|
Vulnerability Assessment & Network Security Forums |
|||||||||
If through a vulnerability assessment, a network security issue is detected for the vulnerability below, applying the appropriate security patches in a timely matter is very important. If you have detected that your system has already been compromised, following CERT's Network Security recovery document will assist with recommended steps for system recovery. Home >> Browse Vulnerability Assessment Database >> Ubuntu Local Security Checks >> USN6-1 : postgresql contributed script vulnerability Vulnerability Assessment Details
|
USN6-1 : postgresql contributed script vulnerability |
||
postgresql contributed script vulnerability Detailed Explanation for this Vulnerability Assessment Summary : These remote packages are missing security patches : - libecpg-dev - libecpg4 - libpgtcl - libpgtcl-dev - libpq3 - postgresql - postgresql-client - postgresql-contrib - postgresql-dev - postgresql-doc Description : Recently, Trustix Secure Linux discovered a vulnerability in the postgresql-contrib package. The script "make_oidjoins_check" created temporary files in an insecure way, which permited a symlink attack to create or overwrite arbitrary files with the rights of the user invoking the script. Solution : Upgrade to : - libecpg-dev-7.4.5-3ubuntu0.1 (Ubuntu 4.10) - libecpg4-7.4.5-3ubuntu0.1 (Ubuntu 4.10) - libpgtcl-7.4.5-3ubuntu0.1 (Ubuntu 4.10) - libpgtcl-dev-7.4.5-3ubuntu0.1 (Ubuntu 4.10) - libpq3-7.4.5-3ubuntu0.1 (Ubuntu 4.10) - postgresql-7.4.5-3ubuntu0.1 (Ubuntu 4.10) - postgresql-client-7.4.5-3ubuntu0.1 (Ubuntu 4.10) - postgresql-contrib-7.4.5-3ubuntu0.1 (Ubuntu 4.10) - postgresql-dev-7.4.5-3ubuntu0.1 (Ubuntu 4.10) - postgresql-doc-7.4.5-3ubuntu0.1 (Ubuntu 4.10) Network Security Threat Level: High Networks Security ID: Vulnerability Assessment Copyright: Ubuntu Security Notice (C) 2005 Canonical, Inc. / NASL script (C) 2005 Michel Arboi |
||
Cables, Connectors |
Dell PowerEdge R720 Server - 2x8c CPU,256Gb RAM, 128Gb SSD/3x900Gb SAS, Proxmox
$340.00
Intel XEON E5-2699 V3 CPU PROCESSOR 18 CORE 2.30GHZ 45MB L3 CACHE 145W SR1XD
$45.00
Dell PowerEdge R920 24 SFF 4x E7-8891 v2 3.2GHz =40 Cores 1024GB No HDD H730P
$985.00
Dell PowerEdge R730 8 SFF 2x E5-2660 v4 28 Cores 128/256GB 0/3x 900GB 6Gbps H730
$349.99
Intel Xeon E5-2680 v4 2.4GHz 35MB 14-Core 120W LGA2011-3 SR2N7
$17.99
Intel Xeon Gold 6140 SR3AX 2.3GHz 18-Core Processor CPU
$44.99
Intel Xeon E5-2697 v2 2.7GHz 30M 12-Core LGA2011 CPU Processor SR19H
$27.99
SR1XP Intel Xeon E5-2680 v3 12 Core 30MB 2.5GHz LGA 2011-3 A Grade Processor
$5.09
HP Workstation Z640 2x Xeon E5-2623V4 32GB Ram Dual 256GB SSD K420 Linux GA
$234.98
Dell Precision T5600/t5610 Xeon E5-2670 2.6Ghz 16GB DDR3 RAM NO HDD Nvidia
$90.00
|
||
No Discussions have been posted on this vulnerability. |