Linux Distros Unpatched Vulnerability : CVE-2014-0067

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The make check command for the test suites in PostgreSQL 9.3.3 and earlier does not properly invoke initdb to specify the authentication requirements for a...

RHEL 5 : postgresql (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - postgresql: Improper randomization of pgcrypto functions requiring random seed CVE-2013-1900 - postgresql...

RHEL 6 : postgresql (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - postgresql: Start scripts permit database administrator to modify root-owned files CVE-2017-15097 -...

Debian: Security Advisory (DLA-0019)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE CVE-2014-0067

The "make check" command for the test suites in PostgreSQL 9.3.3 and earlier does not properly invoke initdb to specify the authentication requirements for a database cluster to be used for the tests, which allows local users to gain privileges by leveraging access to this cluster...

SUSE: Security Advisory (SUSE-SU-2014:0461-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Amazon Linux: Security Advisory (ALAS-2015-492)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

PostgreSQL 9.0 < 9.0.19 / 9.1 < 9.1.15 / 9.2 < 9.2.10 / 9.3 < 9.3.6 / 9.4 < 9.4.1 Multiple Vulnerabilities

Binary data 8727.prm...

Debian DLA-19-1 : postgresql-8.4 update

New upstream minor release. Users should upgrade to this version at their next scheduled maintenance window. Noteworthy change : Secure Unix-domain sockets of temporary postmasters started during make check Noah Misch Any local user able to access the socket file could connect as the server's...

Amazon Linux AMI : postgresql92 (ALAS-2015-492)

A buffer overflow flaw was found in the way PostgreSQL handled certain numeric formatting. An authenticated database user could use a specially crafted timestamp formatting template to cause PostgreSQL to crash or, under certain conditions, execute arbitrary code with the permissions of the user...

[DLA-0019-1] postgresql-8.4 update

Debian Security Advisory DLA-0019-1 https://wiki.debian.org/LTS - ---------------------------------------------------------------------------- Package : postgresql-8.4 Version : 8.4.22-0+deb6u1 CVE ID : CVE-2014-0067 New upstream minor release. Users should upgrade to this version at their next...

DLA-0019-1 postgresql-8.4 - new upstream minor release

Bulletin has no description...

UBUNTU-CVE-2014-0067

The "make check" command for the test suites in PostgreSQL 9.3.3 and earlier does not properly invoke initdb to specify the authentication requirements for a database cluster to be used for the tests, which allows local users to gain privileges by leveraging access to this cluster...

FreeBSD : PostgreSQL -- multiple privilege issues (42d42090-9a4d-11e3-b029-08002798f6ff)

PostgreSQL Project reports : This update fixes CVE-2014-0060, in which PostgreSQL did not properly enforce the WITH ADMIN OPTION permission for ROLE management. Before this fix, any member of a ROLE was able to grant others access to the same ROLE regardless if the member was given the WITH ADMIN...

Debian DSA-2864-1 : postgresql-8.4 - several vulnerabilities

Various vulnerabilities were discovered in PostgreSQL : - CVE-2014-0060 Shore up GRANT ... WITH ADMIN OPTION restrictions Noah Misch Granting a role without ADMIN OPTION is supposed to prevent the grantee from adding or removing members from the granted role, but this restriction was easily...

[SECURITY] [DSA 2865-1] postgresql-9.1 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-2865-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff February 20, 2014 http://www.debian.org/security/faq -...

[SECURITY] [DSA 2864-1] postgresql-8.4 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-2864-1 [email protected] http://www.debian.org/security/ Christoph Berg February 20, 2014 http://www.debian.org/security/faq -...

Debian Security Advisory DSA 2864-1 (postgresql-8.4 - several vulnerabilities)

Various vulnerabilities were discovered in PostgreSQL: CVE-2014-0060 Shore up GRANT ... WITH ADMIN OPTION restrictions Noah Misch Granting a role without ADMIN OPTION is supposed to prevent the grantee from adding or removing members from the granted role, but this restriction was easily bypassed...

DSA-2864-1 postgresql-8.4 - several

Bulletin has no description...

PostgreSQL -- multiple privilege issues

PostgreSQL Project reports: This update fixes CVE-2014-0060, in which PostgreSQL did not properly enforce the WITH ADMIN OPTION permission for ROLE management. Before this fix, any member of a ROLE was able to grant others access to the same ROLE regardless if the member was given the WITH ADMIN...