6.8 Medium
AI Score
Confidence
High
4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
0.002 Low
EPSS
Percentile
58.8%
The remote host is missing an update for the
# SPDX-FileCopyrightText: 2012 Greenbone AG
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only
if(description)
{
script_xref(name:"URL", value:"http://lists.centos.org/pipermail/centos-announce/2012-June/018698.html");
script_oid("1.3.6.1.4.1.25623.1.0.881195");
script_version("2023-07-10T08:07:43+0000");
script_tag(name:"last_modification", value:"2023-07-10 08:07:43 +0000 (Mon, 10 Jul 2023)");
script_tag(name:"creation_date", value:"2012-07-30 16:40:08 +0530 (Mon, 30 Jul 2012)");
script_cve_id("CVE-2012-2143");
script_tag(name:"cvss_base", value:"4.3");
script_tag(name:"cvss_base_vector", value:"AV:N/AC:M/Au:N/C:N/I:P/A:N");
script_xref(name:"CESA", value:"2012:1036");
script_name("CentOS Update for postgresql CESA-2012:1036 centos5");
script_tag(name:"summary", value:"The remote host is missing an update for the 'postgresql'
package(s) announced via the referenced advisory.");
script_category(ACT_GATHER_INFO);
script_copyright("Copyright (C) 2012 Greenbone AG");
script_family("CentOS Local Security Checks");
script_dependencies("gather-package-list.nasl");
script_mandatory_keys("ssh/login/centos", "ssh/login/rpms", re:"ssh/login/release=CentOS5");
script_tag(name:"affected", value:"postgresql on CentOS 5");
script_tag(name:"solution", value:"Please install the updated packages.");
script_tag(name:"insight", value:"PostgreSQL is an advanced object-relational database management system
(DBMS).
A flaw was found in the way the crypt() password hashing function from the
optional PostgreSQL pgcrypto contrib module performed password
transformation when used with the DES algorithm. If the password string to
be hashed contained the 0x80 byte value, the remainder of the string was
ignored when calculating the hash, significantly reducing the password
strength. This made brute-force guessing more efficient as the whole
password was not required to gain access to protected resources.
(CVE-2012-2143)
Note: With this update, the rest of the string is properly included in the
DES hash. Therefore, any previously stored password values that are
affected by this issue will no longer match. In such cases, it will be
necessary for those stored password hashes to be updated.
Upstream acknowledges Rubin Xu and Joseph Bonneau as the original reporters
of this issue.
All PostgreSQL users are advised to upgrade to these updated packages,
which contain a backported patch to correct this issue. If the postgresql
service is running, it will be automatically restarted after installing
this update.");
script_tag(name:"qod_type", value:"package");
script_tag(name:"solution_type", value:"VendorFix");
exit(0);
}
include("revisions-lib.inc");
include("pkg-lib-rpm.inc");
release = rpm_get_ssh_release();
if(!release)
exit(0);
res = "";
if(release == "CentOS5")
{
if ((res = isrpmvuln(pkg:"postgresql", rpm:"postgresql~8.1.23~5.el5_8", rls:"CentOS5")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"postgresql-contrib", rpm:"postgresql-contrib~8.1.23~5.el5_8", rls:"CentOS5")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"postgresql-devel", rpm:"postgresql-devel~8.1.23~5.el5_8", rls:"CentOS5")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"postgresql-docs", rpm:"postgresql-docs~8.1.23~5.el5_8", rls:"CentOS5")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"postgresql-libs", rpm:"postgresql-libs~8.1.23~5.el5_8", rls:"CentOS5")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"postgresql-pl", rpm:"postgresql-pl~8.1.23~5.el5_8", rls:"CentOS5")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"postgresql-python", rpm:"postgresql-python~8.1.23~5.el5_8", rls:"CentOS5")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"postgresql-server", rpm:"postgresql-server~8.1.23~5.el5_8", rls:"CentOS5")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"postgresql-tcl", rpm:"postgresql-tcl~8.1.23~5.el5_8", rls:"CentOS5")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"postgresql-test", rpm:"postgresql-test~8.1.23~5.el5_8", rls:"CentOS5")) != NULL)
{
security_message(data:res);
exit(0);
}
if (__pkg_match) exit(99);
exit(0);
}