", "cpe:2.3:a:postgresql:postgresql:8.4.6:*:*:*:*:*:*:*", "cpe:2.3:a:postgresql:postgresql:8.3.16:*:*:*:*:*:*:*", "cpe:2.3:a:postgresql:postgresql:8.4.10:*:*:*:*:*:*:*", "cpe:2.3:a:postgresql:postgresql:8.3.15:*:*:*:*:*:*:*", "cpe:2.3:a:postgresql:postgresql:8.4.3:*:*:*:*:*:*:*", "cpe:2.3:a:postgresql:postgresql:9.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:postgresql:postgresql:8.3.13:*:*:*:*:*:*:*", "cpe:2.3:a:postgresql:postgresql:9.1:*:*:*:*:*:*:*", "cpe:2.3:a:postgresql:postgresql:9.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:postgresql:postgresql:8.3.8:*:*:*:*:*:*:*", "cpe:2.3:a:postgresql:postgresql:8.3.9:*:*:*:*:*:*:*"]}, {"lastseen": "2021-02-02T05:59:46", "description": "PostgreSQL 8.4.x before 8.4.11, 9.0.x before 9.0.7, and 9.1.x before 9.1.3 truncates the common name to only 32 characters when verifying SSL certificates, which allows remote attackers to spoof connections when the host name is exactly 32 characters.", "edition": 4, "cvss3": {}, "published": "2012-07-18T23:55:00", "title": "CVE-2012-0867", "type": "cve", "cwe": ["CWE-20", "CWE-295"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-0867"], "modified": "2016-12-07T19:56:00", "cpe": ["cpe:/a:postgresql:postgresql:9.0.1", "cpe:/o:debian:debian_linux:6.0", "cpe:/o:redhat:enterprise_linux_desktop:5.0", "cpe:/a:postgresql:postgresql:9.0.4", "cpe:/o:redhat:enterprise_linux:5.0", "cpe:/a:postgresql:postgresql:8.4.8", "cpe:/a:postgresql:postgresql:8.4.4", "cpe:/o:opensuse_project:opensuse:12.2", "cpe:/a:postgresql:postgresql:9.1.1", "cpe:/a:postgresql:postgresql:9.0.3", "cpe:/a:postgresql:postgresql:9.1", "cpe:/a:postgresql:postgresql:9.1.2", "cpe:/o:redhat:enterprise_linux_desktop:6.0", "cpe:/a:postgresql:postgresql:8.4.7", "cpe:/a:postgresql:postgresql:9.0.2", "cpe:/o:redhat:enterprise_linux_server_aus:6.2", "cpe:/a:postgresql:postgresql:8.4.9", "cpe:/a:postgresql:postgresql:8.4.3", "cpe:/a:postgresql:postgresql:8.4.5", "cpe:/a:postgresql:postgresql:8.4.10", "cpe:/a:postgresql:postgresql:8.4.6", "cpe:/a:postgresql:postgresql:9.0", "cpe:/a:postgresql:postgresql:8.4.2", "cpe:/a:postgresql:postgresql:9.0.5", "cpe:/o:redhat:enterprise_linux_hpc_node:6.0", "cpe:/o:redhat:enterprise_linux_workstation:6.0", "cpe:/o:redhat:enterprise_linux_server:6.0", "cpe:/a:postgresql:postgresql:9.0.6", "cpe:/o:redhat:enterprise_linux_server_eus:6.2.z", "cpe:/a:postgresql:postgresql:8.4", "cpe:/a:postgresql:postgresql:8.4.1", "cpe:/o:redhat:desktop_workstation:5"], "id": "CVE-2012-0867", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-0867", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}, "cpe23": ["cpe:2.3:a:postgresql:postgresql:9.0.2:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*", "cpe:2.3:a:postgresql:postgresql:8.4.9:*:*:*:*:*:*:*", "cpe:2.3:a:postgresql:postgresql:9.0.1:*:*:*:*:*:*:*", "cpe:2.3:o:opensuse_project:opensuse:12.2:*:*:*:*:*:*:*", "cpe:2.3:a:postgresql:postgresql:8.4.4:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_server_aus:6.2:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "cpe:2.3:a:postgresql:postgresql:8.4.1:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_hpc_node:6.0:*:*:*:*:*:*:*", "cpe:2.3:a:postgresql:postgresql:9.0.6:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "cpe:2.3:a:postgresql:postgresql:9.0.3:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:desktop_workstation:5:*:*:*:*:*:*:*", "cpe:2.3:a:postgresql:postgresql:8.4.2:*:*:*:*:*:*:*", "cpe:2.3:a:postgresql:postgresql:8.4.8:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "cpe:2.3:a:postgresql:postgresql:9.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:postgresql:postgresql:8.4.7:*:*:*:*:*:*:*", "cpe:2.3:a:postgresql:postgresql:8.4.5:*:*:*:*:*:*:*", "cpe:2.3:a:postgresql:postgresql:9.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:postgresql:postgresql:9.0:*:*:*:*:*:*:*", "cpe:2.3:a:postgresql:postgresql:8.4:*:*:*:*:*:*:*", "cpe:2.3:a:postgresql:postgresql:8.4.6:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*", "cpe:2.3:a:postgresql:postgresql:8.4.10:*:*:*:*:*:*:*", "cpe:2.3:a:postgresql:postgresql:8.4.3:*:*:*:*:*:*:*", "cpe:2.3:o:debian:debian_linux:6.0:*:*:*:*:*:*:*", "cpe:2.3:a:postgresql:postgresql:9.1.1:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_server_eus:6.2.z:*:*:*:*:*:*:*", "cpe:2.3:a:postgresql:postgresql:9.1:*:*:*:*:*:*:*", "cpe:2.3:a:postgresql:postgresql:9.1.2:*:*:*:*:*:*:*"]}, {"lastseen": "2021-02-02T05:59:46", "description": "CRLF injection vulnerability in pg_dump in PostgreSQL 8.3.x before 8.3.18, 8.4.x before 8.4.11, 9.0.x before 9.0.7, and 9.1.x before 9.1.3 allows user-assisted remote attackers to execute arbitrary SQL commands via a crafted file containing object names with newlines, which are inserted into an SQL script that is used when the database is restored.", "edition": 4, "cvss3": {}, "published": "2012-07-18T23:55:00", "title": "CVE-2012-0868", "type": "cve", "cwe": ["CWE-89"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-0868"], "modified": "2016-12-08T03:02:00", "cpe": ["cpe:/a:postgresql:postgresql:9.0.1", "cpe:/a:postgresql:postgresql:9.0.4", "cpe:/a:postgresql:postgresql:8.4.8", "cpe:/a:postgresql:postgresql:8.4.4", "cpe:/a:postgresql:postgresql:9.1.1", "cpe:/a:postgresql:postgresql:8.3.7", "cpe:/a:postgresql:postgresql:8.3.12", "cpe:/a:postgresql:postgresql:8.3.1", "cpe:/a:postgresql:postgresql:9.0.3", "cpe:/a:postgresql:postgresql:9.1", "cpe:/a:postgresql:postgresql:8.3.11", "cpe:/a:postgresql:postgresql:9.1.2", "cpe:/a:postgresql:postgresql:8.4.7", "cpe:/a:postgresql:postgresql:9.0.2", "cpe:/a:postgresql:postgresql:8.3.6", "cpe:/a:postgresql:postgresql:8.3.17", "cpe:/a:postgresql:postgresql:8.4.9", "cpe:/a:postgresql:postgresql:8.3.13", "cpe:/a:postgresql:postgresql:8.3", "cpe:/a:postgresql:postgresql:8.3.8", "cpe:/a:postgresql:postgresql:8.4.3", "cpe:/a:postgresql:postgresql:8.4.5", "cpe:/a:postgresql:postgresql:8.4.10", "cpe:/a:postgresql:postgresql:8.4.6", "cpe:/a:postgresql:postgresql:8.3.10", "cpe:/a:postgresql:postgresql:9.0", "cpe:/a:postgresql:postgresql:8.4.2", "cpe:/a:postgresql:postgresql:9.0.5", "cpe:/a:postgresql:postgresql:8.3.3", "cpe:/a:postgresql:postgresql:8.3.14", "cpe:/a:postgresql:postgresql:8.3.16", "cpe:/a:postgresql:postgresql:9.0.6", "cpe:/a:postgresql:postgresql:8.3.4", "cpe:/a:postgresql:postgresql:8.3.2", "cpe:/a:postgresql:postgresql:8.4", "cpe:/a:postgresql:postgresql:8.3.9", "cpe:/a:postgresql:postgresql:8.3.5", "cpe:/a:postgresql:postgresql:8.4.1", "cpe:/a:postgresql:postgresql:8.3.15"], "id": "CVE-2012-0868", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-0868", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:a:postgresql:postgresql:9.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:postgresql:postgresql:8.4.9:*:*:*:*:*:*:*", "cpe:2.3:a:postgresql:postgresql:9.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:postgresql:postgresql:8.3.4:*:*:*:*:*:*:*", "cpe:2.3:a:postgresql:postgresql:8.4.4:*:*:*:*:*:*:*", "cpe:2.3:a:postgresql:postgresql:8.3.7:*:*:*:*:*:*:*", "cpe:2.3:a:postgresql:postgresql:8.3.6:*:*:*:*:*:*:*", "cpe:2.3:a:postgresql:postgresql:8.4.1:*:*:*:*:*:*:*", "cpe:2.3:a:postgresql:postgresql:8.3.10:*:*:*:*:*:*:*", "cpe:2.3:a:postgresql:postgresql:9.0.6:*:*:*:*:*:*:*", "cpe:2.3:a:postgresql:postgresql:8.3.12:*:*:*:*:*:*:*", "cpe:2.3:a:postgresql:postgresql:9.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:postgresql:postgresql:8.3.2:*:*:*:*:*:*:*", "cpe:2.3:a:postgresql:postgresql:8.4.2:*:*:*:*:*:*:*", "cpe:2.3:a:postgresql:postgresql:8.3.5:*:*:*:*:*:*:*", "cpe:2.3:a:postgresql:postgresql:8.3:*:*:*:*:*:*:*", "cpe:2.3:a:postgresql:postgresql:8.4.8:*:*:*:*:*:*:*", "cpe:2.3:a:postgresql:postgresql:8.3.3:*:*:*:*:*:*:*", "cpe:2.3:a:postgresql:postgresql:8.3.11:*:*:*:*:*:*:*", "cpe:2.3:a:postgresql:postgresql:8.3.1:*:*:*:*:*:*:*", "cpe:2.3:a:postgresql:postgresql:8.3.14:*:*:*:*:*:*:*", "cpe:2.3:a:postgresql:postgresql:9.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:postgresql:postgresql:8.4.7:*:*:*:*:*:*:*", "cpe:2.3:a:postgresql:postgresql:8.3.17:*:*:*:*:*:*:*", "cpe:2.3:a:postgresql:postgresql:8.4.5:*:*:*:*:*:*:*", "cpe:2.3:a:postgresql:postgresql:9.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:postgresql:postgresql:9.0:*:*:*:*:*:*:*", "cpe:2.3:a:postgresql:postgresql:8.4:*:*:*:*:*:*:*", "cpe:2.3:a:postgresql:postgresql:8.4.6:*:*:*:*:*:*:*", "cpe:2.3:a:postgresql:postgresql:8.3.16:*:*:*:*:*:*:*", "cpe:2.3:a:postgresql:postgresql:8.4.10:*:*:*:*:*:*:*", "cpe:2.3:a:postgresql:postgresql:8.3.15:*:*:*:*:*:*:*", "cpe:2.3:a:postgresql:postgresql:8.4.3:*:*:*:*:*:*:*", "cpe:2.3:a:postgresql:postgresql:9.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:postgresql:postgresql:8.3.13:*:*:*:*:*:*:*", "cpe:2.3:a:postgresql:postgresql:9.1:*:*:*:*:*:*:*", "cpe:2.3:a:postgresql:postgresql:9.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:postgresql:postgresql:8.3.8:*:*:*:*:*:*:*", "cpe:2.3:a:postgresql:postgresql:8.3.9:*:*:*:*:*:*:*"]}], "ubuntu": [{"lastseen": "2020-07-09T00:24:49", "bulletinFamily": "unix", "cvelist": ["CVE-2012-0867", "CVE-2012-0866", "CVE-2012-0868"], "description": "It was discovered that PostgreSQL incorrectly checked permissions on \nfunctions called by a trigger. An attacker could attach a trigger to a \ntable they owned and possibly escalate privileges. (CVE-2012-0866)\n\nIt was discovered that PostgreSQL incorrectly truncated SSL certificate \nname checks to 32 characters. If a host name was exactly 32 characters, \nthis issue could be exploited by an attacker to spoof the SSL certificate. \nThis issue affected Ubuntu 10.04 LTS, Ubuntu 10.10, Ubuntu 11.04 and \nUbuntu 11.10. (CVE-2012-0867)\n\nIt was discovered that the PostgreSQL pg_dump utility incorrectly filtered \nline breaks in object names. An attacker could create object names that \nexecute arbitrary SQL commands when a dump script is reloaded. \n(CVE-2012-0868)", "edition": 5, "modified": "2012-02-28T00:00:00", "published": "2012-02-28T00:00:00", "id": "USN-1378-1", "href": "https://ubuntu.com/security/notices/USN-1378-1", "title": "PostgreSQL vulnerabilities", "type": "ubuntu", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "centos": [{"lastseen": "2020-07-17T03:30:04", "bulletinFamily": "unix", "cvelist": ["CVE-2012-0867", "CVE-2012-0866", "CVE-2012-0868"], "description": "**CentOS Errata and Security Advisory** CESA-2012:0678\n\n\nPostgreSQL is an advanced object-relational database management system\n(DBMS).\n\nThe pg_dump utility inserted object names literally into comments in the\nSQL script it produces. An unprivileged database user could create an\nobject whose name includes a newline followed by an SQL command. This SQL\ncommand might then be executed by a privileged user during later restore of\nthe backup dump, allowing privilege escalation. (CVE-2012-0868)\n\nWhen configured to do SSL certificate verification, PostgreSQL only checked\nthe first 31 characters of the certificate's Common Name field. Depending\non the configuration, this could allow an attacker to impersonate a server\nor a client using a certificate from a trusted Certificate Authority issued\nfor a different name. (CVE-2012-0867)\n\nCREATE TRIGGER did not do a permissions check on the trigger function to\nbe called. This could possibly allow an authenticated database user to\ncall a privileged trigger function on data of their choosing.\n(CVE-2012-0866)\n\nThese updated packages upgrade PostgreSQL to version 8.4.11, which fixes\nthese issues as well as several data-corruption issues and lesser\nnon-security issues. Refer to the PostgreSQL Release Notes for a full list\nof changes:\n\nhttp://www.postgresql.org/docs/8.4/static/release.html\n\nAll PostgreSQL users are advised to upgrade to these updated packages,\nwhich correct these issues. If the postgresql service is running, it will\nbe automatically restarted after installing this update.\n\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2012-May/030686.html\nhttp://lists.centos.org/pipermail/centos-announce/2012-May/030688.html\n\n**Affected packages:**\npostgresql\npostgresql-contrib\npostgresql-devel\npostgresql-docs\npostgresql-libs\npostgresql-plperl\npostgresql-plpython\npostgresql-pltcl\npostgresql-server\npostgresql-test\npostgresql84\npostgresql84-contrib\npostgresql84-devel\npostgresql84-docs\npostgresql84-libs\npostgresql84-plperl\npostgresql84-plpython\npostgresql84-pltcl\npostgresql84-python\npostgresql84-server\npostgresql84-tcl\npostgresql84-test\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2012-0678.html", "edition": 5, "modified": "2012-05-21T21:24:46", "published": "2012-05-21T16:41:51", "href": "http://lists.centos.org/pipermail/centos-announce/2012-May/030686.html", "id": "CESA-2012:0678", "title": "postgresql, postgresql84 security update", "type": "centos", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-12-20T18:26:48", "bulletinFamily": "unix", "cvelist": ["CVE-2012-0866", "CVE-2012-0868"], "description": "**CentOS Errata and Security Advisory** CESA-2012:0677\n\n\nPostgreSQL is an advanced object-relational database management system\n(DBMS).\n\nThe pg_dump utility inserted object names literally into comments in the\nSQL script it produces. An unprivileged database user could create an\nobject whose name includes a newline followed by an SQL command. This SQL\ncommand might then be executed by a privileged user during later restore of\nthe backup dump, allowing privilege escalation. (CVE-2012-0868)\n\nCREATE TRIGGER did not do a permissions check on the trigger function to\nbe called. This could possibly allow an authenticated database user to\ncall a privileged trigger function on data of their choosing.\n(CVE-2012-0866)\n\nAll PostgreSQL users are advised to upgrade to these updated packages,\nwhich contain backported patches to correct these issues. If the postgresql\nservice is running, it will be automatically restarted after installing\nthis update.\n\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2012-May/030685.html\n\n**Affected packages:**\npostgresql\npostgresql-contrib\npostgresql-devel\npostgresql-docs\npostgresql-libs\npostgresql-pl\npostgresql-python\npostgresql-server\npostgresql-tcl\npostgresql-test\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2012-0677.html", "edition": 3, "modified": "2012-05-21T16:39:19", "published": "2012-05-21T16:39:19", "href": "http://lists.centos.org/pipermail/centos-announce/2012-May/030685.html", "id": "CESA-2012:0677", "title": "postgresql security update", "type": "centos", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "redhat": [{"lastseen": "2019-08-13T18:46:29", "bulletinFamily": "unix", "cvelist": ["CVE-2012-0866", "CVE-2012-0867", "CVE-2012-0868"], "description": "PostgreSQL is an advanced object-relational database management system\n(DBMS).\n\nThe pg_dump utility inserted object names literally into comments in the\nSQL script it produces. An unprivileged database user could create an\nobject whose name includes a newline followed by an SQL command. This SQL\ncommand might then be executed by a privileged user during later restore of\nthe backup dump, allowing privilege escalation. (CVE-2012-0868)\n\nWhen configured to do SSL certificate verification, PostgreSQL only checked\nthe first 31 characters of the certificate's Common Name field. Depending\non the configuration, this could allow an attacker to impersonate a server\nor a client using a certificate from a trusted Certificate Authority issued\nfor a different name. (CVE-2012-0867)\n\nCREATE TRIGGER did not do a permissions check on the trigger function to\nbe called. This could possibly allow an authenticated database user to\ncall a privileged trigger function on data of their choosing.\n(CVE-2012-0866)\n\nThese updated packages upgrade PostgreSQL to version 8.4.11, which fixes\nthese issues as well as several data-corruption issues and lesser\nnon-security issues. Refer to the PostgreSQL Release Notes for a full list\nof changes:\n\nhttp://www.postgresql.org/docs/8.4/static/release.html\n\nAll PostgreSQL users are advised to upgrade to these updated packages,\nwhich correct these issues. If the postgresql service is running, it will\nbe automatically restarted after installing this update.\n", "modified": "2018-06-06T20:24:28", "published": "2012-05-21T04:00:00", "id": "RHSA-2012:0678", "href": "https://access.redhat.com/errata/RHSA-2012:0678", "type": "redhat", "title": "(RHSA-2012:0678) Moderate: postgresql and postgresql84 security update", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-08-13T18:46:00", "bulletinFamily": "unix", "cvelist": ["CVE-2012-0866", "CVE-2012-0868"], "description": "PostgreSQL is an advanced object-relational database management system\n(DBMS).\n\nThe pg_dump utility inserted object names literally into comments in the\nSQL script it produces. An unprivileged database user could create an\nobject whose name includes a newline followed by an SQL command. This SQL\ncommand might then be executed by a privileged user during later restore of\nthe backup dump, allowing privilege escalation. (CVE-2012-0868)\n\nCREATE TRIGGER did not do a permissions check on the trigger function to\nbe called. This could possibly allow an authenticated database user to\ncall a privileged trigger function on data of their choosing.\n(CVE-2012-0866)\n\nAll PostgreSQL users are advised to upgrade to these updated packages,\nwhich contain backported patches to correct these issues. If the postgresql\nservice is running, it will be automatically restarted after installing\nthis update.\n", "modified": "2017-09-08T12:08:36", "published": "2012-05-21T04:00:00", "id": "RHSA-2012:0677", "href": "https://access.redhat.com/errata/RHSA-2012:0677", "type": "redhat", "title": "(RHSA-2012:0677) Moderate: postgresql security update", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "oraclelinux": [{"lastseen": "2019-05-29T18:39:12", "bulletinFamily": "unix", "cvelist": ["CVE-2012-0867", "CVE-2012-0866", "CVE-2012-0868"], "description": "[8.4.11-1]\n- Update to PostgreSQL 8.4.11, for various fixes described at\n http://www.postgresql.org/docs/8.4/static/release-8-4-11.html\n http://www.postgresql.org/docs/8.4/static/release-8-4-10.html\n including the fixes for CVE-2012-0866, CVE-2012-0867, CVE-2012-0868\nResolves: #812081", "edition": 4, "modified": "2012-05-21T00:00:00", "published": "2012-05-21T00:00:00", "id": "ELSA-2012-0678", "href": "http://linux.oracle.com/errata/ELSA-2012-0678.html", "title": "postgresql and postgresql84 security update", "type": "oraclelinux", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:36:37", "bulletinFamily": "unix", "cvelist": ["CVE-2012-0867", "CVE-2012-2143", "CVE-2012-2655", "CVE-2012-0866", "CVE-2012-0868"], "description": "[8.4.12-1]\n- Update to PostgreSQL 8.4.12, for various fixes described at\n http://www.postgresql.org/docs/8.4/static/release-8-4-12.html\n including the fixes for CVE-2012-2143, CVE-2012-2655\nResolves: #830723\n[8.4.11-2]\n- Add patches for CVE-2012-2143, CVE-2012-2655\nResolves: #830723\n[8.4.11-1]\n- Update to PostgreSQL 8.4.11, for various fixes described at\n http://www.postgresql.org/docs/8.4/static/release-8-4-11.html\n http://www.postgresql.org/docs/8.4/static/release-8-4-10.html\n including the fixes for CVE-2012-0866, CVE-2012-0867, CVE-2012-0868\nResolves: #812077", "edition": 4, "modified": "2012-06-25T00:00:00", "published": "2012-06-25T00:00:00", "id": "ELSA-2012-1037", "href": "http://linux.oracle.com/errata/ELSA-2012-1037.html", "title": "postgresql and postgresql84 security update", "type": "oraclelinux", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:38:19", "bulletinFamily": "unix", "cvelist": ["CVE-2011-2483", "CVE-2012-0866", "CVE-2012-0868"], "description": "[8.1.23-4]\n- Back-port upstream fixes for CVE-2012-0866 and CVE-2012-0868\nResolves: #812070\n[8.1.23-3]\n- Back-port upstream fix for unregistering OpenSSL callbacks at close\nResolves: #728828\n[8.1.23-2]\n- Back-port upstream fix for CVE-2011-2483\nResolves: #740738", "edition": 4, "modified": "2012-05-21T00:00:00", "published": "2012-05-21T00:00:00", "id": "ELSA-2012-0677", "href": "http://linux.oracle.com/errata/ELSA-2012-0677.html", "title": "postgresql security update", "type": "oraclelinux", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "securityvulns": [{"lastseen": "2018-08-31T11:10:43", "bulletinFamily": "software", "cvelist": ["CVE-2012-0867", "CVE-2012-0866", "CVE-2012-0868"], "description": "\r\n-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\n _______________________________________________________________________\r\n\r\n Mandriva Linux Security Advisory MDVSA-2012:026\r\n http://www.mandriva.com/security/\r\n _______________________________________________________________________\r\n\r\n Package : postgresql\r\n Date : February 29, 2012\r\n Affected: 2010.1, 2011.\r\n _______________________________________________________________________\r\n\r\n Problem Description:\r\n\r\n Multiple vulnerabilities has been discovered and corrected in\r\n postgresql:\r\n \r\n Permissions on a function called by a trigger are not properly checked\r\n (CVE-2012-0866).\r\n \r\n SSL certificate name checks are truncated to 32 characters, allowing\r\n connection spoofing under some circumstances when using third party\r\n certificate authorities (CVE-2012-0867).\r\n \r\n Line breaks in object names can be exploited to execute arbitrary\r\n SQL when reloading a pg_dump file (CVE-2012-0868).\r\n \r\n This advisory provides the latest versions of PostgreSQL that is not\r\n vulnerable to these issues.\r\n _______________________________________________________________________\r\n\r\n References:\r\n\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0866\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0867\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0868\r\n \r\n http://www.postgresql.org/docs/9.0/static/release-9-0-7.html\r\n _______________________________________________________________________\r\n\r\n Updated Packages:\r\n\r\n Mandriva Linux 2010.1:\r\n 05a4013a0634df4e8cdf169a50c9ec58 2010.1/i586/libecpg8.4_6-8.4.11-0.1mdv2010.2.i586.rpm\r\n 401a0d6d8a713613bda5333ab2932e8e 2010.1/i586/libpq8.4_5-8.4.11-0.1mdv2010.2.i586.rpm\r\n 325fc7f1e8d9753e77ea94cb36a7d702 2010.1/i586/postgresql8.4-8.4.11-0.1mdv2010.2.i586.rpm\r\n 11f758553ba01d0c7cf14822b964d244 2010.1/i586/postgresql8.4-contrib-8.4.11-0.1mdv2010.2.i586.rpm\r\n a8511d0f4e723eeb69e34338b2a44f6e 2010.1/i586/postgresql8.4-devel-8.4.11-0.1mdv2010.2.i586.rpm\r\n 491480de895c21045ce61782b31686f4 2010.1/i586/postgresql8.4-docs-8.4.11-0.1mdv2010.2.i586.rpm\r\n 43a92413b230b92fc8fe366f8b77b252 2010.1/i586/postgresql8.4-pl-8.4.11-0.1mdv2010.2.i586.rpm\r\n c68d94e1ccf0fc291a77976280c7a5b1 2010.1/i586/postgresql8.4-plperl-8.4.11-0.1mdv2010.2.i586.rpm\r\n b176c3f91b3b3d0fd819db7aee7628a5 2010.1/i586/postgresql8.4-plpgsql-8.4.11-0.1mdv2010.2.i586.rpm\r\n 90b3f898d730ae27d8570f814c884361 2010.1/i586/postgresql8.4-plpython-8.4.11-0.1mdv2010.2.i586.rpm\r\n fdb261871120d1099872528990ac4ecb 2010.1/i586/postgresql8.4-pltcl-8.4.11-0.1mdv2010.2.i586.rpm\r\n 2bd80e158701b25d2f3191bd536a1680 2010.1/i586/postgresql8.4-server-8.4.11-0.1mdv2010.2.i586.rpm \r\n a1c05f1b89438e41b8dad632395f6e76 2010.1/SRPMS/postgresql8.4-8.4.11-0.1mdv2010.2.src.rpm\r\n\r\n Mandriva Linux 2010.1/X86_64:\r\n 8d00eac057a75900287ff76011d24a14 2010.1/x86_64/lib64ecpg8.4_6-8.4.11-0.1mdv2010.2.x86_64.rpm\r\n 63d87909037917014ace4068c2fdf4ed 2010.1/x86_64/lib64pq8.4_5-8.4.11-0.1mdv2010.2.x86_64.rpm\r\n b5e17b5ef713a8626034384f9b11f537 2010.1/x86_64/postgresql8.4-8.4.11-0.1mdv2010.2.x86_64.rpm\r\n 377dc92be27f45e9a6205c6572a53a68 2010.1/x86_64/postgresql8.4-contrib-8.4.11-0.1mdv2010.2.x86_64.rpm\r\n 4cc7fa9fb0f099b3f909f74810b3fcb6 2010.1/x86_64/postgresql8.4-devel-8.4.11-0.1mdv2010.2.x86_64.rpm\r\n cfdc1cb65acc9764caee7537aa54de0f 2010.1/x86_64/postgresql8.4-docs-8.4.11-0.1mdv2010.2.x86_64.rpm\r\n ee278d87463be450d3cb8359d4f436df 2010.1/x86_64/postgresql8.4-pl-8.4.11-0.1mdv2010.2.x86_64.rpm\r\n c6ab8ff58b96bcb93f36d95aaaebd042 2010.1/x86_64/postgresql8.4-plperl-8.4.11-0.1mdv2010.2.x86_64.rpm\r\n c203e3403876f4b2e6985686d59c2f51 2010.1/x86_64/postgresql8.4-plpgsql-8.4.11-0.1mdv2010.2.x86_64.rpm\r\n 4ecfd5289218e1aa46786e698b0b1da1 2010.1/x86_64/postgresql8.4-plpython-8.4.11-0.1mdv2010.2.x86_64.rpm\r\n a0b4adfe98a1165eec3810d1a770d79d 2010.1/x86_64/postgresql8.4-pltcl-8.4.11-0.1mdv2010.2.x86_64.rpm\r\n 6ebfada38479a846055c095604d3d45d 2010.1/x86_64/postgresql8.4-server-8.4.11-0.1mdv2010.2.x86_64.rpm \r\n a1c05f1b89438e41b8dad632395f6e76 2010.1/SRPMS/postgresql8.4-8.4.11-0.1mdv2010.2.src.rpm\r\n\r\n Mandriva Linux 2011:\r\n 25a1dd4d27d6bdc7289251ecb52f42d9 2011/i586/libecpg9.0_6-9.0.7-0.1-mdv2011.0.i586.rpm\r\n 4da4a70b065506d61eb0b3fae7e9a564 2011/i586/libpq9.0_5-9.0.7-0.1-mdv2011.0.i586.rpm\r\n 62aa0b5091ed185fbab1030acb7ba350 2011/i586/postgresql9.0-9.0.7-0.1-mdv2011.0.i586.rpm\r\n a0c7f18e7d3c5946431fd2244dad900c 2011/i586/postgresql9.0-contrib-9.0.7-0.1-mdv2011.0.i586.rpm\r\n 858281c6438468c5c5ce9f3ed187ad35 2011/i586/postgresql9.0-devel-9.0.7-0.1-mdv2011.0.i586.rpm\r\n 5c5a07c75d046bf7a56561ec8f670916 2011/i586/postgresql9.0-docs-9.0.7-0.1-mdv2011.0.i586.rpm\r\n 99ed62f4866b74bb62372753568e1dca 2011/i586/postgresql9.0-pl-9.0.7-0.1-mdv2011.0.i586.rpm\r\n 2837096731c5b7f0d96e207190200b28 2011/i586/postgresql9.0-plperl-9.0.7-0.1-mdv2011.0.i586.rpm\r\n 121eb7ed014abdc70b3a9483cc228f2b 2011/i586/postgresql9.0-plpgsql-9.0.7-0.1-mdv2011.0.i586.rpm\r\n c8a81e4d97a70bcea2673cae904c2d7d 2011/i586/postgresql9.0-plpython-9.0.7-0.1-mdv2011.0.i586.rpm\r\n 1c350ae5ab7f3d5dabce891d297acda0 2011/i586/postgresql9.0-pltcl-9.0.7-0.1-mdv2011.0.i586.rpm\r\n ac89dd8500774df0e49626e63741429c 2011/i586/postgresql9.0-server-9.0.7-0.1-mdv2011.0.i586.rpm \r\n 2723eb57e9056fb5e3f76e2519b4fec7 2011/SRPMS/postgresql9.0-9.0.7-0.1.src.rpm\r\n\r\n Mandriva Linux 2011/X86_64:\r\n f6db63374053e409b305353151accd67 2011/x86_64/lib64ecpg9.0_6-9.0.7-0.1-mdv2011.0.x86_64.rpm\r\n 96370fd95fc2c3bdbe3a9a6ae648db8b 2011/x86_64/lib64pq9.0_5-9.0.7-0.1-mdv2011.0.x86_64.rpm\r\n 54380c9f81620f0a97733d1fa92667d5 2011/x86_64/postgresql9.0-9.0.7-0.1-mdv2011.0.x86_64.rpm\r\n 6c6b399ade5b4afd6a2539c27a9a8af1 2011/x86_64/postgresql9.0-contrib-9.0.7-0.1-mdv2011.0.x86_64.rpm\r\n 4eefae96bc5377d4032ddd61358f90b1 2011/x86_64/postgresql9.0-devel-9.0.7-0.1-mdv2011.0.x86_64.rpm\r\n baa973ebb01ff2fa9255ad434cd8e309 2011/x86_64/postgresql9.0-docs-9.0.7-0.1-mdv2011.0.x86_64.rpm\r\n 5d3fcd9cf5f10032ffeb7278c9474b0f 2011/x86_64/postgresql9.0-pl-9.0.7-0.1-mdv2011.0.x86_64.rpm\r\n 4d56f0d01bfb7c5b62928ea2c78a2391 2011/x86_64/postgresql9.0-plperl-9.0.7-0.1-mdv2011.0.x86_64.rpm\r\n 2afb5526fb9eded60c8fca205de1d037 2011/x86_64/postgresql9.0-plpgsql-9.0.7-0.1-mdv2011.0.x86_64.rpm\r\n 378f8a4c4f1a8ac291d05d8d00d94e65 2011/x86_64/postgresql9.0-plpython-9.0.7-0.1-mdv2011.0.x86_64.rpm\r\n e414f67368a7b600d491b753bde5a96a 2011/x86_64/postgresql9.0-pltcl-9.0.7-0.1-mdv2011.0.x86_64.rpm\r\n 3480e6f3303c4bd2f275afe0017a454d 2011/x86_64/postgresql9.0-server-9.0.7-0.1-mdv2011.0.x86_64.rpm \r\n 2723eb57e9056fb5e3f76e2519b4fec7 2011/SRPMS/postgresql9.0-9.0.7-0.1.src.rpm\r\n _______________________________________________________________________\r\n\r\n To upgrade automatically use MandrivaUpdate or urpmi. The verification\r\n of md5 checksums and GPG signatures is performed automatically for you.\r\n\r\n All packages are signed by Mandriva for security. You can obtain the\r\n GPG public key of the Mandriva Security Team by executing:\r\n\r\n gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98\r\n\r\n You can view other update advisories for Mandriva Linux at:\r\n\r\n http://www.mandriva.com/security/advisories\r\n\r\n If you want to report vulnerabilities, please contact\r\n\r\n security_(at)_mandriva.com\r\n _______________________________________________________________________\r\n\r\n Type Bits/KeyID Date User ID\r\n pub 1024D/22458A98 2000-07-10 Mandriva Security Team\r\n <security*mandriva.com>\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG v1.4.11 (GNU/Linux)\r\n\r\niD8DBQFPThgZmqjQ0CJFipgRAsbQAJ9gVWSHEr8OFkGbkxTWnLLCuK7HnwCgxnas\r\nbW8T0eHla0+VDyo5ZcKe2Ck=\r\n=5uc+\r\n-----END PGP SIGNATURE-----\r\n", "edition": 1, "modified": "2012-03-09T00:00:00", "published": "2012-03-09T00:00:00", "id": "SECURITYVULNS:DOC:27726", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:27726", "title": "[ MDVSA-2012:026 ] postgresql", "type": "securityvulns", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-08-31T11:09:46", "bulletinFamily": "software", "cvelist": ["CVE-2012-0867", "CVE-2012-0866"], "description": "Triggers privilege escalation, pg_dump reloading SQL injection.", "edition": 1, "modified": "2012-03-09T00:00:00", "published": "2012-03-09T00:00:00", "id": "SECURITYVULNS:VULN:12234", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:12234", "title": "PostgreSQL vulnerabilities", "type": "securityvulns", "cvss": {"score": 6.5, "vector": "AV:NETWORK/AC:LOW/Au:SINGLE_INSTANCE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "freebsd": [{"lastseen": "2019-05-29T18:33:52", "bulletinFamily": "unix", "cvelist": ["CVE-2012-0867", "CVE-2012-0866", "CVE-2012-0868"], "description": "\nThe PostgreSQL Global Development Group reports:\n\nThese vulnerabilities could allow users to define triggers that\n\t execute functions on which the user does not have EXECUTE\n\t permission, allow SSL certificate spoofing and allow line breaks\n\t in object names to be exploited to execute code when loading a\n\t pg_dump file.\n\n", "edition": 4, "modified": "2012-02-27T00:00:00", "published": "2012-02-27T00:00:00", "id": "174B8864-6237-11E1-BE18-14DAE938EC40", "href": "https://vuxml.freebsd.org/freebsd/174b8864-6237-11e1-be18-14dae938ec40.html", "title": "databases/postgresql*-client -- multiple vulnerabilities", "type": "freebsd", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "amazon": [{"lastseen": "2020-11-10T12:35:27", "bulletinFamily": "unix", "cvelist": ["CVE-2012-0867", "CVE-2012-0866", "CVE-2012-0868"], "description": "**Issue Overview:**\n\nThe pg_dump utility inserted object names literally into comments in the SQL script it produces. An unprivileged database user could create an object whose name includes a newline followed by an SQL command. This SQL command might then be executed by a privileged user during later restore of the backup dump, allowing privilege escalation. ([CVE-2012-0868 __](<https://access.redhat.com/security/cve/CVE-2012-0868>))\n\nWhen configured to do SSL certificate verification, PostgreSQL only checked the first 31 characters of the certificate's Common Name field. Depending on the configuration, this could allow an attacker to impersonate a server or a client using a certificate from a trusted Certificate Authority issued for a different name. ([CVE-2012-0867 __](<https://access.redhat.com/security/cve/CVE-2012-0867>))\n\nCREATE TRIGGER did not do a permissions check on the trigger function to be called. This could possibly allow an authenticated database user to call a privileged trigger function on data of their choosing. ([CVE-2012-0866 __](<https://access.redhat.com/security/cve/CVE-2012-0866>))\n\n \n**Affected Packages:** \n\n\npostgresql8\n\n \n**Issue Correction:** \nRun _yum update postgresql8_ to update your system.\n\n \n\n\n**New Packages:**\n \n \n i686: \n postgresql8-libs-8.4.11-1.34.amzn1.i686 \n postgresql8-test-8.4.11-1.34.amzn1.i686 \n postgresql8-8.4.11-1.34.amzn1.i686 \n postgresql8-plperl-8.4.11-1.34.amzn1.i686 \n postgresql8-contrib-8.4.11-1.34.amzn1.i686 \n postgresql8-debuginfo-8.4.11-1.34.amzn1.i686 \n postgresql8-pltcl-8.4.11-1.34.amzn1.i686 \n postgresql8-plpython-8.4.11-1.34.amzn1.i686 \n postgresql8-docs-8.4.11-1.34.amzn1.i686 \n postgresql8-devel-8.4.11-1.34.amzn1.i686 \n postgresql8-server-8.4.11-1.34.amzn1.i686 \n \n src: \n postgresql8-8.4.11-1.34.amzn1.src \n \n x86_64: \n postgresql8-pltcl-8.4.11-1.34.amzn1.x86_64 \n postgresql8-debuginfo-8.4.11-1.34.amzn1.x86_64 \n postgresql8-plpython-8.4.11-1.34.amzn1.x86_64 \n postgresql8-docs-8.4.11-1.34.amzn1.x86_64 \n postgresql8-plperl-8.4.11-1.34.amzn1.x86_64 \n postgresql8-devel-8.4.11-1.34.amzn1.x86_64 \n postgresql8-libs-8.4.11-1.34.amzn1.x86_64 \n postgresql8-contrib-8.4.11-1.34.amzn1.x86_64 \n postgresql8-server-8.4.11-1.34.amzn1.x86_64 \n postgresql8-test-8.4.11-1.34.amzn1.x86_64 \n postgresql8-8.4.11-1.34.amzn1.x86_64 \n \n \n", "edition": 4, "modified": "2012-05-23T10:08:00", "published": "2012-05-23T10:08:00", "id": "ALAS-2012-082", "href": "https://alas.aws.amazon.com/ALAS-2012-82.html", "title": "Medium: postgresql8", "type": "amazon", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "debian": [{"lastseen": "2020-11-11T13:28:04", "bulletinFamily": "unix", "cvelist": ["CVE-2012-0867", "CVE-2012-0866", "CVE-2012-0868"], "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-2418-1 security@debian.org\nhttp://www.debian.org/security/ Moritz Muehlenhoff\nFebruary 27, 2012 http://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : postgresql-8.4\nVulnerability : several\nProblem type : remote\nDebian-specific: no\nCVE ID : CVE-2012-0866 CVE-2012-0867 CVE-2012-0868\n\nSeveral local vulnerabilities have been discovered in PostgreSQL, an \nobject-relational SQL database. The Common Vulnerabilities and Exposures\nproject identifies the following problems:\n\nCVE-2012-0866\n\n It was discovered that the permissions of a function called by a \n trigger are not checked. This could result in privilege escalation.\n\nCVE-2012-0867\n\n It was discovered that only the first 32 characters of a host name \n are checked when validating host names through SSL certificates. \n This could result in spoofing the connection in limited \n circumstances.\n\nCVE-2012-0868\n\n It was discovered that pg_dump did not sanitise object names.\n This could result in arbitrary SQL command execution if a\n malformed dump file is opened. \n\nFor the stable distribution (squeeze), this problem has been fixed in\nversion 8.4.11-0squeeze1. \n\nFor the unstable distribution (sid), this problem has been fixed in\nversion 8.4.11-1.\n\nWe recommend that you upgrade your postgresql-8.4 packages.\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: http://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n", "edition": 3, "modified": "2012-02-27T18:00:20", "published": "2012-02-27T18:00:20", "id": "DEBIAN:DSA-2418-1:BCB26", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2012/msg00046.html", "title": "[SECURITY] [DSA 2418-1] postgresql-8.4 security update", "type": "debian", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "fedora": [{"lastseen": "2020-12-21T08:17:50", "bulletinFamily": "unix", "cvelist": ["CVE-2012-0866", "CVE-2012-0867", "CVE-2012-0868"], "description": "PostgreSQL is an advanced Object-Relational database management system (DBM S). The base postgresql package contains the client programs that you'll need to access a PostgreSQL DBMS server, as well as HTML documentation for the whole system. These client programs can be located on the same machine as the PostgreSQL server, or on a remote machine that accesses a PostgreSQL server over a network connection. The PostgreSQL server can be found in the postgresql-server sub-package. ", "modified": "2012-03-08T04:54:15", "published": "2012-03-08T04:54:15", "id": "FEDORA:4F98D20FC9", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 16 Update: postgresql-9.1.3-1.fc16", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-12-21T08:17:50", "bulletinFamily": "unix", "cvelist": ["CVE-2012-0866", "CVE-2012-0867", "CVE-2012-0868"], "description": "PostgreSQL is an advanced Object-Relational database management system (DBM S). The base postgresql package contains the client programs that you'll need to access a PostgreSQL DBMS server, as well as HTML documentation for the whole system. These client programs can be located on the same machine as the PostgreSQL server, or on a remote machine that accesses a PostgreSQL server over a network connection. The PostgreSQL server can be found in the postgresql-server sub-package. ", "modified": "2012-03-08T04:01:20", "published": "2012-03-08T04:01:20", "id": "FEDORA:3EA7E20EC6", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 16 Update: postgresql-9.1.3-1.fc16", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-12-21T08:17:50", "bulletinFamily": "unix", "cvelist": ["CVE-2012-0866", "CVE-2012-0867", "CVE-2012-0868"], "description": "PostgreSQL is an advanced Object-Relational database management system (DBM S). The base postgresql package contains the client programs that you'll need to access a PostgreSQL DBMS server, as well as HTML documentation for the whole system. These client programs can be located on the same machine as the PostgreSQL server, or on a remote machine that accesses a PostgreSQL server over a network connection. The PostgreSQL server can be found in the postgresql-server sub-package. ", "modified": "2012-03-06T20:40:53", "published": "2012-03-06T20:40:53", "id": "FEDORA:6E94E22587", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 17 Update: postgresql-9.1.3-1.fc17", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-12-21T08:17:50", "bulletinFamily": "unix", "cvelist": ["CVE-2012-0866", "CVE-2012-0867", "CVE-2012-0868"], "description": "PostgreSQL is an advanced Object-Relational database management system (DBMS) that supports almost all SQL constructs (including transactions, sub-selects and user-defined types and functions). The postgresql package includes the client programs and libraries that you'll need to access a PostgreSQL DBMS server. These PostgreSQL client programs are programs that directly manipulate the internal structure of PostgreSQL databases on a PostgreSQL server. These client programs can be located on the same machine with the PostgreSQL server, or may be on a remote machine which accesses a PostgreSQL server over a network connection. This package contains the docs in HTML for the whole package, as well as command-line utilities for managing PostgreSQL databases on a PostgreSQL server. If you want to manipulate a PostgreSQL database on a local or remote Postgr eSQL server, you need this package. You also need to install this package if you're installing the postgresql-server package. ", "modified": "2012-03-08T04:51:57", "published": "2012-03-08T04:51:57", "id": "FEDORA:9A8E620A7B", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 15 Update: postgresql-9.0.7-1.fc15", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-12-21T08:17:51", "bulletinFamily": "unix", "cvelist": ["CVE-2012-0866", "CVE-2012-0867", "CVE-2012-0868", "CVE-2012-2143", "CVE-2012-2655"], "description": "PostgreSQL is an advanced Object-Relational database management system (DBM S). The base postgresql package contains the client programs that you'll need to access a PostgreSQL DBMS server, as well as HTML documentation for the whole system. These client programs can be located on the same machine as the PostgreSQL server, or on a remote machine that accesses a PostgreSQL server over a network connection. The PostgreSQL server can be found in the postgresql-server sub-package. ", "modified": "2012-06-15T12:21:20", "published": "2012-06-15T12:21:20", "id": "FEDORA:9467F210F8", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 16 Update: postgresql-9.1.4-1.fc16", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-12-21T08:17:51", "bulletinFamily": "unix", "cvelist": ["CVE-2012-0866", "CVE-2012-0867", "CVE-2012-0868", "CVE-2012-2143", "CVE-2012-2655"], "description": "PostgreSQL is an advanced Object-Relational database management system (DBMS) that supports almost all SQL constructs (including transactions, sub-selects and user-defined types and functions). The postgresql package includes the client programs and libraries that you'll need to access a PostgreSQL DBMS server. These PostgreSQL client programs are programs that directly manipulate the internal structure of PostgreSQL databases on a PostgreSQL server. These client programs can be located on the same machine with the PostgreSQL server, or may be on a remote machine which accesses a PostgreSQL server over a network connection. This package contains the docs in HTML for the whole package, as well as command-line utilities for managing PostgreSQL databases on a PostgreSQL server. If you want to manipulate a PostgreSQL database on a local or remote Postgr eSQL server, you need this package. You also need to install this package if you're installing the postgresql-server package. ", "modified": "2012-06-15T12:29:05", "published": "2012-06-15T12:29:05", "id": "FEDORA:BAE1220E52", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 15 Update: postgresql-9.0.8-1.fc15", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-12-21T08:17:51", "bulletinFamily": "unix", "cvelist": ["CVE-2012-0866", "CVE-2012-0867", "CVE-2012-0868", "CVE-2012-2143", "CVE-2012-2655", "CVE-2012-3488", "CVE-2012-3489"], "description": "PostgreSQL is an advanced Object-Relational database management system (DBM S). The base postgresql package contains the client programs that you'll need to access a PostgreSQL DBMS server, as well as HTML documentation for the whole system. These client programs can be located on the same machine as the PostgreSQL server, or on a remote machine that accesses a PostgreSQL server over a network connection. The PostgreSQL server can be found in the postgresql-server sub-package. ", "modified": "2012-08-26T00:21:52", "published": "2012-08-26T00:21:52", "id": "FEDORA:D603620A52", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 16 Update: postgresql-9.1.5-1.fc16", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "nessus": [{"lastseen": "2021-01-06T09:27:43", "description": "Updated postgresql84 and postgresql packages that fix three security\nissues are now available for Red Hat Enterprise Linux 5 and 6\nrespectively.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nPostgreSQL is an advanced object-relational database management system\n(DBMS).\n\nThe pg_dump utility inserted object names literally into comments in\nthe SQL script it produces. An unprivileged database user could create\nan object whose name includes a newline followed by a SQL command.\nThis SQL command might then be executed by a privileged user during\nlater restore of the backup dump, allowing privilege escalation.\n(CVE-2012-0868)\n\nWhen configured to do SSL certificate verification, PostgreSQL only\nchecked the first 31 characters of the certificate's Common Name\nfield. Depending on the configuration, this could allow an attacker to\nimpersonate a server or a client using a certificate from a trusted\nCertificate Authority issued for a different name. (CVE-2012-0867)\n\nCREATE TRIGGER did not do a permissions check on the trigger function\nto be called. This could possibly allow an authenticated database user\nto call a privileged trigger function on data of their choosing.\n(CVE-2012-0866)\n\nThese updated packages upgrade PostgreSQL to version 8.4.11, which\nfixes these issues as well as several data-corruption issues and\nlesser non-security issues. Refer to the PostgreSQL Release Notes for\na full list of changes :\n\nhttp://www.postgresql.org/docs/8.4/static/release.html\n\nAll PostgreSQL users are advised to upgrade to these updated packages,\nwhich correct these issues. If the postgresql service is running, it\nwill be automatically restarted after installing this update.", "edition": 25, "published": "2012-05-22T00:00:00", "title": "CentOS 5 / 6 : postgresql / postgresql84 (CESA-2012:0678)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-0867", "CVE-2012-0866", "CVE-2012-0868"], "modified": "2012-05-22T00:00:00", "cpe": ["p-cpe:/a:centos:centos:postgresql-contrib", "p-cpe:/a:centos:centos:postgresql84-contrib", "p-cpe:/a:centos:centos:postgresql84", "p-cpe:/a:centos:centos:postgresql84-libs", "cpe:/o:centos:centos:6", "p-cpe:/a:centos:centos:postgresql-docs", "p-cpe:/a:centos:centos:postgresql-server", "p-cpe:/a:centos:centos:postgresql84-server", "p-cpe:/a:centos:centos:postgresql-test", "p-cpe:/a:centos:centos:postgresql84-python", "p-cpe:/a:centos:centos:postgresql84-test", "p-cpe:/a:centos:centos:postgresql-plperl", "p-cpe:/a:centos:centos:postgresql84-pltcl", "p-cpe:/a:centos:centos:postgresql84-plpython", "p-cpe:/a:centos:centos:postgresql84-tcl", "p-cpe:/a:centos:centos:postgresql-pltcl", "p-cpe:/a:centos:centos:postgresql", "p-cpe:/a:centos:centos:postgresql-plpython", "p-cpe:/a:centos:centos:postgresql84-docs", "cpe:/o:centos:centos:5", "p-cpe:/a:centos:centos:postgresql-libs", "p-cpe:/a:centos:centos:postgresql-devel", "p-cpe:/a:centos:centos:postgresql84-devel", "p-cpe:/a:centos:centos:postgresql84-plperl"], "id": "CENTOS_RHSA-2012-0678.NASL", "href": "https://www.tenable.com/plugins/nessus/59214", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2012:0678 and \n# CentOS Errata and Security Advisory 2012:0678 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(59214);\n script_version(\"1.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2012-0866\", \"CVE-2012-0867\", \"CVE-2012-0868\");\n script_bugtraq_id(52188);\n script_xref(name:\"RHSA\", value:\"2012:0678\");\n\n script_name(english:\"CentOS 5 / 6 : postgresql / postgresql84 (CESA-2012:0678)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated postgresql84 and postgresql packages that fix three security\nissues are now available for Red Hat Enterprise Linux 5 and 6\nrespectively.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nPostgreSQL is an advanced object-relational database management system\n(DBMS).\n\nThe pg_dump utility inserted object names literally into comments in\nthe SQL script it produces. An unprivileged database user could create\nan object whose name includes a newline followed by a SQL command.\nThis SQL command might then be executed by a privileged user during\nlater restore of the backup dump, allowing privilege escalation.\n(CVE-2012-0868)\n\nWhen configured to do SSL certificate verification, PostgreSQL only\nchecked the first 31 characters of the certificate's Common Name\nfield. Depending on the configuration, this could allow an attacker to\nimpersonate a server or a client using a certificate from a trusted\nCertificate Authority issued for a different name. (CVE-2012-0867)\n\nCREATE TRIGGER did not do a permissions check on the trigger function\nto be called. This could possibly allow an authenticated database user\nto call a privileged trigger function on data of their choosing.\n(CVE-2012-0866)\n\nThese updated packages upgrade PostgreSQL to version 8.4.11, which\nfixes these issues as well as several data-corruption issues and\nlesser non-security issues. Refer to the PostgreSQL Release Notes for\na full list of changes :\n\nhttp://www.postgresql.org/docs/8.4/static/release.html\n\nAll PostgreSQL users are advised to upgrade to these updated packages,\nwhich correct these issues. If the postgresql service is running, it\nwill be automatically restarted after installing this update.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2012-May/018648.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?fcf0109b\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2012-May/018650.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?b2e4df4e\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected postgresql and / or postgresql84 packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2012-0868\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:postgresql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:postgresql-contrib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:postgresql-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:postgresql-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:postgresql-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:postgresql-plperl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:postgresql-plpython\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:postgresql-pltcl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:postgresql-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:postgresql-test\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:postgresql84\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:postgresql84-contrib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:postgresql84-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:postgresql84-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:postgresql84-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:postgresql84-plperl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:postgresql84-plpython\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:postgresql84-pltcl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:postgresql84-python\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:postgresql84-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:postgresql84-tcl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:postgresql84-test\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:6\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/07/18\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/05/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/05/22\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(5|6)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 5.x / 6.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-5\", reference:\"postgresql84-8.4.11-1.el5_8\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"postgresql84-contrib-8.4.11-1.el5_8\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"postgresql84-devel-8.4.11-1.el5_8\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"postgresql84-docs-8.4.11-1.el5_8\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"postgresql84-libs-8.4.11-1.el5_8\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"postgresql84-plperl-8.4.11-1.el5_8\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"postgresql84-plpython-8.4.11-1.el5_8\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"postgresql84-pltcl-8.4.11-1.el5_8\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"postgresql84-python-8.4.11-1.el5_8\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"postgresql84-server-8.4.11-1.el5_8\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"postgresql84-tcl-8.4.11-1.el5_8\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"postgresql84-test-8.4.11-1.el5_8\")) flag++;\n\nif (rpm_check(release:\"CentOS-6\", reference:\"postgresql-8.4.11-1.el6_2\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"postgresql-contrib-8.4.11-1.el6_2\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"postgresql-devel-8.4.11-1.el6_2\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"postgresql-docs-8.4.11-1.el6_2\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"postgresql-libs-8.4.11-1.el6_2\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"postgresql-plperl-8.4.11-1.el6_2\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"postgresql-plpython-8.4.11-1.el6_2\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"postgresql-pltcl-8.4.11-1.el6_2\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"postgresql-server-8.4.11-1.el6_2\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"postgresql-test-8.4.11-1.el6_2\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"postgresql / postgresql-contrib / postgresql-devel / etc\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-07T11:53:35", "description": "Multiple vulnerabilities has been discovered and corrected in\npostgresql :\n\nPermissions on a function called by a trigger are not properly checked\n(CVE-2012-0866).\n\nSSL certificate name checks are truncated to 32 characters, allowing\nconnection spoofing under some circumstances when using third-party\ncertificate authorities (CVE-2012-0867).\n\nLine breaks in object names can be exploited to execute arbitrary SQL\nwhen reloading a pg_dump file (CVE-2012-0868).\n\nThis advisory provides the latest versions of PostgreSQL that is not\nvulnerable to these issues.", "edition": 24, "published": "2012-03-01T00:00:00", "title": "Mandriva Linux Security Advisory : postgresql (MDVSA-2012:026)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-0867", "CVE-2012-0866", "CVE-2012-0868"], "modified": "2012-03-01T00:00:00", "cpe": ["p-cpe:/a:mandriva:linux:lib64pq8.4_5", "cpe:/o:mandriva:linux:2011", "p-cpe:/a:mandriva:linux:postgresql8.4-devel", "p-cpe:/a:mandriva:linux:postgresql8.4-plpgsql", "p-cpe:/a:mandriva:linux:postgresql8.4-contrib", "p-cpe:/a:mandriva:linux:postgresql8.4-server", "p-cpe:/a:mandriva:linux:postgresql9.0-server", "p-cpe:/a:mandriva:linux:postgresql8.4-plperl", "p-cpe:/a:mandriva:linux:postgresql8.4-docs", "p-cpe:/a:mandriva:linux:postgresql9.0-plpython", "p-cpe:/a:mandriva:linux:libecpg9.0_6", "p-cpe:/a:mandriva:linux:lib64pq9.0_5", "p-cpe:/a:mandriva:linux:postgresql9.0-pl", "p-cpe:/a:mandriva:linux:postgresql9.0-plperl", "p-cpe:/a:mandriva:linux:postgresql9.0-contrib", "p-cpe:/a:mandriva:linux:postgresql8.4-pltcl", "p-cpe:/a:mandriva:linux:lib64ecpg9.0_6", "p-cpe:/a:mandriva:linux:libecpg8.4_6", "p-cpe:/a:mandriva:linux:postgresql8.4-plpython", "p-cpe:/a:mandriva:linux:postgresql9.0", "cpe:/o:mandriva:linux:2010.1", "p-cpe:/a:mandriva:linux:postgresql9.0-plpgsql", "p-cpe:/a:mandriva:linux:postgresql9.0-docs", "p-cpe:/a:mandriva:linux:postgresql9.0-pltcl", "p-cpe:/a:mandriva:linux:libpq8.4_5", "p-cpe:/a:mandriva:linux:postgresql8.4", "p-cpe:/a:mandriva:linux:libpq9.0_5", "p-cpe:/a:mandriva:linux:postgresql8.4-pl", "p-cpe:/a:mandriva:linux:lib64ecpg8.4_6", "p-cpe:/a:mandriva:linux:postgresql9.0-devel"], "id": "MANDRIVA_MDVSA-2012-026.NASL", "href": "https://www.tenable.com/plugins/nessus/58177", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandriva Linux Security Advisory MDVSA-2012:026. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(58177);\n script_version(\"1.15\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2012-0866\", \"CVE-2012-0867\", \"CVE-2012-0868\");\n script_bugtraq_id(52188);\n script_xref(name:\"MDVSA\", value:\"2012:026\");\n\n script_name(english:\"Mandriva Linux Security Advisory : postgresql (MDVSA-2012:026)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandriva Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Multiple vulnerabilities has been discovered and corrected in\npostgresql :\n\nPermissions on a function called by a trigger are not properly checked\n(CVE-2012-0866).\n\nSSL certificate name checks are truncated to 32 characters, allowing\nconnection spoofing under some circumstances when using third-party\ncertificate authorities (CVE-2012-0867).\n\nLine breaks in object names can be exploited to execute arbitrary SQL\nwhen reloading a pg_dump file (CVE-2012-0868).\n\nThis advisory provides the latest versions of PostgreSQL that is not\nvulnerable to these issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.postgresql.org/docs/9.0/static/release-9-0-7.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64ecpg8.4_6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64ecpg9.0_6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64pq8.4_5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64pq9.0_5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libecpg8.4_6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libecpg9.0_6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libpq8.4_5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libpq9.0_5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:postgresql8.4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:postgresql8.4-contrib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:postgresql8.4-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:postgresql8.4-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:postgresql8.4-pl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:postgresql8.4-plperl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:postgresql8.4-plpgsql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:postgresql8.4-plpython\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:postgresql8.4-pltcl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:postgresql8.4-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:postgresql9.0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:postgresql9.0-contrib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:postgresql9.0-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:postgresql9.0-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:postgresql9.0-pl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:postgresql9.0-plperl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:postgresql9.0-plpgsql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:postgresql9.0-plpython\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:postgresql9.0-pltcl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:postgresql9.0-server\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2010.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2011\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/02/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/03/01\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK2010.1\", cpu:\"x86_64\", reference:\"lib64ecpg8.4_6-8.4.11-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", cpu:\"x86_64\", reference:\"lib64pq8.4_5-8.4.11-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", cpu:\"i386\", reference:\"libecpg8.4_6-8.4.11-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", cpu:\"i386\", reference:\"libpq8.4_5-8.4.11-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"postgresql8.4-8.4.11-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"postgresql8.4-contrib-8.4.11-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"postgresql8.4-devel-8.4.11-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"postgresql8.4-docs-8.4.11-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"postgresql8.4-pl-8.4.11-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"postgresql8.4-plperl-8.4.11-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"postgresql8.4-plpgsql-8.4.11-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"postgresql8.4-plpython-8.4.11-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"postgresql8.4-pltcl-8.4.11-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"postgresql8.4-server-8.4.11-0.1mdv2010.2\", yank:\"mdv\")) flag++;\n\nif (rpm_check(release:\"MDK2011\", cpu:\"x86_64\", reference:\"lib64ecpg9.0_6-9.0.7-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", cpu:\"x86_64\", reference:\"lib64pq9.0_5-9.0.7-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", cpu:\"i386\", reference:\"libecpg9.0_6-9.0.7-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", cpu:\"i386\", reference:\"libpq9.0_5-9.0.7-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"postgresql9.0-9.0.7-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"postgresql9.0-contrib-9.0.7-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"postgresql9.0-devel-9.0.7-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"postgresql9.0-docs-9.0.7-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"postgresql9.0-pl-9.0.7-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"postgresql9.0-plperl-9.0.7-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"postgresql9.0-plpgsql-9.0.7-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"postgresql9.0-plpython-9.0.7-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"postgresql9.0-pltcl-9.0.7-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"postgresql9.0-server-9.0.7-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-12T10:10:24", "description": "Update to latest Postgres releases --- resolves some security and data\nloss bugs http://www.postgresql.org/docs/9.1/static/release-9-1-3.html\nhttp://www.postgresql.org/docs/9.0/static/release-9-0-7.html\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 14, "published": "2012-03-08T00:00:00", "title": "Fedora 16 : postgresql-9.1.3-1.fc16 (2012-2591)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-0867", "CVE-2012-0866", "CVE-2012-0868"], "modified": "2012-03-08T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:postgresql", "cpe:/o:fedoraproject:fedora:16"], "id": "FEDORA_2012-2591.NASL", "href": "https://www.tenable.com/plugins/nessus/58282", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2012-2591.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(58282);\n script_version(\"1.18\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2012-0866\", \"CVE-2012-0867\", \"CVE-2012-0868\");\n script_bugtraq_id(52188);\n script_xref(name:\"FEDORA\", value:\"2012-2591\");\n\n script_name(english:\"Fedora 16 : postgresql-9.1.3-1.fc16 (2012-2591)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Update to latest Postgres releases --- resolves some security and data\nloss bugs http://www.postgresql.org/docs/9.1/static/release-9-1-3.html\nhttp://www.postgresql.org/docs/9.0/static/release-9-0-7.html\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n # http://www.postgresql.org/docs/9.0/static/release-9-0-7.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.postgresql.org/docs/9.0/release-9-0-7.html\"\n );\n # http://www.postgresql.org/docs/9.1/static/release-9-1-3.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.postgresql.org/docs/9.1/release-9-1-3.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=797222\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=797915\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=797917\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2012-March/074713.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?8d2aebe8\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2012-March/074724.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?088643c3\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected postgresql package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:postgresql\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:16\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/02/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/03/08\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^16([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 16.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC16\", reference:\"postgresql-9.1.3-1.fc16\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"postgresql\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-02-01T07:14:50", "description": "It was discovered that PostgreSQL incorrectly checked permissions on\nfunctions called by a trigger. An attacker could attach a trigger to a\ntable they owned and possibly escalate privileges. (CVE-2012-0866)\n\nIt was discovered that PostgreSQL incorrectly truncated SSL\ncertificate name checks to 32 characters. If a host name was exactly\n32 characters, this issue could be exploited by an attacker to spoof\nthe SSL certificate. This issue affected Ubuntu 10.04 LTS, Ubuntu\n10.10, Ubuntu 11.04 and Ubuntu 11.10. (CVE-2012-0867)\n\nIt was discovered that the PostgreSQL pg_dump utility incorrectly\nfiltered line breaks in object names. An attacker could create object\nnames that execute arbitrary SQL commands when a dump script is\nreloaded. (CVE-2012-0868).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 25, "published": "2012-02-29T00:00:00", "title": "Ubuntu 8.04 LTS / 10.04 LTS / 10.10 / 11.04 / 11.10 : postgresql-8.3, postgresql-8.4, postgresql-9.1 vulnerabilities (USN-1378-1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-0867", "CVE-2012-0866", "CVE-2012-0868"], "modified": "2021-02-02T00:00:00", "cpe": ["cpe:/o:canonical:ubuntu_linux:11.10", "p-cpe:/a:canonical:ubuntu_linux:postgresql-8.3", "p-cpe:/a:canonical:ubuntu_linux:postgresql-9.1", "cpe:/o:canonical:ubuntu_linux:11.04", "cpe:/o:canonical:ubuntu_linux:10.04:-:lts", "cpe:/o:canonical:ubuntu_linux:8.04:-:lts", "p-cpe:/a:canonical:ubuntu_linux:postgresql-8.4", "cpe:/o:canonical:ubuntu_linux:10.10"], "id": "UBUNTU_USN-1378-1.NASL", "href": "https://www.tenable.com/plugins/nessus/58168", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-1378-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(58168);\n script_version(\"1.12\");\n script_cvs_date(\"Date: 2019/09/19 12:54:27\");\n\n script_cve_id(\"CVE-2012-0866\", \"CVE-2012-0867\", \"CVE-2012-0868\");\n script_bugtraq_id(52188);\n script_xref(name:\"USN\", value:\"1378-1\");\n\n script_name(english:\"Ubuntu 8.04 LTS / 10.04 LTS / 10.10 / 11.04 / 11.10 : postgresql-8.3, postgresql-8.4, postgresql-9.1 vulnerabilities (USN-1378-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"It was discovered that PostgreSQL incorrectly checked permissions on\nfunctions called by a trigger. An attacker could attach a trigger to a\ntable they owned and possibly escalate privileges. (CVE-2012-0866)\n\nIt was discovered that PostgreSQL incorrectly truncated SSL\ncertificate name checks to 32 characters. If a host name was exactly\n32 characters, this issue could be exploited by an attacker to spoof\nthe SSL certificate. This issue affected Ubuntu 10.04 LTS, Ubuntu\n10.10, Ubuntu 11.04 and Ubuntu 11.10. (CVE-2012-0867)\n\nIt was discovered that the PostgreSQL pg_dump utility incorrectly\nfiltered line breaks in object names. An attacker could create object\nnames that execute arbitrary SQL commands when a dump script is\nreloaded. (CVE-2012-0868).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/1378-1/\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Update the affected postgresql-8.3, postgresql-8.4 and / or\npostgresql-9.1 packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:postgresql-8.3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:postgresql-8.4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:postgresql-9.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:10.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:10.10\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:11.04\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:11.10\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:8.04:-:lts\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/07/18\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/02/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/02/29\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2012-2019 Canonical, Inc. / NASL script (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(8\\.04|10\\.04|10\\.10|11\\.04|11\\.10)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 8.04 / 10.04 / 10.10 / 11.04 / 11.10\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"8.04\", pkgname:\"postgresql-8.3\", pkgver:\"8.3.18-0ubuntu0.8.04\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"postgresql-8.4\", pkgver:\"8.4.11-0ubuntu0.10.04\")) flag++;\nif (ubuntu_check(osver:\"10.10\", pkgname:\"postgresql-8.4\", pkgver:\"8.4.11-0ubuntu0.10.10\")) flag++;\nif (ubuntu_check(osver:\"11.04\", pkgname:\"postgresql-8.4\", pkgver:\"8.4.11-0ubuntu0.11.04\")) flag++;\nif (ubuntu_check(osver:\"11.10\", pkgname:\"postgresql-9.1\", pkgver:\"9.1.3-0ubuntu0.11.10\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"postgresql-8.3 / postgresql-8.4 / postgresql-9.1\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-02-01T05:20:27", "description": "The version of PostgreSQL installed on the remote host is 8.4.x prior\nto 8.4.11, 9.0.x prior to 9.0.7, or 9.1.x prior to 9.1.3. It is,\ntherefore, potentially affected by multiple vulnerabilities :\n\n - Permissions on a function called by a trigger are not\n properly checked. (CVE-2012-0866)\n\n - SSL certificate name checks are truncated to 32\n characters, allowing connection spoofing under some\n circumstances when using third-party certificate\n authorities. (CVE-2012-0867)\n\n - Line breaks in object names can be exploited to execute\n arbitrary SQL commands when reloading a pg_dump file.\n (CVE-2012-0868)", "edition": 27, "cvss3": {"score": 6.3, "vector": "AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L"}, "published": "2012-12-28T00:00:00", "title": "PostgreSQL 8.4 < 8.4.11 / 9.0 < 9.0.7 / 9.1 < 9.1.3 Multiple Vulnerabilities", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-0867", "CVE-2012-0866", "CVE-2012-0868"], "modified": "2021-02-02T00:00:00", "cpe": ["cpe:/a:postgresql:postgresql"], "id": "POSTGRESQL_20120227.NASL", "href": "https://www.tenable.com/plugins/nessus/63352", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(63352);\n script_version(\"1.8\");\n script_cvs_date(\"Date: 2018/11/15 20:50:21\");\n\n script_cve_id(\"CVE-2012-0866\", \"CVE-2012-0867\", \"CVE-2012-0868\");\n script_bugtraq_id(52188);\n\n script_name(english:\"PostgreSQL 8.4 < 8.4.11 / 9.0 < 9.0.7 / 9.1 < 9.1.3 Multiple Vulnerabilities\");\n script_summary(english:\"Checks version of PostgreSQL\");\n\n script_set_attribute(attribute:\"synopsis\", value:\"The remote database server is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of PostgreSQL installed on the remote host is 8.4.x prior\nto 8.4.11, 9.0.x prior to 9.0.7, or 9.1.x prior to 9.1.3. It is,\ntherefore, potentially affected by multiple vulnerabilities :\n\n - Permissions on a function called by a trigger are not\n properly checked. (CVE-2012-0866)\n\n - SSL certificate name checks are truncated to 32\n characters, allowing connection spoofing under some\n circumstances when using third-party certificate\n authorities. (CVE-2012-0867)\n\n - Line breaks in object names can be exploited to execute\n arbitrary SQL commands when reloading a pg_dump file.\n (CVE-2012-0868)\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.postgresql.org/about/news/1377/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.postgresql.org/docs/8.4/release-8-4-11.html\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.postgresql.org/docs/9.0/static/release-9-0-7.html\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.postgresql.org/docs/9.1/static/release-9-1-3.html\");\n script_set_attribute(attribute:\"solution\", value:\"Upgrade to PostgreSQL 8.3.19 / 8.4.12 / 9.0.8 / 9.1.4 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/02/27\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/02/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/12/28\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:postgresql:postgresql\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Databases\");\n\n script_copyright(english:\"This script is Copyright (C) 2012-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"postgresql_version.nbin\");\n script_require_ports(\"Services/postgresql\", 5432);\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"backport.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\n\nport = get_service(svc:\"postgresql\", default:5432, exit_on_fail:TRUE);\n\nversion = get_kb_item_or_exit('database/'+port+'/postgresql/version');\nsource = get_kb_item_or_exit('database/'+port+'/postgresql/source');\ndatabase = get_kb_item('database/'+port+'/postgresql/database_name');\n\nget_backport_banner(banner:source);\nif (backported && report_paranoia < 2) audit(AUDIT_BACKPORT_SERVICE, port, 'PostgreSQL server');\n\nver = split(version, sep:'.');\nfor (i=0; i < max_index(ver); i++)\n ver[i] = int(ver[i]);\n\nif (\n (ver[0] == 8 && ver[1] == 4 && ver[2] < 11) ||\n (ver[0] == 9 && ver[1] == 0 && ver[2] < 7) ||\n (ver[0] == 9 && ver[1] == 1 && ver[2] < 3)\n)\n{\n set_kb_item(name:\"www/\"+port+\"/SQLInjection\", value:TRUE);\n if (report_verbosity > 0)\n {\n report = '';\n if(database)\n report += '\\n Database name : ' + database ;\n report +=\n '\\n Version source : ' + source +\n '\\n Installed version : ' + version +\n '\\n Fixed version : 8.4.11 / 9.0.7 / 9.1.3\\n';\n security_warning(port:port, extra:report);\n }\n else security_warning(port);\n exit(0);\n}\nelse audit(AUDIT_LISTEN_NOT_VULN, 'PostgreSQL', port, version);\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-17T13:46:36", "description": "PostgreSQL is an advanced object-relational database management system\n(DBMS).\n\nThe pg_dump utility inserted object names literally into comments in\nthe SQL script it produces. An unprivileged database user could create\nan object whose name includes a newline followed by a SQL command.\nThis SQL command might then be executed by a privileged user during\nlater restore of the backup dump, allowing privilege escalation.\n(CVE-2012-0868)\n\nWhen configured to do SSL certificate verification, PostgreSQL only\nchecked the first 31 characters of the certificate's Common Name\nfield. Depending on the configuration, this could allow an attacker to\nimpersonate a server or a client using a certificate from a trusted\nCertificate Authority issued for a different name. (CVE-2012-0867)\n\nCREATE TRIGGER did not do a permissions check on the trigger function\nto be called. This could possibly allow an authenticated database user\nto call a privileged trigger function on data of their choosing.\n(CVE-2012-0866)\n\nThese updated packages upgrade PostgreSQL to version 8.4.11, which\nfixes these issues as well as several data-corruption issues and\nlesser non-security issues. Refer to the PostgreSQL Release Notes for\na full list of changes :\n\nhttp://www.postgresql.org/docs/8.4/static/release.html\n\nAll PostgreSQL users are advised to upgrade to these updated packages,\nwhich correct these issues. If the postgresql service is running, it\nwill be automatically restarted after installing this update.", "edition": 16, "published": "2012-08-01T00:00:00", "title": "Scientific Linux Security Update : postgresql and postgresql84 on SL5.x, SL6.x i386/x86_64 (20120521)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-0867", "CVE-2012-0866", "CVE-2012-0868"], "modified": "2012-08-01T00:00:00", "cpe": ["p-cpe:/a:fermilab:scientific_linux:postgresql84-plperl", "p-cpe:/a:fermilab:scientific_linux:postgresql84-plpython", "p-cpe:/a:fermilab:scientific_linux:postgresql-contrib", "p-cpe:/a:fermilab:scientific_linux:postgresql-libs", "p-cpe:/a:fermilab:scientific_linux:postgresql84-tcl", "p-cpe:/a:fermilab:scientific_linux:postgresql84-python", "p-cpe:/a:fermilab:scientific_linux:postgresql84-docs", "p-cpe:/a:fermilab:scientific_linux:postgresql-plpython", "p-cpe:/a:fermilab:scientific_linux:postgresql", "p-cpe:/a:fermilab:scientific_linux:postgresql-server", "p-cpe:/a:fermilab:scientific_linux:postgresql84-contrib", "p-cpe:/a:fermilab:scientific_linux:postgresql84-libs", "p-cpe:/a:fermilab:scientific_linux:postgresql-test", "p-cpe:/a:fermilab:scientific_linux:postgresql84-debuginfo", "p-cpe:/a:fermilab:scientific_linux:postgresql84-devel", "p-cpe:/a:fermilab:scientific_linux:postgresql-debuginfo", "p-cpe:/a:fermilab:scientific_linux:postgresql-pltcl", "p-cpe:/a:fermilab:scientific_linux:postgresql-plperl", "x-cpe:/o:fermilab:scientific_linux", "p-cpe:/a:fermilab:scientific_linux:postgresql-docs", "p-cpe:/a:fermilab:scientific_linux:postgresql84", "p-cpe:/a:fermilab:scientific_linux:postgresql-devel", "p-cpe:/a:fermilab:scientific_linux:postgresql84-pltcl", "p-cpe:/a:fermilab:scientific_linux:postgresql84-test", "p-cpe:/a:fermilab:scientific_linux:postgresql84-server"], "id": "SL_20120521_POSTGRESQL_AND_POSTGRESQL84_ON_SL5_X.NASL", "href": "https://www.tenable.com/plugins/nessus/61316", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(61316);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2012-0866\", \"CVE-2012-0867\", \"CVE-2012-0868\");\n\n script_name(english:\"Scientific Linux Security Update : postgresql and postgresql84 on SL5.x, SL6.x i386/x86_64 (20120521)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"PostgreSQL is an advanced object-relational database management system\n(DBMS).\n\nThe pg_dump utility inserted object names literally into comments in\nthe SQL script it produces. An unprivileged database user could create\nan object whose name includes a newline followed by a SQL command.\nThis SQL command might then be executed by a privileged user during\nlater restore of the backup dump, allowing privilege escalation.\n(CVE-2012-0868)\n\nWhen configured to do SSL certificate verification, PostgreSQL only\nchecked the first 31 characters of the certificate's Common Name\nfield. Depending on the configuration, this could allow an attacker to\nimpersonate a server or a client using a certificate from a trusted\nCertificate Authority issued for a different name. (CVE-2012-0867)\n\nCREATE TRIGGER did not do a permissions check on the trigger function\nto be called. This could possibly allow an authenticated database user\nto call a privileged trigger function on data of their choosing.\n(CVE-2012-0866)\n\nThese updated packages upgrade PostgreSQL to version 8.4.11, which\nfixes these issues as well as several data-corruption issues and\nlesser non-security issues. Refer to the PostgreSQL Release Notes for\na full list of changes :\n\nhttp://www.postgresql.org/docs/8.4/static/release.html\n\nAll PostgreSQL users are advised to upgrade to these updated packages,\nwhich correct these issues. If the postgresql service is running, it\nwill be automatically restarted after installing this update.\"\n );\n # http://www.postgresql.org/docs/8.4/static/release.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.postgresql.org/docs/8.4/release.html\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1205&L=scientific-linux-errata&T=0&P=973\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?d76d0787\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:postgresql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:postgresql-contrib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:postgresql-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:postgresql-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:postgresql-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:postgresql-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:postgresql-plperl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:postgresql-plpython\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:postgresql-pltcl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:postgresql-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:postgresql-test\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:postgresql84\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:postgresql84-contrib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:postgresql84-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:postgresql84-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:postgresql84-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:postgresql84-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:postgresql84-plperl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:postgresql84-plpython\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:postgresql84-pltcl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:postgresql84-python\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:postgresql84-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:postgresql84-tcl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:postgresql84-test\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/07/18\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/05/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/08/01\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nos_ver = pregmatch(pattern: \"Scientific Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Scientific Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Scientific Linux 6.x\", \"Scientific Linux \" + os_ver);\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL5\", reference:\"postgresql84-8.4.11-1.el5_8\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"postgresql84-contrib-8.4.11-1.el5_8\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"postgresql84-debuginfo-8.4.11-1.el5_8\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"postgresql84-devel-8.4.11-1.el5_8\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"postgresql84-docs-8.4.11-1.el5_8\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"postgresql84-libs-8.4.11-1.el5_8\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"postgresql84-plperl-8.4.11-1.el5_8\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"postgresql84-plpython-8.4.11-1.el5_8\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"postgresql84-pltcl-8.4.11-1.el5_8\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"postgresql84-python-8.4.11-1.el5_8\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"postgresql84-server-8.4.11-1.el5_8\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"postgresql84-tcl-8.4.11-1.el5_8\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"postgresql84-test-8.4.11-1.el5_8\")) flag++;\n\nif (rpm_check(release:\"SL6\", reference:\"postgresql-8.4.11-1.el6_2\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"postgresql-contrib-8.4.11-1.el6_2\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"postgresql-debuginfo-8.4.11-1.el6_2\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"postgresql-devel-8.4.11-1.el6_2\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"postgresql-docs-8.4.11-1.el6_2\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"postgresql-libs-8.4.11-1.el6_2\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"postgresql-plperl-8.4.11-1.el6_2\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"postgresql-plpython-8.4.11-1.el6_2\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"postgresql-pltcl-8.4.11-1.el6_2\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"postgresql-server-8.4.11-1.el6_2\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"postgresql-test-8.4.11-1.el6_2\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"postgresql / postgresql-contrib / postgresql-debuginfo / etc\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-17T12:46:56", "description": "From Red Hat Security Advisory 2012:0678 :\n\nUpdated postgresql84 and postgresql packages that fix three security\nissues are now available for Red Hat Enterprise Linux 5 and 6\nrespectively.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nPostgreSQL is an advanced object-relational database management system\n(DBMS).\n\nThe pg_dump utility inserted object names literally into comments in\nthe SQL script it produces. An unprivileged database user could create\nan object whose name includes a newline followed by a SQL command.\nThis SQL command might then be executed by a privileged user during\nlater restore of the backup dump, allowing privilege escalation.\n(CVE-2012-0868)\n\nWhen configured to do SSL certificate verification, PostgreSQL only\nchecked the first 31 characters of the certificate's Common Name\nfield. Depending on the configuration, this could allow an attacker to\nimpersonate a server or a client using a certificate from a trusted\nCertificate Authority issued for a different name. (CVE-2012-0867)\n\nCREATE TRIGGER did not do a permissions check on the trigger function\nto be called. This could possibly allow an authenticated database user\nto call a privileged trigger function on data of their choosing.\n(CVE-2012-0866)\n\nThese updated packages upgrade PostgreSQL to version 8.4.11, which\nfixes these issues as well as several data-corruption issues and\nlesser non-security issues. Refer to the PostgreSQL Release Notes for\na full list of changes :\n\nhttp://www.postgresql.org/docs/8.4/static/release.html\n\nAll PostgreSQL users are advised to upgrade to these updated packages,\nwhich correct these issues. If the postgresql service is running, it\nwill be automatically restarted after installing this update.", "edition": 22, "published": "2013-07-12T00:00:00", "title": "Oracle Linux 5 / 6 : postgresql / postgresql84 (ELSA-2012-0678)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-0867", "CVE-2012-0866", "CVE-2012-0868"], "modified": "2013-07-12T00:00:00", "cpe": ["cpe:/o:oracle:linux:6", "p-cpe:/a:oracle:linux:postgresql84-plpython", "p-cpe:/a:oracle:linux:postgresql84-plperl", "p-cpe:/a:oracle:linux:postgresql-plpython", "p-cpe:/a:oracle:linux:postgresql84-devel", "p-cpe:/a:oracle:linux:postgresql84-tcl", "p-cpe:/a:oracle:linux:postgresql-plperl", "p-cpe:/a:oracle:linux:postgresql84-pltcl", "p-cpe:/a:oracle:linux:postgresql-contrib", "p-cpe:/a:oracle:linux:postgresql84-libs", "p-cpe:/a:oracle:linux:postgresql84-docs", "p-cpe:/a:oracle:linux:postgresql-pltcl", "p-cpe:/a:oracle:linux:postgresql84-contrib", "cpe:/o:oracle:linux:5", "p-cpe:/a:oracle:linux:postgresql-docs", "p-cpe:/a:oracle:linux:postgresql", "p-cpe:/a:oracle:linux:postgresql-test", "p-cpe:/a:oracle:linux:postgresql84-server", "p-cpe:/a:oracle:linux:postgresql84-python", "p-cpe:/a:oracle:linux:postgresql-devel", "p-cpe:/a:oracle:linux:postgresql-server", "p-cpe:/a:oracle:linux:postgresql84-test", "p-cpe:/a:oracle:linux:postgresql84", "p-cpe:/a:oracle:linux:postgresql-libs"], "id": "ORACLELINUX_ELSA-2012-0678.NASL", "href": "https://www.tenable.com/plugins/nessus/68529", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2012:0678 and \n# Oracle Linux Security Advisory ELSA-2012-0678 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(68529);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2012-0866\", \"CVE-2012-0867\", \"CVE-2012-0868\");\n script_bugtraq_id(52188);\n script_xref(name:\"RHSA\", value:\"2012:0678\");\n\n script_name(english:\"Oracle Linux 5 / 6 : postgresql / postgresql84 (ELSA-2012-0678)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2012:0678 :\n\nUpdated postgresql84 and postgresql packages that fix three security\nissues are now available for Red Hat Enterprise Linux 5 and 6\nrespectively.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nPostgreSQL is an advanced object-relational database management system\n(DBMS).\n\nThe pg_dump utility inserted object names literally into comments in\nthe SQL script it produces. An unprivileged database user could create\nan object whose name includes a newline followed by a SQL command.\nThis SQL command might then be executed by a privileged user during\nlater restore of the backup dump, allowing privilege escalation.\n(CVE-2012-0868)\n\nWhen configured to do SSL certificate verification, PostgreSQL only\nchecked the first 31 characters of the certificate's Common Name\nfield. Depending on the configuration, this could allow an attacker to\nimpersonate a server or a client using a certificate from a trusted\nCertificate Authority issued for a different name. (CVE-2012-0867)\n\nCREATE TRIGGER did not do a permissions check on the trigger function\nto be called. This could possibly allow an authenticated database user\nto call a privileged trigger function on data of their choosing.\n(CVE-2012-0866)\n\nThese updated packages upgrade PostgreSQL to version 8.4.11, which\nfixes these issues as well as several data-corruption issues and\nlesser non-security issues. Refer to the PostgreSQL Release Notes for\na full list of changes :\n\nhttp://www.postgresql.org/docs/8.4/static/release.html\n\nAll PostgreSQL users are advised to upgrade to these updated packages,\nwhich correct these issues. If the postgresql service is running, it\nwill be automatically restarted after installing this update.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2012-May/002826.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2012-May/002832.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected postgresql and / or postgresql84 packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:postgresql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:postgresql-contrib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:postgresql-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:postgresql-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:postgresql-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:postgresql-plperl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:postgresql-plpython\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:postgresql-pltcl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:postgresql-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:postgresql-test\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:postgresql84\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:postgresql84-contrib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:postgresql84-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:postgresql84-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:postgresql84-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:postgresql84-plperl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:postgresql84-plpython\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:postgresql84-pltcl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:postgresql84-python\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:postgresql84-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:postgresql84-tcl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:postgresql84-test\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:6\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/07/18\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/05/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(5|6)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 5 / 6\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL5\", reference:\"postgresql84-8.4.11-1.el5_8\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"postgresql84-contrib-8.4.11-1.el5_8\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"postgresql84-devel-8.4.11-1.el5_8\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"postgresql84-docs-8.4.11-1.el5_8\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"postgresql84-libs-8.4.11-1.el5_8\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"postgresql84-plperl-8.4.11-1.el5_8\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"postgresql84-plpython-8.4.11-1.el5_8\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"postgresql84-pltcl-8.4.11-1.el5_8\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"postgresql84-python-8.4.11-1.el5_8\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"postgresql84-server-8.4.11-1.el5_8\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"postgresql84-tcl-8.4.11-1.el5_8\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"postgresql84-test-8.4.11-1.el5_8\")) flag++;\n\nif (rpm_check(release:\"EL6\", reference:\"postgresql-8.4.11-1.el6_2\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"postgresql-contrib-8.4.11-1.el6_2\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"postgresql-devel-8.4.11-1.el6_2\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"postgresql-docs-8.4.11-1.el6_2\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"postgresql-libs-8.4.11-1.el6_2\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"postgresql-plperl-8.4.11-1.el6_2\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"postgresql-plpython-8.4.11-1.el6_2\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"postgresql-pltcl-8.4.11-1.el6_2\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"postgresql-server-8.4.11-1.el6_2\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"postgresql-test-8.4.11-1.el6_2\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"postgresql / postgresql-contrib / postgresql-devel / etc\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-07T10:40:03", "description": "The PostgreSQL Global Development Group reports :\n\nThese vulnerabilities could allow users to define triggers that\nexecute functions on which the user does not have EXECUTE permission,\nallow SSL certificate spoofing and allow line breaks in object names\nto be exploited to execute code when loading a pg_dump file.", "edition": 22, "published": "2012-02-29T00:00:00", "title": "FreeBSD : databases/postgresql*-client -- multiple vulnerabilities (174b8864-6237-11e1-be18-14dae938ec40)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-0867", "CVE-2012-0866", "CVE-2012-0868"], "modified": "2012-02-29T00:00:00", "cpe": ["cpe:/o:freebsd:freebsd", "p-cpe:/a:freebsd:freebsd:postgresql-client"], "id": "FREEBSD_PKG_174B8864623711E1BE1814DAE938EC40.NASL", "href": "https://www.tenable.com/plugins/nessus/58162", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2018 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(58162);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2012-0866\", \"CVE-2012-0867\", \"CVE-2012-0868\");\n\n script_name(english:\"FreeBSD : databases/postgresql*-client -- multiple vulnerabilities (174b8864-6237-11e1-be18-14dae938ec40)\");\n script_summary(english:\"Checks for updated packages in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote FreeBSD host is missing one or more security-related\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The PostgreSQL Global Development Group reports :\n\nThese vulnerabilities could allow users to define triggers that\nexecute functions on which the user does not have EXECUTE permission,\nallow SSL certificate spoofing and allow line breaks in object names\nto be exploited to execute code when loading a pg_dump file.\"\n );\n # http://www.postgresql.org/about/news/1377/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.postgresql.org/about/news/1377/\"\n );\n # https://vuxml.freebsd.org/freebsd/174b8864-6237-11e1-be18-14dae938ec40.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?67570833\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:postgresql-client\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/02/27\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/02/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/02/29\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"postgresql-client<8.3.18\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"postgresql-client>=8.4<8.4.11\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"postgresql-client>=9<9.0.7\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"postgresql-client>=9.1<9.1.3\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:pkg_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-20T12:25:30", "description": "Postgresql was updated to the security and bugfix release 9.1.3 :\n\n - Require execute permission on the trigger function for\n 'CREATE TRIGGER' (CVE-2012-0866, bnc#749299).\n\n - Remove arbitrary limitation on length of common name in\n SSL certificates (CVE-2012-0867, bnc#749301).\n\n - Convert newlines to spaces in names written in pg_dump\n comments (CVE-2012-0868, bnc#749303).\n\n - See the release notes for the rest of the changes:\n http://www.postgresql.org/docs/9.1/static/release.html\n /usr/share/doc/packages/postgresql/HISTORY\n\n - This also fixes bnc#701489.", "edition": 20, "published": "2014-06-13T00:00:00", "title": "openSUSE Security Update : postgresql (openSUSE-SU-2012:1173-1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-0867", "CVE-2012-0866", "CVE-2012-0868"], "modified": "2014-06-13T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:postgresql-plperl-debuginfo", "p-cpe:/a:novell:opensuse:postgresql-server-debuginfo", "p-cpe:/a:novell:opensuse:libpq5-debuginfo", "p-cpe:/a:novell:opensuse:postgresql-libs-debugsource", "p-cpe:/a:novell:opensuse:postgresql-contrib-debuginfo", "p-cpe:/a:novell:opensuse:postgresql-devel", "p-cpe:/a:novell:opensuse:postgresql-pltcl", "p-cpe:/a:novell:opensuse:postgresql-pltcl-debuginfo", "p-cpe:/a:novell:opensuse:postgresql-debuginfo", "p-cpe:/a:novell:opensuse:postgresql-plpython", "p-cpe:/a:novell:opensuse:postgresql", "p-cpe:/a:novell:opensuse:postgresql-devel-debuginfo-32bit", "p-cpe:/a:novell:opensuse:postgresql-plpython-debuginfo", "p-cpe:/a:novell:opensuse:libecpg6", "p-cpe:/a:novell:opensuse:libpq5-32bit", "p-cpe:/a:novell:opensuse:libpq5", "p-cpe:/a:novell:opensuse:postgresql-server", "p-cpe:/a:novell:opensuse:postgresql-plperl", "p-cpe:/a:novell:opensuse:postgresql-devel-32bit", "p-cpe:/a:novell:opensuse:postgresql-debugsource", "p-cpe:/a:novell:opensuse:postgresql-contrib", "cpe:/o:novell:opensuse:12.2", "p-cpe:/a:novell:opensuse:libpq5-debuginfo-32bit", "p-cpe:/a:novell:opensuse:postgresql-devel-debuginfo", "p-cpe:/a:novell:opensuse:libecpg6-debuginfo"], "id": "OPENSUSE-2012-603.NASL", "href": "https://www.tenable.com/plugins/nessus/74756", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2012-603.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(74756);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2012-0866\", \"CVE-2012-0867\", \"CVE-2012-0868\");\n\n script_name(english:\"openSUSE Security Update : postgresql (openSUSE-SU-2012:1173-1)\");\n script_summary(english:\"Check for the openSUSE-2012-603 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Postgresql was updated to the security and bugfix release 9.1.3 :\n\n - Require execute permission on the trigger function for\n 'CREATE TRIGGER' (CVE-2012-0866, bnc#749299).\n\n - Remove arbitrary limitation on length of common name in\n SSL certificates (CVE-2012-0867, bnc#749301).\n\n - Convert newlines to spaces in names written in pg_dump\n comments (CVE-2012-0868, bnc#749303).\n\n - See the release notes for the rest of the changes:\n http://www.postgresql.org/docs/9.1/static/release.html\n /usr/share/doc/packages/postgresql/HISTORY\n\n - This also fixes bnc#701489.\"\n );\n # http://www.postgresql.org/docs/9.1/static/release.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.postgresql.org/docs/9.1/release.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=701489\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=749299\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=749301\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=749303\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.opensuse.org/opensuse-updates/2012-09/msg00060.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected postgresql packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libecpg6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libecpg6-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libpq5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libpq5-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libpq5-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libpq5-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql-contrib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql-contrib-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql-devel-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql-devel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql-devel-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql-libs-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql-plperl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql-plperl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql-plpython\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql-plpython-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql-pltcl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql-pltcl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql-server-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:12.2\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/09/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/06/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE12\\.2)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"12.2\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE12.2\", reference:\"libecpg6-9.1.3-7.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"libecpg6-debuginfo-9.1.3-7.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"libpq5-9.1.3-7.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"libpq5-debuginfo-9.1.3-7.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"postgresql-9.1.3-7.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"postgresql-contrib-9.1.3-7.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"postgresql-contrib-debuginfo-9.1.3-7.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"postgresql-debuginfo-9.1.3-7.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"postgresql-debugsource-9.1.3-7.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"postgresql-devel-9.1.3-7.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"postgresql-devel-debuginfo-9.1.3-7.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"postgresql-libs-debugsource-9.1.3-7.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"postgresql-plperl-9.1.3-7.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"postgresql-plperl-debuginfo-9.1.3-7.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"postgresql-plpython-9.1.3-7.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"postgresql-plpython-debuginfo-9.1.3-7.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"postgresql-pltcl-9.1.3-7.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"postgresql-pltcl-debuginfo-9.1.3-7.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"postgresql-server-9.1.3-7.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"postgresql-server-debuginfo-9.1.3-7.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", cpu:\"x86_64\", reference:\"libpq5-32bit-9.1.3-7.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", cpu:\"x86_64\", reference:\"libpq5-debuginfo-32bit-9.1.3-7.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", cpu:\"x86_64\", reference:\"postgresql-devel-32bit-9.1.3-7.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", cpu:\"x86_64\", reference:\"postgresql-devel-debuginfo-32bit-9.1.3-7.4.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"postgresql\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-12T10:10:24", "description": "Update to latest Postgres releases --- resolves some security and data\nloss bugs http://www.postgresql.org/docs/9.1/static/release-9-1-3.html\nhttp://www.postgresql.org/docs/9.0/static/release-9-0-7.html\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 14, "published": "2012-03-07T00:00:00", "title": "Fedora 17 : postgresql-9.1.3-1.fc17 (2012-2508)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-0867", "CVE-2012-0866", "CVE-2012-0868"], "modified": "2012-03-07T00:00:00", "cpe": ["cpe:/o:fedoraproject:fedora:17", "p-cpe:/a:fedoraproject:fedora:postgresql"], "id": "FEDORA_2012-2508.NASL", "href": "https://www.tenable.com/plugins/nessus/58257", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2012-2508.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(58257);\n script_version(\"1.16\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2012-0866\", \"CVE-2012-0867\", \"CVE-2012-0868\");\n script_bugtraq_id(52188);\n script_xref(name:\"FEDORA\", value:\"2012-2508\");\n\n script_name(english:\"Fedora 17 : postgresql-9.1.3-1.fc17 (2012-2508)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Update to latest Postgres releases --- resolves some security and data\nloss bugs http://www.postgresql.org/docs/9.1/static/release-9-1-3.html\nhttp://www.postgresql.org/docs/9.0/static/release-9-0-7.html\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n # http://www.postgresql.org/docs/9.0/static/release-9-0-7.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.postgresql.org/docs/9.0/release-9-0-7.html\"\n );\n # http://www.postgresql.org/docs/9.1/static/release-9-1-3.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.postgresql.org/docs/9.1/release-9-1-3.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=797222\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=797915\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=797917\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2012-March/074606.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?cbad45ba\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected postgresql package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:postgresql\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:17\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/02/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/03/07\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^17([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 17.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC17\", reference:\"postgresql-9.1.3-1.fc17\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"postgresql\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "openvas": [{"lastseen": "2020-03-17T23:03:02", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-0867", "CVE-2012-0866", "CVE-2012-0868"], "description": "The remote host is missing an update announced via the referenced Security Advisory.", "modified": "2020-03-13T00:00:00", "published": "2015-09-08T00:00:00", "id": "OPENVAS:1361412562310120127", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310120127", "type": "openvas", "title": "Amazon Linux: Security Advisory (ALAS-2012-82)", "sourceData": "# Copyright (C) 2015 Eero Volotinen\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of their respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.120127\");\n script_version(\"2020-03-13T13:19:50+0000\");\n script_tag(name:\"creation_date\", value:\"2015-09-08 13:18:09 +0200 (Tue, 08 Sep 2015)\");\n script_tag(name:\"last_modification\", value:\"2020-03-13 13:19:50 +0000 (Fri, 13 Mar 2020)\");\n script_name(\"Amazon Linux: Security Advisory (ALAS-2012-82)\");\n script_tag(name:\"insight\", value:\"The pg_dump utility inserted object names literally into comments in the SQL script it produces. An unprivileged database user could create an object whose name includes a newline followed by an SQL command. This SQL command might then be executed by a privileged user during later restore of the backup dump, allowing privilege escalation. (CVE-2012-0868 )When configured to do SSL certificate verification, PostgreSQL only checked the first 31 characters of the certificate's Common Name field. Depending on the configuration, this could allow an attacker to impersonate a server or a client using a certificate from a trusted Certificate Authority issued for a different name. (CVE-2012-0867 )CREATE TRIGGER did not do a permissions check on the trigger function to be called. This could possibly allow an authenticated database user to call a privileged trigger function on data of their choosing. (CVE-2012-0866 )\");\n script_tag(name:\"solution\", value:\"Run yum update postgresql8 to update your system.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"https://alas.aws.amazon.com/ALAS-2012-82.html\");\n script_cve_id(\"CVE-2012-0866\", \"CVE-2012-0867\", \"CVE-2012-0868\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/amazon_linux\", \"ssh/login/release\");\n script_category(ACT_GATHER_INFO);\n script_tag(name:\"summary\", value:\"The remote host is missing an update announced via the referenced Security Advisory.\");\n script_copyright(\"Copyright (C) 2015 Eero Volotinen\");\n script_family(\"Amazon Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"AMAZON\") {\n if(!isnull(res = isrpmvuln(pkg:\"postgresql8-libs\", rpm:\"postgresql8-libs~8.4.11~1.34.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"postgresql8-test\", rpm:\"postgresql8-test~8.4.11~1.34.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"postgresql8\", rpm:\"postgresql8~8.4.11~1.34.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"postgresql8-plperl\", rpm:\"postgresql8-plperl~8.4.11~1.34.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"postgresql8-contrib\", rpm:\"postgresql8-contrib~8.4.11~1.34.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"postgresql8-debuginfo\", rpm:\"postgresql8-debuginfo~8.4.11~1.34.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"postgresql8-pltcl\", rpm:\"postgresql8-pltcl~8.4.11~1.34.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"postgresql8-plpython\", rpm:\"postgresql8-plpython~8.4.11~1.34.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"postgresql8-docs\", rpm:\"postgresql8-docs~8.4.11~1.34.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"postgresql8-devel\", rpm:\"postgresql8-devel~8.4.11~1.34.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"postgresql8-server\", rpm:\"postgresql8-server~8.4.11~1.34.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2018-01-02T10:56:40", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-0867", "CVE-2012-0866", "CVE-2012-0868"], "description": "Check for the Version of postgresql", "modified": "2018-01-02T00:00:00", "published": "2012-03-09T00:00:00", "id": "OPENVAS:863762", "href": "http://plugins.openvas.org/nasl.php?oid=863762", "type": "openvas", "title": "Fedora Update for postgresql FEDORA-2012-2589", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for postgresql FEDORA-2012-2589\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"PostgreSQL is an advanced Object-Relational database management system\n (DBMS) that supports almost all SQL constructs (including\n transactions, sub-selects and user-defined types and functions). The\n postgresql package includes the client programs and libraries that\n you'll need to access a PostgreSQL DBMS server. These PostgreSQL\n client programs are programs that directly manipulate the internal\n structure of PostgreSQL databases on a PostgreSQL server. These client\n programs can be located on the same machine with the PostgreSQL\n server, or may be on a remote machine which accesses a PostgreSQL\n server over a network connection. This package contains the docs\n in HTML for the whole package, as well as command-line utilities for\n managing PostgreSQL databases on a PostgreSQL server.\n\n If you want to manipulate a PostgreSQL database on a local or remote PostgreSQL\n server, you need this package. You also need to install this package\n if you're installing the postgresql-server package.\";\n\ntag_affected = \"postgresql on Fedora 15\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2012-March/074715.html\");\n script_id(863762);\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_version(\"$Revision: 8267 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-02 07:29:17 +0100 (Tue, 02 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-03-09 10:25:19 +0530 (Fri, 09 Mar 2012)\");\n script_cve_id(\"CVE-2012-0866\", \"CVE-2012-0867\", \"CVE-2012-0868\");\n script_xref(name: \"FEDORA\", value: \"2012-2589\");\n script_name(\"Fedora Update for postgresql FEDORA-2012-2589\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of postgresql\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC15\")\n{\n\n if ((res = isrpmvuln(pkg:\"postgresql\", rpm:\"postgresql~9.0.7~1.fc15\", rls:\"FC15\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:38:48", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-0867", "CVE-2012-0866", "CVE-2012-0868"], "description": "The remote host is missing an update to the system\n as announced in the referenced advisory.", "modified": "2018-10-05T00:00:00", "published": "2012-03-12T00:00:00", "id": "OPENVAS:136141256231071164", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231071164", "type": "openvas", "title": "FreeBSD Ports: postgresql-client", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: freebsd_postgresql-client0.nasl 11762 2018-10-05 10:54:12Z cfischer $\n#\n# Auto generated from VID 174b8864-6237-11e1-be18-14dae938ec40\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.71164\");\n script_cve_id(\"CVE-2012-0866\", \"CVE-2012-0867\", \"CVE-2012-0868\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_version(\"$Revision: 11762 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-05 12:54:12 +0200 (Fri, 05 Oct 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-03-12 11:35:07 -0400 (Mon, 12 Mar 2012)\");\n script_name(\"FreeBSD Ports: postgresql-client\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"FreeBSD Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/freebsd\", \"ssh/login/freebsdrel\");\n\n script_tag(name:\"insight\", value:\"The following package is affected: postgresql-client\");\n\n script_tag(name:\"solution\", value:\"Update your system with the appropriate patches or\n software upgrades.\");\n\n script_xref(name:\"URL\", value:\"http://www.postgresql.org/about/news/1377/\");\n script_xref(name:\"URL\", value:\"http://www.vuxml.org/freebsd/174b8864-6237-11e1-be18-14dae938ec40.html\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update to the system\n as announced in the referenced advisory.\");\n\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-bsd.inc\");\n\nvuln = FALSE;\ntxt = \"\";\n\nbver = portver(pkg:\"postgresql-client\");\nif(!isnull(bver) && revcomp(a:bver, b:\"8.3.18\")<0) {\n txt += \"Package postgresql-client version \" + bver + \" is installed which is known to be vulnerable.\\n\";\n vuln = TRUE;\n}\nif(!isnull(bver) && revcomp(a:bver, b:\"8.4\")>=0 && revcomp(a:bver, b:\"8.4.11\")<0) {\n txt += \"Package postgresql-client version \" + bver + \" is installed which is known to be vulnerable.\\n\";\n vuln = TRUE;\n}\nif(!isnull(bver) && revcomp(a:bver, b:\"9\")>=0 && revcomp(a:bver, b:\"9.0.7\")<0) {\n txt += \"Package postgresql-client version \" + bver + \" is installed which is known to be vulnerable.\\n\";\n vuln = TRUE;\n}\nif(!isnull(bver) && revcomp(a:bver, b:\"9.1\")>=0 && revcomp(a:bver, b:\"9.1.3\")<0) {\n txt += \"Package postgresql-client version \" + bver + \" is installed which is known to be vulnerable.\\n\";\n vuln = TRUE;\n}\n\nif(vuln) {\n security_message(data:txt);\n} else if (__pkg_match) {\n exit(99);\n}", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:36:05", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-0867", "CVE-2012-0866", "CVE-2012-0868"], "description": "Oracle Linux Local Security Checks ELSA-2012-0678", "modified": "2018-09-28T00:00:00", "published": "2015-10-06T00:00:00", "id": "OPENVAS:1361412562310123918", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310123918", "type": "openvas", "title": "Oracle Linux Local Check: ELSA-2012-0678", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: ELSA-2012-0678.nasl 11688 2018-09-28 13:36:28Z cfischer $\n#\n# Oracle Linux Local Check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.123918\");\n script_version(\"$Revision: 11688 $\");\n script_tag(name:\"creation_date\", value:\"2015-10-06 14:10:16 +0300 (Tue, 06 Oct 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-28 15:36:28 +0200 (Fri, 28 Sep 2018) $\");\n script_name(\"Oracle Linux Local Check: ELSA-2012-0678\");\n script_tag(name:\"insight\", value:\"ELSA-2012-0678 - postgresql and postgresql84 security update. Please see the references for more insight.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"Oracle Linux Local Security Checks ELSA-2012-0678\");\n script_xref(name:\"URL\", value:\"http://linux.oracle.com/errata/ELSA-2012-0678.html\");\n script_cve_id(\"CVE-2012-0867\", \"CVE-2012-0866\", \"CVE-2012-0868\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\", re:\"ssh/login/release=OracleLinux(5|6)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Eero Volotinen\");\n script_family(\"Oracle Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"OracleLinux5\")\n{\n if ((res = isrpmvuln(pkg:\"postgresql84\", rpm:\"postgresql84~8.4.11~1.el5_8\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"postgresql84-contrib\", rpm:\"postgresql84-contrib~8.4.11~1.el5_8\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"postgresql84-devel\", rpm:\"postgresql84-devel~8.4.11~1.el5_8\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"postgresql84-docs\", rpm:\"postgresql84-docs~8.4.11~1.el5_8\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"postgresql84-libs\", rpm:\"postgresql84-libs~8.4.11~1.el5_8\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"postgresql84-plperl\", rpm:\"postgresql84-plperl~8.4.11~1.el5_8\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"postgresql84-plpython\", rpm:\"postgresql84-plpython~8.4.11~1.el5_8\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"postgresql84-pltcl\", rpm:\"postgresql84-pltcl~8.4.11~1.el5_8\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"postgresql84-python\", rpm:\"postgresql84-python~8.4.11~1.el5_8\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"postgresql84-server\", rpm:\"postgresql84-server~8.4.11~1.el5_8\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"postgresql84-tcl\", rpm:\"postgresql84-tcl~8.4.11~1.el5_8\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"postgresql84-test\", rpm:\"postgresql84-test~8.4.11~1.el5_8\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif(release == \"OracleLinux6\")\n{\n if ((res = isrpmvuln(pkg:\"postgresql\", rpm:\"postgresql~8.4.11~1.el6_2\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"postgresql-contrib\", rpm:\"postgresql-contrib~8.4.11~1.el6_2\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"postgresql-devel\", rpm:\"postgresql-devel~8.4.11~1.el6_2\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"postgresql-docs\", rpm:\"postgresql-docs~8.4.11~1.el6_2\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"postgresql-libs\", rpm:\"postgresql-libs~8.4.11~1.el6_2\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"postgresql-plperl\", rpm:\"postgresql-plperl~8.4.11~1.el6_2\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"postgresql-plpython\", rpm:\"postgresql-plpython~8.4.11~1.el6_2\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"postgresql-pltcl\", rpm:\"postgresql-pltcl~8.4.11~1.el6_2\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"postgresql-server\", rpm:\"postgresql-server~8.4.11~1.el6_2\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"postgresql-test\", rpm:\"postgresql-test~8.4.11~1.el6_2\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif (__pkg_match) exit(99);\n exit(0);\n\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:38:59", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-0867", "CVE-2012-0866", "CVE-2012-0868"], "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2012-03-09T00:00:00", "id": "OPENVAS:1361412562310863762", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310863762", "type": "openvas", "title": "Fedora Update for postgresql FEDORA-2012-2589", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for postgresql FEDORA-2012-2589\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2012-March/074715.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.863762\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-03-09 10:25:19 +0530 (Fri, 09 Mar 2012)\");\n script_cve_id(\"CVE-2012-0866\", \"CVE-2012-0867\", \"CVE-2012-0868\");\n script_xref(name:\"FEDORA\", value:\"2012-2589\");\n script_name(\"Fedora Update for postgresql FEDORA-2012-2589\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'postgresql'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC15\");\n script_tag(name:\"affected\", value:\"postgresql on Fedora 15\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC15\")\n{\n\n if ((res = isrpmvuln(pkg:\"postgresql\", rpm:\"postgresql~9.0.7~1.fc15\", rls:\"FC15\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:39:04", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-0867", "CVE-2012-0866", "CVE-2012-0868"], "description": "Ubuntu Update for Linux kernel vulnerabilities USN-1378-1", "modified": "2019-03-13T00:00:00", "published": "2012-03-07T00:00:00", "id": "OPENVAS:1361412562310840921", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310840921", "type": "openvas", "title": "Ubuntu Update for postgresql-9.1 USN-1378-1", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1378_1.nasl 14132 2019-03-13 09:25:59Z cfischer $\n#\n# Ubuntu Update for postgresql-9.1 USN-1378-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-1378-1/\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.840921\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_version(\"$Revision: 14132 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 10:25:59 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-03-07 11:20:04 +0530 (Wed, 07 Mar 2012)\");\n script_cve_id(\"CVE-2012-0866\", \"CVE-2012-0867\", \"CVE-2012-0868\");\n script_xref(name:\"USN\", value:\"1378-1\");\n script_name(\"Ubuntu Update for postgresql-9.1 USN-1378-1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU(10\\.10|10\\.04 LTS|11\\.04|8\\.04 LTS)\");\n script_tag(name:\"summary\", value:\"Ubuntu Update for Linux kernel vulnerabilities USN-1378-1\");\n script_tag(name:\"affected\", value:\"postgresql-9.1 on Ubuntu 11.04,\n Ubuntu 10.10,\n Ubuntu 10.04 LTS,\n Ubuntu 8.04 LTS\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"insight\", value:\"It was discovered that PostgreSQL incorrectly checked permissions on\n functions called by a trigger. An attacker could attach a trigger to a\n table they owned and possibly escalate privileges. (CVE-2012-0866)\n\n It was discovered that PostgreSQL incorrectly truncated SSL certificate\n name checks to 32 characters. If a host name was exactly 32 characters,\n this issue could be exploited by an attacker to spoof the SSL certificate.\n This issue affected Ubuntu 10.04 LTS, Ubuntu 10.10, Ubuntu 11.04 and\n Ubuntu 11.10. (CVE-2012-0867)\n\n It was discovered that the PostgreSQL pg_dump utility incorrectly filtered\n line breaks in object names. An attacker could create object names that\n execute arbitrary SQL commands when a dump script is reloaded.\n (CVE-2012-0868)\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU10.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"postgresql-8.4\", ver:\"8.4.11-0ubuntu0.10.10\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU10.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"postgresql-8.4\", ver:\"8.4.11-0ubuntu0.10.04\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU11.04\")\n{\n\n if ((res = isdpkgvuln(pkg:\"postgresql-8.4\", ver:\"8.4.11-0ubuntu0.11.04\", rls:\"UBUNTU11.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU8.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"postgresql-8.3\", ver:\"8.3.18-0ubuntu0.8.04\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2017-07-02T21:10:46", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-0867", "CVE-2012-0866", "CVE-2012-0868"], "description": "The remote host is missing an update to the system\nas announced in the referenced advisory.", "modified": "2017-04-19T00:00:00", "published": "2012-03-12T00:00:00", "id": "OPENVAS:71164", "href": "http://plugins.openvas.org/nasl.php?oid=71164", "type": "openvas", "title": "FreeBSD Ports: postgresql-client", "sourceData": "#\n#VID 174b8864-6237-11e1-be18-14dae938ec40\n# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from VID 174b8864-6237-11e1-be18-14dae938ec40\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The following package is affected: postgresql-client\";\ntag_solution = \"Update your system with the appropriate patches or\nsoftware upgrades.\n\nhttp://www.postgresql.org/about/news/1377/\nhttp://www.vuxml.org/freebsd/174b8864-6237-11e1-be18-14dae938ec40.html\";\ntag_summary = \"The remote host is missing an update to the system\nas announced in the referenced advisory.\";\n\n\n\nif(description)\n{\n script_id(71164);\n script_cve_id(\"CVE-2012-0866\", \"CVE-2012-0867\", \"CVE-2012-0868\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_version(\"$Revision: 5977 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-04-19 11:02:22 +0200 (Wed, 19 Apr 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-03-12 11:35:07 -0400 (Mon, 12 Mar 2012)\");\n script_name(\"FreeBSD Ports: postgresql-client\");\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"FreeBSD Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/freebsdrel\", \"login/SSH/success\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-bsd.inc\");\nvuln = 0;\ntxt = \"\";\nbver = portver(pkg:\"postgresql-client\");\nif(!isnull(bver) && revcomp(a:bver, b:\"8.3.18\")<0) {\n txt += \"Package postgresql-client version \" + bver + \" is installed which is known to be vulnerable.\\n\";\n vuln = 1;\n}\nif(!isnull(bver) && revcomp(a:bver, b:\"8.4\")>=0 && revcomp(a:bver, b:\"8.4.11\")<0) {\n txt += \"Package postgresql-client version \" + bver + \" is installed which is known to be vulnerable.\\n\";\n vuln = 1;\n}\nif(!isnull(bver) && revcomp(a:bver, b:\"9\")>=0 && revcomp(a:bver, b:\"9.0.7\")<0) {\n txt += \"Package postgresql-client version \" + bver + \" is installed which is known to be vulnerable.\\n\";\n vuln = 1;\n}\nif(!isnull(bver) && revcomp(a:bver, b:\"9.1\")>=0 && revcomp(a:bver, b:\"9.1.3\")<0) {\n txt += \"Package postgresql-client version \" + bver + \" is installed which is known to be vulnerable.\\n\";\n vuln = 1;\n}\n\nif(vuln) {\n security_message(data:string(txt ));\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-01-11T11:06:21", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-0867", "CVE-2012-0866", "CVE-2012-0868"], "description": "Check for the Version of postgresql", "modified": "2018-01-10T00:00:00", "published": "2012-04-02T00:00:00", "id": "OPENVAS:864094", "href": "http://plugins.openvas.org/nasl.php?oid=864094", "type": "openvas", "title": "Fedora Update for postgresql FEDORA-2012-2591", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for postgresql FEDORA-2012-2591\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"postgresql on Fedora 16\";\ntag_insight = \"PostgreSQL is an advanced Object-Relational database management system (DBMS).\n The base postgresql package contains the client programs that you'll need to\n access a PostgreSQL DBMS server, as well as HTML documentation for the whole\n system. These client programs can be located on the same machine as the\n PostgreSQL server, or on a remote machine that accesses a PostgreSQL server\n over a network connection. The PostgreSQL server can be found in the\n postgresql-server sub-package.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2012-March/074724.html\");\n script_id(864094);\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_version(\"$Revision: 8352 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-10 08:01:57 +0100 (Wed, 10 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-04-02 13:14:23 +0530 (Mon, 02 Apr 2012)\");\n script_cve_id(\"CVE-2012-0866\", \"CVE-2012-0867\", \"CVE-2012-0868\");\n script_xref(name: \"FEDORA\", value: \"2012-2591\");\n script_name(\"Fedora Update for postgresql FEDORA-2012-2591\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of postgresql\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC16\")\n{\n\n if ((res = isrpmvuln(pkg:\"postgresql\", rpm:\"postgresql~9.1.3~1.fc16\", rls:\"FC16\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-01-06T13:07:10", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-0867", "CVE-2012-0866", "CVE-2012-0868"], "description": "Check for the Version of postgresql84", "modified": "2018-01-05T00:00:00", "published": "2012-07-30T00:00:00", "id": "OPENVAS:881186", "href": "http://plugins.openvas.org/nasl.php?oid=881186", "type": "openvas", "title": "CentOS Update for postgresql84 CESA-2012:0678 centos5 ", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for postgresql84 CESA-2012:0678 centos5 \n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"PostgreSQL is an advanced object-relational database management system\n (DBMS).\n\n The pg_dump utility inserted object names literally into comments in the\n SQL script it produces. An unprivileged database user could create an\n object whose name includes a newline followed by an SQL command. This SQL\n command might then be executed by a privileged user during later restore of\n the backup dump, allowing privilege escalation. (CVE-2012-0868)\n \n When configured to do SSL certificate verification, PostgreSQL only checked\n the first 31 characters of the certificate's Common Name field. Depending\n on the configuration, this could allow an attacker to impersonate a server\n or a client using a certificate from a trusted Certificate Authority issued\n for a different name. (CVE-2012-0867)\n \n CREATE TRIGGER did not do a permissions check on the trigger function to\n be called. This could possibly allow an authenticated database user to\n call a privileged trigger function on data of their choosing.\n (CVE-2012-0866)\n \n These updated packages upgrade PostgreSQL to version 8.4.11, which fixes\n these issues as well as several data-corruption issues and lesser\n non-security issues. Refer to the PostgreSQL Release Notes for a full list\n of changes:\n \n <a rel= &qt nofollow &qt href= &qt http://www.postgresql.org/docs/8.4/static/release.html &qt >http://www.postgresql.org/docs/8.4/static/release.html</a>\n \n All PostgreSQL users are advised to upgrade to these updated packages,\n which correct these issues. If the postgresql service is running, it will\n be automatically restarted after installing this update.\";\n\ntag_affected = \"postgresql84 on CentOS 5\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2012-May/018648.html\");\n script_id(881186);\n script_version(\"$Revision: 8295 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-05 07:29:18 +0100 (Fri, 05 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-07-30 16:37:03 +0530 (Mon, 30 Jul 2012)\");\n script_cve_id(\"CVE-2012-0866\", \"CVE-2012-0867\", \"CVE-2012-0868\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"CESA\", value: \"2012:0678\");\n script_name(\"CentOS Update for postgresql84 CESA-2012:0678 centos5 \");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of postgresql84\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS5\")\n{\n\n if ((res = isrpmvuln(pkg:\"postgresql84\", rpm:\"postgresql84~8.4.11~1.el5_8\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"postgresql84-contrib\", rpm:\"postgresql84-contrib~8.4.11~1.el5_8\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"postgresql84-devel\", rpm:\"postgresql84-devel~8.4.11~1.el5_8\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"postgresql84-docs\", rpm:\"postgresql84-docs~8.4.11~1.el5_8\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"postgresql84-libs\", rpm:\"postgresql84-libs~8.4.11~1.el5_8\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"postgresql84-plperl\", rpm:\"postgresql84-plperl~8.4.11~1.el5_8\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"postgresql84-plpython\", rpm:\"postgresql84-plpython~8.4.11~1.el5_8\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"postgresql84-pltcl\", rpm:\"postgresql84-pltcl~8.4.11~1.el5_8\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"postgresql84-python\", rpm:\"postgresql84-python~8.4.11~1.el5_8\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"postgresql84-server\", rpm:\"postgresql84-server~8.4.11~1.el5_8\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"postgresql84-tcl\", rpm:\"postgresql84-tcl~8.4.11~1.el5_8\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"postgresql84-test\", rpm:\"postgresql84-test~8.4.11~1.el5_8\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:39:16", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-0867", "CVE-2012-0866", "CVE-2012-0868"], "description": "The remote host is missing an update for the ", "modified": "2018-11-16T00:00:00", "published": "2012-05-22T00:00:00", "id": "OPENVAS:1361412562310870595", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310870595", "type": "openvas", "title": "RedHat Update for postgresql and postgresql84 RHSA-2012:0678-01", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for postgresql and postgresql84 RHSA-2012:0678-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"https://www.redhat.com/archives/rhsa-announce/2012-May/msg00013.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.870595\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_version(\"$Revision: 12382 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-16 12:51:56 +0100 (Fri, 16 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-05-22 10:10:11 +0530 (Tue, 22 May 2012)\");\n script_cve_id(\"CVE-2012-0866\", \"CVE-2012-0867\", \"CVE-2012-0868\");\n script_xref(name:\"RHSA\", value:\"2012:0678-01\");\n script_name(\"RedHat Update for postgresql and postgresql84 RHSA-2012:0678-01\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'postgresql and postgresql84'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\", re:\"ssh/login/release=RHENT_5\");\n script_tag(name:\"affected\", value:\"postgresql and postgresql84 on Red Hat Enterprise Linux (v. 5 server)\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"insight\", value:\"PostgreSQL is an advanced object-relational database management system\n (DBMS).\n\n The pg_dump utility inserted object names literally into comments in the\n SQL script it produces. An unprivileged database user could create an\n object whose name includes a newline followed by an SQL command. This SQL\n command might then be executed by a privileged user during later restore of\n the backup dump, allowing privilege escalation. (CVE-2012-0868)\n\n When configured to do SSL certificate verification, PostgreSQL only checked\n the first 31 characters of the certificate's Common Name field. Depending\n on the configuration, this could allow an attacker to impersonate a server\n or a client using a certificate from a trusted Certificate Authority issued\n for a different name. (CVE-2012-0867)\n\n CREATE TRIGGER did not do a permissions check on the trigger function to\n be called. This could possibly allow an authenticated database user to\n call a privileged trigger function on data of their choosing.\n (CVE-2012-0866)\n\n These updated packages upgrade PostgreSQL to version 8.4.11, which fixes\n these issues as well as several data-corruption issues and lesser\n non-security issues. Refer to the PostgreSQL Release Notes for a full list\n of changes.\n\n All PostgreSQL users are advised to upgrade to these updated packages,\n which correct these issues. If the postgresql service is running, it will\n be automatically restarted after installing this update.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_xref(name:\"URL\", value:\"http://www.postgresql.org/docs/8.4/static/release.html\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"RHENT_5\")\n{\n\n if ((res = isrpmvuln(pkg:\"postgresql84\", rpm:\"postgresql84~8.4.11~1.el5_8\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"postgresql84-contrib\", rpm:\"postgresql84-contrib~8.4.11~1.el5_8\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"postgresql84-debuginfo\", rpm:\"postgresql84-debuginfo~8.4.11~1.el5_8\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"postgresql84-devel\", rpm:\"postgresql84-devel~8.4.11~1.el5_8\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"postgresql84-docs\", rpm:\"postgresql84-docs~8.4.11~1.el5_8\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"postgresql84-libs\", rpm:\"postgresql84-libs~8.4.11~1.el5_8\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"postgresql84-plperl\", rpm:\"postgresql84-plperl~8.4.11~1.el5_8\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"postgresql84-plpython\", rpm:\"postgresql84-plpython~8.4.11~1.el5_8\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"postgresql84-pltcl\", rpm:\"postgresql84-pltcl~8.4.11~1.el5_8\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"postgresql84-python\", rpm:\"postgresql84-python~8.4.11~1.el5_8\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"postgresql84-server\", rpm:\"postgresql84-server~8.4.11~1.el5_8\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"postgresql84-tcl\", rpm:\"postgresql84-tcl~8.4.11~1.el5_8\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"postgresql84-test\", rpm:\"postgresql84-test~8.4.11~1.el5_8\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "seebug": [{"lastseen": "2017-11-19T17:55:19", "description": "CVE-2012-0866\r\nCVE-2012-0867\r\nCVE-2012-0868\r\n\r\nPostgreSQL\u662f\u4e00\u6b3e\u5bf9\u8c61\u5173\u7cfb\u578b\u6570\u636e\u5e93\u7ba1\u7406\u7cfb\u7edf\uff0c\u652f\u6301\u6269\u5c55\u7684SQL\u6807\u51c6\u5b50\u96c6\r\n\r\nPostgreSQL\u5b58\u5728\u591a\u4e2a\u5b89\u5168\u6f0f\u6d1e\uff0c\u5141\u8bb8\u6076\u610f\u7528\u6237\u7ed5\u8fc7\u90e8\u5206\u5b89\u5168\u9650\u5236\uff0c\u8fdb\u884c\u4f2a\u9020\u653b\u51fb\u6216\u64cd\u4f5c\u67d0\u4e9b\u6570\u636e\r\n-\u5728\u89e6\u53d1\u51fd\u6570\u4e0a\u6ca1\u6709\u5bf9CREATE TRIGGER\u8fdb\u884c\u6b63\u786e\u7684\u6743\u9650\u68c0\u67e5\uff0c\u53ef\u5229\u7528\u6b64\u6f0f\u6d1e\u6807\u8bb0\u89e6\u53d1\u51fd\u6570\u4e3aSECURITY DEFINER\uff0c\u53ef\u6388\u6743EXECUTE\u6743\u9650\r\n-\u5728\u6821\u9a8cSSL\u8bc1\u4e66\u7684\u516c\u7528\u540d\u65f6\u4e0d\u6b63\u786e\u628a\u540d\u79f0\u622a\u65ad\u4e3a32\u4e2a\u5b57\u7b26\uff0c\u53ef\u5bfc\u81f4\u4e0d\u6b63\u786e\u6821\u9a8c\u4f2a\u9020\u8bc1\u4e66\r\n-\u5f53\u5411\u8bc4\u6ce8\u6ce8\u5165\u5bf9\u8c61\u540d\u65f6pg_dump\u5b58\u5728\u8f93\u5165\u8fc7\u6ee4\u9519\u8bef\uff0c\u53ef\u88ab\u5229\u7528\u901a\u8fc7\u6362\u884c\u5b57\u7b26\u8f6c\u4e49\u8bc4\u6ce8\uff0c\u5411DUMP\u811a\u672c\u6ce8\u5165SQL\u547d\u4ee4\n0\nPostgreSQL 8.x\r\nPostgreSQL 9.x\n\u5382\u5546\u89e3\u51b3\u65b9\u6848\r\n\r\nPostgreSQL\r\n-----\r\nPostgreSQL 9.1.3, 9.0.7, 8.4.11\u62168.3.18\u5df2\u7ecf\u4fee\u590d\u6b64\u6f0f\u6d1e\uff0c\u5efa\u8bae\u7528\u6237\u4e0b\u8f7d\u4f7f\u7528\uff1a\r\nhttp://www.postgresql.org/", "published": "2012-02-29T00:00:00", "type": "seebug", "title": "PostgreSQL 8.x/9.x \u5b58\u5728\u591a\u4e2a\u5b89\u5168\u6f0f\u6d1e", "bulletinFamily": "exploit", "cvelist": ["CVE-2012-0866", "CVE-2012-0867", "CVE-2012-0868"], "modified": "2012-02-29T00:00:00", "href": "https://www.seebug.org/vuldb/ssvid-30152", "id": "SSV:30152", "sourceData": "", "sourceHref": "", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "postgresql": [{"lastseen": "2020-12-24T14:27:32", "bulletinFamily": "software", "cvelist": ["CVE-2012-0866"], "description": "Permissions on a function called by a trigger are not properly checked.", "edition": 3, "modified": "2012-07-18T23:55:00", "published": "2012-07-18T23:55:00", "href": "https://www.postgresql.org/support/security/9.1/", "id": "POSTGRESQL:CVE-2012-0866", "type": "postgresql", "title": "Vulnerability in core server (CVE-2012-0866)", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2020-12-24T14:27:32", "bulletinFamily": "software", "cvelist": ["CVE-2012-0867"], "description": "SSL certificate name checks are truncated to 32 characters, allowing connection spoofing under some circumstances when using third party certificate authorities.", "edition": 3, "modified": "2012-07-18T23:55:00", "published": "2012-07-18T23:55:00", "href": "https://www.postgresql.org/support/security/9.1/", "id": "POSTGRESQL:CVE-2012-0867", "type": "postgresql", "title": "Vulnerability in core server (CVE-2012-0867)", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2020-12-24T14:27:32", "bulletinFamily": "software", "cvelist": ["CVE-2012-0868"], "description": "Line breaks in object names can be exploited to execute arbitrary SQL when reloading a pg_dump file.", "edition": 3, "modified": "2012-07-18T23:55:00", "published": "2012-07-18T23:55:00", "href": "https://www.postgresql.org/support/security/9.1/", "id": "POSTGRESQL:CVE-2012-0868", "type": "postgresql", "title": "Vulnerability in core server (CVE-2012-0868)", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "gentoo": [{"lastseen": "2016-09-06T19:46:54", "bulletinFamily": "unix", "cvelist": ["CVE-2012-0867", "CVE-2012-3489", "CVE-2012-2143", "CVE-2012-3488", "CVE-2012-2655", "CVE-2012-0866", "CVE-2012-0868"], "description": "### Background\n\nPostgreSQL is an open source object-relational database management system. \n\n### Description\n\nMultiple vulnerabilities have been discovered in PostgreSQL. Please review the CVE identifiers referenced below for details. \n\n### Impact\n\nA remote attacker could spoof SSL connections. Furthermore, a remote authenticated attacker could cause a Denial of Service, read and write arbitrary files, inject SQL commands into dump scripts, or bypass database restrictions to execute database functions. \n\nA context-dependent attacker could more easily obtain access via authentication attempts with an initial substring of the intended password. \n\n### Workaround\n\nThere is no known workaround at this time.\n\n### Resolution\n\nAll PostgreSQL 9.1 server users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=dev-db/postgresql-server-9.1.5\"\n \n\nAll PostgreSQL 9.0 server users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=dev-db/postgresql-server-9.0.9\"\n \n\nAll PostgreSQL 8.4 server users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=dev-db/postgresql-server-8.4.13\"\n \n\nAll PostgreSQL 8.3 server users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=dev-db/postgresql-server-8.3.20\"", "edition": 1, "modified": "2014-01-20T00:00:00", "published": "2012-09-28T00:00:00", "id": "GLSA-201209-24", "href": "https://security.gentoo.org/glsa/201209-24", "type": "gentoo", "title": "PostgreSQL: Multiple vulnerabilities", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}]}