Lucene search

K

Veracode Vulnerability DatabaseVERACODE:23209

HistoryApr 10, 2020 - 12:19 a.m.

Privilege Escalation

2020-04-1000:19:40

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

6

6.5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:P/I:P/A:P

postgresql is vulnerable to privilege escalation. The vulnerability exists as an authenticated attacker could create an index function that would be executed with administrator privileges during database maintenance tasks, such as database vacuuming.

CPENameOperatorVersion
postgresqleq8.1.9__1.el5
postgresqleq8.1.8__1.el4s1.1
postgresqleq8.1.9__1.el4s1.1
postgresqleq8.2.4__6.el5s2
postgresqleq7.4.19__1.el4_6.1
postgresqleq8.1.7__3.el4s1.1
postgresqleq8.1.8__1.el5
postgresqleq8.1.4__1.el4s1.1
postgresqleq8.1.11__1.el5_1.1
postgresqleq8.1.9__1.el5

Rows per page:

1-10 of 181

References

h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01420154

lists.opensuse.org/opensuse-security-announce/2008-02/msg00000.html

secunia.com/advisories/28359

secunia.com/advisories/28376

secunia.com/advisories/28437

secunia.com/advisories/28438

secunia.com/advisories/28445

secunia.com/advisories/28454

secunia.com/advisories/28455

secunia.com/advisories/28464

secunia.com/advisories/28477

secunia.com/advisories/28479

secunia.com/advisories/28679

secunia.com/advisories/28698

secunia.com/advisories/29638

security.gentoo.org/glsa/glsa-200801-15.xml

securitytracker.com/id?1019157

sunsolve.sun.com/search/document.do?assetkey=1-26-103197-1

sunsolve.sun.com/search/document.do?assetkey=1-66-200559-1

www.debian.org/security/2008/dsa-1460

www.debian.org/security/2008/dsa-1463

www.mandriva.com/security/advisories?name=MDVSA-2008:004

www.postgresql.org/about/news.905

www.redhat.com/security/updates/classification/#moderate

www.redhat.com/support/errata/RHSA-2008-0038.html

www.redhat.com/support/errata/RHSA-2008-0039.html

www.redhat.com/support/errata/RHSA-2008-0040.html

www.securityfocus.com/archive/1/485864/100/0/threaded

www.securityfocus.com/archive/1/486407/100/0/threaded

www.securityfocus.com/bid/27163

www.vupen.com/english/advisories/2008/0061

www.vupen.com/english/advisories/2008/0109

www.vupen.com/english/advisories/2008/1071/references

access.redhat.com/errata/RHSA-2008:0038

exchange.xforce.ibmcloud.com/vulnerabilities/39496

issues.rpath.com/browse/RPL-1768

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10493

usn.ubuntu.com/568-1/

www.redhat.com/archives/fedora-package-announce/2008-January/msg00397.html

www.redhat.com/archives/fedora-package-announce/2008-January/msg00469.html

6.5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:P/I:P/A:P

Related for VERACODE:23209

postgresql1 openvas62 nessus34 fedora4 prion3 ubuntucve3 cve3 oraclelinux2 centos4 veracode1 redhat6 securityvulns4 ubuntu2 freebsd2 suse1 osv2 debian2 gentoo1