RHEL 8 : postgresql:13 (RHSA-2023:4527)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:4527 advisory. PostgreSQL is an advanced object-relational database management system DBMS. Security Fixes: postgresql: schemaelement defeats protective...

Ubuntu 16.04 ESM : PostgreSQL vulnerability (USN-6230-1)

The remote Ubuntu 16.04 ESM host has packages installed that are affected by a vulnerability as referenced in the USN-6230-1 advisory. Alexander Lakhin discovered that PostgreSQL incorrectly handled certain CREATE privileges. An authenticated user could possibly use this issue to execute arbitrar...

Privilege Escalation

postgresql is vulnerable to privilege escalation. The vulnerability exists as an authenticated attacker could use dblink to possibly escalate privileges on systems with "trust" or "ident" authentication configured. Please note that dblink functionality is not enabled by default, and can only by...

Debian DLA-1642-1 : postgresql-9.4 new minor release

The PostgreSQL project has release a new minor release of the 9.4 branch. For Debian 8 'Jessie', this has been uploaded as version 9.4.20-0+deb8u1. We recommend that you upgrade your postgresql-9.4 packages. NOTE: Tenable Network Security has extracted the preceding description block directly fro...

SLES9: Security update for postgresql

The remote host is missing updates to packages that affect the security of your system. One or more of the following packages are affected: postgresql-devel postgresql-docs postgresql-pl postgresql-libs postgresql-server postgresql postgresql-contrib For more information, please visit the...

SLES9: Security update for PostgreSQL

The remote host is missing updates to packages that affect the security of your system. One or more of the following packages are affected: postgresql-libs postgresql-pl postgresql-devel postgresql-docs postgresql postgresql-server postgresql-contrib For more information, please visit the...

FreeBSD Ports: postgresql-contrib

The remote host is missing an update to the system as announced in the referenced advisory. VID 6a164d84-2f7f-11d9-a9e7-0001020eed82 OpenVAS Vulnerability Test $ Description: Auto generated from vuxml or freebsd advisories Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc...

FreeBSD Ports: postgresql-contrib

The remote host is missing an update to the system as announced in the referenced advisory. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

CentOS 3 : postgresql (CESA-2008:0039)

Updated postgresql packages that fix several security issues are now available for Red Hat Enterprise Linux 3. This update has been rated as having moderate security impact by the Red Hat Security Response Team. PostgreSQL is an advanced Object-Relational database management system DBMS. The...

Ubuntu 4.10 : postgresql contributed script vulnerability (USN-6-1)

Recently, Trustix Secure Linux discovered a vulnerability in the postgresql-contrib package. The script 'makeoidjoinscheck' created temporary files in an insecure way, which allowed a symlink attack to create or overwrite arbitrary files with the privileges of the user invoking the script. Note...

FreeBSD : postgresql-contrib -- insecure temporary file creation (153)

The following package needs to be updated: postgresql-contrib %NASLMINLEVEL 999999 @DEPRECATED@ This script has been deprecated by freebsdpkg6a164d842f7f11d9a9e70001020eed82.nasl. Disabled on 2011/10/02. C Tenable Network Security, Inc. This script contains information extracted from VuXML :...