31 matches found
postgresql: pg_user_mappings view discloses foreign server passwords
It was found that the pgusermappings view could disclose information about user mappings to a foreign database to non-administrative database users. A database user with USAGE privilege for this mapping could, when querying the view, obtain user mapping data, such as the username and password use...
postgresql: pg_user_mappings view discloses foreign server passwords
It was found that the pgusermappings view could disclose information about user mappings to a foreign database to non-administrative database users. A database user with USAGE privilege for this mapping could, when querying the view, obtain user mapping data, such as the username and password use...
Medium: postgresql93, postgresql94, postgresql95
Issue Overview: Selectivity estimators bypass SELECT privilege checks It was found that some selectivity estimation functions did not check user privileges before providing information from pgstatistic, possibly leaking information. An unprivileged attacker could use this flaw to steal some...
CVE-2017-7486
PostgreSQL versions 8.4 - 9.6 are vulnerable to information leak in pgusermappings view which discloses foreign server passwords to any user having USAGE privilege on the associated foreign server...
CVE-2017-7486
PostgreSQL versions 8.4 - 9.6 are vulnerable to information leak in pgusermappings view which discloses foreign server passwords to any user having USAGE privilege on the associated foreign server...
UBUNTU-CVE-2017-7486
PostgreSQL versions 8.4 - 9.6 are vulnerable to information leak in pgusermappings view which discloses foreign server passwords to any user having USAGE privilege on the associated foreign server...
CVE-2017-7486
PostgreSQL versions 8.4 - 9.6 are vulnerable to information leak in pgusermappings view which discloses foreign server passwords to any user having USAGE privilege on the associated foreign server...
ALPINE-CVE-2017-7486
PostgreSQL versions 8.4 - 9.6 are vulnerable to information leak in pgusermappings view which discloses foreign server passwords to any user having USAGE privilege on the associated foreign server...
CVE-2017-7486
PostgreSQL versions 8.4 - 9.6 are vulnerable to information leak in pgusermappings view which discloses foreign server passwords to any user having USAGE privilege on the associated foreign server...
CVE-2017-7486
Removed by vendor...
CVE-2017-7486
PostgreSQL versions 8.4 - 9.6 are vulnerable to information leak in pgusermappings view which discloses foreign server passwords to any user having USAGE privilege on the associated foreign server...