6 matches found
CVE-2019-3466
The pgctlcluster script in postgresql-common in versions prior to 210 didn't drop privileges when creating socket/statistics temporary directories, which could result in local privilege escalation...
CVE-2019-3466
creationtimestamp| type| source ---|---|--- 2024-02-26 07:07:11+00:00| seen| https://t.me/ctinow/193124...
Vulnerability in packaging (CVE-2019-3466)
pgctlcluster script in postgresql-common does not drop privileges when creating socket/statistics temporary directories A PostgreSQL superuser could escalate to root using a deficiency in the pgctlcluster command. pgctlcluster is a utility provided by the "postgresql-common" package that is...
CVE-2019-3466
CVE-2019-3466 concerns the pg_ctlcluster script in the PostgreSQL-related package postgresql-common. In versions prior to 210, the script did not drop privileges when creating socket/statistics temporary directories, enabling a local privilege escalation. Public disclosures reference Ubuntu/Debia...
Debian DSA-4568-1 : postgresql-common - security update
Rich Mirch discovered that the pgctlcluster script didn't drop privileges when creating socket/statistics temporary directories, which could result in local privilege escalation. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian...
Ubuntu: Security Advisory (USN-4194-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...