MiracleLinux 7 : postgresql-9.2.21-1.el7 (AXSA:2017-1914:01)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2017-1914:01 advisory. PostgreSQL is an advanced Object-Relational database management system DBMS. The base postgresql package contains the client programs that you'll ne...

EUVD-2017-16506

Malware in sbrugna...

Mageia: Security Advisory (MGASA-2017-0316)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Information Disclosure

PostgreSQL is vulnerable to information disclosure vulnerability. The pgusermappings access qualifications are not properly implemented. A remote authenticated user may be able to view foreign server passwords which leads to data modification...

EulerOS 2.0 SP1 : postgresql (EulerOS-SA-2017-1231)

According to the versions of the postgresql packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - It was found that authenticating to a PostgreSQL database account with an empty password was possible despite libpq's refusal to send an emp...

Medium: postgresql96

Issue Overview: The pgusermappings view discloses passwords to users lacking server privileges: An authorization flaw was found in the way PostgreSQL handled access to the pgusermappings view on foreign servers. A remote authenticated attacker could potentially use this flaw to retrieve passwords...

EulerOS 2.0 SP2 : posrgresql (EulerOS-SA-2017-1216)

According to the versions of the posrgresql packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - It was found that some selectivity estimation functions did not check user privileges before providing information from pgstatistic, possibl...

Scientific Linux Security Update : postgresql on SL7.x x86_64 (20170801)

The following packages have been upgraded to a later upstream version: postgresql 9.2.21. Security Fixes : - It was found that some selectivity estimation functions did not check user privileges before providing information from pgstatistic, possibly leaking information. A non-administrative...

PostgreSQL Multiple Vulnerabilities (Aug 2017) - Linux

PostgreSQL is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:postgresql:postgresql";...

Vulnerability in core server (CVE-2017-7547)

pgusermappings view discloses passwords to users lacking server privileges...

Amazon Linux AMI : postgresql92 (ALAS-2017-838)

Selectivity estimators bypass SELECT privilege checks It was found that some selectivity estimation functions did not check user privileges before providing information from pgstatistic, possibly leaking information. An unprivileged attacker could use this flaw to steal some information from tabl...

PostgreSQL Information Disclosure Vulnerability (CNVD-2017-06932)

PostgreSQL is a free object-relational database management system developed by the PostgreSQL development group. The system supports most of the SQL standards and provides many other features, such as foreign keys, triggers, views, and so on. An information disclosure vulnerability exists in the...

PostgreSQL Multiple Information Disclosure Vulnerabilities (May 2017) - Linux

PostgreSQL is prone to multiple information disclosure vulnerabilities. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

PostgreSQL Multiple Information Disclosure Vulnerabilities (May 2017) - Windows

PostgreSQL is prone to multiple information disclosure vulnerabilities. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

CVE-2017-7486

PostgreSQL versions 8.4 - 9.6 are vulnerable to information leak in pgusermappings view which discloses foreign server passwords to any user having USAGE privilege on the associated foreign server...

CVE-2017-7486

PostgreSQL versions 8.4 - 9.6 are vulnerable to information leak in pgusermappings view which discloses foreign server passwords to any user having USAGE privilege on the associated foreign server...

UBUNTU-CVE-2017-7486

PostgreSQL versions 8.4 - 9.6 are vulnerable to information leak in pgusermappings view which discloses foreign server passwords to any user having USAGE privilege on the associated foreign server...

CVE-2017-7486

PostgreSQL versions 8.4 - 9.6 are vulnerable to information leak in pgusermappings view which discloses foreign server passwords to any user having USAGE privilege on the associated foreign server...

CVE-2017-7486

PostgreSQL versions 8.4 - 9.6 are vulnerable to information leak in pgusermappings view which discloses foreign server passwords to any user having USAGE privilege on the associated foreign server...

KLA11014 Mupltiple vulnerabilities in PostgreSQL

Multiple serious vulnerabilities have been found in PostgreSQL. Malicious users can exploit these vulnerabilities to bypass security restrictions and obtain sensitive information. Below is a complete list of vulnerabilities: 1. An incorrect check of user privileges in some selectivity estimation...