Debian Security Advisory DSA 3475-1 (postgresql-9.1 - security update)

Several vulnerabilities have been found in PostgreSQL-9.1, a SQL database system. CVE-2015-5288 Josh Kupershmidt discovered a vulnerability in the crypt function in the pgCrypto extension. Certain invalid salt arguments can cause the server to crash or to disclose a few bytes of server memory...

Viper - Cracking Unix Passwords Brute Force

Viper is a prute force UNIX-style password cracker for passwords encrypt with crypt. It has been developed from Hale's viper 1.4 Perl program. While there are other more powerful crack programs out, this one is about studying the safety of passwords while hardware speed is increasing drastically...

Amazon Linux: Security Advisory (ALAS-2015-619)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

postgresql: limited memory disclosure flaw in crypt()

A memory leak error was discovered in the crypt function of the pgCrypto extension. An authenticated attacker could possibly use this flaw to disclose a limited amount of the server memory...

Scientific Linux Security Update : postgresql on SL6.x i386/x86_64 (20151118)

A memory leak error was discovered in the crypt function of the pgCrypto extension. An authenticated attacker could possibly use this flaw to disclose a limited amount of the server memory. CVE-2015-5288 If the postgresql service is running, it will be automatically restarted after installing thi...

postgresql: limited memory disclosure flaw in crypt()

A memory leak error was discovered in the crypt function of the pgCrypto extension. An authenticated attacker could possibly use this flaw to disclose a limited amount of the server memory...

Moderate: Red Hat Security Advisory: postgresql92-postgresql security update

Updated postgresql92-postgresql packages that fix two security issues are now available for Red Hat Software Collections 2. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings...

postgresql: limited memory disclosure flaw in crypt()

A memory leak error was discovered in the crypt function of the pgCrypto extension. An authenticated attacker could possibly use this flaw to disclose a limited amount of the server memory...

Amazon Linux: Security Advisory (ALAS-2015-609)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2007-2844

PHP 4.x and 5.x before 5.2.1, when running on multi-threaded systems, does not ensure thread safety for libc crypt function calls using protection schemes such as a mutex, which creates race conditions that allow remote attackers to overwrite internal program memory and gain system access...

CVE-2015-5288

The crypt function in contrib/pgcrypto in PostgreSQL before 9.0.23, 9.1.x before 9.1.19, 9.2.x before 9.2.14, 9.3.x before 9.3.10, and 9.4.x before 9.4.5 allows attackers to cause a denial of service server crash or read arbitrary server memory via a "too-short" salt...

[SECURITY] [DSA 3374-1] postgresql-9.4 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3374-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso October 19, 2015 https://www.debian.org/security/faq -...

PostgreSQL Memory Read Vulnerability

PostgreSQL is an object-relational database management system that supports an extended subset of SQL standards. A security vulnerability exists in PostgreSQL that allows remote attackers to exploit a vulnerability by submitting special data to the pgCrypto extension's crypt function to read the...

UBUNTU-CVE-2015-5288

The crypt function in contrib/pgcrypto in PostgreSQL before 9.0.23, 9.1.x before 9.1.19, 9.2.x before 9.2.14, 9.3.x before 9.3.10, and 9.4.x before 9.4.5 allows attackers to cause a denial of service server crash or read arbitrary server memory via a "too-short" salt...

PostgreSQL -- minor security problems.

PostgreSQL project reports: Two security issues have been fixed in this release which affect users of specific PostgreSQL features. CVE-2015-5289 json or jsonb input values constructed from arbitrary user input can crash the PostgreSQL server and cause a denial of service. CVE-2015-5288: The cryp...

Vulnerability in contrib module (CVE-2015-5288)

Memory leak in crypt function...

Gentoo Security Advisory GLSA 201401-16

Gentoo Linux Local Security Checks GLSA 201401-16 SPDX-FileCopyrightText: 2015 Eero Volotinen Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later ifdescription...

Gentoo Security Advisory GLSA 201309-01

Gentoo Linux Local Security Checks GLSA 201309-01 SPDX-FileCopyrightText: 2015 Eero Volotinen Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later ifdescription...

Amazon Linux: Security Advisory (ALAS-2011-12)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Amazon Linux: Security Advisory (ALAS-2011-7)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...