{"id": "OPENVAS:1361412562310851808", "type": "openvas", "bulletinFamily": "scanner", "title": "openSUSE: Security Advisory for postgresql95 (openSUSE-SU-2018:1900-1)", "description": "The remote host is missing an update for the ", "published": "2018-07-06T00:00:00", "modified": "2020-06-03T00:00:00", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:P"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310851808", "reporter": "Copyright (C) 2018 Greenbone Networks GmbH", "references": ["2018:1900-1", "https://www.postgresql.org/docs/9.5/static/release-9-5-13.html", "https://lists.opensuse.org/opensuse-security-announce/2018-07/msg00004.html"], "cvelist": ["CVE-2018-1115"], "lastseen": "2020-06-04T16:41:49", "viewCount": 8, "enchantments": {"dependencies": {"references": [{"type": "altlinux", "idList": ["1439985FB2BBD6F818D68C0558B49CBF", "5DD94B5885CE9E10B1AB50DB58BF4495", "6534D818C5F5A107890D02B31E442296", "7B02354C0BC6D76C3892BF9DF91A7B2C", "8DA449A8BBEDF97F8E87B61EC6E9A58E", "AA8ACE971A07DD6AF2FE7B20E5FEC4D1", "B4D0A4D27A15718EF93F1B5E22394CE9", "EAD4050F7D8442CA4AC68B5BD083F89C"]}, {"type": "amazon", "idList": ["ALAS-2018-1119"]}, {"type": "cve", "idList": ["CVE-2018-1115"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2018-1115"]}, {"type": "fedora", "idList": ["FEDORA:1EF0760608FF", "FEDORA:44D0E60603F2", "FEDORA:7FADD604D40F"]}, {"type": "gentoo", "idList": ["GLSA-201810-08"]}, {"type": "kaspersky", "idList": ["KLA11263"]}, {"type": "mageia", "idList": ["MGASA-2018-0446"]}, {"type": "nessus", "idList": ["ALA_ALAS-2018-1119.NASL", "EULEROS_SA-2020-1876.NASL", "FEDORA_2018-08550A9006.NASL", "FEDORA_2018-937C789F2A.NASL", "FEDORA_2018-BD6F9237B5.NASL", "GENTOO_GLSA-201810-08.NASL", "OPENSUSE-2018-638.NASL", "OPENSUSE-2018-696.NASL", "OPENSUSE-2018-955.NASL", "OPENSUSE-2019-659.NASL", "OPENSUSE-2020-1227.NASL", "POSTGRESQL_20181115.NASL", "SUSE_SU-2018-1695-1.NASL", "SUSE_SU-2018-2564-1.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310141083", "OPENVAS:1361412562310141084", "OPENVAS:1361412562310851787", "OPENVAS:1361412562310851957", "OPENVAS:1361412562310874475", "OPENVAS:1361412562310874590", "OPENVAS:1361412562310874591"]}, {"type": "postgresql", "idList": ["POSTGRESQL:CVE-2018-1115"]}, {"type": "redhat", "idList": ["RHSA-2018:2565", "RHSA-2018:2566"]}, {"type": "redhatcve", "idList": ["RH:CVE-2018-1115"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2018:1709-1", "OPENSUSE-SU-2018:1900-1", "OPENSUSE-SU-2018:2599-1", "OPENSUSE-SU-2020:1227-1"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2018-1115"]}]}, "score": {"value": 0.0, "vector": "NONE"}, "backreferences": {"references": [{"type": "amazon", "idList": ["ALAS-2018-1119"]}, {"type": "cve", "idList": ["CVE-2018-1115"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2018-1115"]}, {"type": "fedora", "idList": ["FEDORA:1EF0760608FF", "FEDORA:44D0E60603F2", "FEDORA:7FADD604D40F"]}, {"type": "gentoo", "idList": ["GLSA-201810-08"]}, {"type": "kaspersky", "idList": ["KLA11263"]}, {"type": "nessus", "idList": ["ALA_ALAS-2018-1119.NASL", "FEDORA_2018-937C789F2A.NASL", "FEDORA_2018-BD6F9237B5.NASL", "GENTOO_GLSA-201810-08.NASL", "OPENSUSE-2018-638.NASL", "POSTGRESQL_20181115.NASL", "SUSE_SU-2018-1695-1.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310141083", "OPENVAS:1361412562310141084", "OPENVAS:1361412562310851787", "OPENVAS:1361412562310851957", "OPENVAS:1361412562310874475", "OPENVAS:1361412562310874590", "OPENVAS:1361412562310874591"]}, {"type": "postgresql", "idList": ["POSTGRESQL:CVE-2018-1115"]}, {"type": "redhat", "idList": ["RHSA-2018:2565", "RHSA-2018:2566"]}, {"type": "redhatcve", "idList": ["RH:CVE-2018-1115"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2018:1709-1"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2018-1115"]}]}, "exploitation": null, "vulnersScore": 0.0}, "pluginID": "1361412562310851808", "sourceData": "# Copyright (C) 2018 Greenbone Networks GmbH\n# Some text descriptions might be excerpted from (a) referenced\n# source(s), and are Copyright (C) by the respective right holder(s).\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.851808\");\n script_version(\"2020-06-03T08:38:58+0000\");\n script_tag(name:\"last_modification\", value:\"2020-06-03 08:38:58 +0000 (Wed, 03 Jun 2020)\");\n script_tag(name:\"creation_date\", value:\"2018-07-06 05:50:39 +0200 (Fri, 06 Jul 2018)\");\n script_cve_id(\"CVE-2018-1115\");\n script_tag(name:\"cvss_base\", value:\"6.4\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"openSUSE: Security Advisory for postgresql95 (openSUSE-SU-2018:1900-1)\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'postgresql95'\n package(s) announced via the referenced advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"This update for postgresql95 fixes the following issues:\n\n - Update to PostgreSQL 9.5.13.\n\n A dump/restore is not required for those running 9.5.X. However, if the\n function marking mistakes mentioned belowpg_logfile_rotate affect you,\n you will want to take steps to correct your database catalogs.\n\n The functions query_to_xml, cursor_to_xml, cursor_to_xmlschema,\n query_to_xmlschema, and query_to_xml_and_xmlschema should be marked\n volatile because they execute user-supplied queries that might contain\n volatile operations. They were not, leading to a risk of incorrect query\n optimization. This has been repaired for new installations by correcting\n the initial catalog data, but existing installations will continue to\n contain the incorrect markings. Practical use of these functions seems to\n pose little hazard, but in case of trouble, it can be fixed by manually\n updating these functions' pg_proc entries, for example: ALTER FUNCTION\n pg_catalog.query_to_xml(text, boolean, boolean, text) VOLATILE. (Note that\n that will need to be done in each database of the installation.) Another\n option is to pg_upgrade the database to a version containing the corrected\n initial data.\n\n Security issue fixed:\n\n - CVE-2018-1115: Remove public execute privilege from contrib/adminpack's\n pg_logfile_rotate() function pg_logfile_rotate() is a deprecated wrapper\n for the core function pg_rotate_logfile(). When that function was\n changed to rely on SQL privileges for access control rather than a\n hard-coded superuser check, pg_logfile_rotate() should have been updated\n as well, but the need for this was missed. Hence, if adminpack is\n installed, any user could request a logfile rotation, creating a minor\n security issue. After installing this update, administrators should\n update adminpack by performing ALTER EXTENSION adminpack UPDATE in each\n database in which adminpack is installed. (bsc#1091610)\n Patch Instructions:\n\n To install this openSUSE Security Update use the SUSE recommended\n installation methods\n like YaST online_update or 'zypper patch'.\n\n Alternatively you can run the command listed for your product:\n\n - openSUSE Leap 42.3:\n\n zypper in -t patch openSUSE-2018-696=1\");\n\n script_tag(name:\"affected\", value:\"postgresql95 on openSUSE Leap 42.3\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_xref(name:\"openSUSE-SU\", value:\"2018:1900-1\");\n script_xref(name:\"URL\", value:\"https://lists.opensuse.org/opensuse-security-announce/2018-07/msg00004.html\");\n script_xref(name:\"URL\", value:\"https://www.postgresql.org/docs/9.5/static/release-9-5-13.html\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=openSUSELeap42\\.3\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"openSUSELeap42.3\") {\n if(!isnull(res = isrpmvuln(pkg:\"postgresql95\", rpm:\"postgresql95~9.5.13~2.9.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"postgresql95-contrib\", rpm:\"postgresql95-contrib~9.5.13~2.9.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"postgresql95-contrib-debuginfo\", rpm:\"postgresql95-contrib-debuginfo~9.5.13~2.9.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"postgresql95-debuginfo\", rpm:\"postgresql95-debuginfo~9.5.13~2.9.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"postgresql95-debugsource\", rpm:\"postgresql95-debugsource~9.5.13~2.9.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"postgresql95-devel\", rpm:\"postgresql95-devel~9.5.13~2.9.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"postgresql95-devel-debuginfo\", rpm:\"postgresql95-devel-debuginfo~9.5.13~2.9.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"postgresql95-libs-debugsource\", rpm:\"postgresql95-libs-debugsource~9.5.13~2.9.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"postgresql95-plperl\", rpm:\"postgresql95-plperl~9.5.13~2.9.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"postgresql95-plperl-debuginfo\", rpm:\"postgresql95-plperl-debuginfo~9.5.13~2.9.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"postgresql95-plpython\", rpm:\"postgresql95-plpython~9.5.13~2.9.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"postgresql95-plpython-debuginfo\", rpm:\"postgresql95-plpython-debuginfo~9.5.13~2.9.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"postgresql95-pltcl\", rpm:\"postgresql95-pltcl~9.5.13~2.9.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"postgresql95-pltcl-debuginfo\", rpm:\"postgresql95-pltcl-debuginfo~9.5.13~2.9.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"postgresql95-server\", rpm:\"postgresql95-server~9.5.13~2.9.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"postgresql95-server-debuginfo\", rpm:\"postgresql95-server-debuginfo~9.5.13~2.9.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"postgresql95-test\", rpm:\"postgresql95-test~9.5.13~2.9.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"postgresql95-docs\", rpm:\"postgresql95-docs~9.5.13~2.9.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "naslFamily": "SuSE Local Security Checks", "immutableFields": [], "cvss2": {}, "cvss3": {}, "_state": {"dependencies": 1659998956, "score": 1659979568}, "_internal": {"score_hash": "5c95a228d7842a0ec99f5f190f66c352"}}
{"nessus": [{"lastseen": "2022-04-12T16:44:10", "description": "The version of PostgreSQL installed on the remote host is 9.3.x prior to 9.3.23, 9.4.x prior to 9.4.18, 9.5.x prior to 9.5.13, or 9.6.x prior to 9.6.9, or 10.3.x. As such, it is potentially affected by Insecure ACL Remote Issue", "cvss3": {"score": 9.1, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H"}, "published": "2018-06-01T00:00:00", "type": "nessus", "title": "PostgreSQL 9.3 < 9.3.23 / 9.4 < 9.4.18 / 9.5 < 9.5.13 / 9.6 < 9.6.9 / 10.3 Insecure ACL Remote Issue", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-1115"], "modified": "2022-04-11T00:00:00", "cpe": ["cpe:/a:postgresql:postgresql"], "id": "POSTGRESQL_20181115.NASL", "href": "https://www.tenable.com/plugins/nessus/110288", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(110288);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/04/11\");\n\n script_cve_id(\"CVE-2018-1115\");\n script_bugtraq_id(104285);\n\n script_name(english:\"PostgreSQL 9.3 < 9.3.23 / 9.4 < 9.4.18 / 9.5 < 9.5.13 / 9.6 < 9.6.9 / 10.3 Insecure ACL Remote Issue\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote database server is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of PostgreSQL installed on the remote host is 9.3.x prior\nto 9.3.23, 9.4.x prior to 9.4.18, 9.5.x prior to 9.5.13, or 9.6.x\nprior to 9.6.9, or 10.3.x. As such, it is potentially affected by \nInsecure ACL Remote Issue\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.postgresql.org/about/news/1851/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.us-cert.gov/ncas/bulletins/SB18-134\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to PostgreSQL 9.3.23 / 9.4.18 / 9.5.13 / 9.6.9 / 10.4 or later.\");\n script_set_attribute(attribute:\"agent\", value:\"all\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-1115\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/05/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/05/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/06/01\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:postgresql:postgresql\");\n script_set_attribute(attribute:\"thorough_tests\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Databases\");\n\n script_copyright(english:\"This script is Copyright (C) 2018-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"postgres_installed_windows.nbin\", \"postgres_installed_nix.nbin\", \"postgresql_version.nbin\");\n script_require_ports(\"Services/postgresql\", 5432, \"installed_sw/PostgreSQL\");\n\n exit(0);\n}\n\ninclude('vcf_extras_postgresql.inc');\n\nvar app = 'PostgreSQL';\nvar win_local = TRUE;\n\nif (!get_kb_item('SMB/Registry/Enumerated'))\n win_local = FALSE;\n\nvar port = get_service(svc:'postgresql', default:5432);\nvar kb_base = 'database/' + port + '/postgresql/';\nvar kb_ver = NULL;\nvar kb_path = kb_base + 'version';\nvar ver = get_kb_item(kb_path);\nif (!empty_or_null(ver)) kb_ver = kb_path;\n\napp_info = vcf::postgresql::get_app_info(app:app, port:port, kb_ver:kb_ver, kb_base:kb_base, win_local:win_local);\nvcf::check_granularity(app_info:app_info, sig_segments:2);\n\nvar constraints = [\n { 'min_version' : '9', 'fixed_version' : '9.3.23' },\n { 'min_version' : '9.4', 'fixed_version' : '9.4.18' },\n { 'min_version' : '9.5', 'fixed_version' : '9.5.13' },\n { 'min_version' : '9.6', 'fixed_version' : '9.6.9' },\n { 'min_version' : '10', 'fixed_version' : '10.3' }\n];\n\n\n\nvcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_WARNING);\n", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2021-08-19T12:13:02", "description": "According to the version of the postgresql packages installed, the EulerOS installation on the remote host is affected by the following vulnerability :\n\n - postgresql before versions 10.4, 9.6.9 is vulnerable in the adminpack extension, the pg_catalog.pg_logfile_rotate() function doesn't follow the same ACLs than pg_rorate_logfile. If the adminpack is added to a database, an attacker able to connect to it could exploit this to force log rotation.(CVE-2018-1115)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 9.1, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H"}, "published": "2020-08-28T00:00:00", "type": "nessus", "title": "EulerOS 2.0 SP8 : postgresql (EulerOS-SA-2020-1876)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-1115"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:postgresql", "p-cpe:/a:huawei:euleros:postgresql-contrib", "p-cpe:/a:huawei:euleros:postgresql-devel", "p-cpe:/a:huawei:euleros:postgresql-docs", "p-cpe:/a:huawei:euleros:postgresql-libs", "p-cpe:/a:huawei:euleros:postgresql-plperl", "p-cpe:/a:huawei:euleros:postgresql-plpython", "p-cpe:/a:huawei:euleros:postgresql-pltcl", "p-cpe:/a:huawei:euleros:postgresql-server", "p-cpe:/a:huawei:euleros:postgresql-test", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2020-1876.NASL", "href": "https://www.tenable.com/plugins/nessus/139979", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(139979);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\n \"CVE-2018-1115\"\n );\n\n script_name(english:\"EulerOS 2.0 SP8 : postgresql (EulerOS-SA-2020-1876)\");\n script_summary(english:\"Checks the rpm output for the updated package.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the version of the postgresql packages installed, the\nEulerOS installation on the remote host is affected by the following\nvulnerability :\n\n - postgresql before versions 10.4, 9.6.9 is vulnerable in\n the adminpack extension, the\n pg_catalog.pg_logfile_rotate() function doesn't follow\n the same ACLs than pg_rorate_logfile. If the adminpack\n is added to a database, an attacker able to connect to\n it could exploit this to force log\n rotation.(CVE-2018-1115)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2020-1876\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?52958754\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected postgresql package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/08/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/08/28\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:postgresql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:postgresql-contrib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:postgresql-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:postgresql-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:postgresql-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:postgresql-plperl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:postgresql-plpython\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:postgresql-pltcl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:postgresql-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:postgresql-test\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0\");\n\nsp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(8)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP8\");\n\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP8\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"aarch64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"aarch64\", cpu);\n\nflag = 0;\n\npkgs = [\"postgresql-10.5-3.h8.eulerosv2r8\",\n \"postgresql-contrib-10.5-3.h8.eulerosv2r8\",\n \"postgresql-devel-10.5-3.h8.eulerosv2r8\",\n \"postgresql-docs-10.5-3.h8.eulerosv2r8\",\n \"postgresql-libs-10.5-3.h8.eulerosv2r8\",\n \"postgresql-plperl-10.5-3.h8.eulerosv2r8\",\n \"postgresql-plpython-10.5-3.h8.eulerosv2r8\",\n \"postgresql-pltcl-10.5-3.h8.eulerosv2r8\",\n \"postgresql-server-10.5-3.h8.eulerosv2r8\",\n \"postgresql-test-10.5-3.h8.eulerosv2r8\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"8\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"postgresql\");\n}\n", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2021-08-19T12:31:40", "description": "This update for postgresql95 fixes the following issues :\n\n - Update to PostgreSQL 9.5.13 :\n\n - https://www.postgresql.org/docs/9.5/static/release-9-5-13.html A dump/restore is not required for those running 9.5.X.\nHowever, if the function marking mistakes mentioned belowpg_logfile_rotate affect you, you will want to take steps to correct your database catalogs.\nThe functions query_to_xml, cursor_to_xml, cursor_to_xmlschema, query_to_xmlschema, and query_to_xml_and_xmlschema should be marked volatile because they execute user-supplied queries that might contain volatile operations. They were not, leading to a risk of incorrect query optimization. This has been repaired for new installations by correcting the initial catalog data, but existing installations will continue to contain the incorrect markings. Practical use of these functions seems to pose little hazard, but in case of trouble, it can be fixed by manually updating these functions' pg_proc entries, for example: ALTER FUNCTION pg_catalog.query_to_xml(text, boolean, boolean, text) VOLATILE.\n (Note that that will need to be done in each database of the installation.) Another option is to pg_upgrade the database to a version containing the corrected initial data.\nSecurity issue fixed :\n\n - CVE-2018-1115: Remove public execute privilege from contrib/adminpack's pg_logfile_rotate() function pg_logfile_rotate() is a deprecated wrapper for the core function pg_rotate_logfile(). When that function was changed to rely on SQL privileges for access control rather than a hard-coded superuser check, pg_logfile_rotate() should have been updated as well, but the need for this was missed. Hence, if adminpack is installed, any user could request a logfile rotation, creating a minor security issue. After installing this update, administrators should update adminpack by performing ALTER EXTENSION adminpack UPDATE in each database in which adminpack is installed. (bsc#1091610)", "cvss3": {"score": 9.1, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H"}, "published": "2018-07-09T00:00:00", "type": "nessus", "title": "openSUSE Security Update : postgresql95 (openSUSE-2018-696)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-1115"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:postgresql95", "p-cpe:/a:novell:opensuse:postgresql95-contrib", "p-cpe:/a:novell:opensuse:postgresql95-contrib-debuginfo", "p-cpe:/a:novell:opensuse:postgresql95-debuginfo", "p-cpe:/a:novell:opensuse:postgresql95-debugsource", "p-cpe:/a:novell:opensuse:postgresql95-devel", "p-cpe:/a:novell:opensuse:postgresql95-devel-debuginfo", "p-cpe:/a:novell:opensuse:postgresql95-libs-debugsource", "p-cpe:/a:novell:opensuse:postgresql95-plperl", "p-cpe:/a:novell:opensuse:postgresql95-plperl-debuginfo", "p-cpe:/a:novell:opensuse:postgresql95-plpython", "p-cpe:/a:novell:opensuse:postgresql95-plpython-debuginfo", "p-cpe:/a:novell:opensuse:postgresql95-pltcl", "p-cpe:/a:novell:opensuse:postgresql95-pltcl-debuginfo", "p-cpe:/a:novell:opensuse:postgresql95-server", "p-cpe:/a:novell:opensuse:postgresql95-server-debuginfo", "p-cpe:/a:novell:opensuse:postgresql95-test", "cpe:/o:novell:opensuse:42.3"], "id": "OPENSUSE-2018-696.NASL", "href": "https://www.tenable.com/plugins/nessus/110955", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2018-696.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(110955);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2018-1115\");\n\n script_name(english:\"openSUSE Security Update : postgresql95 (openSUSE-2018-696)\");\n script_summary(english:\"Check for the openSUSE-2018-696 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for postgresql95 fixes the following issues :\n\n - Update to PostgreSQL 9.5.13 :\n\n - https://www.postgresql.org/docs/9.5/static/release-9-5-13.html\nA dump/restore is not required for those running 9.5.X.\nHowever, if the function marking mistakes mentioned belowpg_logfile_rotate\naffect you, you will want to take steps to correct your\ndatabase catalogs.\nThe functions query_to_xml, cursor_to_xml, cursor_to_xmlschema,\nquery_to_xmlschema, and query_to_xml_and_xmlschema should be\nmarked volatile because they execute user-supplied queries\nthat might contain volatile operations. They were not,\nleading to a risk of incorrect query optimization. This has\nbeen repaired for new installations by correcting the initial\ncatalog data, but existing installations will continue to\ncontain the incorrect markings. Practical use of these\nfunctions seems to pose little hazard, but in case of trouble,\nit can be fixed by manually updating these functions' pg_proc\nentries, for example: ALTER FUNCTION\npg_catalog.query_to_xml(text, boolean, boolean, text) VOLATILE.\n (Note that that will need to be done in each database of the\ninstallation.) Another option is to pg_upgrade the database to\na version containing the corrected initial data.\nSecurity issue fixed :\n\n - CVE-2018-1115: Remove public execute privilege from\n contrib/adminpack's pg_logfile_rotate() function\n pg_logfile_rotate() is a deprecated wrapper for the core\n function pg_rotate_logfile(). When that function was\n changed to rely on SQL privileges for access control\n rather than a hard-coded superuser check,\n pg_logfile_rotate() should have been updated as well,\n but the need for this was missed. Hence, if adminpack is\n installed, any user could request a logfile rotation,\n creating a minor security issue. After installing this\n update, administrators should update adminpack by\n performing ALTER EXTENSION adminpack UPDATE in each\n database in which adminpack is installed. (bsc#1091610)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1091610\"\n );\n # https://www.postgresql.org/docs/9.5/static/release-9-5-13.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.postgresql.org/docs/9.5/release-9-5-13.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected postgresql95 packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql95\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql95-contrib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql95-contrib-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql95-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql95-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql95-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql95-devel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql95-libs-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql95-plperl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql95-plperl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql95-plpython\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql95-plpython-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql95-pltcl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql95-pltcl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql95-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql95-server-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql95-test\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:42.3\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/07/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/07/09\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE42\\.3)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"42.3\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE42.3\", reference:\"postgresql95-9.5.13-2.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"postgresql95-contrib-9.5.13-2.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"postgresql95-contrib-debuginfo-9.5.13-2.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"postgresql95-debuginfo-9.5.13-2.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"postgresql95-debugsource-9.5.13-2.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"postgresql95-devel-9.5.13-2.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"postgresql95-devel-debuginfo-9.5.13-2.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"postgresql95-libs-debugsource-9.5.13-2.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"postgresql95-plperl-9.5.13-2.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"postgresql95-plperl-debuginfo-9.5.13-2.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"postgresql95-plpython-9.5.13-2.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"postgresql95-plpython-debuginfo-9.5.13-2.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"postgresql95-pltcl-9.5.13-2.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"postgresql95-pltcl-debuginfo-9.5.13-2.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"postgresql95-server-9.5.13-2.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"postgresql95-server-debuginfo-9.5.13-2.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"postgresql95-test-9.5.13-2.9.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"postgresql95-devel / postgresql95-devel-debuginfo / etc\");\n}\n", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2021-08-19T12:32:06", "description": "PostgreSQL was updated to 9.6.9 fixing bugs and security issues :\n\nRelease notes :\n\n- https://www.postgresql.org/about/news/1851/\n\n- https://www.postgresql.org/docs/current/static/release-9-6-9.html\n\n A dump/restore is not required for those running 9.6.X.\n However, if you use the adminpack extension, you should update it as per the first changelog entry below. Also, if the function marking mistakes mentioned in the second and third changelog entries below affect you, you will want to take steps to correct your database catalogs.\n\nSecurity issue fixed :\n\n - CVE-2018-1115: Remove public execute privilege from contrib/adminpack's pg_logfile_rotate() function pg_logfile_rotate() is a deprecated wrapper for the core function pg_rotate_logfile(). When that function was changed to rely on SQL privileges for access control rather than a hard-coded superuser check, pg_logfile_rotate() should have been updated as well, but the need for this was missed. Hence, if adminpack is installed, any user could request a logfile rotation, creating a minor security issue. After installing this update, administrators should update adminpack by performing ALTER EXTENSION adminpack UPDATE in each database in which adminpack is installed. (bsc#1091610)\n\nThis update was imported from the SUSE:SLE-12:Update update project.", "cvss3": {"score": 9.1, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H"}, "published": "2018-06-18T00:00:00", "type": "nessus", "title": "openSUSE Security Update : postgresql96 (openSUSE-2018-638)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-1115"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:libecpg6", "p-cpe:/a:novell:opensuse:libecpg6-32bit", "p-cpe:/a:novell:opensuse:libecpg6-debuginfo", "p-cpe:/a:novell:opensuse:libecpg6-debuginfo-32bit", "p-cpe:/a:novell:opensuse:libpq5", "p-cpe:/a:novell:opensuse:libpq5-32bit", "p-cpe:/a:novell:opensuse:libpq5-debuginfo", "p-cpe:/a:novell:opensuse:libpq5-debuginfo-32bit", "p-cpe:/a:novell:opensuse:postgresql96", "p-cpe:/a:novell:opensuse:postgresql96-contrib", "p-cpe:/a:novell:opensuse:postgresql96-contrib-debuginfo", "p-cpe:/a:novell:opensuse:postgresql96-debuginfo", "p-cpe:/a:novell:opensuse:postgresql96-debugsource", "p-cpe:/a:novell:opensuse:postgresql96-devel", "p-cpe:/a:novell:opensuse:postgresql96-devel-debuginfo", "p-cpe:/a:novell:opensuse:postgresql96-libs-debugsource", "p-cpe:/a:novell:opensuse:postgresql96-plperl", "p-cpe:/a:novell:opensuse:postgresql96-plperl-debuginfo", "p-cpe:/a:novell:opensuse:postgresql96-plpython", "p-cpe:/a:novell:opensuse:postgresql96-plpython-debuginfo", "p-cpe:/a:novell:opensuse:postgresql96-pltcl", "p-cpe:/a:novell:opensuse:postgresql96-pltcl-debuginfo", "p-cpe:/a:novell:opensuse:postgresql96-server", "p-cpe:/a:novell:opensuse:postgresql96-server-debuginfo", "p-cpe:/a:novell:opensuse:postgresql96-test", "cpe:/o:novell:opensuse:42.3"], "id": "OPENSUSE-2018-638.NASL", "href": "https://www.tenable.com/plugins/nessus/110588", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2018-638.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(110588);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2018-1115\");\n\n script_name(english:\"openSUSE Security Update : postgresql96 (openSUSE-2018-638)\");\n script_summary(english:\"Check for the openSUSE-2018-638 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"PostgreSQL was updated to 9.6.9 fixing bugs and security issues :\n\nRelease notes :\n\n- https://www.postgresql.org/about/news/1851/\n\n- https://www.postgresql.org/docs/current/static/release-9-6-9.html\n\n A dump/restore is not required for those running 9.6.X.\n However, if you use the adminpack extension, you should\n update it as per the first changelog entry below. Also, if\n the function marking mistakes mentioned in the second and\n third changelog entries below affect you, you will want to\n take steps to correct your database catalogs.\n\nSecurity issue fixed :\n\n - CVE-2018-1115: Remove public execute privilege from\n contrib/adminpack's pg_logfile_rotate() function\n pg_logfile_rotate() is a deprecated wrapper for the core\n function pg_rotate_logfile(). When that function was\n changed to rely on SQL privileges for access control\n rather than a hard-coded superuser check,\n pg_logfile_rotate() should have been updated as well,\n but the need for this was missed. Hence, if adminpack is\n installed, any user could request a logfile rotation,\n creating a minor security issue. After installing this\n update, administrators should update adminpack by\n performing ALTER EXTENSION adminpack UPDATE in each\n database in which adminpack is installed. (bsc#1091610)\n\nThis update was imported from the SUSE:SLE-12:Update update project.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1091610\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.postgresql.org/about/news/1851/\"\n );\n # https://www.postgresql.org/docs/current/static/release-9-6-9.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.postgresql.org/docs/current/release-9-6-9.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected postgresql96 packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libecpg6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libecpg6-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libecpg6-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libecpg6-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libpq5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libpq5-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libpq5-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libpq5-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql96\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql96-contrib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql96-contrib-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql96-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql96-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql96-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql96-devel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql96-libs-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql96-plperl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql96-plperl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql96-plpython\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql96-plpython-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql96-pltcl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql96-pltcl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql96-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql96-server-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql96-test\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:42.3\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/06/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/06/18\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE42\\.3)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"42.3\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE42.3\", reference:\"libecpg6-9.6.9-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"libecpg6-debuginfo-9.6.9-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"libpq5-9.6.9-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"libpq5-debuginfo-9.6.9-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"postgresql96-9.6.9-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"postgresql96-contrib-9.6.9-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"postgresql96-contrib-debuginfo-9.6.9-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"postgresql96-debuginfo-9.6.9-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"postgresql96-debugsource-9.6.9-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"postgresql96-devel-9.6.9-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"postgresql96-devel-debuginfo-9.6.9-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"postgresql96-libs-debugsource-9.6.9-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"postgresql96-plperl-9.6.9-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"postgresql96-plperl-debuginfo-9.6.9-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"postgresql96-plpython-9.6.9-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"postgresql96-plpython-debuginfo-9.6.9-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"postgresql96-pltcl-9.6.9-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"postgresql96-pltcl-debuginfo-9.6.9-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"postgresql96-server-9.6.9-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"postgresql96-server-debuginfo-9.6.9-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"postgresql96-test-9.6.9-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", cpu:\"x86_64\", reference:\"libecpg6-32bit-9.6.9-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", cpu:\"x86_64\", reference:\"libecpg6-debuginfo-32bit-9.6.9-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", cpu:\"x86_64\", reference:\"libpq5-32bit-9.6.9-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", cpu:\"x86_64\", reference:\"libpq5-debuginfo-32bit-9.6.9-18.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libecpg6-32bit / libecpg6 / libecpg6-debuginfo-32bit / etc\");\n}\n", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2021-08-19T12:32:31", "description": "update to 9.6.9 per release notes https://www.postgresql.org/docs/9.6/static/release-9-6-9.html\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 9.1, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H"}, "published": "2018-05-23T00:00:00", "type": "nessus", "title": "Fedora 26 : postgresql (2018-bd6f9237b5)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-1115"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:postgresql", "cpe:/o:fedoraproject:fedora:26"], "id": "FEDORA_2018-BD6F9237B5.NASL", "href": "https://www.tenable.com/plugins/nessus/109972", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2018-bd6f9237b5.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(109972);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2018-1115\");\n script_xref(name:\"FEDORA\", value:\"2018-bd6f9237b5\");\n\n script_name(english:\"Fedora 26 : postgresql (2018-bd6f9237b5)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"update to 9.6.9 per release notes\nhttps://www.postgresql.org/docs/9.6/static/release-9-6-9.html\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2018-bd6f9237b5\"\n );\n # https://www.postgresql.org/docs/9.6/static/release-9-6-9.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.postgresql.org/docs/9.6/release-9-6-9.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected postgresql package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:postgresql\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:26\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/05/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/05/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/05/23\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^26([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 26\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC26\", reference:\"postgresql-9.6.9-1.fc26\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"postgresql\");\n}\n", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2021-08-19T12:32:21", "description": "update to 9.6.9 per release notes:\nhttps://www.postgresql.org/docs/9.6/static/release-9-6-9.html\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 9.1, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H"}, "published": "2018-05-23T00:00:00", "type": "nessus", "title": "Fedora 27 : postgresql (2018-937c789f2a)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-1115"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:postgresql", "cpe:/o:fedoraproject:fedora:27"], "id": "FEDORA_2018-937C789F2A.NASL", "href": "https://www.tenable.com/plugins/nessus/109971", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2018-937c789f2a.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(109971);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2018-1115\");\n script_xref(name:\"FEDORA\", value:\"2018-937c789f2a\");\n\n script_name(english:\"Fedora 27 : postgresql (2018-937c789f2a)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"update to 9.6.9 per release notes:\nhttps://www.postgresql.org/docs/9.6/static/release-9-6-9.html\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2018-937c789f2a\"\n );\n # https://www.postgresql.org/docs/9.6/static/release-9-6-9.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.postgresql.org/docs/9.6/release-9-6-9.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected postgresql package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:postgresql\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:27\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/05/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/05/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/05/23\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^27([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 27\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC27\", reference:\"postgresql-9.6.9-1.fc27\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"postgresql\");\n}\n", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2021-08-19T12:31:57", "description": "PostgreSQL was updated to 9.6.9 fixing bugs and security issues:\nRelease notes :\n\n- https://www.postgresql.org/about/news/1851/\n\n- https://www.postgresql.org/docs/current/static/release-9-6-9.html A dump/restore is not required for those running 9.6.X. However, if you use the adminpack extension, you should update it as per the first changelog entry below. Also, if the function marking mistakes mentioned in the second and third changelog entries below affect you, you will want to take steps to correct your database catalogs.\nSecurity issue fixed :\n\n - CVE-2018-1115: Remove public execute privilege from contrib/adminpack's pg_logfile_rotate() function pg_logfile_rotate() is a deprecated wrapper for the core function pg_rotate_logfile(). When that function was changed to rely on SQL privileges for access control rather than a hard-coded superuser check, pg_logfile_rotate() should have been updated as well, but the need for this was missed. Hence, if adminpack is installed, any user could request a logfile rotation, creating a minor security issue. After installing this update, administrators should update adminpack by performing ALTER EXTENSION adminpack UPDATE in each database in which adminpack is installed. (bsc#1091610)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 9.1, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H"}, "published": "2018-06-15T00:00:00", "type": "nessus", "title": "SUSE SLED12 / SLES12 Security Update : postgresql96 (SUSE-SU-2018:1695-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-1115"], "modified": "2021-01-13T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:libecpg6", "p-cpe:/a:novell:suse_linux:libecpg6-debuginfo", "p-cpe:/a:novell:suse_linux:libpq5", "p-cpe:/a:novell:suse_linux:libpq5-debuginfo", "p-cpe:/a:novell:suse_linux:postgresql96", "p-cpe:/a:novell:suse_linux:postgresql96-contrib", "p-cpe:/a:novell:suse_linux:postgresql96-contrib-debuginfo", "p-cpe:/a:novell:suse_linux:postgresql96-debuginfo", "p-cpe:/a:novell:suse_linux:postgresql96-debugsource", "p-cpe:/a:novell:suse_linux:postgresql96-libs-debugsource", "p-cpe:/a:novell:suse_linux:postgresql96-server", "p-cpe:/a:novell:suse_linux:postgresql96-server-debuginfo", "cpe:/o:novell:suse_linux:12"], "id": "SUSE_SU-2018-1695-1.NASL", "href": "https://www.tenable.com/plugins/nessus/110548", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2018:1695-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(110548);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/13\");\n\n script_cve_id(\"CVE-2018-1115\");\n\n script_name(english:\"SUSE SLED12 / SLES12 Security Update : postgresql96 (SUSE-SU-2018:1695-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"PostgreSQL was updated to 9.6.9 fixing bugs and security issues:\nRelease notes :\n\n- https://www.postgresql.org/about/news/1851/\n\n- https://www.postgresql.org/docs/current/static/release-9-6-9.html\nA dump/restore is not required for those running 9.6.X. However, if you\nuse the adminpack extension, you should update it as per the first\nchangelog entry below. Also, if the function marking mistakes mentioned in\nthe second and third changelog entries below affect you, you will want to\ntake steps to correct your database catalogs.\nSecurity issue fixed :\n\n - CVE-2018-1115: Remove public execute privilege from\n contrib/adminpack's pg_logfile_rotate() function\n pg_logfile_rotate() is a deprecated wrapper for the core\n function pg_rotate_logfile(). When that function was\n changed to rely on SQL privileges for access control\n rather than a hard-coded superuser check,\n pg_logfile_rotate() should have been updated as well,\n but the need for this was missed. Hence, if adminpack is\n installed, any user could request a logfile rotation,\n creating a minor security issue. After installing this\n update, administrators should update adminpack by\n performing ALTER EXTENSION adminpack UPDATE in each\n database in which adminpack is installed. (bsc#1091610)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1091610\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.postgresql.org/about/news/1851/\"\n );\n # https://www.postgresql.org/docs/current/static/release-9-6-9.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.postgresql.org/docs/current/release-9-6-9.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-1115/\"\n );\n # https://www.suse.com/support/update/announcement/2018/suse-su-20181695-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?3df3eceb\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Software Development Kit 12-SP3:zypper in -t\npatch SUSE-SLE-SDK-12-SP3-2018-1138=1\n\nSUSE Linux Enterprise Server 12-SP3:zypper in -t patch\nSUSE-SLE-SERVER-12-SP3-2018-1138=1\n\nSUSE Linux Enterprise Desktop 12-SP3:zypper in -t patch\nSUSE-SLE-DESKTOP-12-SP3-2018-1138=1\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libecpg6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libecpg6-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libpq5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libpq5-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:postgresql96\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:postgresql96-contrib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:postgresql96-contrib-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:postgresql96-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:postgresql96-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:postgresql96-libs-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:postgresql96-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:postgresql96-server-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/05/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/06/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/06/15\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLED12|SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLED12 / SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(3)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP3\", os_ver + \" SP\" + sp);\nif (os_ver == \"SLED12\" && (! preg(pattern:\"^(3)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLED12 SP3\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libecpg6-9.6.9-3.19.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libecpg6-debuginfo-9.6.9-3.19.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libpq5-32bit-9.6.9-3.19.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libpq5-9.6.9-3.19.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libpq5-debuginfo-32bit-9.6.9-3.19.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libpq5-debuginfo-9.6.9-3.19.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"postgresql96-9.6.9-3.19.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"postgresql96-contrib-9.6.9-3.19.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"postgresql96-contrib-debuginfo-9.6.9-3.19.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"postgresql96-debuginfo-9.6.9-3.19.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"postgresql96-debugsource-9.6.9-3.19.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"postgresql96-libs-debugsource-9.6.9-3.19.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"postgresql96-server-9.6.9-3.19.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"postgresql96-server-debuginfo-9.6.9-3.19.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libecpg6-9.6.9-3.19.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libecpg6-debuginfo-9.6.9-3.19.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libpq5-32bit-9.6.9-3.19.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libpq5-9.6.9-3.19.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libpq5-debuginfo-32bit-9.6.9-3.19.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libpq5-debuginfo-9.6.9-3.19.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"postgresql96-9.6.9-3.19.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"postgresql96-debuginfo-9.6.9-3.19.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"postgresql96-debugsource-9.6.9-3.19.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"postgresql96-libs-debugsource-9.6.9-3.19.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"postgresql96\");\n}\n", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2021-08-19T12:29:04", "description": "update to 10.4 per release notes:\nhttps://www.postgresql.org/docs/10/static/release-10-4.html\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 9.1, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H"}, "published": "2019-01-03T00:00:00", "type": "nessus", "title": "Fedora 28 : postgresql (2018-08550a9006)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-1115"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:postgresql", "cpe:/o:fedoraproject:fedora:28"], "id": "FEDORA_2018-08550A9006.NASL", "href": "https://www.tenable.com/plugins/nessus/120220", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2018-08550a9006.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(120220);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2018-1115\");\n script_xref(name:\"FEDORA\", value:\"2018-08550a9006\");\n\n script_name(english:\"Fedora 28 : postgresql (2018-08550a9006)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"update to 10.4 per release notes:\nhttps://www.postgresql.org/docs/10/static/release-10-4.html\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2018-08550a9006\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.postgresql.org/docs/10/static/release-10-4.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected postgresql package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:postgresql\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:28\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/05/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/05/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/01/03\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^28([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 28\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC28\", reference:\"postgresql-10.4-1.fc28\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"postgresql\");\n}\n", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2022-03-27T15:12:29", "description": "This update for postgresql10 fixes the following issues :\n\nPostgreSQL 10 was updated to 10.5 :\n\nhttps://www.postgresql.org/about/news/1851/\n\nhttps://www.postgresql.org/docs/current/static/release-10-5.html\n\nA dump/restore is not required for those running 10.X. However, if you use the adminpack extension, you should update it as per the first changelog entry below. Also, if the function marking mistakes mentioned in the second and third changelog entries below affect you, you will want to take steps to correct your database catalogs.\n\nSecurity issues fixed: CVE-2018-1115: Remove public execute privilege from contrib/adminpack's pg_logfile_rotate() function pg_logfile_rotate() is a deprecated wrapper for the core function pg_rotate_logfile(). When that function was changed to rely on SQL privileges for access control rather than a hard-coded superuser check, pg_logfile_rotate() should have been updated as well, but the need for this was missed. Hence, if adminpack is installed, any user could request a logfile rotation, creating a minor security issue.\nAfter installing this update, administrators should update adminpack by performing ALTER EXTENSION adminpack UPDATE in each database in which adminpack is installed (bsc#1091610).\n\nCVE-2018-10915: libpq failed to properly reset its internal state between connections. If an affected version of libpq was used with 'host' or 'hostaddr' connection parameters from untrusted input, attackers could have bypassed client-side connection security features, obtain access to higher privileged connections or potentially cause other impact SQL injection, by causing the PQescape() functions to malfunction (bsc#1104199)\n\nCVE-2018-10925: Add missing authorization check on certain statements involved with 'INSERT ... ON CONFLICT DO UPDATE'. An attacker with 'CREATE TABLE' privileges could have exploited this to read arbitrary bytes server memory. If the attacker also had certain 'INSERT' and limited 'UPDATE' privileges to a particular table, they could have exploited this to update other columns in the same table (bsc#1104202).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 9.1, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H"}, "published": "2019-01-02T00:00:00", "type": "nessus", "title": "SUSE SLED15 / SLES15 Security Update : postgresql10 (SUSE-SU-2018:2564-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-10915", "CVE-2018-10925", "CVE-2018-1115"], "modified": "2021-01-13T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:libecpg6", "p-cpe:/a:novell:suse_linux:libecpg6-debuginfo", "p-cpe:/a:novell:suse_linux:libpq5", "p-cpe:/a:novell:suse_linux:libpq5-debuginfo", "p-cpe:/a:novell:suse_linux:postgresql10", "p-cpe:/a:novell:suse_linux:postgresql10-contrib", "p-cpe:/a:novell:suse_linux:postgresql10-contrib-debuginfo", "p-cpe:/a:novell:suse_linux:postgresql10-debuginfo", "p-cpe:/a:novell:suse_linux:postgresql10-debugsource", "p-cpe:/a:novell:suse_linux:postgresql10-devel", "p-cpe:/a:novell:suse_linux:postgresql10-devel-debuginfo", "p-cpe:/a:novell:suse_linux:postgresql10-plperl", "p-cpe:/a:novell:suse_linux:postgresql10-plperl-debuginfo", "p-cpe:/a:novell:suse_linux:postgresql10-plpython", "p-cpe:/a:novell:suse_linux:postgresql10-plpython-debuginfo", "p-cpe:/a:novell:suse_linux:postgresql10-pltcl", "p-cpe:/a:novell:suse_linux:postgresql10-pltcl-debuginfo", "p-cpe:/a:novell:suse_linux:postgresql10-server", "p-cpe:/a:novell:suse_linux:postgresql10-server-debuginfo", "cpe:/o:novell:suse_linux:15"], "id": "SUSE_SU-2018-2564-1.NASL", "href": "https://www.tenable.com/plugins/nessus/120090", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2018:2564-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(120090);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/13\");\n\n script_cve_id(\"CVE-2018-10915\", \"CVE-2018-10925\", \"CVE-2018-1115\");\n\n script_name(english:\"SUSE SLED15 / SLES15 Security Update : postgresql10 (SUSE-SU-2018:2564-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"This update for postgresql10 fixes the following issues :\n\nPostgreSQL 10 was updated to 10.5 :\n\nhttps://www.postgresql.org/about/news/1851/\n\nhttps://www.postgresql.org/docs/current/static/release-10-5.html\n\nA dump/restore is not required for those running 10.X. However, if you\nuse the adminpack extension, you should update it as per the first\nchangelog entry below. Also, if the function marking mistakes\nmentioned in the second and third changelog entries below affect you,\nyou will want to take steps to correct your database catalogs.\n\nSecurity issues fixed: CVE-2018-1115: Remove public execute privilege\nfrom contrib/adminpack's pg_logfile_rotate() function\npg_logfile_rotate() is a deprecated wrapper for the core function\npg_rotate_logfile(). When that function was changed to rely on SQL\nprivileges for access control rather than a hard-coded superuser\ncheck, pg_logfile_rotate() should have been updated as well, but the\nneed for this was missed. Hence, if adminpack is installed, any user\ncould request a logfile rotation, creating a minor security issue.\nAfter installing this update, administrators should update adminpack\nby performing ALTER EXTENSION adminpack UPDATE in each database in\nwhich adminpack is installed (bsc#1091610).\n\nCVE-2018-10915: libpq failed to properly reset its internal state\nbetween connections. If an affected version of libpq was used with\n'host' or 'hostaddr' connection parameters from untrusted input,\nattackers could have bypassed client-side connection security\nfeatures, obtain access to higher privileged connections or\npotentially cause other impact SQL injection, by causing the\nPQescape() functions to malfunction (bsc#1104199)\n\nCVE-2018-10925: Add missing authorization check on certain statements\ninvolved with 'INSERT ... ON CONFLICT DO UPDATE'. An attacker with\n'CREATE TABLE' privileges could have exploited this to read arbitrary\nbytes server memory. If the attacker also had certain 'INSERT' and\nlimited 'UPDATE' privileges to a particular table, they could have\nexploited this to update other columns in the same table\n(bsc#1104202).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1091610\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1104199\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1104202\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.postgresql.org/about/news/1851/\"\n );\n # https://www.postgresql.org/docs/current/static/release-10-5.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.postgresql.org/docs/current/release-10-5.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-10915/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-10925/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-1115/\"\n );\n # https://www.suse.com/support/update/announcement/2018/suse-su-20182564-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?4549d076\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Module for Server Applications 15:zypper in -t\npatch SUSE-SLE-Module-Server-Applications-15-2018-1799=1\n\nSUSE Linux Enterprise Module for Basesystem 15:zypper in -t patch\nSUSE-SLE-Module-Basesystem-15-2018-1799=1\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libecpg6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libecpg6-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libpq5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libpq5-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:postgresql10\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:postgresql10-contrib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:postgresql10-contrib-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:postgresql10-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:postgresql10-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:postgresql10-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:postgresql10-devel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:postgresql10-plperl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:postgresql10-plperl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:postgresql10-plpython\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:postgresql10-plpython-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:postgresql10-pltcl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:postgresql10-pltcl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:postgresql10-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:postgresql10-server-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:15\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/05/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/08/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/01/02\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLED15|SLES15)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLED15 / SLES15\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES15\" && (! preg(pattern:\"^(0)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES15 SP0\", os_ver + \" SP\" + sp);\nif (os_ver == \"SLED15\" && (! preg(pattern:\"^(0)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLED15 SP0\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libecpg6-10.5-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libecpg6-debuginfo-10.5-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libpq5-10.5-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libpq5-debuginfo-10.5-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"postgresql10-10.5-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"postgresql10-contrib-10.5-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"postgresql10-contrib-debuginfo-10.5-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"postgresql10-debuginfo-10.5-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"postgresql10-debugsource-10.5-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"postgresql10-devel-10.5-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"postgresql10-devel-debuginfo-10.5-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"postgresql10-plperl-10.5-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"postgresql10-plperl-debuginfo-10.5-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"postgresql10-plpython-10.5-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"postgresql10-plpython-debuginfo-10.5-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"postgresql10-pltcl-10.5-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"postgresql10-pltcl-debuginfo-10.5-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"postgresql10-server-10.5-4.5.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"postgresql10-server-debuginfo-10.5-4.5.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libpq5-10.5-4.5.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libpq5-debuginfo-10.5-4.5.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"postgresql10-10.5-4.5.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"postgresql10-debuginfo-10.5-4.5.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"postgresql10-debugsource-10.5-4.5.1\")) flag++;\n\n\nif (flag)\n{\n set_kb_item(name:'www/0/SQLi', value:TRUE);\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"postgresql10\");\n}\n", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2022-03-27T15:54:22", "description": "The remote host is affected by the vulnerability described in GLSA-201810-08 (PostgreSQL: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in PostgreSQL. Please review the referenced CVE identifiers for details.\n In addition it was discovered that Gentoo’s PostgreSQL installation suffered from a privilege escalation vulnerability due to a runscript which called OpenRC’s checkpath() on a user controlled path and allowed user running PostgreSQL to kill arbitrary processes via PID file manipulation.\n Impact :\n\n A remote attacker could bypass certain client-side connection security features, read arbitrary server memory or alter certain data.\n In addition, a local attacker could gain privileges or cause a Denial of Service condition by killing arbitrary processes.\n Workaround :\n\n There is no known workaround at this time.", "cvss3": {"score": 9.1, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H"}, "published": "2018-10-31T00:00:00", "type": "nessus", "title": "GLSA-201810-08 : PostgreSQL: Multiple vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-10915", "CVE-2018-10925", "CVE-2018-1115"], "modified": "2022-01-31T00:00:00", "cpe": ["p-cpe:/a:gentoo:linux:postgresql", "cpe:/o:gentoo:linux"], "id": "GENTOO_GLSA-201810-08.NASL", "href": "https://www.tenable.com/plugins/nessus/118508", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 201810-08.\n#\n# The advisory text is Copyright (C) 2001-2022 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(118508);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/01/31\");\n\n script_cve_id(\"CVE-2018-10915\", \"CVE-2018-10925\", \"CVE-2018-1115\");\n script_xref(name:\"GLSA\", value:\"201810-08\");\n\n script_name(english:\"GLSA-201810-08 : PostgreSQL: Multiple vulnerabilities\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"The remote host is affected by the vulnerability described in GLSA-201810-08\n(PostgreSQL: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in PostgreSQL. Please\n review the referenced CVE identifiers for details.\n In addition it was discovered that Gentoo’s PostgreSQL installation\n suffered from a privilege escalation vulnerability due to a runscript\n which called OpenRC’s checkpath() on a user controlled path and allowed\n user running PostgreSQL to kill arbitrary processes via PID file\n manipulation.\n \nImpact :\n\n A remote attacker could bypass certain client-side connection security\n features, read arbitrary server memory or alter certain data.\n In addition, a local attacker could gain privileges or cause a Denial of\n Service condition by killing arbitrary processes.\n \nWorkaround :\n\n There is no known workaround at this time.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/201810-08\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"All PostgreSQL users up to 9.3 should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=dev-db/postgresql-9.3.24:9.3'\n All PostgreSQL 9.4 users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=dev-db/postgresql-9.4.19:9.4'\n All PostgreSQL 9.5 users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=dev-db/postgresql-9.5.14:9.5'\n All PostgreSQL 9.6 users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=dev-db/postgresql-9.6.10:9.6'\n All PostgreSQL 10 users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=dev-db/postgresql-10.5:10'\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-1115\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:postgresql\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/05/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/10/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/10/31\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"dev-db/postgresql\", unaffected:make_list(\"ge 9.3.24\", \"ge 9.4.19\", \"ge 9.5.14\", \"ge 9.6.10\", \"ge 10.5\"), vulnerable:make_list(\"lt 10.5\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:qpkg_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"PostgreSQL\");\n}\n", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2022-03-27T15:52:44", "description": "This update for postgresql10 fixes the following issues :\n\nPostgreSQL 10 was updated to 10.5 :\n\n- https://www.postgresql.org/about/news/1851/\n\n- https://www.postgresql.org/docs/current/static/release-10-5.html\n\n A dump/restore is not required for those running 10.X.\n However, if you use the adminpack extension, you should update it as per the first changelog entry below. Also, if the function marking mistakes mentioned in the second and third changelog entries below affect you, you will want to take steps to correct your database catalogs.\n\nSecurity issues fixed :\n\n - CVE-2018-1115: Remove public execute privilege from contrib/adminpack's pg_logfile_rotate() function pg_logfile_rotate() is a deprecated wrapper for the core function pg_rotate_logfile(). When that function was changed to rely on SQL privileges for access control rather than a hard-coded superuser check, pg_logfile_rotate() should have been updated as well, but the need for this was missed. Hence, if adminpack is installed, any user could request a logfile rotation, creating a minor security issue. After installing this update, administrators should update adminpack by performing ALTER EXTENSION adminpack UPDATE in each database in which adminpack is installed (bsc#1091610).\n\n - CVE-2018-10915: libpq failed to properly reset its internal state between connections. If an affected version of libpq was used with 'host' or 'hostaddr' connection parameters from untrusted input, attackers could have bypassed client-side connection security features, obtain access to higher privileged connections or potentially cause other impact SQL injection, by causing the PQescape() functions to malfunction (bsc#1104199)\n\n - CVE-2018-10925: Add missing authorization check on certain statements involved with 'INSERT ... ON CONFLICT DO UPDATE'. An attacker with 'CREATE TABLE' privileges could have exploited this to read arbitrary bytes server memory. If the attacker also had certain 'INSERT' and limited 'UPDATE' privileges to a particular table, they could have exploited this to update other columns in the same table (bsc#1104202).\n\nThis update was imported from the SUSE:SLE-15:Update update project.", "cvss3": {"score": 9.1, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H"}, "published": "2018-09-04T00:00:00", "type": "nessus", "title": "openSUSE Security Update : postgresql10 (openSUSE-2018-955)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-10915", "CVE-2018-10925", "CVE-2018-1115"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:libecpg6", "p-cpe:/a:novell:opensuse:libecpg6-32bit", "p-cpe:/a:novell:opensuse:libecpg6-32bit-debuginfo", "p-cpe:/a:novell:opensuse:libecpg6-debuginfo", "p-cpe:/a:novell:opensuse:libpq5", "p-cpe:/a:novell:opensuse:libpq5-32bit", "p-cpe:/a:novell:opensuse:libpq5-32bit-debuginfo", "p-cpe:/a:novell:opensuse:libpq5-debuginfo", "p-cpe:/a:novell:opensuse:postgresql10", "p-cpe:/a:novell:opensuse:postgresql10-contrib", "p-cpe:/a:novell:opensuse:postgresql10-contrib-debuginfo", "p-cpe:/a:novell:opensuse:postgresql10-debuginfo", "p-cpe:/a:novell:opensuse:postgresql10-debugsource", "p-cpe:/a:novell:opensuse:postgresql10-devel", "p-cpe:/a:novell:opensuse:postgresql10-devel-debuginfo", "p-cpe:/a:novell:opensuse:postgresql10-plperl", "p-cpe:/a:novell:opensuse:postgresql10-plperl-debuginfo", "p-cpe:/a:novell:opensuse:postgresql10-plpython", "p-cpe:/a:novell:opensuse:postgresql10-plpython-debuginfo", "p-cpe:/a:novell:opensuse:postgresql10-pltcl", "p-cpe:/a:novell:opensuse:postgresql10-pltcl-debuginfo", "p-cpe:/a:novell:opensuse:postgresql10-server", "p-cpe:/a:novell:opensuse:postgresql10-server-debuginfo", "p-cpe:/a:novell:opensuse:postgresql10-test", "cpe:/o:novell:opensuse:15.0"], "id": "OPENSUSE-2018-955.NASL", "href": "https://www.tenable.com/plugins/nessus/112269", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2018-955.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(112269);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2018-10915\", \"CVE-2018-10925\", \"CVE-2018-1115\");\n\n script_name(english:\"openSUSE Security Update : postgresql10 (openSUSE-2018-955)\");\n script_summary(english:\"Check for the openSUSE-2018-955 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for postgresql10 fixes the following issues :\n\nPostgreSQL 10 was updated to 10.5 :\n\n- https://www.postgresql.org/about/news/1851/\n\n- https://www.postgresql.org/docs/current/static/release-10-5.html\n\n A dump/restore is not required for those running 10.X.\n However, if you use the adminpack extension, you should\n update it as per the first changelog entry below. Also, if\n the function marking mistakes mentioned in the second and\n third changelog entries below affect you, you will want to\n take steps to correct your database catalogs.\n\nSecurity issues fixed :\n\n - CVE-2018-1115: Remove public execute privilege from\n contrib/adminpack's pg_logfile_rotate() function\n pg_logfile_rotate() is a deprecated wrapper for the core\n function pg_rotate_logfile(). When that function was\n changed to rely on SQL privileges for access control\n rather than a hard-coded superuser check,\n pg_logfile_rotate() should have been updated as well,\n but the need for this was missed. Hence, if adminpack is\n installed, any user could request a logfile rotation,\n creating a minor security issue. After installing this\n update, administrators should update adminpack by\n performing ALTER EXTENSION adminpack UPDATE in each\n database in which adminpack is installed (bsc#1091610).\n\n - CVE-2018-10915: libpq failed to properly reset its\n internal state between connections. If an affected\n version of libpq was used with 'host' or 'hostaddr'\n connection parameters from untrusted input, attackers\n could have bypassed client-side connection security\n features, obtain access to higher privileged connections\n or potentially cause other impact SQL injection, by\n causing the PQescape() functions to malfunction\n (bsc#1104199)\n\n - CVE-2018-10925: Add missing authorization check on\n certain statements involved with 'INSERT ... ON CONFLICT\n DO UPDATE'. An attacker with 'CREATE TABLE' privileges\n could have exploited this to read arbitrary bytes server\n memory. If the attacker also had certain 'INSERT' and\n limited 'UPDATE' privileges to a particular table, they\n could have exploited this to update other columns in the\n same table (bsc#1104202).\n\nThis update was imported from the SUSE:SLE-15:Update update project.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1091610\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1104199\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1104202\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.postgresql.org/about/news/1851/\"\n );\n # https://www.postgresql.org/docs/current/static/release-10-5.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.postgresql.org/docs/current/release-10-5.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected postgresql10 packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libecpg6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libecpg6-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libecpg6-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libecpg6-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libpq5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libpq5-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libpq5-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libpq5-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql10\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql10-contrib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql10-contrib-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql10-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql10-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql10-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql10-devel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql10-plperl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql10-plperl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql10-plpython\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql10-plpython-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql10-pltcl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql10-pltcl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql10-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql10-server-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql10-test\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:15.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/09/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/09/04\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE15\\.0)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"15.0\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libecpg6-10.5-lp150.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libecpg6-debuginfo-10.5-lp150.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libpq5-10.5-lp150.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libpq5-debuginfo-10.5-lp150.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"postgresql10-10.5-lp150.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"postgresql10-contrib-10.5-lp150.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"postgresql10-contrib-debuginfo-10.5-lp150.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"postgresql10-debuginfo-10.5-lp150.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"postgresql10-debugsource-10.5-lp150.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"postgresql10-devel-10.5-lp150.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"postgresql10-devel-debuginfo-10.5-lp150.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"postgresql10-plperl-10.5-lp150.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"postgresql10-plperl-debuginfo-10.5-lp150.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"postgresql10-plpython-10.5-lp150.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"postgresql10-plpython-debuginfo-10.5-lp150.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"postgresql10-pltcl-10.5-lp150.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"postgresql10-pltcl-debuginfo-10.5-lp150.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"postgresql10-server-10.5-lp150.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"postgresql10-server-debuginfo-10.5-lp150.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"postgresql10-test-10.5-lp150.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libecpg6-32bit-10.5-lp150.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libecpg6-32bit-debuginfo-10.5-lp150.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libpq5-32bit-10.5-lp150.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libpq5-32bit-debuginfo-10.5-lp150.3.3.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"postgresql10 / postgresql10-contrib / etc\");\n}\n", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2022-03-27T16:01:30", "description": "A vulnerability was found in libpq, the default PostgreSQL client library where libpq failed to properly reset its internal state between connections. If an affected version of libpq were used with 'host' or 'hostaddr' connection parameters from untrusted input, attackers could bypass client-side connection security features, obtain access to higher privileged connections or potentially cause other impact through SQL injection, by causing the PQescape() functions to malfunction.(CVE-2018-10915)\n\nIt was discovered that PostgreSQL failed to properly check authorization on certain statements involved with 'INSERT ... ON CONFLICT DO UPDATE'. An attacker with 'CREATE TABLE' privileges could exploit this to read arbitrary bytes server memory. If the attacker also had certain 'INSERT' and limited 'UPDATE' privileges to a particular table, they could exploit this to update other columns in the same table.(CVE-2018-10925)\n\nIt was found that pg_catalog.pg_logfile_rotate(), from the adminpack extension, did not follow the same ACLs than pg_rorate_logfile. If the adminpack is added to a database, an attacker able to connect to it could use this flaw to force log rotation.(CVE-2018-1115 )", "cvss3": {"score": 9.1, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H"}, "published": "2018-12-07T00:00:00", "type": "nessus", "title": "Amazon Linux AMI : postgresql96 (ALAS-2018-1119)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-10915", "CVE-2018-10925", "CVE-2018-1115"], "modified": "2020-06-09T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:postgresql96", "p-cpe:/a:amazon:linux:postgresql96-contrib", "p-cpe:/a:amazon:linux:postgresql96-debuginfo", "p-cpe:/a:amazon:linux:postgresql96-devel", "p-cpe:/a:amazon:linux:postgresql96-docs", "p-cpe:/a:amazon:linux:postgresql96-libs", "p-cpe:/a:amazon:linux:postgresql96-plperl", "p-cpe:/a:amazon:linux:postgresql96-plpython26", "p-cpe:/a:amazon:linux:postgresql96-plpython27", "p-cpe:/a:amazon:linux:postgresql96-server", "p-cpe:/a:amazon:linux:postgresql96-static", "p-cpe:/a:amazon:linux:postgresql96-test", "cpe:/o:amazon:linux"], "id": "ALA_ALAS-2018-1119.NASL", "href": "https://www.tenable.com/plugins/nessus/119478", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux AMI Security Advisory ALAS-2018-1119.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(119478);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/06/09\");\n\n script_cve_id(\"CVE-2018-10915\", \"CVE-2018-10925\", \"CVE-2018-1115\");\n script_xref(name:\"ALAS\", value:\"2018-1119\");\n\n script_name(english:\"Amazon Linux AMI : postgresql96 (ALAS-2018-1119)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote Amazon Linux AMI host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"A vulnerability was found in libpq, the default PostgreSQL client\nlibrary where libpq failed to properly reset its internal state\nbetween connections. If an affected version of libpq were used with\n'host' or 'hostaddr' connection parameters from untrusted input,\nattackers could bypass client-side connection security features,\nobtain access to higher privileged connections or potentially cause\nother impact through SQL injection, by causing the PQescape()\nfunctions to malfunction.(CVE-2018-10915)\n\nIt was discovered that PostgreSQL failed to properly check\nauthorization on certain statements involved with 'INSERT ... ON\nCONFLICT DO UPDATE'. An attacker with 'CREATE TABLE' privileges could\nexploit this to read arbitrary bytes server memory. If the attacker\nalso had certain 'INSERT' and limited 'UPDATE' privileges to a\nparticular table, they could exploit this to update other columns in\nthe same table.(CVE-2018-10925)\n\nIt was found that pg_catalog.pg_logfile_rotate(), from the adminpack\nextension, did not follow the same ACLs than pg_rorate_logfile. If the\nadminpack is added to a database, an attacker able to connect to it\ncould use this flaw to force log rotation.(CVE-2018-1115 )\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://alas.aws.amazon.com/ALAS-2018-1119.html\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\"Run 'yum update postgresql96' to update your system.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:postgresql96\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:postgresql96-contrib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:postgresql96-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:postgresql96-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:postgresql96-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:postgresql96-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:postgresql96-plperl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:postgresql96-plpython26\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:postgresql96-plpython27\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:postgresql96-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:postgresql96-static\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:postgresql96-test\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/05/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/12/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/12/07\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nos_ver = pregmatch(pattern: \"^AL(A|\\d)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"A\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux AMI\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (rpm_check(release:\"ALA\", reference:\"postgresql96-9.6.11-1.82.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"postgresql96-contrib-9.6.11-1.82.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"postgresql96-debuginfo-9.6.11-1.82.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"postgresql96-devel-9.6.11-1.82.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"postgresql96-docs-9.6.11-1.82.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"postgresql96-libs-9.6.11-1.82.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"postgresql96-plperl-9.6.11-1.82.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"postgresql96-plpython26-9.6.11-1.82.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"postgresql96-plpython27-9.6.11-1.82.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"postgresql96-server-9.6.11-1.82.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"postgresql96-static-9.6.11-1.82.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"postgresql96-test-9.6.11-1.82.amzn1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"postgresql96 / postgresql96-contrib / postgresql96-debuginfo / etc\");\n}\n", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2022-03-27T15:22:42", "description": "This update for postgresql10 fixes the following issues :\n\nPostgreSQL 10 was updated to 10.5 :\n\n- https://www.postgresql.org/about/news/1851/\n\n- https://www.postgresql.org/docs/current/static/release-10-5.html\n\n A dump/restore is not required for those running 10.X.\n However, if you use the adminpack extension, you should update it as per the first changelog entry below. Also, if the function marking mistakes mentioned in the second and third changelog entries below affect you, you will want to take steps to correct your database catalogs.\n\nSecurity issues fixed :\n\n - CVE-2018-1115: Remove public execute privilege from contrib/adminpack's pg_logfile_rotate() function pg_logfile_rotate() is a deprecated wrapper for the core function pg_rotate_logfile(). When that function was changed to rely on SQL privileges for access control rather than a hard-coded superuser check, pg_logfile_rotate() should have been updated as well, but the need for this was missed. Hence, if adminpack is installed, any user could request a logfile rotation, creating a minor security issue. After installing this update, administrators should update adminpack by performing ALTER EXTENSION adminpack UPDATE in each database in which adminpack is installed (bsc#1091610).\n\n - CVE-2018-10915: libpq failed to properly reset its internal state between connections. If an affected version of libpq was used with 'host' or 'hostaddr' connection parameters from untrusted input, attackers could have bypassed client-side connection security features, obtain access to higher privileged connections or potentially cause other impact SQL injection, by causing the PQescape() functions to malfunction (bsc#1104199)\n\n - CVE-2018-10925: Add missing authorization check on certain statements involved with 'INSERT ... ON CONFLICT DO UPDATE'. An attacker with 'CREATE TABLE' privileges could have exploited this to read arbitrary bytes server memory. If the attacker also had certain 'INSERT' and limited 'UPDATE' privileges to a particular table, they could have exploited this to update other columns in the same table (bsc#1104202).\n\nThis update was imported from the SUSE:SLE-15:Update update project.", "cvss3": {"score": 9.1, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H"}, "published": "2019-03-27T00:00:00", "type": "nessus", "title": "openSUSE Security Update : postgresql10 (openSUSE-2019-659)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-10915", "CVE-2018-10925", "CVE-2018-1115"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:libecpg6", "p-cpe:/a:novell:opensuse:libecpg6-32bit", "p-cpe:/a:novell:opensuse:libecpg6-32bit-debuginfo", "p-cpe:/a:novell:opensuse:libecpg6-debuginfo", "p-cpe:/a:novell:opensuse:libpq5", "p-cpe:/a:novell:opensuse:libpq5-32bit", "p-cpe:/a:novell:opensuse:libpq5-32bit-debuginfo", "p-cpe:/a:novell:opensuse:libpq5-debuginfo", "p-cpe:/a:novell:opensuse:postgresql10", "p-cpe:/a:novell:opensuse:postgresql10-contrib", "p-cpe:/a:novell:opensuse:postgresql10-contrib-debuginfo", "p-cpe:/a:novell:opensuse:postgresql10-debuginfo", "p-cpe:/a:novell:opensuse:postgresql10-debugsource", "p-cpe:/a:novell:opensuse:postgresql10-devel", "p-cpe:/a:novell:opensuse:postgresql10-devel-debuginfo", "p-cpe:/a:novell:opensuse:postgresql10-plperl", "p-cpe:/a:novell:opensuse:postgresql10-plperl-debuginfo", "p-cpe:/a:novell:opensuse:postgresql10-plpython", "p-cpe:/a:novell:opensuse:postgresql10-plpython-debuginfo", "p-cpe:/a:novell:opensuse:postgresql10-pltcl", "p-cpe:/a:novell:opensuse:postgresql10-pltcl-debuginfo", "p-cpe:/a:novell:opensuse:postgresql10-server", "p-cpe:/a:novell:opensuse:postgresql10-server-debuginfo", "p-cpe:/a:novell:opensuse:postgresql10-test", "cpe:/o:novell:opensuse:15.0"], "id": "OPENSUSE-2019-659.NASL", "href": "https://www.tenable.com/plugins/nessus/123286", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2019-659.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(123286);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2018-10915\", \"CVE-2018-10925\", \"CVE-2018-1115\");\n\n script_name(english:\"openSUSE Security Update : postgresql10 (openSUSE-2019-659)\");\n script_summary(english:\"Check for the openSUSE-2019-659 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for postgresql10 fixes the following issues :\n\nPostgreSQL 10 was updated to 10.5 :\n\n- https://www.postgresql.org/about/news/1851/\n\n- https://www.postgresql.org/docs/current/static/release-10-5.html\n\n A dump/restore is not required for those running 10.X.\n However, if you use the adminpack extension, you should\n update it as per the first changelog entry below. Also, if\n the function marking mistakes mentioned in the second and\n third changelog entries below affect you, you will want to\n take steps to correct your database catalogs.\n\nSecurity issues fixed :\n\n - CVE-2018-1115: Remove public execute privilege from\n contrib/adminpack's pg_logfile_rotate() function\n pg_logfile_rotate() is a deprecated wrapper for the core\n function pg_rotate_logfile(). When that function was\n changed to rely on SQL privileges for access control\n rather than a hard-coded superuser check,\n pg_logfile_rotate() should have been updated as well,\n but the need for this was missed. Hence, if adminpack is\n installed, any user could request a logfile rotation,\n creating a minor security issue. After installing this\n update, administrators should update adminpack by\n performing ALTER EXTENSION adminpack UPDATE in each\n database in which adminpack is installed (bsc#1091610).\n\n - CVE-2018-10915: libpq failed to properly reset its\n internal state between connections. If an affected\n version of libpq was used with 'host' or 'hostaddr'\n connection parameters from untrusted input, attackers\n could have bypassed client-side connection security\n features, obtain access to higher privileged connections\n or potentially cause other impact SQL injection, by\n causing the PQescape() functions to malfunction\n (bsc#1104199)\n\n - CVE-2018-10925: Add missing authorization check on\n certain statements involved with 'INSERT ... ON CONFLICT\n DO UPDATE'. An attacker with 'CREATE TABLE' privileges\n could have exploited this to read arbitrary bytes server\n memory. If the attacker also had certain 'INSERT' and\n limited 'UPDATE' privileges to a particular table, they\n could have exploited this to update other columns in the\n same table (bsc#1104202).\n\nThis update was imported from the SUSE:SLE-15:Update update project.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1091610\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1104199\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1104202\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.postgresql.org/about/news/1851/\"\n );\n # https://www.postgresql.org/docs/current/static/release-10-5.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.postgresql.org/docs/current/release-10-5.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected postgresql10 packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libecpg6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libecpg6-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libecpg6-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libecpg6-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libpq5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libpq5-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libpq5-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libpq5-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql10\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql10-contrib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql10-contrib-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql10-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql10-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql10-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql10-devel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql10-plperl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql10-plperl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql10-plpython\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql10-plpython-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql10-pltcl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql10-pltcl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql10-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql10-server-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql10-test\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:15.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/05/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/03/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/03/27\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE15\\.0)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"15.0\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libecpg6-10.5-lp150.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libecpg6-debuginfo-10.5-lp150.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libpq5-10.5-lp150.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libpq5-debuginfo-10.5-lp150.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"postgresql10-10.5-lp150.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"postgresql10-contrib-10.5-lp150.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"postgresql10-contrib-debuginfo-10.5-lp150.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"postgresql10-debuginfo-10.5-lp150.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"postgresql10-debugsource-10.5-lp150.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"postgresql10-devel-10.5-lp150.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"postgresql10-devel-debuginfo-10.5-lp150.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"postgresql10-plperl-10.5-lp150.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"postgresql10-plperl-debuginfo-10.5-lp150.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"postgresql10-plpython-10.5-lp150.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"postgresql10-plpython-debuginfo-10.5-lp150.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"postgresql10-pltcl-10.5-lp150.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"postgresql10-pltcl-debuginfo-10.5-lp150.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"postgresql10-server-10.5-lp150.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"postgresql10-server-debuginfo-10.5-lp150.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"postgresql10-test-10.5-lp150.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libecpg6-32bit-10.5-lp150.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libecpg6-32bit-debuginfo-10.5-lp150.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libpq5-32bit-10.5-lp150.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libpq5-32bit-debuginfo-10.5-lp150.3.3.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"postgresql10 / postgresql10-contrib / etc\");\n}\n", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2022-05-15T13:58:36", "description": "This update for postgresql96, postgresql10 and postgresql12 fixes the following issues :\n\npostgresql10 was updated to 10.13 (bsc#1171924).\n\nhttps://www.postgresql.org/about/news/2038/ https://www.postgresql.org/docs/10/release-10-13.html\n\npostgresql10 was updated to 10.12 (CVE-2020-1720, bsc#1163985)\n\n- https://www.postgresql.org/about/news/2011/\n\n- https://www.postgresql.org/docs/10/release-10-12.html\n\npostgresql10 was updated to 10.11 :\n\n- https://www.postgresql.org/about/news/1994/\n\n- https://www.postgresql.org/docs/10/release-10-11.html\n\npostgresql12 was updated to 12.3 (bsc#1171924).\n\nBug Fixes and Improvements :\n\n - Several fixes for GENERATED columns, including an issue where it was possible to crash or corrupt data in a table when the output of the generated column was the exact copy of a physical column on the table, e.g. if the expression called a function which could return its own input.\n\n - Several fixes for ALTER TABLE, including ensuring the SET STORAGE directive is propagated to a table's indexes.\n\n - Fix a potential race condition when using DROP OWNED BY while another session is deleting the same objects.\n\n - Allow for a partition to be detached when it has inherited ROW triggers.\n\n - Several fixes for REINDEX CONCURRENTLY, particularly with issues when a REINDEX CONCURRENTLY operation fails.\n\n - Fix crash when COLLATE is applied to an uncollatable type in a partition bound expression.\n\n - Fix performance regression in floating point overflow/underflow detection.\n\n - Several fixes for full text search, particularly with phrase searching.\n\n - Fix query-lifespan memory leak for a set-returning function used in a query's FROM clause.\n\n - Several reporting fixes for the output of VACUUM VERBOSE.\n\n - Allow input of type circle to accept the format (x,y),r, which is specified in the documentation.\n\n - Allow for the get_bit() and set_bit() functions to not fail on bytea strings longer than 256MB.\n\n - Avoid premature recycling of WAL segments during crash recovery, which could lead to WAL segments being recycled before being archived.\n\n - Avoid attempting to fetch nonexistent WAL files from archive storage during recovery by skipping irrelevant timelines.\n\n - Several fixes for logical replication and replication slots.\n\n - Fix several race conditions in synchronous standby management, including one that occurred when changing the synchronous_standby_names setting.\n\n - Several fixes for GSSAPI support, include a fix for a memory leak that occurred when using GSSAPI encryption.\n\n - Ensure that members of the pg_read_all_stats role can read all statistics views.\n\n - Fix performance regression in information_schema.triggers view.\n\n - Fix memory leak in libpq when using sslmode=verify-full.\n\n - Fix crash in psql when attempting to re-establish a failed connection.\n\n - Allow tab-completion of the filename argument to \\gx command in psql.\n\n - Add pg_dump support for ALTER ... DEPENDS ON EXTENSION.\n\n - Several other fixes for pg_dump, which include dumping comments on RLS policies and postponing restore of event triggers until the end.\n\n - Ensure pg_basebackup generates valid tar files.\n\n - pg_checksums skips tablespace subdirectories that belong to a different PostgreSQL major version\n\n - Several Windows compatibility fixes\n\nThis update also contains timezone tzdata release 2020a for DST law changes in Morocco and the Canadian Yukon, plus historical corrections for Shanghai. The America/Godthab zone has been renamed to America/Nuuk to reflect current English usage ; however, the old name remains available as a compatibility link. This also updates initdb's list of known Windows time zone names to include recent additions.\n\nFor more details, check out :\n\n - https://www.postgresql.org/docs/12/release-12-3.html\n\nOther fixes :\n\n - Let postgresqlXX conflict with postgresql-noarch < 12.0.1 to get a clean and complete cutover to the new packaging schema.\n\npostgresql96 was updated to 9.6.19 :\n\n - CVE-2020-14350, boo#1175194: Make contrib modules' installation scripts more secure.\n\n - https://www.postgresql.org/docs/9.6/release-9-6-19.html\n\n - Pack the /usr/lib/postgresql symlink only into the main package.\n\n - Let postgresqlXX conflict with postgresql-noarch < 12.0.1 to get a clean and complete cutover to the new packaging schema.\n\n - update to 9.6.18 (boo#1171924).\n https://www.postgresql.org/about/news/2038/ https://www.postgresql.org/docs/9.6/release-9-6-18.html\n\n - Unify the spec file to work across all current PostgreSQL versions to simplify future maintenance.\n\n - Move from the 'libs' build flavour to a 'mini' package that will only be used inside the build service and not get shipped, to avoid confusion with the debuginfo packages (boo#1148643).\n\n - update to 9.6.17 (CVE-2020-1720, boo#1163985) https://www.postgresql.org/about/news/2011/ https://www.postgresql.org/docs/9.6/release-9-6-17.html\n\n - use and package the sha256 checksum for for source\n\n - update to 9.6.16:\n https://www.postgresql.org/about/news/1994/ https://www.postgresql.org/docs/9.6/release-9-6-16.html\n\n - add requires to the devel package for the libs that are returned by pg_config --libs\n\n - Update to 9.6.15 :\n\n - https://www.postgresql.org/about/news/1960/\n\n - https://www.postgresql.org/docs/9.6/release-9-6-15.html\n\n - CVE-2019-10208, boo#1145092: TYPE in pg_temp executes arbitrary SQL during SECURITY DEFINER execution.\n\n - Use FAT LTO objects in order to provide proper static library.\n\n - Update to 9.6.14:\n https://www.postgresql.org/docs/9.6/release-9-6-14.html\n\n - Update to 9.6.13 :\n\n - https://www.postgresql.org/docs/9.6/release-9-6-13.html\n\n - https://www.postgresql.org/about/news/1939/\n\n - CVE-2019-10130, boo#1134689: Prevent row-level security policies from being bypassed via selectivity estimators.\n\n - Make the server-devel package exclusive across versions.\n\n - Update to 9.6.12 :\n\n - https://www.postgresql.org/docs/9.6/release-9-6-12.html\n\n - https://www.postgresql.org/about/news/1920/\n\n - By default, panic instead of retrying after fsync() failure, to avoid possible data corruption.\n\n - Numerous other bug fixes.\n\n - Overhaul README.SUSE\n\n - Update to 9.6.11 :\n\n - Numerous bug fixes, see the release notes:\n https://www.postgresql.org/docs/9.6/release-9-6-11.html\n\n - Remove unneeded library dependencies from PGXS.\n\n - add provides for the new server-devel package that will be introduced in postgresql 11\n\n - Update to 9.6.10:\n https://www.postgresql.org/docs/current/static/release-9\n -6-10.html\n\n - CVE-2018-10915, boo#1104199: Fix failure to reset libpq's state fully between connection attempts.\n\n - CVE-2018-10925, boo#1104202: Fix INSERT ... ON CONFLICT UPDATE through a view that isn't just SELECT * FROM ...\n\n - Update to 9.6.9:\n https://www.postgresql.org/about/news/1851/ https://www.postgresql.org/docs/current/static/release-9\n -6-9.html A dump/restore is not required for those running 9.6.X. However, if you use the adminpack extension, you should update it as per the first changelog entry below. Also, if the function marking mistakes mentioned in the second and third changelog entries below affect you, you will want to take steps to correct your database catalogs.\n\n - CVE-2018-1115, boo#1091610: Remove public execute privilege from contrib/adminpack's pg_logfile_rotate() function pg_logfile_rotate() is a deprecated wrapper for the core function pg_rotate_logfile(). When that function was changed to rely on SQL privileges for access control rather than a hard-coded superuser check, pg_logfile_rotate() should have been updated as well, but the need for this was missed. Hence, if adminpack is installed, any user could request a logfile rotation, creating a minor security issue. After installing this update, administrators should update adminpack by performing ALTER EXTENSION adminpack UPDATE in each database in which adminpack is installed.\n\n - Fix incorrect volatility markings on a few built-in functions\n\n - Fix incorrect parallel-safety markings on a few built-in functions.\n\nThis update was imported from the SUSE:SLE-15-SP1:Update update project.", "cvss3": {"score": 9.1, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H"}, "published": "2020-08-18T00:00:00", "type": "nessus", "title": "openSUSE Security Update : postgresql96 / postgresql10 and postgresql12 (openSUSE-2020-1227)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-10915", "CVE-2018-10925", "CVE-2018-1115", "CVE-2019-10130", "CVE-2019-10208", "CVE-2020-14350", "CVE-2020-1720"], "modified": "2022-05-13T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:libecpg6", "p-cpe:/a:novell:opensuse:libecpg6-debuginfo", "p-cpe:/a:novell:opensuse:libpq5", "p-cpe:/a:novell:opensuse:libpq5-debuginfo", "p-cpe:/a:novell:opensuse:postgresql", "p-cpe:/a:novell:opensuse:postgresql-contrib", "p-cpe:/a:novell:opensuse:postgresql-devel", "p-cpe:/a:novell:opensuse:postgresql-llvmjit", "p-cpe:/a:novell:opensuse:postgresql-plperl", "p-cpe:/a:novell:opensuse:postgresql-plpython", "p-cpe:/a:novell:opensuse:postgresql-pltcl", "p-cpe:/a:novell:opensuse:postgresql-server", "p-cpe:/a:novell:opensuse:postgresql-server-devel", "p-cpe:/a:novell:opensuse:postgresql-test", "p-cpe:/a:novell:opensuse:postgresql10", "p-cpe:/a:novell:opensuse:postgresql10-contrib", "p-cpe:/a:novell:opensuse:postgresql10-contrib-debuginfo", "p-cpe:/a:novell:opensuse:postgresql10-debuginfo", "p-cpe:/a:novell:opensuse:postgresql10-debugsource", "p-cpe:/a:novell:opensuse:postgresql10-devel", "p-cpe:/a:novell:opensuse:postgresql10-devel-debuginfo", "p-cpe:/a:novell:opensuse:postgresql10-plperl", "p-cpe:/a:novell:opensuse:postgresql10-plperl-debuginfo", "p-cpe:/a:novell:opensuse:postgresql10-plpython", "p-cpe:/a:novell:opensuse:postgresql10-plpython-debuginfo", "p-cpe:/a:novell:opensuse:postgresql10-pltcl", "p-cpe:/a:novell:opensuse:postgresql10-pltcl-debuginfo", "p-cpe:/a:novell:opensuse:postgresql10-server", "p-cpe:/a:novell:opensuse:postgresql10-server-debuginfo", "p-cpe:/a:novell:opensuse:postgresql10-test", "p-cpe:/a:novell:opensuse:postgresql12", "p-cpe:/a:novell:opensuse:postgresql12-contrib", "p-cpe:/a:novell:opensuse:postgresql12-contrib-debuginfo", "p-cpe:/a:novell:opensuse:postgresql12-debuginfo", "p-cpe:/a:novell:opensuse:postgresql12-debugsource", "p-cpe:/a:novell:opensuse:postgresql12-devel", "p-cpe:/a:novell:opensuse:postgresql12-devel-debuginfo", "p-cpe:/a:novell:opensuse:postgresql12-llvmjit", "p-cpe:/a:novell:opensuse:postgresql12-llvmjit-debuginfo", "p-cpe:/a:novell:opensuse:postgresql12-plperl", "p-cpe:/a:novell:opensuse:postgresql12-plperl-debuginfo", "p-cpe:/a:novell:opensuse:postgresql12-plpython", "p-cpe:/a:novell:opensuse:postgresql12-plpython-debuginfo", "p-cpe:/a:novell:opensuse:postgresql12-pltcl", "p-cpe:/a:novell:opensuse:postgresql12-pltcl-debuginfo", "p-cpe:/a:novell:opensuse:postgresql12-server", "p-cpe:/a:novell:opensuse:postgresql12-server-debuginfo", "p-cpe:/a:novell:opensuse:postgresql12-server-devel", "p-cpe:/a:novell:opensuse:postgresql12-server-devel-debuginfo", "p-cpe:/a:novell:opensuse:postgresql12-test", "p-cpe:/a:novell:opensuse:postgresql96", "p-cpe:/a:novell:opensuse:postgresql96-contrib", "p-cpe:/a:novell:opensuse:postgresql96-contrib-debuginfo", "p-cpe:/a:novell:opensuse:postgresql96-debuginfo", "p-cpe:/a:novell:opensuse:postgresql96-debugsource", "p-cpe:/a:novell:opensuse:postgresql96-devel", "p-cpe:/a:novell:opensuse:postgresql96-devel-debuginfo", "p-cpe:/a:novell:opensuse:postgresql96-plperl", "p-cpe:/a:novell:opensuse:postgresql96-plperl-debuginfo", "p-cpe:/a:novell:opensuse:postgresql96-plpython", "p-cpe:/a:novell:opensuse:postgresql96-plpython-debuginfo", "p-cpe:/a:novell:opensuse:postgresql96-pltcl", "p-cpe:/a:novell:opensuse:postgresql96-pltcl-debuginfo", "p-cpe:/a:novell:opensuse:postgresql96-server", "p-cpe:/a:novell:opensuse:postgresql96-server-debuginfo", "p-cpe:/a:novell:opensuse:postgresql96-test", "cpe:/o:novell:opensuse:15.1"], "id": "OPENSUSE-2020-1227.NASL", "href": "https://www.tenable.com/plugins/nessus/139655", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2020-1227.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(139655);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/13\");\n\n script_cve_id(\"CVE-2018-10915\", \"CVE-2018-10925\", \"CVE-2018-1115\", \"CVE-2019-10130\", \"CVE-2019-10208\", \"CVE-2020-14350\", \"CVE-2020-1720\");\n script_xref(name:\"IAVB\", value:\"2020-B-0047-S\");\n\n script_name(english:\"openSUSE Security Update : postgresql96 / postgresql10 and postgresql12 (openSUSE-2020-1227)\");\n script_summary(english:\"Check for the openSUSE-2020-1227 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"This update for postgresql96, postgresql10 and postgresql12 fixes the\nfollowing issues :\n\npostgresql10 was updated to 10.13 (bsc#1171924).\n\nhttps://www.postgresql.org/about/news/2038/\nhttps://www.postgresql.org/docs/10/release-10-13.html\n\npostgresql10 was updated to 10.12 (CVE-2020-1720, bsc#1163985)\n\n- https://www.postgresql.org/about/news/2011/\n\n- https://www.postgresql.org/docs/10/release-10-12.html\n\npostgresql10 was updated to 10.11 :\n\n- https://www.postgresql.org/about/news/1994/\n\n- https://www.postgresql.org/docs/10/release-10-11.html\n\npostgresql12 was updated to 12.3 (bsc#1171924).\n\nBug Fixes and Improvements :\n\n - Several fixes for GENERATED columns, including an issue\n where it was possible to crash or corrupt data in a\n table when the output of the generated column was the\n exact copy of a physical column on the table, e.g. if\n the expression called a function which could return its\n own input.\n\n - Several fixes for ALTER TABLE, including ensuring the\n SET STORAGE directive is propagated to a table's\n indexes.\n\n - Fix a potential race condition when using DROP OWNED BY\n while another session is deleting the same objects.\n\n - Allow for a partition to be detached when it has\n inherited ROW triggers.\n\n - Several fixes for REINDEX CONCURRENTLY, particularly\n with issues when a REINDEX CONCURRENTLY operation fails.\n\n - Fix crash when COLLATE is applied to an uncollatable\n type in a partition bound expression.\n\n - Fix performance regression in floating point\n overflow/underflow detection.\n\n - Several fixes for full text search, particularly with\n phrase searching.\n\n - Fix query-lifespan memory leak for a set-returning\n function used in a query's FROM clause.\n\n - Several reporting fixes for the output of VACUUM\n VERBOSE.\n\n - Allow input of type circle to accept the format (x,y),r,\n which is specified in the documentation.\n\n - Allow for the get_bit() and set_bit() functions to not\n fail on bytea strings longer than 256MB.\n\n - Avoid premature recycling of WAL segments during crash\n recovery, which could lead to WAL segments being\n recycled before being archived.\n\n - Avoid attempting to fetch nonexistent WAL files from\n archive storage during recovery by skipping irrelevant\n timelines.\n\n - Several fixes for logical replication and replication\n slots.\n\n - Fix several race conditions in synchronous standby\n management, including one that occurred when changing\n the synchronous_standby_names setting.\n\n - Several fixes for GSSAPI support, include a fix for a\n memory leak that occurred when using GSSAPI encryption.\n\n - Ensure that members of the pg_read_all_stats role can\n read all statistics views.\n\n - Fix performance regression in\n information_schema.triggers view.\n\n - Fix memory leak in libpq when using sslmode=verify-full.\n\n - Fix crash in psql when attempting to re-establish a\n failed connection.\n\n - Allow tab-completion of the filename argument to \\gx\n command in psql.\n\n - Add pg_dump support for ALTER ... DEPENDS ON EXTENSION.\n\n - Several other fixes for pg_dump, which include dumping\n comments on RLS policies and postponing restore of event\n triggers until the end.\n\n - Ensure pg_basebackup generates valid tar files.\n\n - pg_checksums skips tablespace subdirectories that belong\n to a different PostgreSQL major version\n\n - Several Windows compatibility fixes\n\nThis update also contains timezone tzdata release 2020a for DST law\nchanges in Morocco and the Canadian Yukon, plus historical corrections\nfor Shanghai. The America/Godthab zone has been renamed to\nAmerica/Nuuk to reflect current English usage ; however, the old name\nremains available as a compatibility link. This also updates initdb's\nlist of known Windows time zone names to include recent additions.\n\nFor more details, check out :\n\n - https://www.postgresql.org/docs/12/release-12-3.html\n\nOther fixes :\n\n - Let postgresqlXX conflict with postgresql-noarch <\n 12.0.1 to get a clean and complete cutover to the new\n packaging schema.\n\npostgresql96 was updated to 9.6.19 :\n\n - CVE-2020-14350, boo#1175194: Make contrib modules'\n installation scripts more secure.\n\n - https://www.postgresql.org/docs/9.6/release-9-6-19.html\n\n - Pack the /usr/lib/postgresql symlink only into the main\n package.\n\n - Let postgresqlXX conflict with postgresql-noarch <\n 12.0.1 to get a clean and complete cutover to the new\n packaging schema.\n\n - update to 9.6.18 (boo#1171924).\n https://www.postgresql.org/about/news/2038/\n https://www.postgresql.org/docs/9.6/release-9-6-18.html\n\n - Unify the spec file to work across all current\n PostgreSQL versions to simplify future maintenance.\n\n - Move from the 'libs' build flavour to a 'mini' package\n that will only be used inside the build service and not\n get shipped, to avoid confusion with the debuginfo\n packages (boo#1148643).\n\n - update to 9.6.17 (CVE-2020-1720, boo#1163985)\n https://www.postgresql.org/about/news/2011/\n https://www.postgresql.org/docs/9.6/release-9-6-17.html\n\n - use and package the sha256 checksum for for source\n\n - update to 9.6.16:\n https://www.postgresql.org/about/news/1994/\n https://www.postgresql.org/docs/9.6/release-9-6-16.html\n\n - add requires to the devel package for the libs that are\n returned by pg_config --libs\n\n - Update to 9.6.15 :\n\n - https://www.postgresql.org/about/news/1960/\n\n - https://www.postgresql.org/docs/9.6/release-9-6-15.html\n\n - CVE-2019-10208, boo#1145092: TYPE in pg_temp executes\n arbitrary SQL during SECURITY DEFINER execution.\n\n - Use FAT LTO objects in order to provide proper static\n library.\n\n - Update to 9.6.14:\n https://www.postgresql.org/docs/9.6/release-9-6-14.html\n\n - Update to 9.6.13 :\n\n - https://www.postgresql.org/docs/9.6/release-9-6-13.html\n\n - https://www.postgresql.org/about/news/1939/\n\n - CVE-2019-10130, boo#1134689: Prevent row-level security\n policies from being bypassed via selectivity estimators.\n\n - Make the server-devel package exclusive across versions.\n\n - Update to 9.6.12 :\n\n - https://www.postgresql.org/docs/9.6/release-9-6-12.html\n\n - https://www.postgresql.org/about/news/1920/\n\n - By default, panic instead of retrying after fsync()\n failure, to avoid possible data corruption.\n\n - Numerous other bug fixes.\n\n - Overhaul README.SUSE\n\n - Update to 9.6.11 :\n\n - Numerous bug fixes, see the release notes:\n https://www.postgresql.org/docs/9.6/release-9-6-11.html\n\n - Remove unneeded library dependencies from PGXS.\n\n - add provides for the new server-devel package that will\n be introduced in postgresql 11\n\n - Update to 9.6.10:\n https://www.postgresql.org/docs/current/static/release-9\n -6-10.html\n\n - CVE-2018-10915, boo#1104199: Fix failure to reset\n libpq's state fully between connection attempts.\n\n - CVE-2018-10925, boo#1104202: Fix INSERT ... ON CONFLICT\n UPDATE through a view that isn't just SELECT * FROM ...\n\n - Update to 9.6.9:\n https://www.postgresql.org/about/news/1851/\n https://www.postgresql.org/docs/current/static/release-9\n -6-9.html A dump/restore is not required for those\n running 9.6.X. However, if you use the adminpack\n extension, you should update it as per the first\n changelog entry below. Also, if the function marking\n mistakes mentioned in the second and third changelog\n entries below affect you, you will want to take steps to\n correct your database catalogs.\n\n - CVE-2018-1115, boo#1091610: Remove public execute\n privilege from contrib/adminpack's pg_logfile_rotate()\n function pg_logfile_rotate() is a deprecated wrapper for\n the core function pg_rotate_logfile(). When that\n function was changed to rely on SQL privileges for\n access control rather than a hard-coded superuser check,\n pg_logfile_rotate() should have been updated as well,\n but the need for this was missed. Hence, if adminpack is\n installed, any user could request a logfile rotation,\n creating a minor security issue. After installing this\n update, administrators should update adminpack by\n performing ALTER EXTENSION adminpack UPDATE in each\n database in which adminpack is installed.\n\n - Fix incorrect volatility markings on a few built-in\n functions\n\n - Fix incorrect parallel-safety markings on a few built-in\n functions.\n\nThis update was imported from the SUSE:SLE-15-SP1:Update update\nproject.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1091610\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1104199\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1104202\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1134689\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1145092\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1148643\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1163985\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1171924\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1175194\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.postgresql.org/about/news/1851/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.postgresql.org/about/news/1920/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.postgresql.org/about/news/1939/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.postgresql.org/about/news/1960/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.postgresql.org/about/news/1994/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.postgresql.org/about/news/2011/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.postgresql.org/about/news/2038/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.postgresql.org/docs/10/release-10-11.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.postgresql.org/docs/10/release-10-12.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.postgresql.org/docs/10/release-10-13.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.postgresql.org/docs/12/release-12-3.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.postgresql.org/docs/9.6/release-9-6-11.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.postgresql.org/docs/9.6/release-9-6-12.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.postgresql.org/docs/9.6/release-9-6-13.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.postgresql.org/docs/9.6/release-9-6-14.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.postgresql.org/docs/9.6/release-9-6-15.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.postgresql.org/docs/9.6/release-9-6-16.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.postgresql.org/docs/9.6/release-9-6-17.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.postgresql.org/docs/9.6/release-9-6-18.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.postgresql.org/docs/9.6/release-9-6-19.html\"\n );\n # https://www.postgresql.org/docs/current/static/release-9-6-10.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.postgresql.org/docs/current/release-9-6-10.html\"\n );\n # https://www.postgresql.org/docs/current/static/release-9-6-9.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.postgresql.org/docs/current/release-9-6-9.html\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\"Update the affected postgresql96 / postgresql10 and postgresql12 packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-10208\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libecpg6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libecpg6-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libpq5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libpq5-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql-contrib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql-llvmjit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql-plperl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql-plpython\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql-pltcl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql-server-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql-test\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql10\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql10-contrib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql10-contrib-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql10-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql10-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql10-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql10-devel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql10-plperl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql10-plperl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql10-plpython\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql10-plpython-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql10-pltcl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql10-pltcl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql10-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql10-server-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql10-test\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql12\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql12-contrib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql12-contrib-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql12-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql12-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql12-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql12-devel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql12-llvmjit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql12-llvmjit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql12-plperl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql12-plperl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql12-plpython\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql12-plpython-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql12-pltcl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql12-pltcl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql12-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql12-server-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql12-server-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql12-server-devel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql12-test\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql96\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql96-contrib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql96-contrib-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql96-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql96-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql96-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql96-devel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql96-plperl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql96-plperl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql96-plpython\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql96-plpython-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql96-pltcl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql96-pltcl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql96-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql96-server-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql96-test\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:15.1\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/05/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/08/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/08/18\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE15\\.1)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"15.1\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE15.1\", reference:\"postgresql-12.0.1-lp151.6.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"postgresql-contrib-12.0.1-lp151.6.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"postgresql-devel-12.0.1-lp151.6.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"postgresql-llvmjit-12.0.1-lp151.6.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"postgresql-plperl-12.0.1-lp151.6.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"postgresql-plpython-12.0.1-lp151.6.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"postgresql-pltcl-12.0.1-lp151.6.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"postgresql-server-12.0.1-lp151.6.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"postgresql-server-devel-12.0.1-lp151.6.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"postgresql-test-12.0.1-lp151.6.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"postgresql10-10.13-lp151.2.14.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"postgresql10-contrib-10.13-lp151.2.14.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"postgresql10-contrib-debuginfo-10.13-lp151.2.14.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"postgresql10-debuginfo-10.13-lp151.2.14.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"postgresql10-debugsource-10.13-lp151.2.14.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"postgresql10-devel-10.13-lp151.2.14.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"postgresql10-devel-debuginfo-10.13-lp151.2.14.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"postgresql10-plperl-10.13-lp151.2.14.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"postgresql10-plperl-debuginfo-10.13-lp151.2.14.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"postgresql10-plpython-10.13-lp151.2.14.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"postgresql10-plpython-debuginfo-10.13-lp151.2.14.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"postgresql10-pltcl-10.13-lp151.2.14.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"postgresql10-pltcl-debuginfo-10.13-lp151.2.14.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"postgresql10-server-10.13-lp151.2.14.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"postgresql10-server-debuginfo-10.13-lp151.2.14.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"postgresql10-test-10.13-lp151.2.14.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"postgresql96-9.6.19-lp151.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"postgresql96-contrib-9.6.19-lp151.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"postgresql96-contrib-debuginfo-9.6.19-lp151.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"postgresql96-debuginfo-9.6.19-lp151.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"postgresql96-debugsource-9.6.19-lp151.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"postgresql96-devel-9.6.19-lp151.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"postgresql96-devel-debuginfo-9.6.19-lp151.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"postgresql96-plperl-9.6.19-lp151.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"postgresql96-plperl-debuginfo-9.6.19-lp151.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"postgresql96-plpython-9.6.19-lp151.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"postgresql96-plpython-debuginfo-9.6.19-lp151.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"postgresql96-pltcl-9.6.19-lp151.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"postgresql96-pltcl-debuginfo-9.6.19-lp151.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"postgresql96-server-9.6.19-lp151.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"postgresql96-server-debuginfo-9.6.19-lp151.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"postgresql96-test-9.6.19-lp151.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", cpu:\"x86_64\", reference:\"libecpg6-12.3-lp151.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", cpu:\"x86_64\", reference:\"libecpg6-debuginfo-12.3-lp151.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", cpu:\"x86_64\", reference:\"libpq5-12.3-lp151.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", cpu:\"x86_64\", reference:\"libpq5-debuginfo-12.3-lp151.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", cpu:\"x86_64\", reference:\"postgresql12-12.3-lp151.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", cpu:\"x86_64\", reference:\"postgresql12-contrib-12.3-lp151.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", cpu:\"x86_64\", reference:\"postgresql12-contrib-debuginfo-12.3-lp151.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", cpu:\"x86_64\", reference:\"postgresql12-debuginfo-12.3-lp151.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", cpu:\"x86_64\", reference:\"postgresql12-debugsource-12.3-lp151.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", cpu:\"x86_64\", reference:\"postgresql12-devel-12.3-lp151.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", cpu:\"x86_64\", reference:\"postgresql12-devel-debuginfo-12.3-lp151.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", cpu:\"x86_64\", reference:\"postgresql12-llvmjit-12.3-lp151.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", cpu:\"x86_64\", reference:\"postgresql12-llvmjit-debuginfo-12.3-lp151.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", cpu:\"x86_64\", reference:\"postgresql12-plperl-12.3-lp151.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", cpu:\"x86_64\", reference:\"postgresql12-plperl-debuginfo-12.3-lp151.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", cpu:\"x86_64\", reference:\"postgresql12-plpython-12.3-lp151.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", cpu:\"x86_64\", reference:\"postgresql12-plpython-debuginfo-12.3-lp151.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", cpu:\"x86_64\", reference:\"postgresql12-pltcl-12.3-lp151.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", cpu:\"x86_64\", reference:\"postgresql12-pltcl-debuginfo-12.3-lp151.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", cpu:\"x86_64\", reference:\"postgresql12-server-12.3-lp151.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", cpu:\"x86_64\", reference:\"postgresql12-server-debuginfo-12.3-lp151.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", cpu:\"x86_64\", reference:\"postgresql12-server-devel-12.3-lp151.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", cpu:\"x86_64\", reference:\"postgresql12-server-devel-debuginfo-12.3-lp151.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", cpu:\"x86_64\", reference:\"postgresql12-test-12.3-lp151.2.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"postgresql / postgresql-contrib / postgresql-devel / etc\");\n}\n", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}], "postgresql": [{"lastseen": "2021-07-28T14:33:18", "description": "Too-permissive access control list on function pg_logfile_rotate()", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.1, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.2}, "published": "2018-05-10T19:29:00", "type": "postgresql", "title": "Vulnerability in contrib module (CVE-2018-1115)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.4, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": true, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-1115"], "modified": "2018-05-10T19:29:00", "id": "POSTGRESQL:CVE-2018-1115", "href": "https://www.postgresql.org/support/security/", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:P"}}], "cve": [{"lastseen": "2022-03-23T12:15:03", "description": "postgresql before versions 10.4, 9.6.9 is vulnerable in the adminpack extension, the pg_catalog.pg_logfile_rotate() function doesn't follow the same ACLs than pg_rorate_logfile. If the adminpack is added to a database, an attacker able to connect to it could exploit this to force log rotation.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.2}, "published": "2018-05-10T19:29:00", "type": "cve", "title": "CVE-2018-1115", "cwe": ["CWE-732"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.4, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-1115"], "modified": "2020-12-04T18:15:00", "cpe": ["cpe:/o:opensuse:leap:15.1"], "id": "CVE-2018-1115", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-1115", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:P"}, "cpe23": ["cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*"]}], "debiancve": [{"lastseen": "2021-12-14T17:51:55", "description": "postgresql before versions 10.4, 9.6.9 is vulnerable in the adminpack extension, the pg_catalog.pg_logfile_rotate() function doesn't follow the same ACLs than pg_rorate_logfile. If the adminpack is added to a database, an attacker able to connect to it could exploit this to force log rotation.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.1, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.2}, "published": "2018-05-10T19:29:00", "type": "debiancve", "title": "CVE-2018-1115", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.4, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": true, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-1115"], "modified": "2018-05-10T19:29:00", "id": "DEBIANCVE:CVE-2018-1115", "href": "https://security-tracker.debian.org/tracker/CVE-2018-1115", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:P"}}], "altlinux": [{"lastseen": "2022-06-10T03:06:06", "description": "9.6.9-alt0.M80P.1 built May 18, 2018 Alexei Takaseev in task [#205920](<https://git.altlinux.org/tasks/205920/>) \n--- \nMay 9, 2018 Alexei Takaseev \n \n \n - 9.6.9\n - (Fixes CVE-2018-1115)\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.2}, "published": "2018-05-18T00:00:00", "type": "altlinux", "title": "Security fix for the ALT Linux 8 package postgresql9.6 version 9.6.9-alt0.M80P.1", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.4, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-1115"], "modified": "2018-05-18T00:00:00", "id": "EAD4050F7D8442CA4AC68B5BD083F89C", "href": "https://packages.altlinux.org/en/p8/srpms/postgresql9.6/2261986839894094244", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2022-06-10T03:06:40", "description": "9.3.23-alt0.M70P.1 built May 22, 2018 Alexei Takaseev in task [#205931](<https://git.altlinux.org/tasks/205931/>) \n--- \nMay 9, 2018 Alexei Takaseev \n \n \n - 9.3.23\n - Fix CVE-2018-1115\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.2}, "published": "2018-05-22T00:00:00", "type": "altlinux", "title": "Security fix for the ALT Linux 7 package postgresql9.3 version 9.3.23-alt0.M70P.1", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.4, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-1115"], "modified": "2018-05-22T00:00:00", "id": "7B02354C0BC6D76C3892BF9DF91A7B2C", "href": "https://packages.altlinux.org/en/p7/srpms/postgresql9.3/2263318467437155330", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2022-06-10T03:06:41", "description": "9.4.18-alt0.M70P.1 built May 22, 2018 Alexei Takaseev in task [#205931](<https://git.altlinux.org/tasks/205931/>) \n--- \nMay 9, 2018 Alexei Takaseev \n \n \n - 9.4.18\n - Fix CVE-2018-1115\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.2}, "published": "2018-05-22T00:00:00", "type": "altlinux", "title": "Security fix for the ALT Linux 7 package postgresql9.4 version 9.4.18-alt0.M70P.1", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.4, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-1115"], "modified": "2018-05-22T00:00:00", "id": "1439985FB2BBD6F818D68C0558B49CBF", "href": "https://packages.altlinux.org/en/p7/srpms/postgresql9.4/2263314323701718895", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2022-06-10T03:06:43", "description": "9.5.13-alt0.M70P.1 built May 22, 2018 Alexei Takaseev in task [#205931](<https://git.altlinux.org/tasks/205931/>) \n--- \nMay 9, 2018 Alexei Takaseev \n \n \n - 9.5.13\n - Fix CVE-2018-1115\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.2}, "published": "2018-05-22T00:00:00", "type": "altlinux", "title": "Security fix for the ALT Linux 7 package postgresql9.5 version 9.5.13-alt0.M70P.1", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.4, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-1115"], "modified": "2018-05-22T00:00:00", "id": "6534D818C5F5A107890D02B31E442296", "href": "https://packages.altlinux.org/en/p7/srpms/postgresql9.5/2263310052771801399", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2022-06-10T03:06:45", "description": "9.6.9-alt0.M70P.1 built May 22, 2018 Alexei Takaseev in task [#205931](<https://git.altlinux.org/tasks/205931/>) \n--- \nMay 9, 2018 Alexei Takaseev \n \n \n - 9.6.9\n - Fix CVE-2018-1115\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.2}, "published": "2018-05-22T00:00:00", "type": "altlinux", "title": "Security fix for the ALT Linux 7 package postgresql9.6 version 9.6.9-alt0.M70P.1", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.4, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-1115"], "modified": "2018-05-22T00:00:00", "id": "B4D0A4D27A15718EF93F1B5E22394CE9", "href": "https://packages.altlinux.org/en/p7/srpms/postgresql9.6/2263305346357030828", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2022-06-10T03:06:38", "description": "10.4-alt0.M70P.1 built May 22, 2018 Alexei Takaseev in task [#205931](<https://git.altlinux.org/tasks/205931/>) \n--- \nMay 9, 2018 Alexei Takaseev \n \n \n - 10.4\n - Fix CVE-2018-1115\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.2}, "published": "2018-05-22T00:00:00", "type": "altlinux", "title": "Security fix for the ALT Linux 7 package postgresql10 version 10.4-alt0.M70P.1", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.4, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-1115"], "modified": "2018-05-22T00:00:00", "id": "AA8ACE971A07DD6AF2FE7B20E5FEC4D1", "href": "https://packages.altlinux.org/en/p7/srpms/postgresql10/2263323205103686825", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2022-06-10T03:06:47", "description": "9.6.9-alt0.M70P.1 built May 22, 2018 Alexei Takaseev in task [#205931](<https://git.altlinux.org/tasks/205931/>) \n--- \nMay 9, 2018 Alexei Takaseev \n \n \n - 9.6.9\n - Fix CVE-2018-1115\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.2}, "published": "2018-05-22T00:00:00", "type": "altlinux", "title": "Security fix for the ALT Linux 7 package postgresql9.6-1C version 9.6.9-alt0.M70P.1", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.4, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-1115"], "modified": "2018-05-22T00:00:00", "id": "8DA449A8BBEDF97F8E87B61EC6E9A58E", "href": "https://packages.altlinux.org/en/p7/srpms/postgresql9.6-1C/2263300752582126115", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2022-06-10T03:06:03", "description": "10.4-alt0.M80P.1 built May 18, 2018 Alexei Takaseev in task [#205920](<https://git.altlinux.org/tasks/205920/>) \n--- \nMay 9, 2018 Alexei Takaseev \n \n \n - 10.4\n - (Fixes CVE-2018-1115)\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.2}, "published": "2018-05-18T00:00:00", "type": "altlinux", "title": "Security fix for the ALT Linux 8 package postgresql10 version 10.4-alt0.M80P.1", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.4, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-1115"], "modified": "2018-05-18T00:00:00", "id": "5DD94B5885CE9E10B1AB50DB58BF4495", "href": "https://packages.altlinux.org/en/p8/srpms/postgresql10/2262001780076876511", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:P"}}], "openvas": [{"lastseen": "2020-01-29T19:32:51", "description": "PostgreSQL is vulnerable in the adminpack extension, the\n pg_catalog.pg_logfile_rotate() function doesn", "cvss3": {}, "published": "2018-05-11T00:00:00", "type": "openvas", "title": "PostgreSQL logrotate Vulnerability - May18 (Linux)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-1115"], "modified": "2020-01-28T00:00:00", "id": "OPENVAS:1361412562310141084", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310141084", "sourceData": "##############################################################################\n# OpenVAS Vulnerability Test\n#\n# PostgreSQL logrotate Vulnerability - May18 (Linux)\n#\n# Authors:\n# Christian Kuersteiner <christian.kuersteiner@greenbone.net>\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License as published by\n# the Free Software Foundation; either version 2 of the License, or\n# (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:postgresql:postgresql\";\n\nif (description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.141084\");\n script_version(\"2020-01-28T13:26:39+0000\");\n script_tag(name:\"last_modification\", value:\"2020-01-28 13:26:39 +0000 (Tue, 28 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2018-05-11 16:05:24 +0700 (Fri, 11 May 2018)\");\n script_tag(name:\"cvss_base\", value:\"6.4\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:P/A:P\");\n\n script_cve_id(\"CVE-2018-1115\");\n\n script_tag(name:\"qod_type\", value:\"remote_banner_unreliable\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_name(\"PostgreSQL logrotate Vulnerability - May18 (Linux)\");\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"Databases\");\n script_dependencies(\"postgresql_detect.nasl\", \"secpod_postgresql_detect_lin.nasl\", \"secpod_postgresql_detect_win.nasl\", \"os_detection.nasl\");\n script_mandatory_keys(\"postgresql/detected\", \"Host/runs_unixoide\");\n\n script_tag(name:\"summary\", value:\"PostgreSQL is vulnerable in the adminpack extension, the\n pg_catalog.pg_logfile_rotate() function doesn't follow the same ACLs than pg_rorate_logfile. If the adminpack is\n added to a database, an attacker able to connect to it could exploit this to force log rotation.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"affected\", value:\"PostgreSQL version 9.3.x, 9.4.x, 9.5.x, 9.6.x and 10.x.\");\n\n script_tag(name:\"solution\", value:\"Update to version 10.4, 9.6.9, 9.5.13, 9.4.18, 9.3.23 or later.\");\n\n script_xref(name:\"URL\", value:\"https://www.postgresql.org/about/news/1851/\");\n\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif (isnull(port = get_app_port(cpe: CPE)))\n exit(0);\n\nif (!infos = get_app_version_and_location(cpe: CPE, port: port, exit_no_version: TRUE))\n exit(0);\n\nversion = infos[\"version\"];\ninstall = infos[\"location\"];\n\nif (version =~ \"^9\\.3\\.\") {\n if (version_is_less(version: version, test_version: \"9.3.23\")) {\n report = report_fixed_ver(installed_version: version, fixed_version: \"9.3.23\", install_path: install);\n security_message(port: port, data: report);\n exit(0);\n }\n}\n\nif (version =~ \"^9\\.4\\.\") {\n if (version_is_less(version: version, test_version: \"9.4.18\")) {\n report = report_fixed_ver(installed_version: version, fixed_version: \"9.4.18\", install_path: install);\n security_message(port: port, data: report);\n exit(0);\n }\n}\n\nif (version =~ \"^9\\.5\\.\") {\n if (version_is_less(version: version, test_version: \"9.5.13\")) {\n report = report_fixed_ver(installed_version: version, fixed_version: \"9.5.13\", install_path: install);\n security_message(port: port, data: report);\n exit(0);\n }\n}\n\nif (version =~ \"^9\\.6\\.\") {\n if (version_is_less(version: version, test_version: \"9.6.9\")) {\n report = report_fixed_ver(installed_version: version, fixed_version: \"9.6.9\", install_path: install);\n security_message(port: port, data: report);\n exit(0);\n }\n}\n\nif (version =~ \"^10\\.\") {\n if (version_is_less(version: version, test_version: \"10.4\")) {\n report = report_fixed_ver(installed_version: version, fixed_version: \"10.4\", install_path: install);\n security_message(port: port, data: report);\n exit(0);\n }\n}\n\nexit(99);\n", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2020-01-29T19:32:51", "description": "PostgreSQL is vulnerable in the adminpack extension, the\n pg_catalog.pg_logfile_rotate() function doesn", "cvss3": {}, "published": "2018-05-11T00:00:00", "type": "openvas", "title": "PostgreSQL logrotate Vulnerability - May18 (Windows)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-1115"], "modified": "2020-01-28T00:00:00", "id": "OPENVAS:1361412562310141083", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310141083", "sourceData": "##############################################################################\n# OpenVAS Vulnerability Test\n#\n# PostgreSQL logrotate Vulnerability - May18 (Windows)\n#\n# Authors:\n# Christian Kuersteiner <christian.kuersteiner@greenbone.net>\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License as published by\n# the Free Software Foundation; either version 2 of the License, or\n# (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:postgresql:postgresql\";\n\nif (description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.141083\");\n script_version(\"2020-01-28T13:26:39+0000\");\n script_tag(name:\"last_modification\", value:\"2020-01-28 13:26:39 +0000 (Tue, 28 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2018-05-11 16:05:24 +0700 (Fri, 11 May 2018)\");\n script_tag(name:\"cvss_base\", value:\"6.4\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:P/A:P\");\n\n script_cve_id(\"CVE-2018-1115\");\n\n script_tag(name:\"qod_type\", value:\"remote_banner\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_name(\"PostgreSQL logrotate Vulnerability - May18 (Windows)\");\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"Databases\");\n script_dependencies(\"postgresql_detect.nasl\", \"secpod_postgresql_detect_lin.nasl\", \"secpod_postgresql_detect_win.nasl\", \"os_detection.nasl\");\n script_mandatory_keys(\"postgresql/detected\", \"Host/runs_windows\");\n\n script_tag(name:\"summary\", value:\"PostgreSQL is vulnerable in the adminpack extension, the\n pg_catalog.pg_logfile_rotate() function doesn't follow the same ACLs than pg_rorate_logfile. If the adminpack is\n added to a database, an attacker able to connect to it could exploit this to force log rotation.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"affected\", value:\"PostgreSQL version 9.3.x, 9.4.x, 9.5.x, 9.6.x and 10.x.\");\n\n script_tag(name:\"solution\", value:\"Update to version 10.4, 9.6.9, 9.5.13, 9.4.18, 9.3.23 or later.\");\n\n script_xref(name:\"URL\", value:\"https://www.postgresql.org/about/news/1851/\");\n\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif (isnull(port = get_app_port(cpe: CPE)))\n exit(0);\n\nif (!infos = get_app_version_and_location(cpe: CPE, port: port, exit_no_version: TRUE))\n exit(0);\n\nversion = infos[\"version\"];\ninstall = infos[\"location\"];\n\nif (version =~ \"^9\\.3\\.\") {\n if (version_is_less(version: version, test_version: \"9.3.23\")) {\n report = report_fixed_ver(installed_version: version, fixed_version: \"9.3.23\", install_path: install);\n security_message(port: port, data: report);\n exit(0);\n }\n}\n\nif (version =~ \"^9\\.4\\.\") {\n if (version_is_less(version: version, test_version: \"9.4.18\")) {\n report = report_fixed_ver(installed_version: version, fixed_version: \"9.4.18\", install_path: install);\n security_message(port: port, data: report);\n exit(0);\n }\n}\n\nif (version =~ \"^9\\.5\\.\") {\n if (version_is_less(version: version, test_version: \"9.5.13\")) {\n report = report_fixed_ver(installed_version: version, fixed_version: \"9.5.13\", install_path: install);\n security_message(port: port, data: report);\n exit(0);\n }\n}\n\nif (version =~ \"^9\\.6\\.\") {\n if (version_is_less(version: version, test_version: \"9.6.9\")) {\n report = report_fixed_ver(installed_version: version, fixed_version: \"9.6.9\", install_path: install);\n security_message(port: port, data: report);\n exit(0);\n }\n}\n\nif (version =~ \"^10\\.\") {\n if (version_is_less(version: version, test_version: \"10.4\")) {\n report = report_fixed_ver(installed_version: version, fixed_version: \"10.4\", install_path: install);\n security_message(port: port, data: report);\n exit(0);\n }\n}\n\nexit(99);\n", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2019-05-29T18:33:06", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2018-05-16T00:00:00", "type": "openvas", "title": "Fedora Update for postgresql FEDORA-2018-08550a9006", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-1115"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310874475", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310874475", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_fedora_2018_08550a9006_postgresql_fc28.nasl 14223 2019-03-15 13:49:35Z cfischer $\n#\n# Fedora Update for postgresql FEDORA-2018-08550a9006\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.874475\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2018-05-16 05:55:45 +0200 (Wed, 16 May 2018)\");\n script_cve_id(\"CVE-2018-1115\");\n script_tag(name:\"cvss_base\", value:\"6.4\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for postgresql FEDORA-2018-08550a9006\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'postgresql'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present\non the target host.\");\n script_tag(name:\"affected\", value:\"postgresql on Fedora 28\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n\n script_xref(name:\"FEDORA\", value:\"2018-08550a9006\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NA2SLO2H3VN7ZFCC5SXF462EOCXC7Q2Q\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC28\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC28\")\n{\n\n if ((res = isrpmvuln(pkg:\"postgresql\", rpm:\"postgresql~10.4~1.fc28\", rls:\"FC28\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2020-06-04T16:47:46", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2018-06-16T00:00:00", "type": "openvas", "title": "openSUSE: Security Advisory for postgresql96 (openSUSE-SU-2018:1709-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-1115"], "modified": "2020-06-03T00:00:00", "id": "OPENVAS:1361412562310851787", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310851787", "sourceData": "# Copyright (C) 2018 Greenbone Networks GmbH\n# Some text descriptions might be excerpted from (a) referenced\n# source(s), and are Copyright (C) by the respective right holder(s).\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.851787\");\n script_version(\"2020-06-03T08:38:58+0000\");\n script_tag(name:\"last_modification\", value:\"2020-06-03 08:38:58 +0000 (Wed, 03 Jun 2020)\");\n script_tag(name:\"creation_date\", value:\"2018-06-16 05:50:32 +0200 (Sat, 16 Jun 2018)\");\n script_cve_id(\"CVE-2018-1115\");\n script_tag(name:\"cvss_base\", value:\"6.4\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"openSUSE: Security Advisory for postgresql96 (openSUSE-SU-2018:1709-1)\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'postgresql96'\n package(s) announced via the referenced advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"PostgreSQL was updated to 9.6.9 fixing bugs and security issues.\n\n A dump/restore is not required for those running 9.6.X. However, if you\n use the adminpack extension, you should update it as per the first\n changelog entry below. Also, if the function marking mistakes mentioned in\n the second and third changelog entries below affect you, you will want to\n take steps to correct your database catalogs.\n\n Security issue fixed:\n\n - CVE-2018-1115: Remove public execute privilege from contrib/adminpack's\n pg_logfile_rotate() function pg_logfile_rotate() is a deprecated wrapper\n for the core function pg_rotate_logfile(). When that function was\n changed to rely on SQL privileges for access control rather than a\n hard-coded superuser check, pg_logfile_rotate() should have been updated\n as well, but the need for this was missed. Hence, if adminpack is\n installed, any user could request a logfile rotation, creating a minor\n security issue. After installing this update, administrators should\n update adminpack by performing ALTER EXTENSION adminpack UPDATE in each\n database in which adminpack is installed. (bsc#1091610)\n\n This update was imported from the SUSE:SLE-12:Update update project.\n Patch Instructions:\n\n To install this openSUSE Security Update use the SUSE recommended\n installation methods\n like YaST online_update or 'zypper patch'.\n\n Alternatively you can run the command listed for your product:\n\n - openSUSE Leap 42.3:\n\n zypper in -t patch openSUSE-2018-638=1\");\n\n script_tag(name:\"affected\", value:\"postgresql96 on openSUSE Leap 42.3\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_xref(name:\"openSUSE-SU\", value:\"2018:1709-1\");\n script_xref(name:\"URL\", value:\"https://lists.opensuse.org/opensuse-security-announce/2018-06/msg00029.html\");\n script_xref(name:\"URL\", value:\"https://www.postgresql.org/about/news/1851/\");\n script_xref(name:\"URL\", value:\"https://www.postgresql.org/docs/current/static/release-9-6-9.html\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=openSUSELeap42\\.3\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"openSUSELeap42.3\") {\n if(!isnull(res = isrpmvuln(pkg:\"libecpg6\", rpm:\"libecpg6~9.6.9~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libecpg6-debuginfo\", rpm:\"libecpg6-debuginfo~9.6.9~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libpq5\", rpm:\"libpq5~9.6.9~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libpq5-debuginfo\", rpm:\"libpq5-debuginfo~9.6.9~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"postgresql96\", rpm:\"postgresql96~9.6.9~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"postgresql96-contrib\", rpm:\"postgresql96-contrib~9.6.9~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"postgresql96-contrib-debuginfo\", rpm:\"postgresql96-contrib-debuginfo~9.6.9~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"postgresql96-debuginfo\", rpm:\"postgresql96-debuginfo~9.6.9~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"postgresql96-debugsource\", rpm:\"postgresql96-debugsource~9.6.9~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"postgresql96-devel\", rpm:\"postgresql96-devel~9.6.9~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"postgresql96-devel-debuginfo\", rpm:\"postgresql96-devel-debuginfo~9.6.9~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"postgresql96-libs-debugsource\", rpm:\"postgresql96-libs-debugsource~9.6.9~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"postgresql96-plperl\", rpm:\"postgresql96-plperl~9.6.9~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"postgresql96-plperl-debuginfo\", rpm:\"postgresql96-plperl-debuginfo~9.6.9~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"postgresql96-plpython\", rpm:\"postgresql96-plpython~9.6.9~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"postgresql96-plpython-debuginfo\", rpm:\"postgresql96-plpython-debuginfo~9.6.9~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"postgresql96-pltcl\", rpm:\"postgresql96-pltcl~9.6.9~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"postgresql96-pltcl-debuginfo\", rpm:\"postgresql96-pltcl-debuginfo~9.6.9~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"postgresql96-server\", rpm:\"postgresql96-server~9.6.9~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"postgresql96-server-debuginfo\", rpm:\"postgresql96-server-debuginfo~9.6.9~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"postgresql96-test\", rpm:\"postgresql96-test~9.6.9~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libecpg6-32bit\", rpm:\"libecpg6-32bit~9.6.9~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libecpg6-debuginfo-32bit\", rpm:\"libecpg6-debuginfo-32bit~9.6.9~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libpq5-32bit\", rpm:\"libpq5-32bit~9.6.9~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libpq5-debuginfo-32bit\", rpm:\"libpq5-debuginfo-32bit~9.6.9~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"postgresql96-docs\", rpm:\"postgresql96-docs~9.6.9~18.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2019-05-29T18:33:10", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2018-05-22T00:00:00", "type": "openvas", "title": "Fedora Update for postgresql FEDORA-2018-937c789f2a", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-15097", "CVE-2018-1115"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310874590", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310874590", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_fedora_2018_937c789f2a_postgresql_fc27.nasl 14223 2019-03-15 13:49:35Z cfischer $\n#\n# Fedora Update for postgresql FEDORA-2018-937c789f2a\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.874590\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2018-05-22 05:08:38 +0200 (Tue, 22 May 2018)\");\n script_cve_id(\"CVE-2017-15097\", \"CVE-2018-1115\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for postgresql FEDORA-2018-937c789f2a\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'postgresql'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present\non the target host.\");\n script_tag(name:\"affected\", value:\"postgresql on Fedora 27\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n\n script_xref(name:\"FEDORA\", value:\"2018-937c789f2a\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7WZYWTXOZYTG4RUI5ZIF45RBRYQ4QRXO\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC27\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC27\")\n{\n\n if ((res = isrpmvuln(pkg:\"postgresql\", rpm:\"postgresql~9.6.9~1.fc27\", rls:\"FC27\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:33:08", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2018-05-22T00:00:00", "type": "openvas", "title": "Fedora Update for postgresql FEDORA-2018-bd6f9237b5", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-15097", "CVE-2018-1115"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310874591", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310874591", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_fedora_2018_bd6f9237b5_postgresql_fc26.nasl 14223 2019-03-15 13:49:35Z cfischer $\n#\n# Fedora Update for postgresql FEDORA-2018-bd6f9237b5\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.874591\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2018-05-22 05:08:42 +0200 (Tue, 22 May 2018)\");\n script_cve_id(\"CVE-2017-15097\", \"CVE-2018-1115\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for postgresql FEDORA-2018-bd6f9237b5\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'postgresql'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present\non the target host.\");\n script_tag(name:\"affected\", value:\"postgresql on Fedora 26\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n\n script_xref(name:\"FEDORA\", value:\"2018-bd6f9237b5\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/R5BCV35OZRLWMLCQQ7HSUP4S64I4XKWI\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC26\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC26\")\n{\n\n if ((res = isrpmvuln(pkg:\"postgresql\", rpm:\"postgresql~9.6.9~1.fc26\", rls:\"FC26\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-01-31T17:35:30", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2018-10-26T00:00:00", "type": "openvas", "title": "openSUSE: Security Advisory for postgresql10 (openSUSE-SU-2018:2599-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-10925", "CVE-2018-10915", "CVE-2018-1115"], "modified": "2020-01-31T00:00:00", "id": "OPENVAS:1361412562310851957", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310851957", "sourceData": "# Copyright (C) 2018 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of their respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.851957\");\n script_version(\"2020-01-31T08:23:39+0000\");\n script_cve_id(\"CVE-2018-10915\", \"CVE-2018-10925\", \"CVE-2018-1115\");\n script_tag(name:\"cvss_base\", value:\"6.4\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-01-31 08:23:39 +0000 (Fri, 31 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2018-10-26 06:22:52 +0200 (Fri, 26 Oct 2018)\");\n script_name(\"openSUSE: Security Advisory for postgresql10 (openSUSE-SU-2018:2599-1)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=openSUSELeap15\\.0\");\n\n script_xref(name:\"openSUSE-SU\", value:\"2018:2599-1\");\n script_xref(name:\"URL\", value:\"https://lists.opensuse.org/opensuse-security-announce/2018-09/msg00006.html\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'postgresql10'\n package(s) announced via the openSUSE-SU-2018:2599-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"This update for postgresql10 fixes the following issues:\n\n A dump/restore is not required for those running 10.X. However, if you\n use the adminpack extension, you should update it as per the first\n changelog entry below. Also, if the function marking mistakes mentioned in\n the second and third changelog entries below affect you, you will want to\n take steps to correct your database catalogs.\n\n Security issues fixed:\n\n - CVE-2018-1115: Remove public execute privilege from contrib/adminpack's\n pg_logfile_rotate() function pg_logfile_rotate() is a deprecated wrapper\n for the core function pg_rotate_logfile(). When that function was\n changed to rely on SQL privileges for access control rather than a\n hard-coded superuser check, pg_logfile_rotate() should have been updated\n as well, but the need for this was missed. Hence, if adminpack is\n installed, any user could request a logfile rotation, creating a minor\n security issue. After installing this update, administrators should\n update adminpack by performing ALTER EXTENSION adminpack UPDATE in each\n database in which adminpack is installed (bsc#1091610).\n\n - CVE-2018-10915: libpq failed to properly reset its internal state\n between connections. If an affected version of libpq was used with\n 'host' or 'hostaddr' connection parameters from untrusted input,\n attackers could have bypassed client-side connection security features,\n obtain access to higher privileged connections or potentially cause\n other impact SQL injection, by causing the PQescape() functions to\n malfunction (bsc#1104199)\n\n - CVE-2018-10925: Add missing authorization check on certain statements\n involved with 'INSERT ... ON CONFLICT DO UPDATE'. An attacker with\n 'CREATE TABLE' privileges could have exploited this to read arbitrary\n bytes server memory. If the attacker also had certain 'INSERT' and\n limited 'UPDATE' privileges to a particular table, they could have\n exploited this to update\n other columns in the same table (bsc#1104202).\n\n This update was imported from the SUSE:SLE-15:Update update project.\n\n Patch Instructions:\n\n To install this openSUSE Security Update use the SUSE recommended\n installation methods\n like YaST online_update or 'zypper patch'.\n\n Alternatively you can run the command listed for your product:\n\n - openSUSE Leap 15.0:\n\n zypper in -t patch openSUSE-2018-955=1\");\n\n script_tag(name:\"affected\", value:\"postgresql10 on openSUSE Leap 15.0.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"openSUSELeap15.0\") {\n if(!isnull(res = isrpmvuln(pkg:\"libecpg6\", rpm:\"libecpg6~10.5~lp150.3.3.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libecpg6-debuginfo\", rpm:\"libecpg6-debuginfo~10.5~lp150.3.3.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libpq5\", rpm:\"libpq5~10.5~lp150.3.3.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libpq5-debuginfo\", rpm:\"libpq5-debuginfo~10.5~lp150.3.3.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"postgresql10\", rpm:\"postgresql10~10.5~lp150.3.3.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"postgresql10-contrib\", rpm:\"postgresql10-contrib~10.5~lp150.3.3.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"postgresql10-contrib-debuginfo\", rpm:\"postgresql10-contrib-debuginfo~10.5~lp150.3.3.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"postgresql10-debuginfo\", rpm:\"postgresql10-debuginfo~10.5~lp150.3.3.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"postgresql10-debugsource\", rpm:\"postgresql10-debugsource~10.5~lp150.3.3.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"postgresql10-devel\", rpm:\"postgresql10-devel~10.5~lp150.3.3.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"postgresql10-devel-debuginfo\", rpm:\"postgresql10-devel-debuginfo~10.5~lp150.3.3.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"postgresql10-plperl\", rpm:\"postgresql10-plperl~10.5~lp150.3.3.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"postgresql10-plperl-debuginfo\", rpm:\"postgresql10-plperl-debuginfo~10.5~lp150.3.3.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"postgresql10-plpython\", rpm:\"postgresql10-plpython~10.5~lp150.3.3.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"postgresql10-plpython-debuginfo\", rpm:\"postgresql10-plpython-debuginfo~10.5~lp150.3.3.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"postgresql10-pltcl\", rpm:\"postgresql10-pltcl~10.5~lp150.3.3.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"postgresql10-pltcl-debuginfo\", rpm:\"postgresql10-pltcl-debuginfo~10.5~lp150.3.3.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"postgresql10-server\", rpm:\"postgresql10-server~10.5~lp150.3.3.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"postgresql10-server-debuginfo\", rpm:\"postgresql10-server-debuginfo~10.5~lp150.3.3.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"postgresql10-test\", rpm:\"postgresql10-test~10.5~lp150.3.3.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libecpg6-32bit\", rpm:\"libecpg6-32bit~10.5~lp150.3.3.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libecpg6-32bit-debuginfo\", rpm:\"libecpg6-32bit-debuginfo~10.5~lp150.3.3.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libpq5-32bit\", rpm:\"libpq5-32bit~10.5~lp150.3.3.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libpq5-32bit-debuginfo\", rpm:\"libpq5-32bit-debuginfo~10.5~lp150.3.3.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"postgresql10-docs\", rpm:\"postgresql10-docs~10.5~lp150.3.3.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:P"}}], "suse": [{"lastseen": "2018-07-06T01:46:30", "bulletinFamily": "unix", "cvelist": ["CVE-2018-1115"], "description": "This update for postgresql95 fixes the following issues:\n\n - Update to PostgreSQL 9.5.13:\n * <a rel=\"nofollow\" href=\"https://www.postgresql.org/docs/9.5/static/release-9-5-13.html\">https://www.postgresql.org/docs/9.5/static/release-9-5-13.html</a> A\n dump/restore is not required for those running 9.5.X. However, if the\n function marking mistakes mentioned belowpg_logfile_rotate affect you,\n you will want to take steps to correct your database catalogs.\n\n The functions query_to_xml, cursor_to_xml, cursor_to_xmlschema,\n query_to_xmlschema, and query_to_xml_and_xmlschema should be marked\n volatile because they execute user-supplied queries that might contain\n volatile operations. They were not, leading to a risk of incorrect query\n optimization. This has been repaired for new installations by correcting\n the initial catalog data, but existing installations will continue to\n contain the incorrect markings. Practical use of these functions seems to\n pose little hazard, but in case of trouble, it can be fixed by manually\n updating these functions' pg_proc entries, for example: ALTER FUNCTION\n pg_catalog.query_to_xml(text, boolean, boolean, text) VOLATILE. (Note that\n that will need to be done in each database of the installation.) Another\n option is to pg_upgrade the database to a version containing the corrected\n initial data.\n\n Security issue fixed:\n\n - CVE-2018-1115: Remove public execute privilege from contrib/adminpack's\n pg_logfile_rotate() function pg_logfile_rotate() is a deprecated wrapper\n for the core function pg_rotate_logfile(). When that function was\n changed to rely on SQL privileges for access control rather than a\n hard-coded superuser check, pg_logfile_rotate() should have been updated\n as well, but the need for this was missed. Hence, if adminpack is\n installed, any user could request a logfile rotation, creating a minor\n security issue. After installing this update, administrators should\n update adminpack by performing ALTER EXTENSION adminpack UPDATE in each\n database in which adminpack is installed. (bsc#1091610)\n\n", "modified": "2018-07-06T00:11:08", "published": "2018-07-06T00:11:08", "id": "OPENSUSE-SU-2018:1900-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2018-07/msg00004.html", "type": "suse", "title": "Recommended update for postgresql95 (moderate)", "cvss": {"score": 6.4, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-06-16T03:06:24", "description": "PostgreSQL was updated to 9.6.9 fixing bugs and security issues:\n\n Release notes:\n\n - <a rel=\"nofollow\" href=\"https://www.postgresql.org/about/news/1851/\">https://www.postgresql.org/about/news/1851/</a>\n - <a rel=\"nofollow\" href=\"https://www.postgresql.org/docs/current/static/release-9-6-9.html\">https://www.postgresql.org/docs/current/static/release-9-6-9.html</a>\n\n A dump/restore is not required for those running 9.6.X. However, if you\n use the adminpack extension, you should update it as per the first\n changelog entry below. Also, if the function marking mistakes mentioned in\n the second and third changelog entries below affect you, you will want to\n take steps to correct your database catalogs.\n\n Security issue fixed:\n\n - CVE-2018-1115: Remove public execute privilege from contrib/adminpack's\n pg_logfile_rotate() function pg_logfile_rotate() is a deprecated wrapper\n for the core function pg_rotate_logfile(). When that function was\n changed to rely on SQL privileges for access control rather than a\n hard-coded superuser check, pg_logfile_rotate() should have been updated\n as well, but the need for this was missed. Hence, if adminpack is\n installed, any user could request a logfile rotation, creating a minor\n security issue. After installing this update, administrators should\n update adminpack by performing ALTER EXTENSION adminpack UPDATE in each\n database in which adminpack is installed. (bsc#1091610)\n\n\n This update was imported from the SUSE:SLE-12:Update update project.\n\n", "cvss3": {}, "published": "2018-06-16T00:07:53", "type": "suse", "title": "Security update for postgresql96 (moderate)", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2018-1115"], "modified": "2018-06-16T00:07:53", "id": "OPENSUSE-SU-2018:1709-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2018-06/msg00029.html", "cvss": {"score": 6.4, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-09-04T13:45:05", "description": "This update for postgresql10 fixes the following issues:\n\n PostgreSQL 10 was updated to 10.5:\n\n - <a rel=\"nofollow\" href=\"https://www.postgresql.org/about/news/1851/\">https://www.postgresql.org/about/news/1851/</a>\n - <a rel=\"nofollow\" href=\"https://www.postgresql.org/docs/current/static/release-10-5.html\">https://www.postgresql.org/docs/current/static/release-10-5.html</a>\n\n A dump/restore is not required for those running 10.X. However, if you\n use the adminpack extension, you should update it as per the first\n changelog entry below. Also, if the function marking mistakes mentioned in\n the second and third changelog entries below affect you, you will want to\n take steps to correct your database catalogs.\n\n Security issues fixed:\n\n - CVE-2018-1115: Remove public execute privilege from contrib/adminpack's\n pg_logfile_rotate() function pg_logfile_rotate() is a deprecated wrapper\n for the core function pg_rotate_logfile(). When that function was\n changed to rely on SQL privileges for access control rather than a\n hard-coded superuser check, pg_logfile_rotate() should have been updated\n as well, but the need for this was missed. Hence, if adminpack is\n installed, any user could request a logfile rotation, creating a minor\n security issue. After installing this update, administrators should\n update adminpack by performing ALTER EXTENSION adminpack UPDATE in each\n database in which adminpack is installed (bsc#1091610).\n - CVE-2018-10915: libpq failed to properly reset its internal state\n between connections. If an affected version of libpq was used with\n "host" or "hostaddr" connection parameters from untrusted input,\n attackers could have bypassed client-side connection security features,\n obtain access to higher privileged connections or potentially cause\n other impact SQL injection, by causing the PQescape() functions to\n malfunction (bsc#1104199)\n - CVE-2018-10925: Add missing authorization check on certain statements\n involved with "INSERT ... ON CONFLICT DO UPDATE". An attacker with\n "CREATE TABLE" privileges could have exploited this to read arbitrary\n bytes server memory. If the attacker also had certain "INSERT" and\n limited "UPDATE" privileges to a particular table, they could have\n exploited this to update\n other columns in the same table (bsc#1104202).\n\n This update was imported from the SUSE:SLE-15:Update update project.\n\n", "cvss3": {}, "published": "2018-09-04T12:08:24", "type": "suse", "title": "Security update for postgresql10 (moderate)", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2018-10925", "CVE-2018-10915", "CVE-2018-1115"], "modified": "2018-09-04T12:08:24", "id": "OPENSUSE-SU-2018:2599-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2018-09/msg00006.html", "cvss": {"score": 6.4, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2022-04-18T12:41:10", "description": "An update that solves 7 vulnerabilities and has two fixes\n is now available.\n\nDescription:\n\n This update for postgresql96, postgresql10 and postgresql12 fixes the\n following issues:\n\n postgresql10 was updated to 10.13 (bsc#1171924).\n\n https://www.postgresql.org/about/news/2038/\nhttps://www.postgresql.org/docs/10/release-10-13.html\n\n postgresql10 was updated to 10.12 (CVE-2020-1720, bsc#1163985)\n\n - https://www.postgresql.org/about/news/2011/\n - https://www.postgresql.org/docs/10/release-10-12.html\n\n postgresql10 was updated to 10.11:\n\n - https://www.postgresql.org/about/news/1994/\n - https://www.postgresql.org/docs/10/release-10-11.html\n\n\n postgresql12 was updated to 12.3 (bsc#1171924).\n\n Bug Fixes and Improvements:\n\n - Several fixes for GENERATED columns, including an issue where it was\n possible to crash or corrupt data in a table when the output of the\n generated column was the exact copy of a physical column on the table,\n e.g. if the expression called a function which could return its own\n input.\n - Several fixes for ALTER TABLE, including ensuring the SET STORAGE\n directive is propagated to a table's indexes.\n - Fix a potential race condition when using DROP OWNED BY while another\n session is deleting the same objects.\n - Allow for a partition to be detached when it has inherited ROW triggers.\n - Several fixes for REINDEX CONCURRENTLY, particularly with issues when a\n REINDEX CONCURRENTLY operation fails.\n - Fix crash when COLLATE is applied to an uncollatable type in a partition\n bound expression.\n - Fix performance regression in floating point overflow/underflow\n detection.\n - Several fixes for full text search, particularly with phrase searching.\n - Fix query-lifespan memory leak for a set-returning function used in a\n query's FROM clause.\n - Several reporting fixes for the output of VACUUM VERBOSE.\n - Allow input of type circle to accept the format (x,y),r, which is\n specified in the documentation.\n - Allow for the get_bit() and set_bit() functions to not fail on bytea\n strings longer than 256MB.\n - Avoid premature recycling of WAL segments during crash recovery, which\n could lead to WAL segments being recycled before being archived.\n - Avoid attempting to fetch nonexistent WAL files from archive storage\n during recovery by skipping irrelevant timelines.\n - Several fixes for logical replication and replication slots.\n - Fix several race conditions in synchronous standby management, including\n one that occurred when changing the synchronous_standby_names setting.\n - Several fixes for GSSAPI support, include a fix for a memory leak that\n occurred when using GSSAPI encryption.\n - Ensure that members of the pg_read_all_stats role can read all\n statistics views.\n - Fix performance regression in information_schema.triggers view.\n - Fix memory leak in libpq when using sslmode=verify-full.\n - Fix crash in psql when attempting to re-establish a failed connection.\n - Allow tab-completion of the filename argument to \\gx command in psql.\n - Add pg_dump support for ALTER ... DEPENDS ON EXTENSION.\n - Several other fixes for pg_dump, which include dumping comments on RLS\n policies and postponing restore of event triggers until the end.\n - Ensure pg_basebackup generates valid tar files.\n - pg_checksums skips tablespace subdirectories that belong to a different\n PostgreSQL major version\n - Several Windows compatibility fixes\n\n This update also contains timezone tzdata release 2020a for DST law\n changes in Morocco and the Canadian Yukon, plus historical corrections for\n Shanghai. The America/Godthab zone has been renamed to America/Nuuk to\n reflect current English usage ; however, the old name remains available as\n a compatibility link. This also updates initdb's list of known Windows\n time zone names to include recent additions.\n\n For more details, check out:\n\n - https://www.postgresql.org/docs/12/release-12-3.html\n\n Other fixes:\n\n - Let postgresqlXX conflict with postgresql-noarch < 12.0.1 to get a clean\n and complete cutover to the new packaging schema.\n\n\n postgresql96 was updated to 9.6.19:\n\n * CVE-2020-14350, boo#1175194: Make contrib modules' installation\n scripts more secure.\n * https://www.postgresql.org/docs/9.6/release-9-6-19.html\n\n - Pack the /usr/lib/postgresql symlink only into the main package.\n\n - Let postgresqlXX conflict with postgresql-noarch < 12.0.1 to get a clean\n and complete cutover to the new packaging schema.\n\n - update to 9.6.18 (boo#1171924).\n https://www.postgresql.org/about/news/2038/\nhttps://www.postgresql.org/docs/9.6/release-9-6-18.html\n - Unify the spec file to work across all current PostgreSQL versions to\n simplify future maintenance.\n - Move from the \"libs\" build flavour to a \"mini\" package that will\n only be used inside the build service and not get shipped, to avoid\n confusion with the debuginfo packages (boo#1148643).\n\n - update to 9.6.17 (CVE-2020-1720, boo#1163985)\n https://www.postgresql.org/about/news/2011/\nhttps://www.postgresql.org/docs/9.6/release-9-6-17.html\n\n - use and package the sha256 checksum for for source\n\n - update to 9.6.16: https://www.postgresql.org/about/news/1994/\nhttps://www.postgresql.org/docs/9.6/release-9-6-16.html\n\n - add requires to the devel package for the libs that are returned by\n pg_config --libs\n\n - Update to 9.6.15:\n * https://www.postgresql.org/about/news/1960/\n * https://www.postgresql.org/docs/9.6/release-9-6-15.html\n * CVE-2019-10208, boo#1145092: TYPE in pg_temp executes arbitrary SQL\n during SECURITY DEFINER execution.\n\n - Use FAT LTO objects in order to provide proper static library.\n\n - Update to 9.6.14: https://www.postgresql.org/docs/9.6/release-9-6-14.html\n\n - Update to 9.6.13:\n * https://www.postgresql.org/docs/9.6/release-9-6-13.html\n * https://www.postgresql.org/about/news/1939/\n * CVE-2019-10130, boo#1134689: Prevent row-level security policies from\n being bypassed via selectivity estimators.\n\n - Make the server-devel package exclusive across versions.\n\n - Update to 9.6.12:\n * https://www.postgresql.org/docs/9.6/release-9-6-12.html\n * https://www.postgresql.org/about/news/1920/\n * By default, panic instead of retrying after fsync() failure, to avoid\n possible data corruption.\n * Numerous other bug fixes.\n - Overhaul README.SUSE\n\n - Update to 9.6.11:\n * Numerous bug fixes, see the release notes:\n https://www.postgresql.org/docs/9.6/release-9-6-11.html\n * Remove unneeded library dependencies from PGXS.\n\n - add provides for the new server-devel package that will be introduced in\n postgresql 11\n\n - Update to 9.6.10:\n https://www.postgresql.org/docs/current/static/release-9-6-10.html\n * CVE-2018-10915, boo#1104199: Fix failure to reset libpq's state fully\n between connection attempts.\n * CVE-2018-10925, boo#1104202: Fix INSERT ... ON CONFLICT UPDATE through\n a view that isn't just SELECT * FROM ...\n\n - Update to 9.6.9: https://www.postgresql.org/about/news/1851/\nhttps://www.postgresql.org/docs/current/static/release-9-6-9.html A\n dump/restore is not required for those running 9.6.X. However, if you\n use the adminpack extension, you should update it as per the first\n changelog entry below. Also, if the function marking mistakes mentioned\n in the second and third changelog entries below affect you, you will\n want to take steps to correct your database catalogs.\n * CVE-2018-1115, boo#1091610: Remove public execute privilege from\n contrib/adminpack's pg_logfile_rotate() function pg_logfile_rotate()\n is a deprecated wrapper for the core function pg_rotate_logfile().\n When that function was changed to rely on SQL privileges for access\n control rather than a hard-coded superuser check, pg_logfile_rotate()\n should have been updated as well, but the need for this was missed.\n Hence, if adminpack is installed, any user could request a logfile\n rotation, creating a minor security issue. After installing this\n update, administrators should update adminpack by performing ALTER\n EXTENSION adminpack UPDATE in each database in which adminpack is\n installed.\n * Fix incorrect volatility markings on a few built-in functions\n * Fix incorrect parallel-safety markings on a few built-in functions.\n\n\n This update was imported from the SUSE:SLE-15-SP1:Update update project.\n\n\nPatch Instructions:\n\n To install this openSUSE Security Update use the SUSE recommended installation methods\n like YaST online_update or \"zypper patch\".\n\n Alternatively you can run the command listed for your product:\n\n - openSUSE Leap 15.1:\n\n zypper in -t patch openSUSE-2020-1227=1", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.2}, "published": "2020-08-17T00:00:00", "type": "suse", "title": "Security update for postgresql96, postgresql10 and postgresql12 (moderate)", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-10915", "CVE-2018-10925", "CVE-2018-1115", "CVE-2019-10130", "CVE-2019-10208", "CVE-2020-14350", "CVE-2020-1720"], "modified": "2020-08-17T00:00:00", "id": "OPENSUSE-SU-2020:1227-1", "href": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/RPLLEO7T4JPO4J5JMG2O4ZTONMNDEL64/", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}], "kaspersky": [{"lastseen": "2021-08-18T11:13:52", "description": "### *Detect date*:\n05/10/2018\n\n### *Severity*:\nHigh\n\n### *Description*:\nA security bypass vulnerability was found in PostgreSQL. By exploiting this vulnerability malicious users can cause denial of service. This vulnerability can be exploited remotely via a built-in module \u201cadminpack\u201d.\n\n### *Affected products*:\nPostgreSQL 10.x earlier than 10.4 \nPostgreSQL 9.6.x earlier than 9.6.9 \nPostgreSQL 9.5.x earlier than 9.5.13 \nPostgreSQL 9.4.x earlier than 9.4.18 \nPostgreSQL 9.3.x earlier than 9.3.23\n\n### *Solution*:\nUpdate to latest version \n[Download PostgreSQL](<https://www.postgresql.org/download/windows/>)\n\n### *Original advisories*:\n[PostgreSQL 10.4, 9.6.9, 9.5.13, 9.4.18, and 9.3.23 released!](<https://www.postgresql.org/about/news/1851/>) \n\n\n### *Impacts*:\nDoS \n\n### *Related products*:\n[PostgreSQL](<https://threats.kaspersky.com/en/product/PostgreSQL/>)\n\n### *CVE-IDS*:\n[CVE-2018-1115](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1115>)6.4High", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.1, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.2}, "published": "2018-05-10T00:00:00", "type": "kaspersky", "title": "KLA11263 DoS vulnerability in PostgreSQL", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.4, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": true, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-1115"], "modified": "2020-06-03T00:00:00", "id": "KLA11263", "href": "https://threats.kaspersky.com/en/vulnerability/KLA11263/", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:P"}}], "fedora": [{"lastseen": "2020-12-21T08:17:54", "description": "PostgreSQL is an advanced Object-Relational database management system (DBM S). The base postgresql package contains the client programs that you'll need to access a PostgreSQL DBMS server, as well as HTML documentation for the whole system. These client programs can be located on the same machine as the PostgreSQL server, or on a remote machine that accesses a PostgreSQL server over a network connection. The PostgreSQL server can be found in the postgresql-server sub-package. ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.1, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.2}, "published": "2018-05-12T18:23:18", "type": "fedora", "title": "[SECURITY] Fedora 28 Update: postgresql-10.4-1.fc28", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.4, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": true, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-1115"], "modified": "2018-05-12T18:23:18", "id": "FEDORA:7FADD604D40F", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/NA2SLO2H3VN7ZFCC5SXF462EOCXC7Q2Q/", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2020-12-21T08:17:54", "description": "PostgreSQL is an advanced Object-Relational database management system (DBM S). The base postgresql package contains the client programs that you'll need to access a PostgreSQL DBMS server, as well as HTML documentation for the whole system. These client programs can be located on the same machine as the PostgreSQL server, or on a remote machine that accesses a PostgreSQL server over a network connection. The PostgreSQL server can be found in the postgresql-server sub-package. ", "cvss3": {"exploitabilityScore": 0.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 6.7, "privilegesRequired": "HIGH", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2018-05-21T14:01:30", "type": "fedora", "title": "[SECURITY] Fedora 26 Update: postgresql-9.6.9-1.fc26", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-15097", "CVE-2018-1115"], "modified": "2018-05-21T14:01:30", "id": "FEDORA:1EF0760608FF", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/R5BCV35OZRLWMLCQQ7HSUP4S64I4XKWI/", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-21T08:17:54", "description": "PostgreSQL is an advanced Object-Relational database management system (DBM S). The base postgresql package contains the client programs that you'll need to access a PostgreSQL DBMS server, as well as HTML documentation for the whole system. These client programs can be located on the same machine as the PostgreSQL server, or on a remote machine that accesses a PostgreSQL server over a network connection. The PostgreSQL server can be found in the postgresql-server sub-package. ", "cvss3": {"exploitabilityScore": 0.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 6.7, "privilegesRequired": "HIGH", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2018-05-21T14:20:53", "type": "fedora", "title": "[SECURITY] Fedora 27 Update: postgresql-9.6.9-1.fc27", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-15097", "CVE-2018-1115"], "modified": "2018-05-21T14:20:53", "id": "FEDORA:44D0E60603F2", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/7WZYWTXOZYTG4RUI5ZIF45RBRYQ4QRXO/", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}], "redhatcve": [{"lastseen": "2022-07-07T11:10:23", "description": "It was found that pg_catalog.pg_logfile_rotate(), from the adminpack extension, did not follow the same ACLs than pg_rorate_logfile. If the adminpack is added to a database, an attacker able to connect to it could use this flaw to force log rotation.\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.2}, "published": "2020-03-12T13:20:24", "type": "redhatcve", "title": "CVE-2018-1115", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.4, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-1115"], "modified": "2022-07-07T10:11:38", "id": "RH:CVE-2018-1115", "href": "https://access.redhat.com/security/cve/cve-2018-1115", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:P"}}], "ubuntucve": [{"lastseen": "2022-08-04T13:49:51", "description": "postgresql before versions 10.4, 9.6.9 is vulnerable in the adminpack\nextension, the pg_catalog.pg_logfile_rotate() function doesn't follow the\nsame ACLs than pg_rorate_logfile. If the adminpack is added to a database,\nan attacker able to connect to it could exploit this to force log rotation.\n\n#### Bugs\n\n * <https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-1115>\n\n\n#### Notes\n\nAuthor| Note \n---|--- \n[mdeslaur](<https://launchpad.net/~mdeslaur>) | 9.6 and 10 only\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.2}, "published": "2018-05-10T00:00:00", "type": "ubuntucve", "title": "CVE-2018-1115", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.4, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-1115"], "modified": "2018-05-10T00:00:00", "id": "UB:CVE-2018-1115", "href": "https://ubuntu.com/security/CVE-2018-1115", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:P"}}], "gentoo": [{"lastseen": "2022-01-17T19:04:13", "description": "### Background\n\nPostgreSQL is an open source object-relational database management system. \n\n### Description\n\nMultiple vulnerabilities have been discovered in PostgreSQL. Please review the referenced CVE identifiers for details. \n\nIn addition it was discovered that Gentoo\u2019s PostgreSQL installation suffered from a privilege escalation vulnerability due to a runscript which called OpenRC\u2019s checkpath() on a user controlled path and allowed user running PostgreSQL to kill arbitrary processes via PID file manipulation. \n\n### Impact\n\nA remote attacker could bypass certain client-side connection security features, read arbitrary server memory or alter certain data. \n\nIn addition, a local attacker could gain privileges or cause a Denial of Service condition by killing arbitrary processes. \n\n### Workaround\n\nThere is no known workaround at this time.\n\n### Resolution\n\nAll PostgreSQL users up to 9.3 should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=dev-db/postgresql-9.3.24:9.3\"\n \n\nAll PostgreSQL 9.4 users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=dev-db/postgresql-9.4.19:9.4\"\n \n\nAll PostgreSQL 9.5 users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=dev-db/postgresql-9.5.14:9.5\"\n \n\nAll PostgreSQL 9.6 users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=dev-db/postgresql-9.6.10:9.6\"\n \n\nAll PostgreSQL 10 users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=dev-db/postgresql-10.5:10\"", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.1, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.2}, "published": "2018-10-30T00:00:00", "type": "gentoo", "title": "PostgreSQL: Multiple vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.4, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": true, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-10915", "CVE-2018-10925", "CVE-2018-1115"], "modified": "2018-10-30T00:00:00", "id": "GLSA-201810-08", "href": "https://security.gentoo.org/glsa/201810-08", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:P"}}], "amazon": [{"lastseen": "2021-07-25T19:25:27", "description": "**Issue Overview:**\n\nA vulnerability was found in libpq, the default PostgreSQL client library where libpq failed to properly reset its internal state between connections. If an affected version of libpq were used with \"host\" or \"hostaddr\" connection parameters from untrusted input, attackers could bypass client-side connection security features, obtain access to higher privileged connections or potentially cause other impact through SQL injection, by causing the PQescape() functions to malfunction.(CVE-2018-10915)\n\nIt was discovered that PostgreSQL failed to properly check authorization on certain statements involved with \"INSERT ... ON CONFLICT DO UPDATE\". An attacker with \"CREATE TABLE\" privileges could exploit this to read arbitrary bytes server memory. If the attacker also had certain \"INSERT\" and limited \"UPDATE\" privileges to a particular table, they could exploit this to update other columns in the same table.(CVE-2018-10925)\n\nIt was found that pg_catalog.pg_logfile_rotate(), from the adminpack extension, did not follow the same ACLs than pg_rorate_logfile. If the adminpack is added to a database, an attacker able to connect to it could use this flaw to force log rotation.(CVE-2018-1115 )\n\n \n**Affected Packages:** \n\n\npostgresql96\n\n \n**Issue Correction:** \nRun _yum update postgresql96_ to update your system. \n\n\n \n\n\n**New Packages:**\n \n \n i686: \n \u00a0\u00a0\u00a0 postgresql96-devel-9.6.11-1.82.amzn1.i686 \n \u00a0\u00a0\u00a0 postgresql96-test-9.6.11-1.82.amzn1.i686 \n \u00a0\u00a0\u00a0 postgresql96-static-9.6.11-1.82.amzn1.i686 \n \u00a0\u00a0\u00a0 postgresql96-plpython26-9.6.11-1.82.amzn1.i686 \n \u00a0\u00a0\u00a0 postgresql96-debuginfo-9.6.11-1.82.amzn1.i686 \n \u00a0\u00a0\u00a0 postgresql96-server-9.6.11-1.82.amzn1.i686 \n \u00a0\u00a0\u00a0 postgresql96-libs-9.6.11-1.82.amzn1.i686 \n \u00a0\u00a0\u00a0 postgresql96-plpython27-9.6.11-1.82.amzn1.i686 \n \u00a0\u00a0\u00a0 postgresql96-plperl-9.6.11-1.82.amzn1.i686 \n \u00a0\u00a0\u00a0 postgresql96-9.6.11-1.82.amzn1.i686 \n \u00a0\u00a0\u00a0 postgresql96-docs-9.6.11-1.82.amzn1.i686 \n \u00a0\u00a0\u00a0 postgresql96-contrib-9.6.11-1.82.amzn1.i686 \n \n src: \n \u00a0\u00a0\u00a0 postgresql96-9.6.11-1.82.amzn1.src \n \n x86_64: \n \u00a0\u00a0\u00a0 postgresql96-contrib-9.6.11-1.82.amzn1.x86_64 \n \u00a0\u00a0\u00a0 postgresql96-debuginfo-9.6.11-1.82.amzn1.x86_64 \n \u00a0\u00a0\u00a0 postgresql96-static-9.6.11-1.82.amzn1.x86_64 \n \u00a0\u00a0\u00a0 postgresql96-test-9.6.11-1.82.amzn1.x86_64 \n \u00a0\u00a0\u00a0 postgresql96-docs-9.6.11-1.82.amzn1.x86_64 \n \u00a0\u00a0\u00a0 postgresql96-libs-9.6.11-1.82.amzn1.x86_64 \n \u00a0\u00a0\u00a0 postgresql96-plperl-9.6.11-1.82.amzn1.x86_64 \n \u00a0\u00a0\u00a0 postgresql96-devel-9.6.11-1.82.amzn1.x86_64 \n \u00a0\u00a0\u00a0 postgresql96-plpython26-9.6.11-1.82.amzn1.x86_64 \n \u00a0\u00a0\u00a0 postgresql96-plpython27-9.6.11-1.82.amzn1.x86_64 \n \u00a0\u00a0\u00a0 postgresql96-server-9.6.11-1.82.amzn1.x86_64 \n \u00a0\u00a0\u00a0 postgresql96-9.6.11-1.82.amzn1.x86_64 \n \n \n", "edition": 2, "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.1, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.2}, "published": "2018-12-06T16:58:00", "type": "amazon", "title": "Important: postgresql96", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.4, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": true, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-10915", "CVE-2018-10925", "CVE-2018-1115"], "modified": "2018-12-07T01:16:00", "id": "ALAS-2018-1119", "href": "https://alas.aws.amazon.com/ALAS-2018-1119.html", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:P"}}], "redhat": [{"lastseen": "2021-10-19T20:41:00", "description": "PostgreSQL is an advanced object-relational database management system (DBMS).\n\nThe following packages have been upgraded to a later upstream version: rh-postgresql10-postgresql (10.5). (BZ#1612673, BZ#1614337)\n\nSecurity Fix(es):\n\n* postgresql: Certain host connection parameters defeat client-side security defenses (CVE-2018-10915)\n\n* postgresql: Missing authorization and memory disclosure in INSERT ... ON CONFLICT DO UPDATE statements (CVE-2018-10925)\n\n* postgresql: Too-permissive access control list on function pg_logfile_rotate() (CVE-2018-1115)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.\n\nRed Hat would like to thank the PostgreSQL project for reporting these issues. Upstream acknowledges Andrew Krasichkov as the original reporter of CVE-2018-10915; and Stephen Frost as the original reporter of CVE-2018-1115.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.1, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.2}, "published": "2018-08-27T07:54:02", "type": "redhat", "title": "(RHSA-2018:2565) Important: rh-postgresql10-postgresql security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.4, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": true, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-10915", "CVE-2018-10925", "CVE-2018-1115"], "modified": "2018-08-27T08:00:08", "id": "RHSA-2018:2565", "href": "https://access.redhat.com/errata/RHSA-2018:2565", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2021-10-19T20:39:01", "description": "PostgreSQL is an advanced object-relational database management system (DBMS).\n\nThe following packages have been upgraded to a later upstream version: rh-postgresql96-postgresql (9.6.10). (BZ#1614340)\n\nSecurity Fix(es):\n\n* postgresql: Certain host connection parameters defeat client-side security defenses (CVE-2018-10915)\n\n* postgresql: Missing authorization and memory disclosure in INSERT ... ON CONFLICT DO UPDATE statements (CVE-2018-10925)\n\n* postgresql: Memory disclosure in JSON functions (CVE-2017-15098)\n\n* postgresql: pg_upgrade creates file of sensitive metadata under prevailing umask (CVE-2018-1053)\n\n* postgresql: Uncontrolled search path element in pg_dump and other client applications (CVE-2018-1058)\n\n* postgresql: INSERT ... ON CONFLICT DO UPDATE fails to enforce SELECT privileges (CVE-2017-15099)\n\n* postgresql: Too-permissive access control list on function pg_logfile_rotate() (CVE-2018-1115)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.\n\nRed Hat would like to thank the PostgreSQL project for reporting CVE-2018-10915, CVE-2018-10925, CVE-2017-15098, CVE-2018-1053, CVE-2017-15099, and CVE-2018-1115. Upstream acknowledges Andrew Krasichkov as the original reporter of CVE-2018-10915; David Rowley as the original reporter of CVE-2017-15098; Tom Lane as the original reporter of CVE-2018-1053; Dean Rasheed as the original reporter of CVE-2017-15099; and Stephen Frost as the original reporter of CVE-2018-1115.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.1, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.2}, "published": "2018-08-27T07:54:53", "type": "redhat", "title": "(RHSA-2018:2566) Important: rh-postgresql96-postgresql security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-15098", "CVE-2017-15099", "CVE-2018-1053", "CVE-2018-1058", "CVE-2018-10915", "CVE-2018-10925", "CVE-2018-1115"], "modified": "2018-08-27T08:06:23", "id": "RHSA-2018:2566", "href": "https://access.redhat.com/errata/RHSA-2018:2566", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}], "mageia": [{"lastseen": "2022-04-18T11:19:34", "description": "A flaw was found in the way Postgresql allowed a user to modify the behavior of a query for other users. An attacker with a user account could use this flaw to execute code with the permissions of superuser in the database (CVE-2018-1058). Postgresql 9.6.x before 9.6.9 is vulnerable in the adminpack extension, the pg_catalog.pg_logfile_rotate() function doesn't follow the same ACLs than pg_rorate_logfile. If the adminpack is added to a database, an attacker able to connect to it could exploit this to force log rotation (CVE-2018-1115). Andrew Krasichkov discovered that libpq did not reset all its connection state during reconnects (CVE-2018-10915). It was discovered that some \"CREATE TABLE\" statements could disclose server memory (CVE-2018-10925). Fully fixing these security issues requires manual intervention. See the upstream advisories for details. \n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.2}, "published": "2018-11-15T22:04:32", "type": "mageia", "title": "Updated postgresql9.4|6 packages fix security vulnerabilities\n", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-1058", "CVE-2018-10915", "CVE-2018-10925", "CVE-2018-1115"], "modified": "2018-11-15T22:04:32", "id": "MGASA-2018-0446", "href": "https://advisories.mageia.org/MGASA-2018-0446.html", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}]}