[email protected] – PostgreSQL: three vulnerabilities

CERT-LatestNews Security News ThreatsCybercrime Uncategorized VulnerabilitiesAll VulnerabilitiesCrypto VulnerabilitiesLinux
KenGilmour36

This bulletin was written by [email protected] : https://vigilance.fr/offer

SYNTHESIS OF THE VULNERABILITY

An attacker can use several vulnerabilities of PostgreSQL.

- Impacted products: Debian, Fedora, openSUSE Leap, PostgreSQL, RHEL.
- Severity: 2/4.
- Creation date: 11/05/2017.

DESCRIPTION OF THE VULNERABILITY

Several vulnerabilities were announced in PostgreSQL.

An attacker can bypass security features via Selectivity Estimators, in order to escalate his privileges. [severity:2/4; CVE-2017-7484]

An attacker can act as a Man-in-the-Middle via libpq, in order to read or write data in the session. [severity:2/4; CVE-2017-7485]

An attacker can bypass security features via pg_user_mappings, in order to obtain sensitive information. [severity:2/4; CVE-2017-7486]

ACCESS TO THE COMPLETE [email protected] BULLETIN

https://vigilance.fr/vulnerability/…

http://www.globalsecuritymag.com/Vigil-nce-PostgreSQL-three,20170711,72549.html

Tagged
KenGilmour

Related Posts

CYBER THREATS ARE SPIKING AS REMOTE WORKER RANKS SOAR

Auto Bot

Booz Allen aims to help subs, suppliers reach CMMC compliance through evaluating system security

Auto Bot

5 reasons why you should work at Balbix (and 3 reasons why you should not ….)

Hacktivist Monitoring Bot