11 matches found
Debian: Security Advisory (DLA-774-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE CVE-2016-1255
The pgctlcluster script in postgresql-common package in Debian wheezy before 134wheezy5, in Debian jessie before 165+deb8u2, in Debian unstable before 178, in Ubuntu 12.04 LTS before 129ubuntu1.2, in Ubuntu 14.04 LTS before 154ubuntu1.1, in Ubuntu 16.04 LTS before 173ubuntu0.1, in Ubuntu 17.04...
Ubuntu: Security Advisory (USN-3476-2)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2016-1255
The pgctlcluster script in postgresql-common package in Debian wheezy before 134wheezy5, in Debian jessie before 165+deb8u2, in Debian unstable before 178, in Ubuntu 12.04 LTS before 129ubuntu1.2, in Ubuntu 14.04 LTS before 154ubuntu1.1, in Ubuntu 16.04 LTS before 173ubuntu0.1, in Ubuntu 17.04...
CVE-2016-1255
The CVE-2016-1255 issue affects the pg_ctlcluster script in the postgresql-common package across multiple Debian/Ubuntu releases (e.g., Debian wheezy/jessie, Ubuntu 12.04/14.04/16.04/17.x, etc.). The root cause is a symlink attack on a logfile located in /var/log/postgresql, which local users can...
Ubuntu 14.04 LTS / 16.04 LTS : postgresql-common vulnerabilities (USN-3476-1)
The remote Ubuntu 14.04 LTS / 16.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-3476-1 advisory. Dawid Golunski discovered that the postgresql-common pgctlcluster script incorrectly handled symlinks. A local attacker could possibly use th...
Ubuntu: Security Advisory (USN-3476-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-3476-1: postgresql-common vulnerabilities
Dawid Golunski discovered that the postgresql-common pgctlcluster script incorrectly handled symlinks. A local attacker could possibly use this issue to escalate privileges. This issue only affected Ubuntu 14.04 LTS and Ubuntu 16.04 LTS. CVE-2016-1255 It was discovered that the postgresql-common...
Debian DLA-774-1 : postgresql-common security update
A security vulnerability and a data loss bug have been found in postgresql-common, Debian's PostgreSQL database cluster management tools. CVE-2016-1255 Dawid Golunski discovered that a symlink in /var/log/postgresql/ could be used by the 'postgres' system user to write to arbitrary files on the...
[SECURITY] [DLA-774-1] postgresql-common security update
Package : postgresql-common Version : 134wheezy5 A security vulnerability and a data loss bug have been found in postgresql-common, Debians PostgreSQL database cluster management tools. CVE-2016-1255 Dawid Golunski discovered that a symlink in /var/log/postgresql/ could be used by the "postgres"...
CVE-2016-1255
The pgctlcluster script in postgresql-common package in Debian wheezy before 134wheezy5, in Debian jessie before 165+deb8u2, in Debian unstable before 178, in Ubuntu 12.04 LTS before 129ubuntu1.2, in Ubuntu 14.04 LTS before 154ubuntu1.1, in Ubuntu 16.04 LTS before 173ubuntu0.1, in Ubuntu 17.04...