Lucene search
K

18 matches found

OpenVAS
OpenVAS
added 2023/03/08 12:0 a.m.21 views

Debian: Security Advisory (DSA-1964-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.5CVSS5.9AI score0.03644EPSS
Exploits5References3
Tenable Nessus
Tenable Nessus
added 2010/10/11 12:0 a.m.26 views

SuSE 10 Security Update : PostgreSQL (ZYPP Patch Number 6768)

The following bugs have been fixed : An unprivileged, authenticated PostgreSQL user could create a table which references functions with malicious content. Maintenance operations carried out be the database superuser could execute such functions. CVE-2009-4136 Embedded null bytes in the common na...

6.5CVSS8.2AI score0.03644EPSS
Exploits5References4
Tenable Nessus
Tenable Nessus
added 2010/01/19 12:0 a.m.32 views

openSUSE Security Update : postgresql (postgresql-1773)

An unprivileged, authenticated PostgreSQL user could create a table which references functions with malicious content. Maintenance operations carried out be the database superuser could execute such functions CVE-2009-4136. Embedded null bytes in the common name of SSL certificates could bypass...

6.5CVSS8.2AI score0.03644EPSS
Exploits5References4
Tenable Nessus
Tenable Nessus
added 2010/01/19 12:0 a.m.26 views

openSUSE Security Update : postgresql (postgresql-1773)

An unprivileged, authenticated PostgreSQL user could create a table which references functions with malicious content. Maintenance operations carried out be the database superuser could execute such functions CVE-2009-4136. Embedded null bytes in the common name of SSL certificates could bypass...

6.5CVSS8.2AI score0.03644EPSS
Exploits5References4
Tenable Nessus
Tenable Nessus
added 2010/01/19 12:0 a.m.22 views

SuSE9 Security Update : PostgreSQL (YOU Patch Number 12571)

The following bugs have been fixed : - An unprivileged, authenticated PostgreSQL user could create a table which references functions with malicious content. Maintenance operations carried out be the database superuser could execute such functions. CVE-2009-4136 - Embedded null bytes in the commo...

6.5CVSS8.2AI score0.03644EPSS
Exploits5References4
Tenable Nessus
Tenable Nessus
added 2010/01/19 12:0 a.m.22 views

SuSE 10 Security Update : PostgreSQL (ZYPP Patch Number 6767)

The following bugs have been fixed : An unprivileged, authenticated PostgreSQL user could create a table which references functions with malicious content. Maintenance operations carried out be the database superuser could execute such functions. CVE-2009-4136 Embedded null bytes in the common na...

6.5CVSS8.2AI score0.03644EPSS
Exploits5References4
OpenVAS
OpenVAS
added 2010/01/15 12:0 a.m.29 views

Ubuntu Update for PostgreSQL vulnerabilities USN-876-1

Ubuntu Update for Linux kernel vulnerabilities USN-876-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN8761.nasl 7965 2017-12-01 07:38:25Z santu $ Ubuntu Update for PostgreSQL vulnerabilities USN-876-1 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH,...

6.5CVSS0.2AI score0.03644EPSS
Exploits5References2
Tenable Nessus
Tenable Nessus
added 2010/01/04 12:0 a.m.27 views

Ubuntu 6.06 LTS / 8.04 LTS / 8.10 / 9.04 / 9.10 : postgresql-8.1, postgresql-8.3, postgresql-8.4 vulnerabilities (USN-876-1)

It was discovered that PostgreSQL did not properly handle certificates with NULL characters in the Common Name field of X.509 certificates. An attacker could exploit this to perform a man in the middle attack to view sensitive information or alter encrypted communications. CVE-2009-4034 It was...

6.5CVSS8.1AI score0.03644EPSS
Exploits5References3
Ubuntu
Ubuntu
added 2010/01/03 8:39 p.m.55 views

USN-876-1: PostgreSQL vulnerabilities

It was discovered that PostgreSQL did not properly handle certificates with NULL characters in the Common Name field of X.509 certificates. An attacker could exploit this to perform a machine-in-the-middle attack to view sensitive information or alter encrypted communications. CVE-2009-4034 It wa...

6.5CVSS8.2AI score0.03644EPSS
Exploits5
OpenVAS
OpenVAS
added 2009/12/30 12:0 a.m.27 views

Fedora Core 12 FEDORA-2009-13381 (postgresql)

The remote host is missing an update to postgresql announced via advisory FEDORA-2009-13381. Note: This VT has been deprecated and is therefore no longer functional. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C b...

6.5CVSS6.7AI score0.03644EPSS
Exploits5References3
OpenVAS
OpenVAS
added 2009/12/30 12:0 a.m.26 views

FreeBSD Ports: postgresql-client, postgresql-server

The remote host is missing an update to the system as announced in the referenced advisory. VID e7bc5600-eaa0-11de-bd9c-00215c6a37bb OpenVAS Vulnerability Test $ Description: Auto generated from VID e7bc5600-eaa0-11de-bd9c-00215c6a37bb Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft Inc...

6.8CVSS6.8AI score0.05741EPSS
Exploits9
OpenVAS
OpenVAS
added 2009/12/30 12:0 a.m.24 views

Fedora Core 11 FEDORA-2009-13363 (postgresql)

The remote host is missing an update to postgresql announced via advisory FEDORA-2009-13363. Note: This VT has been deprecated and is therefore no longer functional. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C b...

6.5CVSS6.7AI score0.03644EPSS
Exploits5References3
OpenVAS
OpenVAS
added 2009/12/30 12:0 a.m.24 views

Fedora Core 12 FEDORA-2009-13381 (postgresql)

The remote host is missing an update to postgresql announced via advisory FEDORA-2009-13381. OpenVAS Vulnerability Test $Id: fcore200913381.nasl 6624 2017-07-10 06:11:55Z cfischer $ Description: Auto-generated from advisory FEDORA-2009-13381 postgresql Authors: Thomas Reinke Copyright: Copyright ...

6.5CVSS0.4AI score0.03644EPSS
Exploits5References2
seebug.org
seebug.org
added 2009/12/29 12:0 a.m.176 views

PostgreSQL CA SSL证书验证漏洞

BUGTRAQ ID: 37334 CVE ID: CVE-2009-4034 PostgreSQL是一款高级对象-关系型数据库管理系统,支持扩展的SQL标准子集。 PostgreSQL没有正确地验证X.509证书主题的通用名称(CN)字符的域名中的空字符(\0),在处理包含有空字符的证书字段时错误地将空字符处理为截止字符,因此只会验证空字符前的部分。例如,对于类似于以下的名称: example.com\0.haxx.se...

5.8CVSS0.3AI score0.0213EPSS
Exploits2
seebug.org
seebug.org
added 2009/12/17 12:0 a.m.164 views

PostgreSQL空字符CA SSL整数校验安全绕过漏洞

Bugraq ID: 37334 CVE ID:CVE-2009-4034 PostgreSQL是一款对象关系型数据库管理系统,支持扩展的SQL标准子集。 处理部分证书字段中嵌入空字符的SSL证书存在错误,攻击者可以利用漏洞伪造证书,进行中间人等攻击。 SSL证书中的空字符可用于伪造客户端或服务端验证,只影响启用了SSL,执行证书名校验或客户端证书验证,而其CA已经被诱骗发布了非法证书的用户。 PostgreSQL PostgreSQL 8.4.1 PostgreSQL PostgreSQL 8.3.8 PostgreSQL PostgreSQL 8.3.6 PostgreSQL...

5.8CVSS6AI score0.0213EPSS
Exploits2
Tenable Nessus
Tenable Nessus
added 2009/12/16 12:0 a.m.34 views

Mandriva Linux Security Advisory : postgresql (MDVSA-2009:333)

Multiple vulnerabilities was discovered and corrected in postgresql : NULL Bytes in SSL Certificates can be used to falsify client or server authentication. This only affects users who have SSL enabled, perform certificate name validation or client certificate authentication, and where the...

6.5CVSS7.8AI score0.06902EPSS
Exploits7References4
CVE
CVE
added 2009/12/15 6:0 p.m.131 views

CVE-2009-4034

Technical details about CVE-2009-4034 are not publicly available in the provided documents. Monitor for updates.

5.8CVSS6.2AI score0.0213EPSS
Exploits2References19Affected Software1
PostrgeSql
PostrgeSql
added 2009/12/15 6:0 p.m.153 views

Vulnerability in core server (CVE-2009-4034)

NULL Bytes in SSL Certificates can be used to falsify client or server authentication. This only affects users who have SSL enabled, perform certificate name validation or client certificate authentication, and where the Certificate Authority CA has been tricked into issuing invalid certificates...

5.8CVSS5.7AI score0.0213EPSS
Exploits2Affected Software1
Rows per page
Query Builder