4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:N/I:N/A:P
PostgreSQL is vulnerable to denial of service (DoS). The vulnerability is possible because it does not handle the connection properly, allowing an attacker to crash the PostgreSQL back end by disconnecting at approximately the same time as the authentication time out is triggered.
lists.apple.com/archives/security-announce/2015/Sep/msg00004.html
rhn.redhat.com/errata/RHSA-2015-1194.html
rhn.redhat.com/errata/RHSA-2015-1195.html
rhn.redhat.com/errata/RHSA-2015-1196.html
www.debian.org/security/2015/dsa-3269
www.debian.org/security/2015/dsa-3270
www.postgresql.org/about/news/1587/
www.postgresql.org/docs/9.0/static/release-9-0-20.html
www.postgresql.org/docs/9.1/static/release-9-1-16.html
www.postgresql.org/docs/9.2/static/release-9-2-11.html
www.postgresql.org/docs/9.3/static/release-9-3-7.html
www.postgresql.org/docs/9.4/static/release-9-4-2.html
www.securityfocus.com/bid/74787
www.ubuntu.com/usn/USN-2621-1
access.redhat.com/security/updates/classification/#moderate
rhn.redhat.com/errata/RHSA-2015-1194.html
security.gentoo.org/glsa/201507-20
support.apple.com/HT205219