8 matches found
K000148351: PostgreSQL vulnerabilities CVE-2017-15098, CVE-2017-14798, CVE-2016-7048, CVE-2016-5424, and CVE-2016-5423
Security Advisory Description CVE-2017-15098 Invalid jsonpopulaterecordset or jsonbpopulaterecordset function calls in PostgreSQL 10.x before 10.1, 9.6.x before 9.6.6, 9.5.x before 9.5.10, 9.4.x before 9.4.15, and 9.3.x before 9.3.20 can crash the server or disclose a few bytes of server memory...
PostgreSQL 9.4-0.5.3 Privilege Escalation
Exploit Title: PostgreSQL 9.4-0.5.3 - Privilege Escalation Date: 2017-10-11 Exploit Author: Johannes Segitz Vendor Homepage: https://bugzilla.suse.com/showbug.cgi?id=1062722 Software Link: - Version: Before postgresql-init-9.4-0.5.3.1 Tested on: SUSE Linux Enterprise 11 SP4 CVE : CVE-2017-14798...
PostgreSQL 9.4-0.5.3 - Privilege Escalation
PostgreSQL 9.4-0.5.3 - Privilege Escalation Exploit Title: PostgreSQL 9.4-0.5.3 - Privilege Escalation Date: 2017-10-11 Exploit Author: Johannes Segitz Vendor Homepage: https://bugzilla.suse.com/showbug.cgi?id=1062722 Software Link: - Version: Before postgresql-init-9.4-0.5.3.1 Tested on: SUSE...
PostgreSQL 9.4-0.5.3 - Privilege Escalation Exploit
Exploit for linux platform in category local exploits Exploit Title: PostgreSQL 9.4-0.5.3 - Privilege Escalation Exploit Author: Johannes Segitz Vendor Homepage: https://bugzilla.suse.com/showbug.cgi?id=1062722 Software Link: - Version: Before postgresql-init-9.4-0.5.3.1 Tested on: SUSE Linux...
CVE-2017-14798
A race condition in the postgresql init script could be used by attackers able to access the postgresql account to escalate their privileges to root...
CVE-2017-14798
A race condition in the postgresql init script could be used by attackers able to access the postgresql account to escalate their privileges to root...
CVE-2017-14798
CVE-2017-14798 describes a race condition in the PostgreSQL init script that could allow an attacker who can access the postgres account to escalate privileges to root. Public material (including exploit code and security advisories) confirms the vulnerability path via the init script and local a...
SUSE-SU-2017:3107-1 Security update for postgresql-init
This update for postgresql-init fixes the following issues: - CVE-2017-14798: A race condition in the init script could be used by attackers able to access the postgresql account to escalate their privileges to root bsc1062722...