129 matches found
EUVD-2020-12616
Malware in sbrugna...
EUVD-2017-11857
Malware in sbrugna...
EUVD-2020-12637
Malware in sbrugna...
EUVD-2020-12679
Malware in sbrugna...
CVE-2020-1790
GaussDB 200 with version of 6.5.1 have a command injection vulnerability. The software constructs part of a command using external input from users, but the software does not sufficiently validate the user input. Successful exploit could allow the attacker to inject certain commands...
CVE-2020-1853
GaussDB 200 with version of 6.5.1 have a path traversal vulnerability. Due to insufficient input path validation, an authenticated attacker can traverse directories and download files to a specific directory. Successful exploit may cause information leakage...
CVE-2020-1811
GaussDB 200 with version of 6.5.1 have a command injection vulnerability. Due to insufficient input validation, remote attackers with low permissions could exploit this vulnerability by sending crafted commands to the affected device. Successful exploit could allow an attacker to execute commands...
GaussDB Kernel: Authentication Parameters
Set login parameters for scanning GaussDB Kernel database. Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; yo...
GaussDB Kernel: Configuring Rsyslog for Unified Audit Logs
By default, unified audit logs are output to the Rsyslog on each CN. User root is authorized to configure and view the logs. Ensure that enablesecuritypolicy is Enabled. Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright...
GaussDB Kernel: Configuring the Level of Error-Deriving SQL Statements to Be Logged
The logminerrorstatement parameter specifies which level of SQL statements that cause an error will be recorded into server logs. SQL statements whose levels are higher than or equal to the configured level will be recorded into server logs. The valid values include DEBUG5, DEBUG4, DEBUG3, DEBUG2...
GaussDB Kernel: Configuring the Validity Period of User Roles
During role creation, the keyword VALID BEGIN is used to set the role validity start time and VALID UNTIL to set the end time. If these two keywords are not set, roles are permanently valid. The role expiration time on each node in the GaussDB Kernel cluster depends on the OS clock on each node...
GaussDB Kernel: Enabling the Auditing of Database Locking and Unlocking
The parameter audituserlocked specifies whether to audit the locking and unlocking of database users. After this parameter is set to on, the locking status of database accounts is traced. Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources,...
GaussDB Kernel: Disabling the Logging of the Host Name
By default, the connection log message displays only the IP address of the connected host. If loghostname is set to on, the host name is also recorded. It may take some time to parse the host name and affect database performance. Copyright C 2020 Greenbone Networks GmbH Some text descriptions mig...
GaussDB Kernel: Prohibiting New Connections to Database Templates
To prevent improper modification of the database template, you need to set the datallowconn field in the system catalog pgdatabase to false, prohibiting new connections to the database. If the database template template1 is set to deny user connections, database upgrade will be affected. If...
GaussDB Kernel: Disabling System Catalog Structure Modification
allowsystemtablemods allows for system catalog structure modification. This parameter collaborates with GaussDB Kernel to help recover a severely damaged database in some cases. You are advised not to use this parameter in production Databases. Copyright C 2020 Greenbone Networks GmbH Some text...
GaussDB Kernel: Configure an Audit Priority Policy
Configures the policy for determining whether audit logs are preferentially stored by space or time. Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...
GaussDB Kernel: Setting user for host Entries in the pg_hba.conf File
If user is set to all for host entries, any users are allowed to access the database. You are advised to set user for host entries to the user who needs to connect to the database. Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and ar...
GaussDB Kernel: Configuring the SSL Encryption Algorithm
sslciphers specifies the SSL encryption algorithms used for secure connections. GaussDB Kernel supports the following algorithms: - DHE-RSA-AES128-GCM-SHA256 - DHE-RSA-AES256-GCM-SHA384 - DHE-RSA-AES128-CCM - DHE-RSA-AES256-CCM You are advised to set sslciphers to ALL. Then, GaussDB Kernel uses...
GaussDB Kernel: Checking the CREATEDB Permission
Only the role with the CREATEDB permission can create databases. Such a role can also create and define database users. To avoid arbitrary database creation, delete roles that do not require the CREATEDB permission. Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpte...
GaussDB Kernel: Checking the CREATEROLE Permission
Only the role with the CREATEROLE permission can create, modify, or delete other roles. Such a role can also grant permissions to or revoke permissions of other roles. To avoid arbitrary permission granting, delete roles that do not require the CREATEROLE permission. Copyright C 2020 Greenbone...