{"cve": [{"lastseen": "2018-01-05T11:51:39", "bulletinFamily": "NVD", "description": "Double free vulnerability in PostgreSQL before 9.0.20, 9.1.x before 9.1.16, 9.2.x before 9.2.11, 9.3.x before 9.3.7, and 9.4.x before 9.4.2 allows remote attackers to cause a denial of service (crash) by closing an SSL session at a time when the authentication timeout will expire during the session shutdown sequence.", "modified": "2018-01-04T21:30:05", "published": "2015-05-28T10:59:06", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-3165", "id": "CVE-2015-3165", "title": "CVE-2015-3165", "type": "cve", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}], "postgresql": [{"lastseen": "2018-02-15T15:10:40", "bulletinFamily": "software", "description": "Double \"free\" after authentication timeout", "modified": "2015-05-28T10:59:06", "published": "2015-05-28T10:59:06", "href": "https://www.postgresql.org/support/security/", "id": "POSTGRESQL:CVE-2015-3165", "type": "postgresql", "title": "Vulnerability in core server (CVE-2015-3165)", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-02-15T15:10:40", "bulletinFamily": "software", "description": "Unanticipated errors from the standard library.", "modified": "1970-01-01T00:00:00", "published": "1970-01-01T00:00:00", "href": "https://www.postgresql.org/support/security/", "id": "POSTGRESQL:CVE-2015-3166", "type": "postgresql", "title": "Vulnerability in core server (CVE-2015-3166)", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2018-02-15T15:10:40", "bulletinFamily": "software", "description": "pgcrypto has multiple error messages for decryption with an incorrect key.", "modified": "1970-01-01T00:00:00", "published": "1970-01-01T00:00:00", "href": "https://www.postgresql.org/support/security/", "id": "POSTGRESQL:CVE-2015-3167", "type": "postgresql", "title": "Vulnerability in contrib module (CVE-2015-3167)", "cvss": {"score": 0.0, "vector": "NONE"}}], "openvas": [{"lastseen": "2017-07-24T12:53:44", "bulletinFamily": "scanner", "description": "Several vulnerabilities have been found in PostgreSQL-9.1, a SQL\ndatabase system.\n\nCVE-2015-3165 \n\n(Remote crash)\n\nSSL clients disconnecting just before the authentication timeout\nexpires can cause the server to crash.\n\nCVE-2015-3166 \n\n(Information exposure)\n\nThe replacement implementation of snprintf() failed to check for\nerrors reported by the underlying system library calls; the main\ncase that might be missed is out-of-memory situations. In the worst\ncase this might lead to information exposure.\n\nCVE-2015-3167 \n\n(Possible side-channel key exposure)\n\nIn contrib/pgcrypto, some cases of decryption with an incorrect key\ncould report other error message texts. Fix by using a\none-size-fits-all message.", "modified": "2017-07-07T00:00:00", "published": "2015-05-22T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=703269", "id": "OPENVAS:703269", "title": "Debian Security Advisory DSA 3269-1 (postgresql-9.1 - security update)", "type": "openvas", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_3269.nasl 6609 2017-07-07 12:05:59Z cfischer $\n# Auto-generated from advisory DSA 3269-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2015 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\n\nif(description)\n{\n script_id(703269);\n script_version(\"$Revision: 6609 $\");\n script_cve_id(\"CVE-2015-3165\", \"CVE-2015-3166\", \"CVE-2015-3167\");\n script_name(\"Debian Security Advisory DSA 3269-1 (postgresql-9.1 - security update)\");\n script_tag(name: \"last_modification\", value: \"$Date: 2017-07-07 14:05:59 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name: \"creation_date\", value: \"2015-05-22 00:00:00 +0200 (Fri, 22 May 2015)\");\n script_tag(name: \"cvss_base\", value: \"10.0\");\n script_tag(name: \"cvss_base_vector\", value: \"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name: \"solution_type\", value: \"VendorFix\");\n script_tag(name: \"qod_type\", value: \"package\");\n\n script_xref(name: \"URL\", value: \"http://www.debian.org/security/2015/dsa-3269.html\");\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2015 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name: \"affected\", value: \"postgresql-9.1 on Debian Linux\");\n script_tag(name: \"insight\", value: \"PostgreSQL is a fully featured object-relational database management\nsystem. It supports a large part of the SQL standard and is designed\nto be extensible by users in many aspects. Some of the features are:\nACID transactions, foreign keys, views, sequences, subqueries,\ntriggers, user-defined types and functions, outer joins, multiversion\nconcurrency control. Graphical user interfaces and bindings for many\nprogramming languages are available as well.\");\n script_tag(name: \"solution\", value: \"For the oldstable distribution (wheezy), these problems have been fixed\nin version 9.1.16-0+deb7u1.\n\nFor the stable distribution (jessie), these problems have been fixed in\nversion 9.1.16-0+deb8u1. (Jessie contains a reduced postgresql-9.1\npackage; only CVE-2015-3166 \nis fixed in the produced binary package\npostgresql-plperl-9.1. We recommend to upgrade to postgresql-9.4 to get\nthe full set of fixes. See the Jessie release notes for details.)\n\nThe testing distribution (stretch) and the unstable distribution (sid)\ndo not contain the postgresql-9.1 package.\n\nWe recommend that you upgrade your postgresql-9.1 packages.\");\n script_tag(name: \"summary\", value: \"Several vulnerabilities have been found in PostgreSQL-9.1, a SQL\ndatabase system.\n\nCVE-2015-3165 \n\n(Remote crash)\n\nSSL clients disconnecting just before the authentication timeout\nexpires can cause the server to crash.\n\nCVE-2015-3166 \n\n(Information exposure)\n\nThe replacement implementation of snprintf() failed to check for\nerrors reported by the underlying system library calls; the main\ncase that might be missed is out-of-memory situations. In the worst\ncase this might lead to information exposure.\n\nCVE-2015-3167 \n\n(Possible side-channel key exposure)\n\nIn contrib/pgcrypto, some cases of decryption with an incorrect key\ncould report other error message texts. Fix by using a\none-size-fits-all message.\");\n script_tag(name: \"vuldetect\", value: \"This check tests the installed software version using the apt package manager.\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"libecpg-compat3\", ver:\"9.1.16-0+deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libecpg-dev\", ver:\"9.1.16-0+deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libecpg6\", ver:\"9.1.16-0+deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libpgtypes3\", ver:\"9.1.16-0+deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libpq-dev\", ver:\"9.1.16-0+deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libpq5\", ver:\"9.1.16-0+deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"postgresql-9.1\", ver:\"9.1.16-0+deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"postgresql-9.1-dbg\", ver:\"9.1.16-0+deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"postgresql-client-9.1\", ver:\"9.1.16-0+deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"postgresql-contrib-9.1\", ver:\"9.1.16-0+deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"postgresql-doc-9.1\", ver:\"9.1.16-0+deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"postgresql-plperl-9.1\", ver:\"9.1.16-0+deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"postgresql-plpython-9.1\", ver:\"9.1.16-0+deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"postgresql-plpython3-9.1\", ver:\"9.1.16-0+deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"postgresql-pltcl-9.1\", ver:\"9.1.16-0+deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"postgresql-server-dev-9.1\", ver:\"9.1.16-0+deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-11-19T13:01:34", "bulletinFamily": "scanner", "description": "The remote host is missing an update for the ", "modified": "2018-11-16T00:00:00", "published": "2015-06-09T00:00:00", "id": "OPENVAS:1361412562310842223", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310842223", "title": "Ubuntu Update for postgresql-9.4 USN-2621-1", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Ubuntu Update for postgresql-9.4 USN-2621-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.842223\");\n script_version(\"$Revision: 12381 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-16 12:16:30 +0100 (Fri, 16 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2015-06-09 11:08:34 +0200 (Tue, 09 Jun 2015)\");\n script_cve_id(\"CVE-2015-3165\", \"CVE-2015-3166\", \"CVE-2015-3167\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Ubuntu Update for postgresql-9.4 USN-2621-1\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'postgresql-9.4'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"Benkocs Norbert Attila discovered that\nPostgreSQL incorrectly handled authentication timeouts. A remote attacker could\nuse this flaw to cause the unauthenticated session to crash, possibly leading\nto a security issue. (CVE-2015-3165)\n\nNoah Misch discovered that PostgreSQL incorrectly handled certain standard\nlibrary function return values, possibly leading to security issues.\n(CVE-2015-3166)\n\nNoah Misch discovered that the pgcrypto function could return different\nerror messages when decrypting using an incorrect key, possibly leading to\na security issue. (CVE-2015-3167)\");\n script_tag(name:\"affected\", value:\"postgresql-9.4 on Ubuntu 14.10,\n Ubuntu 14.04 LTS,\n Ubuntu 12.04 LTS\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_xref(name:\"USN\", value:\"2621-1\");\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-2621-1/\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU(14\\.10|14\\.04 LTS|12\\.04 LTS)\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU14.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"postgresql-9.4\", ver:\"9.4.2-0ubuntu0.14.10\", rls:\"UBUNTU14.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU14.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"postgresql-9.3\", ver:\"9.3.7-0ubuntu0.14.04\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU12.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"postgresql-9.1\", ver:\"9.1.16-0ubuntu0.12.04\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2017-07-24T12:53:20", "bulletinFamily": "scanner", "description": "Several vulnerabilities have been found in PostgreSQL-9.4, a SQL\ndatabase system.\n\nCVE-2015-3165 \n\n(Remote crash)\n\nSSL clients disconnecting just before the authentication timeout\nexpires can cause the server to crash.\n\nCVE-2015-3166 \n\n(Information exposure)\n\nThe replacement implementation of snprintf() failed to check for\nerrors reported by the underlying system library calls; the main\ncase that might be missed is out-of-memory situations. In the worst\ncase this might lead to information exposure.\n\nCVE-2015-3167 \n\n(Possible side-channel key exposure)\n\nIn contrib/pgcrypto, some cases of decryption with an incorrect key\ncould report other error message texts. Fix by using a\none-size-fits-all message.", "modified": "2017-07-07T00:00:00", "published": "2015-05-22T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=703270", "id": "OPENVAS:703270", "title": "Debian Security Advisory DSA 3270-1 (postgresql-9.4 - security update)", "type": "openvas", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_3270.nasl 6609 2017-07-07 12:05:59Z cfischer $\n# Auto-generated from advisory DSA 3270-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2015 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\n\nif(description)\n{\n script_id(703270);\n script_version(\"$Revision: 6609 $\");\n script_cve_id(\"CVE-2015-3165\", \"CVE-2015-3166\", \"CVE-2015-3167\");\n script_name(\"Debian Security Advisory DSA 3270-1 (postgresql-9.4 - security update)\");\n script_tag(name: \"last_modification\", value: \"$Date: 2017-07-07 14:05:59 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name: \"creation_date\", value: \"2015-05-22 00:00:00 +0200 (Fri, 22 May 2015)\");\n script_tag(name: \"cvss_base\", value: \"10.0\");\n script_tag(name: \"cvss_base_vector\", value: \"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name: \"solution_type\", value: \"VendorFix\");\n script_tag(name: \"qod_type\", value: \"package\");\n\n script_xref(name: \"URL\", value: \"http://www.debian.org/security/2015/dsa-3270.html\");\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2015 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name: \"affected\", value: \"postgresql-9.4 on Debian Linux\");\n script_tag(name: \"insight\", value: \"PostgreSQL is a fully featured object-relational database management\nsystem. It supports a large part of the SQL standard and is designed\nto be extensible by users in many aspects. Some of the features are:\nACID transactions, foreign keys, views, sequences, subqueries,\ntriggers, user-defined types and functions, outer joins, multiversion\nconcurrency control. Graphical user interfaces and bindings for many\nprogramming languages are available as well.\");\n script_tag(name: \"solution\", value: \"For the stable distribution (jessie), these problems have been fixed in\nversion 9.4.2-0+deb8u1.\n\nFor the testing distribution (stretch), these problems will be fixed\nsoon.\n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 9.4.2-1.\n\nWe recommend that you upgrade your postgresql-9.4 packages.\");\n script_tag(name: \"summary\", value: \"Several vulnerabilities have been found in PostgreSQL-9.4, a SQL\ndatabase system.\n\nCVE-2015-3165 \n\n(Remote crash)\n\nSSL clients disconnecting just before the authentication timeout\nexpires can cause the server to crash.\n\nCVE-2015-3166 \n\n(Information exposure)\n\nThe replacement implementation of snprintf() failed to check for\nerrors reported by the underlying system library calls; the main\ncase that might be missed is out-of-memory situations. In the worst\ncase this might lead to information exposure.\n\nCVE-2015-3167 \n\n(Possible side-channel key exposure)\n\nIn contrib/pgcrypto, some cases of decryption with an incorrect key\ncould report other error message texts. Fix by using a\none-size-fits-all message.\");\n script_tag(name: \"vuldetect\", value: \"This check tests the installed software version using the apt package manager.\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"libecpg-compat3\", ver:\"9.4.2-0+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libecpg-dev\", ver:\"9.4.2-0+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libecpg6\", ver:\"9.4.2-0+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libpgtypes3\", ver:\"9.4.2-0+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libpq-dev\", ver:\"9.4.2-0+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libpq5\", ver:\"9.4.2-0+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"postgresql-9.4\", ver:\"9.4.2-0+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"postgresql-9.4-dbg\", ver:\"9.4.2-0+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"postgresql-client-9.4\", ver:\"9.4.2-0+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"postgresql-contrib-9.4\", ver:\"9.4.2-0+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"postgresql-doc-9.4\", ver:\"9.4.2-0+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"postgresql-plperl-9.4\", ver:\"9.4.2-0+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"postgresql-plpython-9.4\", ver:\"9.4.2-0+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"postgresql-plpython3-9.4\", ver:\"9.4.2-0+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"postgresql-pltcl-9.4\", ver:\"9.4.2-0+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"postgresql-server-dev-9.4\", ver:\"9.4.2-0+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-09-01T23:51:41", "bulletinFamily": "scanner", "description": "Several vulnerabilities have been found in PostgreSQL-9.4, a SQL\ndatabase system.\n\nCVE-2015-3165 \n\n(Remote crash)\n\nSSL clients disconnecting just before the authentication timeout\nexpires can cause the server to crash.\n\nCVE-2015-3166 \n\n(Information exposure)\n\nThe replacement implementation of snprintf() failed to check for\nerrors reported by the underlying system library calls; the main\ncase that might be missed is out-of-memory situations. In the worst\ncase this might lead to information exposure.\n\nCVE-2015-3167 \n\n(Possible side-channel key exposure)\n\nIn contrib/pgcrypto, some cases of decryption with an incorrect key\ncould report other error message texts. Fix by using a\none-size-fits-all message.", "modified": "2018-04-06T00:00:00", "published": "2015-05-22T00:00:00", "id": "OPENVAS:1361412562310703270", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310703270", "title": "Debian Security Advisory DSA 3270-1 (postgresql-9.4 - security update)", "type": "openvas", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_3270.nasl 9355 2018-04-06 07:16:07Z cfischer $\n# Auto-generated from advisory DSA 3270-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2015 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.703270\");\n script_version(\"$Revision: 9355 $\");\n script_cve_id(\"CVE-2015-3165\", \"CVE-2015-3166\", \"CVE-2015-3167\");\n script_name(\"Debian Security Advisory DSA 3270-1 (postgresql-9.4 - security update)\");\n script_tag(name: \"last_modification\", value: \"$Date: 2018-04-06 09:16:07 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name: \"creation_date\", value: \"2015-05-22 00:00:00 +0200 (Fri, 22 May 2015)\");\n script_tag(name: \"cvss_base\", value: \"10.0\");\n script_tag(name: \"cvss_base_vector\", value: \"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name: \"solution_type\", value: \"VendorFix\");\n script_tag(name: \"qod_type\", value: \"package\");\n\n script_xref(name: \"URL\", value: \"http://www.debian.org/security/2015/dsa-3270.html\");\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2015 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name: \"affected\", value: \"postgresql-9.4 on Debian Linux\");\n script_tag(name: \"insight\", value: \"PostgreSQL is a fully featured object-relational database management\nsystem. It supports a large part of the SQL standard and is designed\nto be extensible by users in many aspects. Some of the features are:\nACID transactions, foreign keys, views, sequences, subqueries,\ntriggers, user-defined types and functions, outer joins, multiversion\nconcurrency control. Graphical user interfaces and bindings for many\nprogramming languages are available as well.\");\n script_tag(name: \"solution\", value: \"For the stable distribution (jessie), these problems have been fixed in\nversion 9.4.2-0+deb8u1.\n\nFor the testing distribution (stretch), these problems will be fixed\nsoon.\n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 9.4.2-1.\n\nWe recommend that you upgrade your postgresql-9.4 packages.\");\n script_tag(name: \"summary\", value: \"Several vulnerabilities have been found in PostgreSQL-9.4, a SQL\ndatabase system.\n\nCVE-2015-3165 \n\n(Remote crash)\n\nSSL clients disconnecting just before the authentication timeout\nexpires can cause the server to crash.\n\nCVE-2015-3166 \n\n(Information exposure)\n\nThe replacement implementation of snprintf() failed to check for\nerrors reported by the underlying system library calls; the main\ncase that might be missed is out-of-memory situations. In the worst\ncase this might lead to information exposure.\n\nCVE-2015-3167 \n\n(Possible side-channel key exposure)\n\nIn contrib/pgcrypto, some cases of decryption with an incorrect key\ncould report other error message texts. Fix by using a\none-size-fits-all message.\");\n script_tag(name: \"vuldetect\", value: \"This check tests the installed software version using the apt package manager.\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"libecpg-compat3\", ver:\"9.4.2-0+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libecpg-dev\", ver:\"9.4.2-0+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libecpg6\", ver:\"9.4.2-0+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libpgtypes3\", ver:\"9.4.2-0+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libpq-dev\", ver:\"9.4.2-0+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libpq5\", ver:\"9.4.2-0+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"postgresql-9.4\", ver:\"9.4.2-0+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"postgresql-9.4-dbg\", ver:\"9.4.2-0+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"postgresql-client-9.4\", ver:\"9.4.2-0+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"postgresql-contrib-9.4\", ver:\"9.4.2-0+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"postgresql-doc-9.4\", ver:\"9.4.2-0+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"postgresql-plperl-9.4\", ver:\"9.4.2-0+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"postgresql-plpython-9.4\", ver:\"9.4.2-0+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"postgresql-plpython3-9.4\", ver:\"9.4.2-0+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"postgresql-pltcl-9.4\", ver:\"9.4.2-0+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"postgresql-server-dev-9.4\", ver:\"9.4.2-0+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-11-23T15:12:58", "bulletinFamily": "scanner", "description": "The remote host is missing an update for the ", "modified": "2018-11-23T00:00:00", "published": "2015-06-30T00:00:00", "id": "OPENVAS:1361412562310871383", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310871383", "title": "RedHat Update for postgresql RHSA-2015:1194-01", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for postgresql RHSA-2015:1194-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.871383\");\n script_version(\"$Revision: 12497 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-23 09:28:21 +0100 (Fri, 23 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2015-06-30 06:27:04 +0200 (Tue, 30 Jun 2015)\");\n script_cve_id(\"CVE-2015-3165\", \"CVE-2015-3166\", \"CVE-2015-3167\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"RedHat Update for postgresql RHSA-2015:1194-01\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'postgresql'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"PostgreSQL is an advanced object-relational database management system\n(DBMS).\n\nA double-free flaw was found in the connection handling. An unauthenticated\nattacker could exploit this flaw to crash the PostgreSQL back end by\ndisconnecting at approximately the same time as the authentication time out\nis triggered. (CVE-2015-3165)\n\nIt was discovered that PostgreSQL did not properly check the return values\nof certain standard library functions. If the system is in a state that\nwould cause the standard library functions to fail, for example memory\nexhaustion, an authenticated user could exploit this flaw to disclose\npartial memory contents or cause the GSSAPI authentication to use an\nincorrect keytab file. (CVE-2015-3166)\n\nIt was discovered that the pgcrypto module could return different error\nmessages when decrypting certain data with an incorrect key. This can help\nan authenticated user to launch a possible cryptographic attack, although\nno suitable attack is currently known. (CVE-2015-3167)\n\nRed Hat would like to thank the PostgreSQL project for reporting these\nissues. Upstream acknowledges Benkocs Norbert Attila as the original\nreporter of CVE-2015-3165 and Noah Misch as the original reporter of\nCVE-2015-3166 and CVE-2015-3167.\n\nAll PostgreSQL users are advised to upgrade to these updated packages,\nwhich contain backported patches to correct these issues. If the\npostgresql service is running, it will be automatically restarted after\ninstalling this update.\");\n script_tag(name:\"affected\", value:\"postgresql on Red Hat Enterprise Linux Desktop (v. 6),\n Red Hat Enterprise Linux Server (v. 6),\n Red Hat Enterprise Linux Server (v. 7),\n Red Hat Enterprise Linux Workstation (v. 6)\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_xref(name:\"RHSA\", value:\"2015:1194-01\");\n script_xref(name:\"URL\", value:\"https://www.redhat.com/archives/rhsa-announce/2015-June/msg00039.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\", re:\"ssh/login/release=RHENT_(7|6)\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"RHENT_7\")\n{\n\n if ((res = isrpmvuln(pkg:\"postgresql\", rpm:\"postgresql~9.2.13~1.el7_1\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"postgresql-contrib\", rpm:\"postgresql-contrib~9.2.13~1.el7_1\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"postgresql-debuginfo\", rpm:\"postgresql-debuginfo~9.2.13~1.el7_1\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"postgresql-devel\", rpm:\"postgresql-devel~9.2.13~1.el7_1\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"postgresql-docs\", rpm:\"postgresql-docs~9.2.13~1.el7_1\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"postgresql-libs\", rpm:\"postgresql-libs~9.2.13~1.el7_1\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"postgresql-plperl\", rpm:\"postgresql-plperl~9.2.13~1.el7_1\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"postgresql-plpython\", rpm:\"postgresql-plpython~9.2.13~1.el7_1\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"postgresql-pltcl\", rpm:\"postgresql-pltcl~9.2.13~1.el7_1\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"postgresql-server\", rpm:\"postgresql-server~9.2.13~1.el7_1\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"postgresql-test\", rpm:\"postgresql-test~9.2.13~1.el7_1\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"RHENT_6\")\n{\n\n if ((res = isrpmvuln(pkg:\"postgresql\", rpm:\"postgresql~8.4.20~3.el6_6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"postgresql-contrib\", rpm:\"postgresql-contrib~8.4.20~3.el6_6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"postgresql-debuginfo\", rpm:\"postgresql-debuginfo~8.4.20~3.el6_6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"postgresql-devel\", rpm:\"postgresql-devel~8.4.20~3.el6_6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"postgresql-docs\", rpm:\"postgresql-docs~8.4.20~3.el6_6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"postgresql-libs\", rpm:\"postgresql-libs~8.4.20~3.el6_6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"postgresql-plperl\", rpm:\"postgresql-plperl~8.4.20~3.el6_6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"postgresql-plpython\", rpm:\"postgresql-plpython~8.4.20~3.el6_6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"postgresql-pltcl\", rpm:\"postgresql-pltcl~8.4.20~3.el6_6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"postgresql-server\", rpm:\"postgresql-server~8.4.20~3.el6_6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"postgresql-test\", rpm:\"postgresql-test~8.4.20~3.el6_6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-10-02T14:30:38", "bulletinFamily": "scanner", "description": "Amazon Linux Local Security Checks", "modified": "2018-10-01T00:00:00", "published": "2015-09-08T00:00:00", "id": "OPENVAS:1361412562310120039", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310120039", "title": "Amazon Linux Local Check: ALAS-2015-556", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: alas-2015-556.nasl 6575 2017-07-06 13:42:08Z cfischer$\n#\n# Amazon Linux security check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@iki.fi>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://ping-viini.org\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.120039\");\n script_version(\"$Revision: 11703 $\");\n script_tag(name:\"creation_date\", value:\"2015-09-08 13:15:54 +0200 (Tue, 08 Sep 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-01 10:05:31 +0200 (Mon, 01 Oct 2018) $\");\n script_name(\"Amazon Linux Local Check: ALAS-2015-556\");\n script_tag(name:\"insight\", value:\"A double-free flaw was found in the connection handling. An unauthenticated attacker could exploit this flaw to crash the PostgreSQL back end by disconnecting at approximately the same time as the authentication time out is triggered. (CVE-2015-3165 )It was discovered that PostgreSQL did not properly check the return values of certain standard library functions. If the system is in a state that would cause the standard library functions to fail, for example memory exhaustion, an authenticated user could exploit this flaw to disclose partial memory contents or cause the GSSAPI authentication to use an incorrect keytab file. (CVE-2015-3166 )It was discovered that the pgcrypto module could return different error messages when decrypting certain data with an incorrect key. This can help an authenticated user to launch a possible cryptographic attack, although no suitable attack is currently known. (CVE-2015-3167 )\");\n script_tag(name:\"solution\", value:\"Run yum update postgresql8 to update your system.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"https://alas.aws.amazon.com/ALAS-2015-556.html\");\n script_cve_id(\"CVE-2015-3165\", \"CVE-2015-3167\", \"CVE-2015-3166\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/amazon_linux\", \"ssh/login/release\");\n script_category(ACT_GATHER_INFO);\n script_tag(name:\"summary\", value:\"Amazon Linux Local Security Checks\");\n script_copyright(\"Eero Volotinen\");\n script_family(\"Amazon Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"AMAZON\")\n{\nif ((res = isrpmvuln(pkg:\"postgresql8-test\", rpm:\"postgresql8-test~8.4.20~3.50.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"postgresql8-libs\", rpm:\"postgresql8-libs~8.4.20~3.50.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"postgresql8-plpython\", rpm:\"postgresql8-plpython~8.4.20~3.50.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"postgresql8-contrib\", rpm:\"postgresql8-contrib~8.4.20~3.50.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"postgresql8-server\", rpm:\"postgresql8-server~8.4.20~3.50.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"postgresql8-pltcl\", rpm:\"postgresql8-pltcl~8.4.20~3.50.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"postgresql8-docs\", rpm:\"postgresql8-docs~8.4.20~3.50.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"postgresql8-debuginfo\", rpm:\"postgresql8-debuginfo~8.4.20~3.50.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"postgresql8-devel\", rpm:\"postgresql8-devel~8.4.20~3.50.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"postgresql8\", rpm:\"postgresql8~8.4.20~3.50.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"postgresql8-plperl\", rpm:\"postgresql8-plperl~8.4.20~3.50.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-09-01T23:51:30", "bulletinFamily": "scanner", "description": "Several vulnerabilities have been found in PostgreSQL-9.1, a SQL\ndatabase system.\n\nCVE-2015-3165 \n\n(Remote crash)\n\nSSL clients disconnecting just before the authentication timeout\nexpires can cause the server to crash.\n\nCVE-2015-3166 \n\n(Information exposure)\n\nThe replacement implementation of snprintf() failed to check for\nerrors reported by the underlying system library calls; the main\ncase that might be missed is out-of-memory situations. In the worst\ncase this might lead to information exposure.\n\nCVE-2015-3167 \n\n(Possible side-channel key exposure)\n\nIn contrib/pgcrypto, some cases of decryption with an incorrect key\ncould report other error message texts. Fix by using a\none-size-fits-all message.", "modified": "2018-04-06T00:00:00", "published": "2015-05-22T00:00:00", "id": "OPENVAS:1361412562310703269", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310703269", "title": "Debian Security Advisory DSA 3269-1 (postgresql-9.1 - security update)", "type": "openvas", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_3269.nasl 9355 2018-04-06 07:16:07Z cfischer $\n# Auto-generated from advisory DSA 3269-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2015 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.703269\");\n script_version(\"$Revision: 9355 $\");\n script_cve_id(\"CVE-2015-3165\", \"CVE-2015-3166\", \"CVE-2015-3167\");\n script_name(\"Debian Security Advisory DSA 3269-1 (postgresql-9.1 - security update)\");\n script_tag(name: \"last_modification\", value: \"$Date: 2018-04-06 09:16:07 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name: \"creation_date\", value: \"2015-05-22 00:00:00 +0200 (Fri, 22 May 2015)\");\n script_tag(name: \"cvss_base\", value: \"10.0\");\n script_tag(name: \"cvss_base_vector\", value: \"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name: \"solution_type\", value: \"VendorFix\");\n script_tag(name: \"qod_type\", value: \"package\");\n\n script_xref(name: \"URL\", value: \"http://www.debian.org/security/2015/dsa-3269.html\");\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2015 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name: \"affected\", value: \"postgresql-9.1 on Debian Linux\");\n script_tag(name: \"insight\", value: \"PostgreSQL is a fully featured object-relational database management\nsystem. It supports a large part of the SQL standard and is designed\nto be extensible by users in many aspects. Some of the features are:\nACID transactions, foreign keys, views, sequences, subqueries,\ntriggers, user-defined types and functions, outer joins, multiversion\nconcurrency control. Graphical user interfaces and bindings for many\nprogramming languages are available as well.\");\n script_tag(name: \"solution\", value: \"For the oldstable distribution (wheezy), these problems have been fixed\nin version 9.1.16-0+deb7u1.\n\nFor the stable distribution (jessie), these problems have been fixed in\nversion 9.1.16-0+deb8u1. (Jessie contains a reduced postgresql-9.1\npackage; only CVE-2015-3166 \nis fixed in the produced binary package\npostgresql-plperl-9.1. We recommend to upgrade to postgresql-9.4 to get\nthe full set of fixes. See the Jessie release notes for details.)\n\nThe testing distribution (stretch) and the unstable distribution (sid)\ndo not contain the postgresql-9.1 package.\n\nWe recommend that you upgrade your postgresql-9.1 packages.\");\n script_tag(name: \"summary\", value: \"Several vulnerabilities have been found in PostgreSQL-9.1, a SQL\ndatabase system.\n\nCVE-2015-3165 \n\n(Remote crash)\n\nSSL clients disconnecting just before the authentication timeout\nexpires can cause the server to crash.\n\nCVE-2015-3166 \n\n(Information exposure)\n\nThe replacement implementation of snprintf() failed to check for\nerrors reported by the underlying system library calls; the main\ncase that might be missed is out-of-memory situations. In the worst\ncase this might lead to information exposure.\n\nCVE-2015-3167 \n\n(Possible side-channel key exposure)\n\nIn contrib/pgcrypto, some cases of decryption with an incorrect key\ncould report other error message texts. Fix by using a\none-size-fits-all message.\");\n script_tag(name: \"vuldetect\", value: \"This check tests the installed software version using the apt package manager.\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"libecpg-compat3\", ver:\"9.1.16-0+deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libecpg-dev\", ver:\"9.1.16-0+deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libecpg6\", ver:\"9.1.16-0+deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libpgtypes3\", ver:\"9.1.16-0+deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libpq-dev\", ver:\"9.1.16-0+deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libpq5\", ver:\"9.1.16-0+deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"postgresql-9.1\", ver:\"9.1.16-0+deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"postgresql-9.1-dbg\", ver:\"9.1.16-0+deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"postgresql-client-9.1\", ver:\"9.1.16-0+deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"postgresql-contrib-9.1\", ver:\"9.1.16-0+deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"postgresql-doc-9.1\", ver:\"9.1.16-0+deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"postgresql-plperl-9.1\", ver:\"9.1.16-0+deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"postgresql-plpython-9.1\", ver:\"9.1.16-0+deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"postgresql-plpython3-9.1\", ver:\"9.1.16-0+deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"postgresql-pltcl-9.1\", ver:\"9.1.16-0+deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"postgresql-server-dev-9.1\", ver:\"9.1.16-0+deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-09-01T23:51:47", "bulletinFamily": "scanner", "description": "Check the version of postgresql", "modified": "2017-07-10T00:00:00", "published": "2015-07-03T00:00:00", "id": "OPENVAS:1361412562310882214", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310882214", "title": "CentOS Update for postgresql CESA-2015:1194 centos6 ", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for postgresql CESA-2015:1194 centos6 \n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.882214\");\n script_version(\"$Revision: 6657 $\");\n script_cve_id(\"CVE-2015-3165\", \"CVE-2015-3166\", \"CVE-2015-3167\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 13:50:44 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2015-07-03 11:19:11 +0530 (Fri, 03 Jul 2015)\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"CentOS Update for postgresql CESA-2015:1194 centos6 \");\n script_tag(name: \"summary\", value: \"Check the version of postgresql\");\n script_tag(name: \"vuldetect\", value: \"Get the installed version with the help\n of detect NVT and check if the version is vulnerable or not.\");\n script_tag(name: \"insight\", value: \"PostgreSQL is an advanced object-relational\n database management system (DBMS).\n\nA double-free flaw was found in the connection handling. An unauthenticated\nattacker could exploit this flaw to crash the PostgreSQL back end by\ndisconnecting at approximately the same time as the authentication time out\nis triggered. (CVE-2015-3165)\n\nIt was discovered that PostgreSQL did not properly check the return values\nof certain standard library functions. If the system is in a state that\nwould cause the standard library functions to fail, for example memory\nexhaustion, an authenticated user could exploit this flaw to disclose\npartial memory contents or cause the GSSAPI authentication to use an\nincorrect keytab file. (CVE-2015-3166)\n\nIt was discovered that the pgcrypto module could return different error\nmessages when decrypting certain data with an incorrect key. This can help\nan authenticated user to launch a possible cryptographic attack, although\nno suitable attack is currently known. (CVE-2015-3167)\n\nRed Hat would like to thank the PostgreSQL project for reporting these\nissues. Upstream acknowledges Benkocs Norbert Attila as the original\nreporter of CVE-2015-3165 and Noah Misch as the original reporter of\nCVE-2015-3166 and CVE-2015-3167.\n\nAll PostgreSQL users are advised to upgrade to these updated packages,\nwhich contain backported patches to correct these issues. If the\npostgresql service is running, it will be automatically restarted after\ninstalling this update.\n\");\n script_tag(name: \"affected\", value: \"postgresql on CentOS 6\");\n script_tag(name: \"solution\", value: \"Please Install the Updated Packages.\");\n script_xref(name: \"CESA\", value: \"2015:1194\");\n script_xref(name: \"URL\" , value: \"http://lists.centos.org/pipermail/centos-announce/2015-June/021227.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS6\")\n{\n\n if ((res = isrpmvuln(pkg:\"postgresql\", rpm:\"postgresql~8.4.20~3.el6_6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"postgresql-contrib\", rpm:\"postgresql-contrib~8.4.20~3.el6_6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"postgresql-devel\", rpm:\"postgresql-devel~8.4.20~3.el6_6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"postgresql-docs\", rpm:\"postgresql-docs~8.4.20~3.el6_6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"postgresql-libs\", rpm:\"postgresql-libs~8.4.20~3.el6_6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"postgresql-plperl\", rpm:\"postgresql-plperl~8.4.20~3.el6_6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"postgresql-plpython\", rpm:\"postgresql-plpython~8.4.20~3.el6_6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"postgresql-pltcl\", rpm:\"postgresql-pltcl~8.4.20~3.el6_6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"postgresql-server\", rpm:\"postgresql-server~8.4.20~3.el6_6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"postgresql-test\", rpm:\"postgresql-test~8.4.20~3.el6_6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-09-01T23:50:55", "bulletinFamily": "scanner", "description": "Check the version of postgresql", "modified": "2017-07-10T00:00:00", "published": "2015-07-03T00:00:00", "id": "OPENVAS:1361412562310882213", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310882213", "title": "CentOS Update for postgresql CESA-2015:1194 centos7 ", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for postgresql CESA-2015:1194 centos7 \n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.882213\");\n script_version(\"$Revision: 6657 $\");\n script_cve_id(\"CVE-2015-3165\", \"CVE-2015-3166\", \"CVE-2015-3167\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 13:50:44 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2015-07-03 11:19:11 +0530 (Fri, 03 Jul 2015)\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"CentOS Update for postgresql CESA-2015:1194 centos7 \");\n script_tag(name: \"summary\", value: \"Check the version of postgresql\");\n script_tag(name: \"vuldetect\", value: \"Get the installed version with the help of\n detect NVT and check if the version is vulnerable or not.\");\n script_tag(name: \"insight\", value: \"PostgreSQL is an advanced object-relational\n database management system (DBMS).\n\nA double-free flaw was found in the connection handling. An unauthenticated\nattacker could exploit this flaw to crash the PostgreSQL back end by\ndisconnecting at approximately the same time as the authentication time out\nis triggered. (CVE-2015-3165)\n\nIt was discovered that PostgreSQL did not properly check the return values\nof certain standard library functions. If the system is in a state that\nwould cause the standard library functions to fail, for example memory\nexhaustion, an authenticated user could exploit this flaw to disclose\npartial memory contents or cause the GSSAPI authentication to use an\nincorrect keytab file. (CVE-2015-3166)\n\nIt was discovered that the pgcrypto module could return different error\nmessages when decrypting certain data with an incorrect key. This can help\nan authenticated user to launch a possible cryptographic attack, although\nno suitable attack is currently known. (CVE-2015-3167)\n\nRed Hat would like to thank the PostgreSQL project for reporting these\nissues. Upstream acknowledges Benkocs Norbert Attila as the original\nreporter of CVE-2015-3165 and Noah Misch as the original reporter of\nCVE-2015-3166 and CVE-2015-3167.\n\nAll PostgreSQL users are advised to upgrade to these updated packages,\nwhich contain backported patches to correct these issues. If the\npostgresql service is running, it will be automatically restarted after\ninstalling this update.\n\");\n script_tag(name: \"affected\", value: \"postgresql on CentOS 7\");\n script_tag(name: \"solution\", value: \"Please Install the Updated Packages.\");\n script_xref(name: \"CESA\", value: \"2015:1194\");\n script_xref(name: \"URL\" , value: \"http://lists.centos.org/pipermail/centos-announce/2015-June/021229.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS7\")\n{\n\n if ((res = isrpmvuln(pkg:\"postgresql\", rpm:\"postgresql~9.2.13~1.el7_1\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"postgresql-contrib\", rpm:\"postgresql-contrib~9.2.13~1.el7_1\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"postgresql-devel\", rpm:\"postgresql-devel~9.2.13~1.el7_1\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"postgresql-docs\", rpm:\"postgresql-docs~9.2.13~1.el7_1\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"postgresql-libs\", rpm:\"postgresql-libs~9.2.13~1.el7_1\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"postgresql-plperl\", rpm:\"postgresql-plperl~9.2.13~1.el7_1\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"postgresql-plpython\", rpm:\"postgresql-plpython~9.2.13~1.el7_1\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"postgresql-pltcl\", rpm:\"postgresql-pltcl~9.2.13~1.el7_1\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"postgresql-server\", rpm:\"postgresql-server~9.2.13~1.el7_1\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"postgresql-test\", rpm:\"postgresql-test~9.2.13~1.el7_1\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"postgresql-upgrade\", rpm:\"postgresql-upgrade~9.2.13~1.el7_1\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-09-28T18:24:29", "bulletinFamily": "scanner", "description": "Oracle Linux Local Security Checks ELSA-2015-1194", "modified": "2018-09-28T00:00:00", "published": "2015-10-06T00:00:00", "id": "OPENVAS:1361412562310123087", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310123087", "title": "Oracle Linux Local Check: ELSA-2015-1194", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: ELSA-2015-1194.nasl 11688 2018-09-28 13:36:28Z cfischer $\n#\n# Oracle Linux Local Check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.123087\");\n script_version(\"$Revision: 11688 $\");\n script_tag(name:\"creation_date\", value:\"2015-10-06 13:59:12 +0300 (Tue, 06 Oct 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-28 15:36:28 +0200 (Fri, 28 Sep 2018) $\");\n script_name(\"Oracle Linux Local Check: ELSA-2015-1194\");\n script_tag(name:\"insight\", value:\"ELSA-2015-1194 - postgresql security update. Please see the references for more insight.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"Oracle Linux Local Security Checks ELSA-2015-1194\");\n script_xref(name:\"URL\", value:\"http://linux.oracle.com/errata/ELSA-2015-1194.html\");\n script_cve_id(\"CVE-2015-3165\", \"CVE-2015-3166\", \"CVE-2015-3167\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\", re:\"ssh/login/release=OracleLinux(7|6)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Eero Volotinen\");\n script_family(\"Oracle Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"OracleLinux7\")\n{\n if ((res = isrpmvuln(pkg:\"postgresql\", rpm:\"postgresql~9.2.13~1.el7_1\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"postgresql-contrib\", rpm:\"postgresql-contrib~9.2.13~1.el7_1\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"postgresql-devel\", rpm:\"postgresql-devel~9.2.13~1.el7_1\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"postgresql-docs\", rpm:\"postgresql-docs~9.2.13~1.el7_1\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"postgresql-libs\", rpm:\"postgresql-libs~9.2.13~1.el7_1\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"postgresql-plperl\", rpm:\"postgresql-plperl~9.2.13~1.el7_1\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"postgresql-plpython\", rpm:\"postgresql-plpython~9.2.13~1.el7_1\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"postgresql-pltcl\", rpm:\"postgresql-pltcl~9.2.13~1.el7_1\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"postgresql-server\", rpm:\"postgresql-server~9.2.13~1.el7_1\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"postgresql-test\", rpm:\"postgresql-test~9.2.13~1.el7_1\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"postgresql-upgrade\", rpm:\"postgresql-upgrade~9.2.13~1.el7_1\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif(release == \"OracleLinux6\")\n{\n if ((res = isrpmvuln(pkg:\"postgresql\", rpm:\"postgresql~8.4.20~3.el6_6\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"postgresql-contrib\", rpm:\"postgresql-contrib~8.4.20~3.el6_6\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"postgresql-devel\", rpm:\"postgresql-devel~8.4.20~3.el6_6\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"postgresql-docs\", rpm:\"postgresql-docs~8.4.20~3.el6_6\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"postgresql-libs\", rpm:\"postgresql-libs~8.4.20~3.el6_6\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"postgresql-plperl\", rpm:\"postgresql-plperl~8.4.20~3.el6_6\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"postgresql-plpython\", rpm:\"postgresql-plpython~8.4.20~3.el6_6\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"postgresql-pltcl\", rpm:\"postgresql-pltcl~8.4.20~3.el6_6\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"postgresql-server\", rpm:\"postgresql-server~8.4.20~3.el6_6\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"postgresql-test\", rpm:\"postgresql-test~8.4.20~3.el6_6\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif (__pkg_match) exit(99);\n exit(0);\n\n", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}], "debian": [{"lastseen": "2018-10-16T22:15:00", "bulletinFamily": "unix", "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-3270-1 security@debian.org\nhttp://www.debian.org/security/ Christoph Berg\nMay 22, 2015 http://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : postgresql-9.4\nCVE ID : CVE-2015-3165 CVE-2015-3166 CVE-2015-3167\n\nSeveral vulnerabilities have been found in PostgreSQL-9.4, a SQL\ndatabase system.\n\nCVE-2015-3165 (Remote crash)\n\n SSL clients disconnecting just before the authentication timeout\n expires can cause the server to crash.\n\nCVE-2015-3166 (Information exposure)\n\n The replacement implementation of snprintf() failed to check for\n errors reported by the underlying system library calls; the main\n case that might be missed is out-of-memory situations. In the worst\n case this might lead to information exposure.\n\nCVE-2015-3167 (Possible side-channel key exposure)\n\n In contrib/pgcrypto, some cases of decryption with an incorrect key\n could report other error message texts. Fix by using a\n one-size-fits-all message.\n\nFor the stable distribution (jessie), these problems have been fixed in\nversion 9.4.2-0+deb8u1.\n\nFor the testing distribution (stretch), these problems will be fixed\nsoon.\n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 9.4.2-1.\n\nWe recommend that you upgrade your postgresql-9.4 packages.\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n", "modified": "2015-05-22T15:36:10", "published": "2015-05-22T15:36:10", "id": "DEBIAN:DSA-3270-1:92658", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2015/msg00161.html", "title": "[SECURITY] [DSA 3270-1] postgresql-9.4 security update", "type": "debian", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-10-18T13:49:57", "bulletinFamily": "unix", "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-3269-1 security@debian.org\nhttp://www.debian.org/security/ Christoph Berg\nMay 22, 2015 http://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : postgresql-9.1\nCVE ID : CVE-2015-3165 CVE-2015-3166 CVE-2015-3167\n\nSeveral vulnerabilities have been found in PostgreSQL-9.1, a SQL\ndatabase system.\n\nCVE-2015-3165 (Remote crash)\n\n SSL clients disconnecting just before the authentication timeout\n expires can cause the server to crash.\n\nCVE-2015-3166 (Information exposure)\n\n The replacement implementation of snprintf() failed to check for\n errors reported by the underlying system library calls; the main\n case that might be missed is out-of-memory situations. In the worst\n case this might lead to information exposure.\n\nCVE-2015-3167 (Possible side-channel key exposure)\n\n In contrib/pgcrypto, some cases of decryption with an incorrect key\n could report other error message texts. Fix by using a\n one-size-fits-all message.\n\nFor the oldstable distribution (wheezy), these problems have been fixed\nin version 9.1.16-0+deb7u1.\n\nFor the stable distribution (jessie), these problems have been fixed in\nversion 9.1.16-0+deb8u1. (Jessie contains a reduced postgresql-9.1\npackage; only CVE-2015-3166 is fixed in the produced binary package\npostgresql-plperl-9.1. We recommend to upgrade to postgresql-9.4 to get\nthe full set of fixes. See the Jessie release notes for details.)\n\nThe testing distribution (stretch) and the unstable distribution (sid)\ndo not contain the postgresql-9.1 package.\n\nWe recommend that you upgrade your postgresql-9.1 packages.\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n", "modified": "2015-05-22T15:27:10", "published": "2015-05-22T15:27:10", "id": "DEBIAN:DSA-3269-1:ABD9B", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2015/msg00160.html", "title": "[SECURITY] [DSA 3269-1] postgresql-9.1 security update", "type": "debian", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-10-18T13:49:58", "bulletinFamily": "unix", "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-3269-2 security@debian.org\nhttp://www.debian.org/security/ Salvatore Bonaccorso\nMay 31, 2015 http://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : postgresql-9.1\nDebian Bug : 786874\n\nThe update for postgresql-9.1 in DSA-3269-1 introduced a regression\nwhich can causes PostgreSQL to refuse to restart after an unexpected\nshutdown or when restoring from a binary backup. Updated packages are\nnow available to address this regression. Please refer to the upstream\nBug FAQ for additional information:\n\n https://wiki.postgresql.org/wiki/May_2015_Fsync_Permissions_Bug\n\nFor reference, the original advisory text follows.\n\nSeveral vulnerabilities have been found in PostgreSQL-9.1, a SQL\ndatabase system.\n\nCVE-2015-3165 (Remote crash)\n\n SSL clients disconnecting just before the authentication timeout\n expires can cause the server to crash.\n\nCVE-2015-3166 (Information exposure)\n\n The replacement implementation of snprintf() failed to check for\n errors reported by the underlying system library calls; the main\n case that might be missed is out-of-memory situations. In the worst\n case this might lead to information exposure\n\nCVE-2015-3167 (Possible side-channel key exposure)\n\n In contrib/pgcrypto, some cases of decryption with an incorrect key\n could report other error message texts. Fix by using a\n one-size-fits-all message.\n\nFor the oldstable distribution (wheezy), this problem has been fixed\nin version 9.1.16-0+deb7u2.\n\nWe recommend that you upgrade your postgresql-9.1 packages.\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n", "modified": "2015-05-31T04:56:14", "published": "2015-05-31T04:56:14", "id": "DEBIAN:DSA-3269-2:FDE68", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2015/msg00169.html", "title": "[SECURITY] [DSA 3269-2] postgresql-9.1 regression update", "type": "debian", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-10-16T22:14:42", "bulletinFamily": "unix", "description": "Package : postgresql-8.4\nVersion : 8.4.22lts2-0+deb6u2\nCVE ID : CVE-2015-3165 CVE-2015-3166 CVE-2015-3167\n\nSeveral vulnerabilities were discovered in PostgreSQL, a relational\ndatabase server system. The 8.4 branch is EOLed upstream, but still\npresent in Debian squeeze. This new LTS minor version contains the\nfixes that were applied upstream to the 9.0.20 version, backported to\n8.4.22 which was the last version officially released by the PostgreSQL\ndevelopers. This LTS effort for squeeze-lts is a community project\nsponsored by credativ GmbH.\n\nCVE-2015-3165: Remote crash\nSSL clients disconnecting just before the authentication timeout expires\ncan cause the server to crash.\n\nCVE-2015-3166: Information exposure\nThe replacement implementation of snprintf() failed to check for errors\nreported by the underlying system library calls; the main case that\nmight be missed is out-of-memory situations. In the worst case this\nmight lead to information exposure.\n\nCVE-2015-3167: Possible side-channel key exposure\nIn contrib/pgcrypto, some cases of decryption with an incorrect key\ncould report other error message texts. Fix by using a one-size-fits-all\nmessage.\n\nNote that the next round of minor releases for PostgreSQL have already\nbeen scheduled for early June 2015. There will be a corresponding\n8.4.22lts3 update at the same time.\n", "modified": "2015-05-29T10:36:27", "published": "2015-05-29T10:36:27", "id": "DEBIAN:DLA-227-1:010C2", "href": "https://lists.debian.org/debian-lts-announce/2015/debian-lts-announce-201505/msg00018.html", "title": "[SECURITY] [DLA-227-1] postgresql-8.4 update", "type": "debian", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}], "archlinux": [{"lastseen": "2016-09-02T18:44:45", "bulletinFamily": "unix", "description": "- CVE-2015-3165 (denial of service)\n\nSSL clients disconnecting just before the authentication timeout expires\ncan cause the server to crash via a double-free issue leading to denial\nof service.\n\n- CVE-2015-3166 (information disclosure)\n\nThe replacement implementation of snprintf() failed to check for errors\nreported by the underlying system library calls; the main case that\nmight be missed is out-of-memory situations. In the worst case this\nmight lead to information disclosure.\n\n- CVE-2015-3167 (side-channel key exposure)\n\nIn contrib/pgcrypto, some cases of decryption with an incorrect key\ncould report other error message texts. Fix by using a one-size-fits-all\nmessage.", "modified": "2015-05-26T00:00:00", "published": "2015-05-26T00:00:00", "href": "https://lists.archlinux.org/pipermail/arch-security/2015-May/000338.html", "id": "ASA-201505-17", "title": "postgresql: multiple issues", "type": "archlinux", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}], "redhat": [{"lastseen": "2018-12-11T21:41:34", "bulletinFamily": "unix", "description": "PostgreSQL is an advanced object-relational database management system\n(DBMS).\n\nA double-free flaw was found in the connection handling. An unauthenticated\nattacker could exploit this flaw to crash the PostgreSQL back end by\ndisconnecting at approximately the same time as the authentication time out\nis triggered. (CVE-2015-3165)\n\nIt was discovered that PostgreSQL did not properly check the return values\nof certain standard library functions. If the system is in a state that\nwould cause the standard library functions to fail, for example memory\nexhaustion, an authenticated user could exploit this flaw to disclose\npartial memory contents or cause the GSSAPI authentication to use an\nincorrect keytab file. (CVE-2015-3166)\n\nIt was discovered that the pgcrypto module could return different error\nmessages when decrypting certain data with an incorrect key. This can help\nan authenticated user to launch a possible cryptographic attack, although\nno suitable attack is currently known. (CVE-2015-3167)\n\nRed Hat would like to thank the PostgreSQL project for reporting these\nissues. Upstream acknowledges Benkocs Norbert Attila as the original\nreporter of CVE-2015-3165 and Noah Misch as the original reporter of\nCVE-2015-3166 and CVE-2015-3167.\n\nAll PostgreSQL users are advised to upgrade to these updated packages,\nwhich contain backported patches to correct these issues. If the\nrh-postgresql94-postgresql service is running, it will be automatically\nrestarted after installing this update.\n", "modified": "2018-06-13T01:28:20", "published": "2015-06-29T04:00:00", "id": "RHSA-2015:1196", "href": "https://access.redhat.com/errata/RHSA-2015:1196", "type": "redhat", "title": "(RHSA-2015:1196) Moderate: rh-postgresql94-postgresql security update", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-12-11T19:43:10", "bulletinFamily": "unix", "description": "PostgreSQL is an advanced object-relational database management system\n(DBMS).\n\nA double-free flaw was found in the connection handling. An unauthenticated\nattacker could exploit this flaw to crash the PostgreSQL back end by\ndisconnecting at approximately the same time as the authentication time out\nis triggered. (CVE-2015-3165)\n\nIt was discovered that PostgreSQL did not properly check the return values\nof certain standard library functions. If the system is in a state that\nwould cause the standard library functions to fail, for example memory\nexhaustion, an authenticated user could exploit this flaw to disclose\npartial memory contents or cause the GSSAPI authentication to use an\nincorrect keytab file. (CVE-2015-3166)\n\nIt was discovered that the pgcrypto module could return different error\nmessages when decrypting certain data with an incorrect key. This can help\nan authenticated user to launch a possible cryptographic attack, although\nno suitable attack is currently known. (CVE-2015-3167)\n\nRed Hat would like to thank the PostgreSQL project for reporting these\nissues. Upstream acknowledges Benkocs Norbert Attila as the original\nreporter of CVE-2015-3165 and Noah Misch as the original reporter of\nCVE-2015-3166 and CVE-2015-3167.\n\nAll PostgreSQL users are advised to upgrade to these updated packages,\nwhich contain backported patches to correct these issues. If the\npostgresql service is running, it will be automatically restarted after\ninstalling this update.\n", "modified": "2018-06-06T20:24:34", "published": "2015-06-29T04:00:00", "id": "RHSA-2015:1194", "href": "https://access.redhat.com/errata/RHSA-2015:1194", "type": "redhat", "title": "(RHSA-2015:1194) Moderate: postgresql security update", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-12-11T21:43:22", "bulletinFamily": "unix", "description": "PostgreSQL is an advanced object-relational database management system\n(DBMS).\n\nA double-free flaw was found in the connection handling. An unauthenticated\nattacker could exploit this flaw to crash the PostgreSQL back end by\ndisconnecting at approximately the same time as the authentication time out\nis triggered. (CVE-2015-3165) \n\nIt was discovered that PostgreSQL did not properly check the return values\nof certain standard library functions. If the system is in a state that\nwould cause the standard library functions to fail, for example memory\nexhaustion, an authenticated user could exploit this flaw to disclose\npartial memory contents or cause the GSSAPI authentication to use an\nincorrect keytab file. (CVE-2015-3166)\n\nIt was discovered that the pgcrypto module could return different error\nmessages when decrypting certain data with an incorrect key. This can help\nan authenticated user to launch a possible cryptographic attack, although\nno suitable attack is currently known. (CVE-2015-3167)\n\nRed Hat would like to thank the PostgreSQL project for reporting these\nissues. Upstream acknowledges Benkocs Norbert Attila as the original\nreporter of CVE-2015-3165 and Noah Misch as the original reporter of\nCVE-2015-3166 and CVE-2015-3167.\n\nAll PostgreSQL users are advised to upgrade to these updated packages,\nwhich contain backported patches to correct these issues. If the\npostgresql92-postgresql service is running, it will be automatically\nrestarted after installing this update.\n", "modified": "2018-06-13T01:28:18", "published": "2015-06-29T04:00:00", "id": "RHSA-2015:1195", "href": "https://access.redhat.com/errata/RHSA-2015:1195", "type": "redhat", "title": "(RHSA-2015:1195) Moderate: postgresql92-postgresql security update", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}], "oraclelinux": [{"lastseen": "2018-08-31T01:47:41", "bulletinFamily": "unix", "description": "[9.2.13-1]\n- update to 9.2.13 per release notes\n http://www.postgresql.org/docs/9.2/static/release-9-2-13.html\n[9.2.12-1]\n- update to 9.2.12 per release notes\n http://www.postgresql.org/docs/9.2/static/release-9-2-12.html\n[9.2.11-1]\n- update to 9.2.11 per release notes\n http://www.postgresql.org/docs/9.2/static/release-9-2-11.html", "modified": "2015-06-29T00:00:00", "published": "2015-06-29T00:00:00", "id": "ELSA-2015-1194", "href": "http://linux.oracle.com/errata/ELSA-2015-1194.html", "title": "postgresql security update", "type": "oraclelinux", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}], "amazon": [{"lastseen": "2018-10-02T16:55:24", "bulletinFamily": "unix", "description": "**Issue Overview:**\n\nA double-free flaw was found in the connection handling. An unauthenticated attacker could exploit this flaw to crash the PostgreSQL back end by disconnecting at approximately the same time as the authentication time out is triggered. ([CVE-2015-3165 __](<https://access.redhat.com/security/cve/CVE-2015-3165>))\n\nIt was discovered that PostgreSQL did not properly check the return values of certain standard library functions. If the system is in a state that would cause the standard library functions to fail, for example memory exhaustion, an authenticated user could exploit this flaw to disclose partial memory contents or cause the GSSAPI authentication to use an incorrect keytab file. ([CVE-2015-3166 __](<https://access.redhat.com/security/cve/CVE-2015-3166>))\n\nIt was discovered that the pgcrypto module could return different error messages when decrypting certain data with an incorrect key. This can help an authenticated user to launch a possible cryptographic attack, although no suitable attack is currently known. ([CVE-2015-3167 __](<https://access.redhat.com/security/cve/CVE-2015-3167>))\n\n \n**Affected Packages:** \n\n\npostgresql8\n\n \n**Issue Correction:** \nRun _yum update postgresql8_ to update your system.\n\n \n\n\n**New Packages:**\n \n \n i686: \n postgresql8-test-8.4.20-3.50.amzn1.i686 \n postgresql8-libs-8.4.20-3.50.amzn1.i686 \n postgresql8-plpython-8.4.20-3.50.amzn1.i686 \n postgresql8-contrib-8.4.20-3.50.amzn1.i686 \n postgresql8-server-8.4.20-3.50.amzn1.i686 \n postgresql8-pltcl-8.4.20-3.50.amzn1.i686 \n postgresql8-docs-8.4.20-3.50.amzn1.i686 \n postgresql8-debuginfo-8.4.20-3.50.amzn1.i686 \n postgresql8-devel-8.4.20-3.50.amzn1.i686 \n postgresql8-8.4.20-3.50.amzn1.i686 \n postgresql8-plperl-8.4.20-3.50.amzn1.i686 \n \n src: \n postgresql8-8.4.20-3.50.amzn1.src \n \n x86_64: \n postgresql8-server-8.4.20-3.50.amzn1.x86_64 \n postgresql8-pltcl-8.4.20-3.50.amzn1.x86_64 \n postgresql8-devel-8.4.20-3.50.amzn1.x86_64 \n postgresql8-plperl-8.4.20-3.50.amzn1.x86_64 \n postgresql8-plpython-8.4.20-3.50.amzn1.x86_64 \n postgresql8-8.4.20-3.50.amzn1.x86_64 \n postgresql8-libs-8.4.20-3.50.amzn1.x86_64 \n postgresql8-contrib-8.4.20-3.50.amzn1.x86_64 \n postgresql8-docs-8.4.20-3.50.amzn1.x86_64 \n postgresql8-debuginfo-8.4.20-3.50.amzn1.x86_64 \n postgresql8-test-8.4.20-3.50.amzn1.x86_64 \n \n \n", "modified": "2015-07-07T22:25:00", "published": "2015-07-07T22:25:00", "id": "ALAS-2015-556", "href": "https://alas.aws.amazon.com/ALAS-2015-556.html", "title": "Medium: postgresql8", "type": "amazon", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-10-02T16:55:09", "bulletinFamily": "unix", "description": "**Issue Overview:**\n\nDouble free vulnerability in PostgreSQL before 9.0.20, 9.1.x before 9.1.16, 9.2.x before 9.2.11, 9.3.x before 9.3.7, and 9.4.x before 9.4.2 allows remote attackers to cause a denial of service (crash) by closing an SSL session at a time when the authentication timeout will expire during the session shutdown sequence.\n\n \n**Affected Packages:** \n\n\npostgresql93\n\n \n**Issue Correction:** \nRun _yum update postgresql93_ to update your system.\n\n \n\n\n**New Packages:**\n \n \n i686: \n postgresql93-plpython26-9.3.9-1.58.amzn1.i686 \n postgresql93-debuginfo-9.3.9-1.58.amzn1.i686 \n postgresql93-devel-9.3.9-1.58.amzn1.i686 \n postgresql93-9.3.9-1.58.amzn1.i686 \n postgresql93-plperl-9.3.9-1.58.amzn1.i686 \n postgresql93-libs-9.3.9-1.58.amzn1.i686 \n postgresql93-docs-9.3.9-1.58.amzn1.i686 \n postgresql93-pltcl-9.3.9-1.58.amzn1.i686 \n postgresql93-test-9.3.9-1.58.amzn1.i686 \n postgresql93-plpython27-9.3.9-1.58.amzn1.i686 \n postgresql93-contrib-9.3.9-1.58.amzn1.i686 \n postgresql93-server-9.3.9-1.58.amzn1.i686 \n \n src: \n postgresql93-9.3.9-1.58.amzn1.src \n \n x86_64: \n postgresql93-docs-9.3.9-1.58.amzn1.x86_64 \n postgresql93-debuginfo-9.3.9-1.58.amzn1.x86_64 \n postgresql93-pltcl-9.3.9-1.58.amzn1.x86_64 \n postgresql93-devel-9.3.9-1.58.amzn1.x86_64 \n postgresql93-server-9.3.9-1.58.amzn1.x86_64 \n postgresql93-plpython27-9.3.9-1.58.amzn1.x86_64 \n postgresql93-test-9.3.9-1.58.amzn1.x86_64 \n postgresql93-libs-9.3.9-1.58.amzn1.x86_64 \n postgresql93-plpython26-9.3.9-1.58.amzn1.x86_64 \n postgresql93-9.3.9-1.58.amzn1.x86_64 \n postgresql93-contrib-9.3.9-1.58.amzn1.x86_64 \n postgresql93-plperl-9.3.9-1.58.amzn1.x86_64 \n \n \n", "modified": "2015-06-16T11:42:00", "published": "2015-06-16T11:42:00", "id": "ALAS-2015-546", "href": "https://alas.aws.amazon.com/ALAS-2015-546.html", "title": "Medium: postgresql93", "type": "amazon", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-10-02T16:55:20", "bulletinFamily": "unix", "description": "**Issue Overview:**\n\nDouble free vulnerability in PostgreSQL before 9.0.20, 9.1.x before 9.1.16, 9.2.x before 9.2.11, 9.3.x before 9.3.7, and 9.4.x before 9.4.2 allows remote attackers to cause a denial of service (crash) by closing an SSL session at a time when the authentication timeout will expire during the session shutdown sequence.\n\n \n**Affected Packages:** \n\n\npostgresql92\n\n \n**Issue Correction:** \nRun _yum update postgresql92_ to update your system.\n\n \n\n\n**New Packages:**\n \n \n i686: \n postgresql92-plpython26-9.2.13-1.54.amzn1.i686 \n postgresql92-docs-9.2.13-1.54.amzn1.i686 \n postgresql92-contrib-9.2.13-1.54.amzn1.i686 \n postgresql92-debuginfo-9.2.13-1.54.amzn1.i686 \n postgresql92-plpython27-9.2.13-1.54.amzn1.i686 \n postgresql92-server-compat-9.2.13-1.54.amzn1.i686 \n postgresql92-libs-9.2.13-1.54.amzn1.i686 \n postgresql92-server-9.2.13-1.54.amzn1.i686 \n postgresql92-pltcl-9.2.13-1.54.amzn1.i686 \n postgresql92-test-9.2.13-1.54.amzn1.i686 \n postgresql92-plperl-9.2.13-1.54.amzn1.i686 \n postgresql92-9.2.13-1.54.amzn1.i686 \n postgresql92-devel-9.2.13-1.54.amzn1.i686 \n \n src: \n postgresql92-9.2.13-1.54.amzn1.src \n \n x86_64: \n postgresql92-contrib-9.2.13-1.54.amzn1.x86_64 \n postgresql92-plpython27-9.2.13-1.54.amzn1.x86_64 \n postgresql92-server-9.2.13-1.54.amzn1.x86_64 \n postgresql92-debuginfo-9.2.13-1.54.amzn1.x86_64 \n postgresql92-libs-9.2.13-1.54.amzn1.x86_64 \n postgresql92-server-compat-9.2.13-1.54.amzn1.x86_64 \n postgresql92-9.2.13-1.54.amzn1.x86_64 \n postgresql92-pltcl-9.2.13-1.54.amzn1.x86_64 \n postgresql92-plpython26-9.2.13-1.54.amzn1.x86_64 \n postgresql92-test-9.2.13-1.54.amzn1.x86_64 \n postgresql92-plperl-9.2.13-1.54.amzn1.x86_64 \n postgresql92-devel-9.2.13-1.54.amzn1.x86_64 \n postgresql92-docs-9.2.13-1.54.amzn1.x86_64 \n \n \n", "modified": "2015-06-16T11:42:00", "published": "2015-06-16T11:42:00", "id": "ALAS-2015-545", "href": "https://alas.aws.amazon.com/ALAS-2015-545.html", "title": "Medium: postgresql92", "type": "amazon", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}], "nessus": [{"lastseen": "2019-02-21T01:24:16", "bulletinFamily": "scanner", "description": "PostgreSQL project reports :\n\nThis update fixes three security vulnerabilities reported in PostgreSQL over the past few months. Nether of these issues is seen as particularly urgent. However, users should examine them in case their installations are vulnerable:.\n\n- CVE-2015-3165 Double 'free' after authentication timeout.\n\n- CVE-2015-3166 Unanticipated errors from the standard library.\n\n- CVE-2015-3167 pgcrypto has multiple error messages for decryption with an incorrect key.", "modified": "2018-11-10T00:00:00", "id": "FREEBSD_PKG_FC38CD8300B311E58EBD0026551A22DC.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=83799", "published": "2015-05-26T00:00:00", "title": "FreeBSD : PostgreSQL -- minor security problems. (fc38cd83-00b3-11e5-8ebd-0026551a22dc)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2018 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(83799);\n script_version(\"2.7\");\n script_cvs_date(\"Date: 2018/11/10 11:49:45\");\n\n script_cve_id(\"CVE-2015-3165\", \"CVE-2015-3166\", \"CVE-2015-3167\");\n\n script_name(english:\"FreeBSD : PostgreSQL -- minor security problems. (fc38cd83-00b3-11e5-8ebd-0026551a22dc)\");\n script_summary(english:\"Checks for updated packages in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote FreeBSD host is missing one or more security-related\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"PostgreSQL project reports :\n\nThis update fixes three security vulnerabilities reported in\nPostgreSQL over the past few months. Nether of these issues is seen as\nparticularly urgent. However, users should examine them in case their\ninstallations are vulnerable:.\n\n- CVE-2015-3165 Double 'free' after authentication timeout.\n\n- CVE-2015-3166 Unanticipated errors from the standard library.\n\n- CVE-2015-3167 pgcrypto has multiple error messages for decryption\nwith an incorrect key.\"\n );\n # https://vuxml.freebsd.org/freebsd/fc38cd83-00b3-11e5-8ebd-0026551a22dc.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?5b82c775\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:postgresql90-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:postgresql91-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:postgresql92-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:postgresql93-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:postgresql94-server\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/04/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/05/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/05/26\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"postgresql90-server>=9.0.0<9.0.20\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"postgresql91-server>=9.1.0<9.1.16\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"postgresql92-server>=9.2.0<9.2.11\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"postgresql93-server>=9.3.0<9.3.7\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"postgresql94-server>=9.4.0<9.4.2\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:pkg_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2019-02-21T01:24:16", "bulletinFamily": "scanner", "description": "Benkocs Norbert Attila discovered that PostgreSQL incorrectly handled authentication timeouts. A remote attacker could use this flaw to cause the unauthenticated session to crash, possibly leading to a security issue. (CVE-2015-3165)\n\nNoah Misch discovered that PostgreSQL incorrectly handled certain standard library function return values, possibly leading to security issues. (CVE-2015-3166)\n\nNoah Misch discovered that the pgcrypto function could return different error messages when decrypting using an incorrect key, possibly leading to a security issue. (CVE-2015-3167).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "modified": "2018-12-01T00:00:00", "id": "UBUNTU_USN-2621-1.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=83862", "published": "2015-05-27T00:00:00", "title": "Ubuntu 12.04 LTS / 14.04 LTS / 14.10 / 15.04 : postgresql-9.1, postgresql-9.3, postgresql-9.4 vulnerabilities (USN-2621-1)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-2621-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(83862);\n script_version(\"2.14\");\n script_cvs_date(\"Date: 2018/12/01 15:12:39\");\n\n script_cve_id(\"CVE-2015-3165\", \"CVE-2015-3166\", \"CVE-2015-3167\");\n script_bugtraq_id(74787, 74789, 74790);\n script_xref(name:\"USN\", value:\"2621-1\");\n\n script_name(english:\"Ubuntu 12.04 LTS / 14.04 LTS / 14.10 / 15.04 : postgresql-9.1, postgresql-9.3, postgresql-9.4 vulnerabilities (USN-2621-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Benkocs Norbert Attila discovered that PostgreSQL incorrectly handled\nauthentication timeouts. A remote attacker could use this flaw to\ncause the unauthenticated session to crash, possibly leading to a\nsecurity issue. (CVE-2015-3165)\n\nNoah Misch discovered that PostgreSQL incorrectly handled certain\nstandard library function return values, possibly leading to security\nissues. (CVE-2015-3166)\n\nNoah Misch discovered that the pgcrypto function could return\ndifferent error messages when decrypting using an incorrect key,\npossibly leading to a security issue. (CVE-2015-3167).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/2621-1/\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Update the affected postgresql-9.1, postgresql-9.3 and / or\npostgresql-9.4 packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:postgresql-9.1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:postgresql-9.3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:postgresql-9.4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:12.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:14.04\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:14.10\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:15.04\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/05/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/05/27\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2015-2018 Canonical, Inc. / NASL script (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! ereg(pattern:\"^(12\\.04|14\\.04|14\\.10|15\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 12.04 / 14.04 / 14.10 / 15.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"12.04\", pkgname:\"postgresql-9.1\", pkgver:\"9.1.16-0ubuntu0.12.04\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"postgresql-9.3\", pkgver:\"9.3.7-0ubuntu0.14.04\")) flag++;\nif (ubuntu_check(osver:\"14.10\", pkgname:\"postgresql-9.4\", pkgver:\"9.4.2-0ubuntu0.14.10\")) flag++;\nif (ubuntu_check(osver:\"15.04\", pkgname:\"postgresql-9.4\", pkgver:\"9.4.2-0ubuntu0.15.04\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"postgresql-9.1 / postgresql-9.3 / postgresql-9.4\");\n}\n", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2019-02-21T01:24:17", "bulletinFamily": "scanner", "description": "Several vulnerabilities were discovered in PostgreSQL, a relational database server system. The 8.4 branch is EOLed upstream, but still present in Debian squeeze. This new LTS minor version contains the fixes that were applied upstream to the 9.0.20 version, backported to 8.4.22 which was the last version officially released by the PostgreSQL developers. This LTS effort for squeeze-lts is a community project sponsored by credativ GmbH.\n\nCVE-2015-3165: Remote crash SSL clients disconnecting just before the authentication timeout expires can cause the server to crash.\n\nCVE-2015-3166: Information exposure The replacement implementation of snprintf() failed to check for errors reported by the underlying system library calls; the main case that might be missed is out-of-memory situations. In the worst case this might lead to information exposure.\n\nCVE-2015-3167: Possible side-channel key exposure In contrib/pgcrypto, some cases of decryption with an incorrect key could report other error message texts. Fix by using a one-size-fits-all message.\n\nNote that the next round of minor releases for PostgreSQL have already been scheduled for early June 2015. There will be a corresponding 8.4.22lts3 update at the same time.\n\nNOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "modified": "2018-07-06T00:00:00", "id": "DEBIAN_DLA-227.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=83905", "published": "2015-06-01T00:00:00", "title": "Debian DLA-227-1 : postgresql-8.4 update", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Debian Security Advisory DLA-227-1. The text\n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(83905);\n script_version(\"2.9\");\n script_cvs_date(\"Date: 2018/07/06 11:26:06\");\n\n script_cve_id(\"CVE-2015-3165\", \"CVE-2015-3166\", \"CVE-2015-3167\");\n script_bugtraq_id(74787, 74789, 74790);\n\n script_name(english:\"Debian DLA-227-1 : postgresql-8.4 update\");\n script_summary(english:\"Checks dpkg output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several vulnerabilities were discovered in PostgreSQL, a relational\ndatabase server system. The 8.4 branch is EOLed upstream, but still\npresent in Debian squeeze. This new LTS minor version contains the\nfixes that were applied upstream to the 9.0.20 version, backported to\n8.4.22 which was the last version officially released by the\nPostgreSQL developers. This LTS effort for squeeze-lts is a community\nproject sponsored by credativ GmbH.\n\nCVE-2015-3165: Remote crash SSL clients disconnecting just before the\nauthentication timeout expires can cause the server to crash.\n\nCVE-2015-3166: Information exposure The replacement implementation of\nsnprintf() failed to check for errors reported by the underlying\nsystem library calls; the main case that might be missed is\nout-of-memory situations. In the worst case this might lead to\ninformation exposure.\n\nCVE-2015-3167: Possible side-channel key exposure In contrib/pgcrypto,\nsome cases of decryption with an incorrect key could report other\nerror message texts. Fix by using a one-size-fits-all message.\n\nNote that the next round of minor releases for PostgreSQL have already\nbeen scheduled for early June 2015. There will be a corresponding\n8.4.22lts3 update at the same time.\n\nNOTE: Tenable Network Security has extracted the preceding description\nblock directly from the DLA security advisory. Tenable has attempted\nto automatically clean and format it as much as possible without\nintroducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.debian.org/debian-lts-announce/2015/05/msg00018.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/squeeze-lts/postgresql-8.4\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Upgrade the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libecpg-compat3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libecpg-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libecpg6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libpgtypes3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libpq-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libpq5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:postgresql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:postgresql-8.4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:postgresql-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:postgresql-client-8.4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:postgresql-contrib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:postgresql-contrib-8.4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:postgresql-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:postgresql-doc-8.4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:postgresql-plperl-8.4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:postgresql-plpython-8.4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:postgresql-pltcl-8.4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:postgresql-server-dev-8.4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:6.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/05/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/06/01\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"6.0\", prefix:\"libecpg-compat3\", reference:\"8.4.22lts2-0+deb6u2\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libecpg-dev\", reference:\"8.4.22lts2-0+deb6u2\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libecpg6\", reference:\"8.4.22lts2-0+deb6u2\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libpgtypes3\", reference:\"8.4.22lts2-0+deb6u2\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libpq-dev\", reference:\"8.4.22lts2-0+deb6u2\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libpq5\", reference:\"8.4.22lts2-0+deb6u2\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"postgresql\", reference:\"8.4.22lts2-0+deb6u2\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"postgresql-8.4\", reference:\"8.4.22lts2-0+deb6u2\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"postgresql-client\", reference:\"8.4.22lts2-0+deb6u2\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"postgresql-client-8.4\", reference:\"8.4.22lts2-0+deb6u2\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"postgresql-contrib\", reference:\"8.4.22lts2-0+deb6u2\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"postgresql-contrib-8.4\", reference:\"8.4.22lts2-0+deb6u2\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"postgresql-doc\", reference:\"8.4.22lts2-0+deb6u2\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"postgresql-doc-8.4\", reference:\"8.4.22lts2-0+deb6u2\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"postgresql-plperl-8.4\", reference:\"8.4.22lts2-0+deb6u2\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"postgresql-plpython-8.4\", reference:\"8.4.22lts2-0+deb6u2\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"postgresql-pltcl-8.4\", reference:\"8.4.22lts2-0+deb6u2\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"postgresql-server-dev-8.4\", reference:\"8.4.22lts2-0+deb6u2\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2019-02-21T01:24:28", "bulletinFamily": "scanner", "description": "A double-free flaw was found in the connection handling. An unauthenticated attacker could exploit this flaw to crash the PostgreSQL back end by disconnecting at approximately the same time as the authentication time out is triggered. (CVE-2015-3165)\n\nIt was discovered that PostgreSQL did not properly check the return values of certain standard library functions. If the system is in a state that would cause the standard library functions to fail, for example memory exhaustion, an authenticated user could exploit this flaw to disclose partial memory contents or cause the GSSAPI authentication to use an incorrect keytab file. (CVE-2015-3166)\n\nIt was discovered that the pgcrypto module could return different error messages when decrypting certain data with an incorrect key.\nThis can help an authenticated user to launch a possible cryptographic attack, although no suitable attack is currently known.\n(CVE-2015-3167)\n\nIf the postgresql service is running, it will be automatically restarted after installing this update.", "modified": "2018-12-28T00:00:00", "id": "SL_20150629_POSTGRESQL_ON_SL6_X.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=84540", "published": "2015-07-06T00:00:00", "title": "Scientific Linux Security Update : postgresql on SL6.x, SL7.x i386/x86_64", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(84540);\n script_version(\"2.5\");\n script_cvs_date(\"Date: 2018/12/28 10:10:36\");\n\n script_cve_id(\"CVE-2015-3165\", \"CVE-2015-3166\", \"CVE-2015-3167\");\n\n script_name(english:\"Scientific Linux Security Update : postgresql on SL6.x, SL7.x i386/x86_64\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A double-free flaw was found in the connection handling. An\nunauthenticated attacker could exploit this flaw to crash the\nPostgreSQL back end by disconnecting at approximately the same time as\nthe authentication time out is triggered. (CVE-2015-3165)\n\nIt was discovered that PostgreSQL did not properly check the return\nvalues of certain standard library functions. If the system is in a\nstate that would cause the standard library functions to fail, for\nexample memory exhaustion, an authenticated user could exploit this\nflaw to disclose partial memory contents or cause the GSSAPI\nauthentication to use an incorrect keytab file. (CVE-2015-3166)\n\nIt was discovered that the pgcrypto module could return different\nerror messages when decrypting certain data with an incorrect key.\nThis can help an authenticated user to launch a possible cryptographic\nattack, although no suitable attack is currently known.\n(CVE-2015-3167)\n\nIf the postgresql service is running, it will be automatically\nrestarted after installing this update.\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1506&L=scientific-linux-errata&F=&S=&P=15210\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?7d8f6e1d\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/06/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/07/06\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL6\", reference:\"postgresql-8.4.20-3.el6_6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"postgresql-contrib-8.4.20-3.el6_6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"postgresql-debuginfo-8.4.20-3.el6_6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"postgresql-devel-8.4.20-3.el6_6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"postgresql-docs-8.4.20-3.el6_6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"postgresql-libs-8.4.20-3.el6_6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"postgresql-plperl-8.4.20-3.el6_6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"postgresql-plpython-8.4.20-3.el6_6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"postgresql-pltcl-8.4.20-3.el6_6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"postgresql-server-8.4.20-3.el6_6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"postgresql-test-8.4.20-3.el6_6\")) flag++;\n\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"postgresql-9.2.13-1.el7_1\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"postgresql-contrib-9.2.13-1.el7_1\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"postgresql-debuginfo-9.2.13-1.el7_1\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"postgresql-devel-9.2.13-1.el7_1\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"postgresql-docs-9.2.13-1.el7_1\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"postgresql-libs-9.2.13-1.el7_1\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"postgresql-plperl-9.2.13-1.el7_1\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"postgresql-plpython-9.2.13-1.el7_1\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"postgresql-pltcl-9.2.13-1.el7_1\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"postgresql-server-9.2.13-1.el7_1\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"postgresql-test-9.2.13-1.el7_1\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"postgresql-upgrade-9.2.13-1.el7_1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2019-02-21T01:24:15", "bulletinFamily": "scanner", "description": "Several vulnerabilities have been found in PostgreSQL-9.4, a SQL database system.\n\n - CVE-2015-3165 (Remote crash) SSL clients disconnecting just before the authentication timeout expires can cause the server to crash.\n\n - CVE-2015-3166 (Information exposure) The replacement implementation of snprintf() failed to check for errors reported by the underlying system library calls; the main case that might be missed is out-of-memory situations. In the worst case this might lead to information exposure.\n\n - CVE-2015-3167 (Possible side-channel key exposure) In contrib/pgcrypto, some cases of decryption with an incorrect key could report other error message texts.\n Fix by using a one-size-fits-all message.", "modified": "2018-11-10T00:00:00", "id": "DEBIAN_DSA-3270.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=83787", "published": "2015-05-26T00:00:00", "title": "Debian DSA-3270-1 : postgresql-9.4 - security update", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-3270. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(83787);\n script_version(\"2.12\");\n script_cvs_date(\"Date: 2018/11/10 11:49:37\");\n\n script_cve_id(\"CVE-2015-3165\", \"CVE-2015-3166\", \"CVE-2015-3167\");\n script_xref(name:\"DSA\", value:\"3270\");\n\n script_name(english:\"Debian DSA-3270-1 : postgresql-9.4 - security update\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several vulnerabilities have been found in PostgreSQL-9.4, a SQL\ndatabase system.\n\n - CVE-2015-3165 (Remote crash)\n SSL clients disconnecting just before the authentication\n timeout expires can cause the server to crash.\n\n - CVE-2015-3166 (Information exposure)\n The replacement implementation of snprintf() failed to\n check for errors reported by the underlying system\n library calls; the main case that might be missed is\n out-of-memory situations. In the worst case this might\n lead to information exposure.\n\n - CVE-2015-3167 (Possible side-channel key exposure)\n In contrib/pgcrypto, some cases of decryption with an\n incorrect key could report other error message texts.\n Fix by using a one-size-fits-all message.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2015-3165\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2015-3166\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2015-3167\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/jessie/postgresql-9.4\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2015/dsa-3270\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the postgresql-9.4 packages.\n\nFor the stable distribution (jessie), these problems have been fixed\nin version 9.4.2-0+deb8u1.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:postgresql-9.4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:8.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/05/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/05/26\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"8.0\", prefix:\"libecpg-compat3\", reference:\"9.4.2-0+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libecpg-dev\", reference:\"9.4.2-0+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libecpg6\", reference:\"9.4.2-0+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libpgtypes3\", reference:\"9.4.2-0+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libpq-dev\", reference:\"9.4.2-0+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libpq5\", reference:\"9.4.2-0+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"postgresql-9.4\", reference:\"9.4.2-0+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"postgresql-9.4-dbg\", reference:\"9.4.2-0+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"postgresql-client-9.4\", reference:\"9.4.2-0+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"postgresql-contrib-9.4\", reference:\"9.4.2-0+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"postgresql-doc-9.4\", reference:\"9.4.2-0+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"postgresql-plperl-9.4\", reference:\"9.4.2-0+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"postgresql-plpython-9.4\", reference:\"9.4.2-0+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"postgresql-plpython3-9.4\", reference:\"9.4.2-0+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"postgresql-pltcl-9.4\", reference:\"9.4.2-0+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"postgresql-server-dev-9.4\", reference:\"9.4.2-0+deb8u1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2019-02-21T01:24:23", "bulletinFamily": "scanner", "description": "This update provides PostgreSQL 9.1.18, which brings fixes for security issues and other enhancements.\n\nThe following vulnerabilities have been fixed :\n\nCVE-2015-3165: Avoid possible crash when client disconnects.\n(bsc#931972)\n\nCVE-2015-3166: Consistently check for failure of the *printf().\n(bsc#931973)\n\nCVE-2015-3167: In contrib/pgcrypto, uniformly report decryption failures. (bsc#931974)\n\nFor a comprehensive list of changes, please refer to <a href='http://www.postgresql.org/docs/9.1/static/release-9-1-18.html'>h ttp://www.postgresql.org/docs/9.1/static/release-9-1-18.html</a>.\n\nThis update also includes changes in PostgreSQL's packaging to prepare for the migration to the new major version 9.4. (FATE#316970, bsc#907651)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "modified": "2018-12-18T00:00:00", "id": "SUSE_SU-2015-1091-1.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=84338", "published": "2015-06-23T00:00:00", "title": "SUSE SLED11 / SLES11 Security Update : postgresql91 (SUSE-SU-2015:1091-1)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2015:1091-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(84338);\n script_version(\"2.16\");\n script_cvs_date(\"Date: 2018/12/18 10:18:59\");\n\n script_cve_id(\"CVE-2015-3165\", \"CVE-2015-3166\", \"CVE-2015-3167\");\n script_bugtraq_id(74787, 74789, 74790);\n\n script_name(english:\"SUSE SLED11 / SLES11 Security Update : postgresql91 (SUSE-SU-2015:1091-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update provides PostgreSQL 9.1.18, which brings fixes for\nsecurity issues and other enhancements.\n\nThe following vulnerabilities have been fixed :\n\nCVE-2015-3165: Avoid possible crash when client disconnects.\n(bsc#931972)\n\nCVE-2015-3166: Consistently check for failure of the *printf().\n(bsc#931973)\n\nCVE-2015-3167: In contrib/pgcrypto, uniformly report decryption\nfailures. (bsc#931974)\n\nFor a comprehensive list of changes, please refer to <a\nhref='http://www.postgresql.org/docs/9.1/static/release-9-1-18.html'>h\nttp://www.postgresql.org/docs/9.1/static/release-9-1-18.html</a>.\n\nThis update also includes changes in PostgreSQL's packaging to prepare\nfor the migration to the new major version 9.4. (FATE#316970,\nbsc#907651)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n # http://www.postgresql.org/docs/9.1/static/release-9-1-18.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.postgresql.org/docs/9.1/release-9-1-18.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=907651\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=931972\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=931973\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=931974\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=932040\"\n );\n # https://download.suse.com/patch/finder/?keywords=00fcb88ab431584bc7bf32ba75396dee\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?36f6d275\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-3165/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-3166/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-3167/\"\n );\n # https://www.suse.com/support/update/announcement/2015/suse-su-20151091-1.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?23fcfb6c\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"To install this SUSE Security Update use YaST online_update.\nAlternatively you can run the command listed for your product :\n\nSUSE Manager Server :\n\nzypper in -t patch sleman21-postgresql91-201505=10760\n\nSUSE Linux Enterprise Software Development Kit 11 SP3 :\n\nzypper in -t patch sdksp3-postgresql91-201505=10760\n\nSUSE Linux Enterprise Server 11 SP3 for VMware :\n\nzypper in -t patch slessp3-postgresql91-201505=10760\n\nSUSE Linux Enterprise Server 11 SP3 :\n\nzypper in -t patch slessp3-postgresql91-201505=10760\n\nSUSE Linux Enterprise Desktop 11 SP3 :\n\nzypper in -t patch sledsp3-postgresql91-201505=10760\n\nTo bring your system up-to-date, use 'zypper patch'.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:postgresql91\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:postgresql91-contrib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:postgresql91-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:postgresql91-server\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:11\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/06/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/06/23\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = eregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^(SLED11|SLES11)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLED11 / SLES11\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES11\" && (! ereg(pattern:\"^(3)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES11 SP3\", os_ver + \" SP\" + sp);\nif (os_ver == \"SLED11\" && (! ereg(pattern:\"^(3)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLED11 SP3\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES11\", sp:\"3\", reference:\"postgresql91-9.1.18-0.3.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", reference:\"postgresql91-contrib-9.1.18-0.3.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", reference:\"postgresql91-docs-9.1.18-0.3.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", reference:\"postgresql91-server-9.1.18-0.3.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:\"3\", cpu:\"x86_64\", reference:\"postgresql91-9.1.18-0.3.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:\"3\", cpu:\"x86_64\", reference:\"postgresql91-docs-9.1.18-0.3.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:\"3\", cpu:\"i586\", reference:\"postgresql91-9.1.18-0.3.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:\"3\", cpu:\"i586\", reference:\"postgresql91-docs-9.1.18-0.3.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"postgresql91\");\n}\n", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2019-02-21T01:24:26", "bulletinFamily": "scanner", "description": "From Red Hat Security Advisory 2015:1194 :\n\nUpdated postgresql packages that fix three security issues are now available for Red Hat Enterprise Linux 6 and 7.\n\nRed Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nPostgreSQL is an advanced object-relational database management system (DBMS).\n\nA double-free flaw was found in the connection handling. An unauthenticated attacker could exploit this flaw to crash the PostgreSQL back end by disconnecting at approximately the same time as the authentication time out is triggered. (CVE-2015-3165)\n\nIt was discovered that PostgreSQL did not properly check the return values of certain standard library functions. If the system is in a state that would cause the standard library functions to fail, for example memory exhaustion, an authenticated user could exploit this flaw to disclose partial memory contents or cause the GSSAPI authentication to use an incorrect keytab file. (CVE-2015-3166)\n\nIt was discovered that the pgcrypto module could return different error messages when decrypting certain data with an incorrect key.\nThis can help an authenticated user to launch a possible cryptographic attack, although no suitable attack is currently known.\n(CVE-2015-3167)\n\nRed Hat would like to thank the PostgreSQL project for reporting these issues. Upstream acknowledges Benkocs Norbert Attila as the original reporter of CVE-2015-3165 and Noah Misch as the original reporter of CVE-2015-3166 and CVE-2015-3167.\n\nAll PostgreSQL users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. If the postgresql service is running, it will be automatically restarted after installing this update.", "modified": "2018-07-18T00:00:00", "id": "ORACLELINUX_ELSA-2015-1194.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=84464", "published": "2015-06-30T00:00:00", "title": "Oracle Linux 6 / 7 : postgresql (ELSA-2015-1194)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2015:1194 and \n# Oracle Linux Security Advisory ELSA-2015-1194 respectively.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(84464);\n script_version(\"1.13\");\n script_cvs_date(\"Date: 2018/07/18 17:43:58\");\n\n script_cve_id(\"CVE-2015-3165\", \"CVE-2015-3166\", \"CVE-2015-3167\");\n script_bugtraq_id(74787, 74789, 74790);\n script_xref(name:\"RHSA\", value:\"2015:1194\");\n\n script_name(english:\"Oracle Linux 6 / 7 : postgresql (ELSA-2015-1194)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2015:1194 :\n\nUpdated postgresql packages that fix three security issues are now\navailable for Red Hat Enterprise Linux 6 and 7.\n\nRed Hat Product Security has rated this update as having Moderate\nsecurity impact. Common Vulnerability Scoring System (CVSS) base\nscores, which give detailed severity ratings, are available for each\nvulnerability from the CVE links in the References section.\n\nPostgreSQL is an advanced object-relational database management system\n(DBMS).\n\nA double-free flaw was found in the connection handling. An\nunauthenticated attacker could exploit this flaw to crash the\nPostgreSQL back end by disconnecting at approximately the same time as\nthe authentication time out is triggered. (CVE-2015-3165)\n\nIt was discovered that PostgreSQL did not properly check the return\nvalues of certain standard library functions. If the system is in a\nstate that would cause the standard library functions to fail, for\nexample memory exhaustion, an authenticated user could exploit this\nflaw to disclose partial memory contents or cause the GSSAPI\nauthentication to use an incorrect keytab file. (CVE-2015-3166)\n\nIt was discovered that the pgcrypto module could return different\nerror messages when decrypting certain data with an incorrect key.\nThis can help an authenticated user to launch a possible cryptographic\nattack, although no suitable attack is currently known.\n(CVE-2015-3167)\n\nRed Hat would like to thank the PostgreSQL project for reporting these\nissues. Upstream acknowledges Benkocs Norbert Attila as the original\nreporter of CVE-2015-3165 and Noah Misch as the original reporter of\nCVE-2015-3166 and CVE-2015-3167.\n\nAll PostgreSQL users are advised to upgrade to these updated packages,\nwhich contain backported patches to correct these issues. If the\npostgresql service is running, it will be automatically restarted\nafter installing this update.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2015-June/005184.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2015-June/005185.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected postgresql packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:postgresql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:postgresql-contrib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:postgresql-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:postgresql-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:postgresql-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:postgresql-plperl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:postgresql-plpython\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:postgresql-pltcl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:postgresql-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:postgresql-test\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:postgresql-upgrade\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:7\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/06/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/06/30\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !eregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = eregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^(6|7)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 6 / 7\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL6\", reference:\"postgresql-8.4.20-3.el6_6\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"postgresql-contrib-8.4.20-3.el6_6\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"postgresql-devel-8.4.20-3.el6_6\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"postgresql-docs-8.4.20-3.el6_6\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"postgresql-libs-8.4.20-3.el6_6\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"postgresql-plperl-8.4.20-3.el6_6\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"postgresql-plpython-8.4.20-3.el6_6\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"postgresql-pltcl-8.4.20-3.el6_6\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"postgresql-server-8.4.20-3.el6_6\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"postgresql-test-8.4.20-3.el6_6\")) flag++;\n\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"postgresql-9.2.13-1.el7_1\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"postgresql-contrib-9.2.13-1.el7_1\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"postgresql-devel-9.2.13-1.el7_1\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"postgresql-docs-9.2.13-1.el7_1\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"postgresql-libs-9.2.13-1.el7_1\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"postgresql-plperl-9.2.13-1.el7_1\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"postgresql-plpython-9.2.13-1.el7_1\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"postgresql-pltcl-9.2.13-1.el7_1\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"postgresql-server-9.2.13-1.el7_1\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"postgresql-test-9.2.13-1.el7_1\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"postgresql-upgrade-9.2.13-1.el7_1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"postgresql / postgresql-contrib / postgresql-devel / etc\");\n}\n", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2019-02-21T01:24:16", "bulletinFamily": "scanner", "description": "The version of PostgreSQL installed on the remote host is 9.0.x prior to 9.0.20, 9.1.x prior to 9.1.16, 9.2.x prior to 9.2.11, 9.3.x prior to 9.3.7, or 9.4.x prior to 9.4.2. It is, therefore, affected by multiple vulnerabilities :\n\n - A double free memory error exists after authentication timeout, which a remote attacker can utilize to cause the program to crash. (CVE-2015-3165)\n\n - A flaw exists in the printf() functions due to a failure to check for errors. A remote attacker can use this to gain access to sensitive information. (CVE-2015-3166)\n\n - pgcrypto has multiple error messages for decryption with an incorrect key. A remote attacker can use this to recover keys from other systems. (CVE-2015-3167)", "modified": "2018-11-15T00:00:00", "id": "POSTGRESQL_20150522.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=83818", "published": "2015-05-27T00:00:00", "title": "PostgreSQL 9.0 < 9.0.20 / 9.1 < 9.1.16 / 9.2 < 9.2.11 / 9.3 < 9.3.7 / 9.4 < 9.4.2 Multiple Vulnerabilities", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(83818);\n script_version(\"1.11\");\n script_cvs_date(\"Date: 2018/11/15 20:50:21\");\n\n script_cve_id(\n \"CVE-2015-3165\",\n \"CVE-2015-3166\",\n \"CVE-2015-3167\"\n );\n script_bugtraq_id(\n 74787,\n 74789,\n 74790\n );\n\n script_name(english:\"PostgreSQL 9.0 < 9.0.20 / 9.1 < 9.1.16 / 9.2 < 9.2.11 / 9.3 < 9.3.7 / 9.4 < 9.4.2 Multiple Vulnerabilities\");\n script_summary(english:\"Checks the version of PostgreSQL.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote database server is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of PostgreSQL installed on the remote host is 9.0.x prior\nto 9.0.20, 9.1.x prior to 9.1.16, 9.2.x prior to 9.2.11, 9.3.x prior\nto 9.3.7, or 9.4.x prior to 9.4.2. It is, therefore, affected by\nmultiple vulnerabilities :\n\n - A double free memory error exists after authentication\n timeout, which a remote attacker can utilize to cause\n the program to crash. (CVE-2015-3165)\n\n - A flaw exists in the printf() functions due to a failure\n to check for errors. A remote attacker can use this to\n gain access to sensitive information. (CVE-2015-3166)\n\n - pgcrypto has multiple error messages for decryption\n with an incorrect key. A remote attacker can use this\n to recover keys from other systems. (CVE-2015-3167)\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.postgresql.org/about/news/1587/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.postgresql.org/docs/9.0/release-9-0-20.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.postgresql.org/docs/9.1/release-9-1-16.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.postgresql.org/docs/9.2/release-9-2-11.html\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.postgresql.org/docs/9.3/static/release-9-3-7.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.postgresql.org/docs/9.4/release-9-4-2.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to PostgreSQL 9.0.20 / 9.1.16 / 9.2.11 / 9.3.7 / 9.4.2 or\nlater.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:P/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/05/22\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/05/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/05/27\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:postgresql:postgresql\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Databases\");\n\n script_copyright(english:\"This script is Copyright (C) 2015-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"postgresql_version.nbin\");\n script_require_ports(\"Services/postgresql\", 5432);\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"backport.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\n\nport = get_service(svc:\"postgresql\", default:5432, exit_on_fail:TRUE);\n\nversion = get_kb_item_or_exit('database/'+port+'/postgresql/version');\nsource = get_kb_item_or_exit('database/'+port+'/postgresql/source');\ndatabase = get_kb_item('database/'+port+'/postgresql/database_name');\n\nget_backport_banner(banner:source);\nif (backported && report_paranoia < 2) audit(AUDIT_BACKPORT_SERVICE, port, 'PostgreSQL server');\n\nver = split(version, sep:'.');\nfor (i=0; i < max_index(ver); i++)\n ver[i] = int(ver[i]);\n\nif (\n (ver[0] == 9 && ver[1] == 0 && ver[2] < 20) ||\n (ver[0] == 9 && ver[1] == 1 && ver[2] < 16) ||\n (ver[0] == 9 && ver[1] == 2 && ver[2] < 11) ||\n (ver[0] == 9 && ver[1] == 3 && ver[2] < 7) ||\n (ver[0] == 9 && ver[1] == 4 && ver[2] < 2)\n)\n{\n if (report_verbosity > 0)\n {\n report = '';\n if(database)\n report += '\\n Database name : ' + database ;\n report +=\n '\\n Version source : ' + source +\n '\\n Installed version : ' + version +\n '\\n Fixed version : 9.0.20 / 9.1.16 / 9.2.11 / 9.3.7 / 9.4.2\\n';\n security_warning(port:port, extra:report);\n }\n else security_warning(port);\n exit(0);\n}\nelse audit(AUDIT_LISTEN_NOT_VULN, 'PostgreSQL', port, version);\n", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2019-02-21T01:24:26", "bulletinFamily": "scanner", "description": "Updated postgresql packages that fix three security issues are now available for Red Hat Enterprise Linux 6 and 7.\n\nRed Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nPostgreSQL is an advanced object-relational database management system (DBMS).\n\nA double-free flaw was found in the connection handling. An unauthenticated attacker could exploit this flaw to crash the PostgreSQL back end by disconnecting at approximately the same time as the authentication time out is triggered. (CVE-2015-3165)\n\nIt was discovered that PostgreSQL did not properly check the return values of certain standard library functions. If the system is in a state that would cause the standard library functions to fail, for example memory exhaustion, an authenticated user could exploit this flaw to disclose partial memory contents or cause the GSSAPI authentication to use an incorrect keytab file. (CVE-2015-3166)\n\nIt was discovered that the pgcrypto module could return different error messages when decrypting certain data with an incorrect key.\nThis can help an authenticated user to launch a possible cryptographic attack, although no suitable attack is currently known.\n(CVE-2015-3167)\n\nRed Hat would like to thank the PostgreSQL project for reporting these issues. Upstream acknowledges Benkocs Norbert Attila as the original reporter of CVE-2015-3165 and Noah Misch as the original reporter of CVE-2015-3166 and CVE-2015-3167.\n\nAll PostgreSQL users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. If the postgresql service is running, it will be automatically restarted after installing this update.", "modified": "2018-11-10T00:00:00", "id": "REDHAT-RHSA-2015-1194.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=84466", "published": "2015-06-30T00:00:00", "title": "RHEL 6 / 7 : postgresql (RHSA-2015:1194)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2015:1194. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(84466);\n script_version(\"1.13\");\n script_cvs_date(\"Date: 2018/11/10 11:49:54\");\n\n script_cve_id(\"CVE-2015-3165\", \"CVE-2015-3166\", \"CVE-2015-3167\");\n script_bugtraq_id(74787, 74789, 74790);\n script_xref(name:\"RHSA\", value:\"2015:1194\");\n\n script_name(english:\"RHEL 6 / 7 : postgresql (RHSA-2015:1194)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated postgresql packages that fix three security issues are now\navailable for Red Hat Enterprise Linux 6 and 7.\n\nRed Hat Product Security has rated this update as having Moderate\nsecurity impact. Common Vulnerability Scoring System (CVSS) base\nscores, which give detailed severity ratings, are available for each\nvulnerability from the CVE links in the References section.\n\nPostgreSQL is an advanced object-relational database management system\n(DBMS).\n\nA double-free flaw was found in the connection handling. An\nunauthenticated attacker could exploit this flaw to crash the\nPostgreSQL back end by disconnecting at approximately the same time as\nthe authentication time out is triggered. (CVE-2015-3165)\n\nIt was discovered that PostgreSQL did not properly check the return\nvalues of certain standard library functions. If the system is in a\nstate that would cause the standard library functions to fail, for\nexample memory exhaustion, an authenticated user could exploit this\nflaw to disclose partial memory contents or cause the GSSAPI\nauthentication to use an incorrect keytab file. (CVE-2015-3166)\n\nIt was discovered that the pgcrypto module could return different\nerror messages when decrypting certain data with an incorrect key.\nThis can help an authenticated user to launch a possible cryptographic\nattack, although no suitable attack is currently known.\n(CVE-2015-3167)\n\nRed Hat would like to thank the PostgreSQL project for reporting these\nissues. Upstream acknowledges Benkocs Norbert Attila as the original\nreporter of CVE-2015-3165 and Noah Misch as the original reporter of\nCVE-2015-3166 and CVE-2015-3167.\n\nAll PostgreSQL users are advised to upgrade to these updated packages,\nwhich contain backported patches to correct these issues. If the\npostgresql service is running, it will be automatically restarted\nafter installing this update.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2015:1194\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2015-3165\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2015-3167\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2015-3166\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:postgresql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:postgresql-contrib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:postgresql-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:postgresql-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:postgresql-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:postgresql-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:postgresql-plperl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:postgresql-plpython\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:postgresql-pltcl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:postgresql-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:postgresql-test\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:postgresql-upgrade\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.6\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/06/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/06/30\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = eregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^(6|7)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 6.x / 7.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2015:1194\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL6\", reference:\"postgresql-8.4.20-3.el6_6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"postgresql-contrib-8.4.20-3.el6_6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"postgresql-contrib-8.4.20-3.el6_6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"postgresql-contrib-8.4.20-3.el6_6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", reference:\"postgresql-debuginfo-8.4.20-3.el6_6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", reference:\"postgresql-devel-8.4.20-3.el6_6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"postgresql-docs-8.4.20-3.el6_6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"postgresql-docs-8.4.20-3.el6_6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"postgresql-docs-8.4.20-3.el6_6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", reference:\"postgresql-libs-8.4.20-3.el6_6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"postgresql-plperl-8.4.20-3.el6_6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"postgresql-plperl-8.4.20-3.el6_6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"postgresql-plperl-8.4.20-3.el6_6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"postgresql-plpython-8.4.20-3.el6_6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"postgresql-plpython-8.4.20-3.el6_6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"postgresql-plpython-8.4.20-3.el6_6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"postgresql-pltcl-8.4.20-3.el6_6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"postgresql-pltcl-8.4.20-3.el6_6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"postgresql-pltcl-8.4.20-3.el6_6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"postgresql-server-8.4.20-3.el6_6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"postgresql-server-8.4.20-3.el6_6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"postgresql-server-8.4.20-3.el6_6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"postgresql-test-8.4.20-3.el6_6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"postgresql-test-8.4.20-3.el6_6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"postgresql-test-8.4.20-3.el6_6\")) flag++;\n\n\n if (rpm_check(release:\"RHEL7\", reference:\"postgresql-9.2.13-1.el7_1\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"postgresql-contrib-9.2.13-1.el7_1\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"postgresql-contrib-9.2.13-1.el7_1\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"postgresql-debuginfo-9.2.13-1.el7_1\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"postgresql-devel-9.2.13-1.el7_1\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"postgresql-docs-9.2.13-1.el7_1\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"postgresql-docs-9.2.13-1.el7_1\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"postgresql-libs-9.2.13-1.el7_1\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"postgresql-plperl-9.2.13-1.el7_1\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"postgresql-plperl-9.2.13-1.el7_1\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"postgresql-plpython-9.2.13-1.el7_1\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"postgresql-plpython-9.2.13-1.el7_1\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"postgresql-pltcl-9.2.13-1.el7_1\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"postgresql-pltcl-9.2.13-1.el7_1\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"postgresql-server-9.2.13-1.el7_1\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"postgresql-server-9.2.13-1.el7_1\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"postgresql-test-9.2.13-1.el7_1\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"postgresql-test-9.2.13-1.el7_1\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"postgresql-upgrade-9.2.13-1.el7_1\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"postgresql-upgrade-9.2.13-1.el7_1\")) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"postgresql / postgresql-contrib / postgresql-debuginfo / etc\");\n }\n}\n", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2019-02-21T01:24:39", "bulletinFamily": "scanner", "description": "PostgreSQL was updated to the security and bugfix release 9.3.8 including 9.3.7.\n\nSecurity issues fixed :\n\n - CVE-2015-3165, bsc#931972: Avoid possible crash when client disconnects just before the authentication timeout expires.\n\n - CVE-2015-3166, bsc#931973: Consistently check for failure of the printf() family of functions.\n\n - CVE-2015-3167, bsc#931974: In contrib/pgcrypto, uniformly report decryption failures as 'Wrong key or corrupt data'\n\nBugs fixed :\n\n - Protect against wraparound of multixact member IDs.\n\n - Avoid failures while fsync'ing data directory during crash restart.\n\n - Fix pg_get_functiondef() to show functions' LEAKPROOF property, if set.\n\n - Allow libpq to use TLS protocol versions beyond v1.\n\n - For the full release notes, see the following two URLs http://www.postgresql.org/docs/9.3/static/release-9-3-8.\n html http://www.postgresql.org/docs/9.3/static/release-9-3-7.\n html\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "modified": "2018-12-18T00:00:00", "id": "SUSE_SU-2015-1264-1.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=84896", "published": "2015-07-21T00:00:00", "title": "SUSE SLED12 / SLES12 Security Update : postgresql93 (SUSE-SU-2015:1264-1)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2015:1264-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(84896);\n script_version(\"2.13\");\n script_cvs_date(\"Date: 2018/12/18 10:18:59\");\n\n script_cve_id(\"CVE-2015-3165\", \"CVE-2015-3166\", \"CVE-2015-3167\");\n script_bugtraq_id(74787, 74789, 74790);\n\n script_name(english:\"SUSE SLED12 / SLES12 Security Update : postgresql93 (SUSE-SU-2015:1264-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"PostgreSQL was updated to the security and bugfix release 9.3.8\nincluding 9.3.7.\n\nSecurity issues fixed :\n\n - CVE-2015-3165, bsc#931972: Avoid possible crash when\n client disconnects just before the authentication\n timeout expires.\n\n - CVE-2015-3166, bsc#931973: Consistently check for\n failure of the printf() family of functions.\n\n - CVE-2015-3167, bsc#931974: In contrib/pgcrypto,\n uniformly report decryption failures as 'Wrong key or\n corrupt data'\n\nBugs fixed :\n\n - Protect against wraparound of multixact member IDs.\n\n - Avoid failures while fsync'ing data directory during\n crash restart.\n\n - Fix pg_get_functiondef() to show functions' LEAKPROOF\n property, if set.\n\n - Allow libpq to use TLS protocol versions beyond v1.\n\n - For the full release notes, see the following two URLs\n http://www.postgresql.org/docs/9.3/static/release-9-3-8.\n html\n http://www.postgresql.org/docs/9.3/static/release-9-3-7.\n html\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n # http://www.postgresql.org/docs/9.3/static/release-9-3-7.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.postgresql.org/docs/9.3/release-9-3-7.html\"\n );\n # http://www.postgresql.org/docs/9.3/static/release-9-3-8.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.postgresql.org/docs/9.3/release-9-3-8.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=931972\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=931973\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=931974\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-3165/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-3166/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-3167/\"\n );\n # https://www.suse.com/support/update/announcement/2015/suse-su-20151264-1.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?bc9dab58\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"To install this SUSE Security Update use YaST online_update.\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Software Development Kit 12 :\n\nzypper in -t patch SUSE-SLE-SDK-12-2015-328=1\n\nSUSE Linux Enterprise Server 12 :\n\nzypper in -t patch SUSE-SLE-SERVER-12-2015-328=1\n\nSUSE Linux Enterprise Desktop 12 :\n\nzypper in -t patch SUSE-SLE-DESKTOP-12-2015-328=1\n\nTo bring your system up-to-date, use 'zypper patch'.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libecpg6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libecpg6-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libpq5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libpq5-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:postgresql93\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:postgresql93-contrib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:postgresql93-contrib-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:postgresql93-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:postgresql93-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:postgresql93-libs-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:postgresql93-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:postgresql93-server-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/06/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/07/21\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = eregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^(SLED12|SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLED12 / SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! ereg(pattern:\"^(0)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP0\", os_ver + \" SP\" + sp);\nif (os_ver == \"SLED12\" && (! ereg(pattern:\"^(0)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLED12 SP0\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"libecpg6-9.3.8-8.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"libecpg6-debuginfo-9.3.8-8.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"libpq5-9.3.8-8.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"libpq5-debuginfo-9.3.8-8.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"postgresql93-9.3.8-8.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"postgresql93-contrib-9.3.8-8.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"postgresql93-contrib-debuginfo-9.3.8-8.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"postgresql93-debuginfo-9.3.8-8.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"postgresql93-debugsource-9.3.8-8.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"postgresql93-libs-debugsource-9.3.8-8.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"postgresql93-server-9.3.8-8.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"postgresql93-server-debuginfo-9.3.8-8.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"libpq5-32bit-9.3.8-8.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"libpq5-debuginfo-32bit-9.3.8-8.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"0\", cpu:\"x86_64\", reference:\"libecpg6-9.3.8-8.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"0\", cpu:\"x86_64\", reference:\"libecpg6-debuginfo-9.3.8-8.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"0\", cpu:\"x86_64\", reference:\"libpq5-32bit-9.3.8-8.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"0\", cpu:\"x86_64\", reference:\"libpq5-9.3.8-8.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"0\", cpu:\"x86_64\", reference:\"libpq5-debuginfo-32bit-9.3.8-8.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"0\", cpu:\"x86_64\", reference:\"libpq5-debuginfo-9.3.8-8.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"0\", cpu:\"x86_64\", reference:\"postgresql93-9.3.8-8.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"0\", cpu:\"x86_64\", reference:\"postgresql93-debuginfo-9.3.8-8.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"0\", cpu:\"x86_64\", reference:\"postgresql93-debugsource-9.3.8-8.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"0\", cpu:\"x86_64\", reference:\"postgresql93-libs-debugsource-9.3.8-8.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"postgresql93\");\n}\n", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}], "freebsd": [{"lastseen": "2018-08-31T01:14:41", "bulletinFamily": "unix", "description": "\nPostgreSQL project reports:\n\n\n\t\tThis update fixes three security vulnerabilities reported in\n\t\tPostgreSQL over the past few months. Nether of these issues is seen as\n\t\tparticularly urgent. However, users should examine them in case their\n\t\tinstallations are vulnerable:.\n\t \n\nCVE-2015-3165 Double \"free\" after authentication timeout.\nCVE-2015-3166 Unanticipated errors from the standard library.\nCVE-2015-3167 pgcrypto has multiple error messages for decryption with an incorrect key.\n\n\n", "modified": "2015-04-10T00:00:00", "published": "2015-04-10T00:00:00", "id": "FC38CD83-00B3-11E5-8EBD-0026551A22DC", "href": "https://vuxml.freebsd.org/freebsd/fc38cd83-00b3-11e5-8ebd-0026551a22dc.html", "title": "PostgreSQL -- minor security problems.", "type": "freebsd", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}], "securityvulns": [{"lastseen": "2018-08-31T11:10:59", "bulletinFamily": "software", "description": "\r\n\r\n-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA512\r\n\r\n- -------------------------------------------------------------------------\r\nDebian Security Advisory DSA-3270-1 security@debian.org\r\nhttp://www.debian.org/security/ Christoph Berg\r\nMay 22, 2015 http://www.debian.org/security/faq\r\n- -------------------------------------------------------------------------\r\n\r\nPackage : postgresql-9.4\r\nCVE ID : CVE-2015-3165 CVE-2015-3166 CVE-2015-3167\r\n\r\nSeveral vulnerabilities have been found in PostgreSQL-9.4, a SQL\r\ndatabase system.\r\n\r\nCVE-2015-3165 (Remote crash)\r\n\r\n SSL clients disconnecting just before the authentication timeout\r\n expires can cause the server to crash.\r\n\r\nCVE-2015-3166 (Information exposure)\r\n\r\n The replacement implementation of snprintf() failed to check for\r\n errors reported by the underlying system library calls; the main\r\n case that might be missed is out-of-memory situations. In the worst\r\n case this might lead to information exposure.\r\n\r\nCVE-2015-3167 (Possible side-channel key exposure)\r\n\r\n In contrib/pgcrypto, some cases of decryption with an incorrect key\r\n could report other error message texts. Fix by using a\r\n one-size-fits-all message.\r\n\r\nFor the stable distribution (jessie), these problems have been fixed in\r\nversion 9.4.2-0+deb8u1.\r\n\r\nFor the testing distribution (stretch), these problems will be fixed\r\nsoon.\r\n\r\nFor the unstable distribution (sid), these problems have been fixed in\r\nversion 9.4.2-1.\r\n\r\nWe recommend that you upgrade your postgresql-9.4 packages.\r\n\r\nFurther information about Debian Security Advisories, how to apply\r\nthese updates to your system and frequently asked questions can be\r\nfound at: https://www.debian.org/security/\r\n\r\nMailing list: debian-security-announce@lists.debian.org\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG v1\r\n\r\niQIcBAEBCgAGBQJVX0iTAAoJEAVMuPMTQ89EOo4P/08xy75M/fh+SGhqc2BHHlYz\r\nrw2R0p52t6ijS+zt6Z9klLvcFE+tuJNB/cr8CnW1PNuOcejwsUkyHahmxXROG4Y4\r\nwg89EJ/e2kVtZxNGiTMDpspwmOKLqZSf4UI3E/xCmxU6tiHJL/Ihn/MJUr3WwEZS\r\nyiUs6fZUpuxo9X8Hoi419fpby5Saefx5pYgQ+i3Za4cD90pWi8t/zPUfwpfaIPMS\r\ns1z0165j7pKdevLUCVhKLsZF2CEcykrVdXASEscbGWoqeH2+Hf9l7A0rW1QRL1eE\r\nCJyFOg3O/Git4JmnmV5A/uI5YVEUALzJYweuSilZg3gRz6sLV9/CI5IRirZlyGSA\r\nJYiFjJZMtCjmjPaMoBnCH5RhPh7jkDO2KJ/8UkvH9M/8AMwy1ex4aixGCjPvJeUL\r\nPM4sShtUe9jJszfkJliX1KtyXyvyUbCQl2gATFQUJlOnn5HvWE7J5R3mxKR+k12P\r\nSyF+C6Exzd90UjYPNwaFkIf54Pgmwd90wutO3wf63zyQxPVMGyTuMVHW0Kc5phI7\r\nGGxgQjMFKOi7QMDBhVoIcdyEJndqKZOwpmTUi7NlbDGPx0RiExKIzC5DSnz0VYoX\r\nuRdRPF/jQqdbnVnHAv79BJT9QtyjUNVNXIccSdZiG33bLSiSZNxw4btY/npuDCTN\r\n7zkVlxdUQcdTogIM2OAG\r\n=CFYg\r\n-----END PGP SIGNATURE-----\r\n\r\n", "modified": "2015-05-25T00:00:00", "published": "2015-05-25T00:00:00", "id": "SECURITYVULNS:DOC:32134", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:32134", "title": "[SECURITY] [DSA 3270-1] postgresql-9.4 security update", "type": "securityvulns", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}], "centos": [{"lastseen": "2017-10-03T18:25:45", "bulletinFamily": "unix", "description": "**CentOS Errata and Security Advisory** CESA-2015:1194\n\n\nPostgreSQL is an advanced object-relational database management system\n(DBMS).\n\nA double-free flaw was found in the connection handling. An unauthenticated\nattacker could exploit this flaw to crash the PostgreSQL back end by\ndisconnecting at approximately the same time as the authentication time out\nis triggered. (CVE-2015-3165)\n\nIt was discovered that PostgreSQL did not properly check the return values\nof certain standard library functions. If the system is in a state that\nwould cause the standard library functions to fail, for example memory\nexhaustion, an authenticated user could exploit this flaw to disclose\npartial memory contents or cause the GSSAPI authentication to use an\nincorrect keytab file. (CVE-2015-3166)\n\nIt was discovered that the pgcrypto module could return different error\nmessages when decrypting certain data with an incorrect key. This can help\nan authenticated user to launch a possible cryptographic attack, although\nno suitable attack is currently known. (CVE-2015-3167)\n\nRed Hat would like to thank the PostgreSQL project for reporting these\nissues. Upstream acknowledges Benkocs Norbert Attila as the original\nreporter of CVE-2015-3165 and Noah Misch as the original reporter of\nCVE-2015-3166 and CVE-2015-3167.\n\nAll PostgreSQL users are advised to upgrade to these updated packages,\nwhich contain backported patches to correct these issues. If the\npostgresql service is running, it will be automatically restarted after\ninstalling this update.\n\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2015-June/021227.html\nhttp://lists.centos.org/pipermail/centos-announce/2015-June/021229.html\n\n**Affected packages:**\npostgresql\npostgresql-contrib\npostgresql-devel\npostgresql-docs\npostgresql-libs\npostgresql-plperl\npostgresql-plpython\npostgresql-pltcl\npostgresql-server\npostgresql-test\npostgresql-upgrade\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2015-1194.html", "modified": "2015-06-29T16:37:58", "published": "2015-06-29T16:03:44", "href": "http://lists.centos.org/pipermail/centos-announce/2015-June/021227.html", "id": "CESA-2015:1194", "title": "postgresql security update", "type": "centos", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}], "ubuntu": [{"lastseen": "2018-08-31T00:09:28", "bulletinFamily": "unix", "description": "Benkocs Norbert Attila discovered that PostgreSQL incorrectly handled authentication timeouts. A remote attacker could use this flaw to cause the unauthenticated session to crash, possibly leading to a security issue. (CVE-2015-3165)\n\nNoah Misch discovered that PostgreSQL incorrectly handled certain standard library function return values, possibly leading to security issues. (CVE-2015-3166)\n\nNoah Misch discovered that the pgcrypto function could return different error messages when decrypting using an incorrect key, possibly leading to a security issue. (CVE-2015-3167)", "modified": "2015-05-25T00:00:00", "published": "2015-05-25T00:00:00", "id": "USN-2621-1", "href": "https://usn.ubuntu.com/2621-1/", "title": "PostgreSQL vulnerabilities", "type": "ubuntu", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}], "gentoo": [{"lastseen": "2016-09-06T19:46:34", "bulletinFamily": "unix", "description": "### Background\n\nPostgreSQL is an open source object-relational database management system. \n\n### Description\n\nMultiple vulnerabilities have been discovered in PostgreSQL. Please review the CVE identifiers referenced below for details. \n\n### Impact\n\nA remote attacker could possibly execute arbitrary code with the privileges of the process, cause a Denial of Service condition or escalate privileges. \n\n### Workaround\n\nThere is no known workaround at this time.\n\n### Resolution\n\nAll PostgreSQL 9.0.x users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=dev-db/postgresql-9.0.21\"\n \n\nAll PostgreSQL 9.1.x users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=dev-db/postgresql-9.1.17\"\n \n\nAll PostgreSQL 9.2.x users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=dev-db/postgresql-9.2.12\"\n \n\nAll PostgreSQL 9.3.x users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=dev-db/postgresql-9.3.8\"\n \n\nAll PostgreSQL 9.4.x users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=dev-db/postgresql-9.4.3\"", "modified": "2015-08-22T00:00:00", "published": "2015-07-18T00:00:00", "id": "GLSA-201507-20", "href": "https://security.gentoo.org/glsa/201507-20", "type": "gentoo", "title": "PostgreSQL: Multiple vulnerabilities", "cvss": {"score": 4.4, "vector": "AV:NETWORK/AC:MEDIUM/Au:UNKNOWN/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "kaspersky": [{"lastseen": "2019-02-19T17:02:37", "bulletinFamily": "info", "description": "### *Detect date*:\n05/28/2015\n\n### *Severity*:\nWarning\n\n### *Description*:\nMultiple serious vulnerabilities have been found in PostgreSQL. Malicious users can exploit these vulnerabilities to cause denial of service or conduct some other impact.\n\n### *Affected products*:\nPostgreSQL versions earlier than 9.0.20 \nPostgreSQL 9.1 versions earlier than 9.1.16 \nPostgreSQL 9.2 versions earlier than 9.2.11 \nPostgreSQL 9.3 versions earlier than 9.3.7 \nPostgreSQL 9.4 versions earlier than 9.4.2\n\n### *Solution*:\nUpdate to the latest version \n[Get PostgreSQL](<http://www.enterprisedb.com/products-services-training/pgdownload#windows>)\n\n### *Original advisories*:\n[PostrgeSQL blog entry](<http://www.postgresql.org/about/news/1587/>) \n\n\n### *Impacts*:\nDoS \n\n### *Related products*:\n[PostgreSQL](<https://threats.kaspersky.com/en/product/PostgreSQL/>)\n\n### *CVE-IDS*:\n[CVE-2015-3165](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3165>)", "modified": "2019-02-15T00:00:00", "published": "2015-05-28T00:00:00", "id": "KLA10592", "href": "https://threats.kaspersky.com/en/vulnerability/KLA10592", "title": "\r KLA10592Denial of service vulnerability in PostgreSQL ", "type": "kaspersky", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}], "huawei": [{"lastseen": "2019-02-01T18:01:39", "bulletinFamily": "software", "description": "Products\n\nSwitches\nRouters\nWLAN\nServers\nSee All\n\n\n\nSolutions\n\nCloud Data Center\nEnterprise Networking\nWireless Private Network\nSolutions by Industry\nSee All\n\n\n\nServices\n\nTraining and Certification\nICT Lifecycle Services\nTechnology Services\nIndustry Solution Services\nSee All\n\n\n\nSee all offerings at e.huawei.com\n\n\n\nNeed Support ?\n\nProduct Support\nSoftware Download\nCommunity\nTools\n\nGo to Full Support", "modified": "2017-11-10T00:00:00", "published": "2017-06-07T00:00:00", "id": "HUAWEI-SA-20170607-01-GAUSSDB", "href": "https://www.huawei.com/en/psirt/security-advisories/2017/huawei-sa-20170607-01-gaussdb-en", "title": "Security Advisory - Two Buffer Overflow Vulnerabilities in the GaussDB", "type": "huawei", "cvss": {"score": 4.4, "vector": "AV:NETWORK/AC:MEDIUM/Au:UNKNOWN/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}]}
