CVE-2017-8806

The Debian pgctlcluster, pgcreatecluster, and pgupgradecluster scripts, as distributed in the Debian postgresql-common package before 181+deb9u1 for PostgreSQL and other packages related to Debian and Ubuntu, handled symbolic links insecurely, which could result in local denial of service by...

Design/Logic Flaw

The Debian pgctlcluster, pgcreatecluster, and pgupgradecluster scripts, as distributed in the Debian postgresql-common package before 181+deb9u1 for PostgreSQL and other packages related to Debian and Ubuntu, handled symbolic links insecurely, which could result in local denial of service by...

CVE-2017-8806

The CVE-2017-8806 issue affects Debian/Ubuntu: the pg_ctlcluster, pg_createcluster, and pg_upgradecluster scripts in the postgresql-common package mishandled symbolic links, enabling a local attacker to cause a denial of service by overwriting arbitrary files. Affected versions are Debian/Ubuntu ...

CVE-2017-8806

The Debian pgctlcluster, pgcreatecluster, and pgupgradecluster scripts, as distributed in the Debian postgresql-common package before 181+deb9u1 for PostgreSQL and other packages related to Debian and Ubuntu, handled symbolic links insecurely, which could result in local denial of service by...

Debian DSA-4029-1 : postgresql-common - security update

It was discovered that the pgctlcluster, pgcreatecluster and pgupgradecluster commands handled symbolic links insecurely which could result in local denial of service by overwriting arbitrary files. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in th...

CVE-2017-8806

The Debian pgctlcluster, pgcreatecluster, and pgupgradecluster scripts, as distributed in the Debian postgresql-common package before 181+deb9u1 for PostgreSQL and other packages related to Debian and Ubuntu, handled symbolic links insecurely, which could result in local denial of service by...

Debian DLA-774-1 : postgresql-common security update

A security vulnerability and a data loss bug have been found in postgresql-common, Debian's PostgreSQL database cluster management tools. CVE-2016-1255 Dawid Golunski discovered that a symlink in /var/log/postgresql/ could be used by the 'postgres' system user to write to arbitrary files on the...

[SECURITY] [DLA-774-1] postgresql-common security update

Package : postgresql-common Version : 134wheezy5 A security vulnerability and a data loss bug have been found in postgresql-common, Debians PostgreSQL database cluster management tools. CVE-2016-1255 Dawid Golunski discovered that a symlink in /var/log/postgresql/ could be used by the "postgres"...