4 - CVE-2014-0066

Executive Summary

Informations
Name	CVE-2014-0066	First vendor Publication	2014-03-31
Vendor	Cve	Last vendor Modification	2023-02-13

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score	NA
Base Score	NA	Environmental Score	NA
impact SubScore	NA	Temporal Score	NA
Exploitabality Sub Score	NA

Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:S/C:N/I:N/A:P)
Cvss Base Score	4	Attack Range	Network
Cvss Impact Score	2.9	Attack Complexity	Low
Cvss Expoit Score	8	Authentication	Requires single instance
Calculate full CVSS 2.0 Vectors scores

Detail

The chkpass extension in PostgreSQL before 8.4.20, 9.0.x before 9.0.16, 9.1.x before 9.1.12, 9.2.x before 9.2.7, and 9.3.x before 9.3.3 does not properly check the return value of the crypt library function, which allows remote authenticated users to cause a denial of service (NULL pointer dereference and crash) via unspecified vectors.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0066

CWE : Common Weakness Enumeration

%	Id	Name
100 %	CWE-20	Improper Input Validation

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:23699

Oval ID:	oval:org.mitre.oval:def:23699
Title:	ELSA-2014:0249: postgresql security update (Important)
Description:	The chkpass extension in PostgreSQL before 8.4.20, 9.0.x before 9.0.16, 9.1.x before 9.1.12, 9.2.x before 9.2.7, and 9.3.x before 9.3.3 does not properly check the return value of the crypt library function, which allows remote authenticated users to cause a denial of service (NULL pointer dereference and crash) via unspecified vectors.
Family:	unix	Class:	patch
Reference(s):	ELSA-2014:0249-00 CVE-2014-0060 CVE-2014-0061 CVE-2014-0062 CVE-2014-0063 CVE-2014-0064 CVE-2014-0065 CVE-2014-0066	Version:	12
Platform(s):	Oracle Linux 5	Product(s):	postgresql
Definition Synopsis:
Oracle Linux 5.x rpm test postgresql-contrib is earlier than 0:8.1.23-10.el5_10 AND postgresql-docs is earlier than 0:8.1.23-10.el5_10 AND postgresql-devel is earlier than 0:8.1.23-10.el5_10 AND postgresql is earlier than 0:8.1.23-10.el5_10 AND postgresql-test is earlier than 0:8.1.23-10.el5_10 AND postgresql-pl is earlier than 0:8.1.23-10.el5_10 AND postgresql-python is earlier than 0:8.1.23-10.el5_10 AND postgresql-tcl is earlier than 0:8.1.23-10.el5_10 AND postgresql-server is earlier than 0:8.1.23-10.el5_10 AND postgresql-libs is earlier than 0:8.1.23-10.el5_10

Definition Id: oval:org.mitre.oval:def:24114

Oval ID:	oval:org.mitre.oval:def:24114
Title:	DEPRECATED: ELSA-2014:0211: postgresql84 and postgresql security update (Important)
Description:	The chkpass extension in PostgreSQL before 8.4.20, 9.0.x before 9.0.16, 9.1.x before 9.1.12, 9.2.x before 9.2.7, and 9.3.x before 9.3.3 does not properly check the return value of the crypt library function, which allows remote authenticated users to cause a denial of service (NULL pointer dereference and crash) via unspecified vectors.
Family:	unix	Class:	patch
Reference(s):	ELSA-2014:0211-00 CVE-2014-0060 CVE-2014-0061 CVE-2014-0062 CVE-2014-0063 CVE-2014-0064 CVE-2014-0065 CVE-2014-0066	Version:	12
Platform(s):	Oracle Linux 6 Oracle Linux 5	Product(s):	postgresql84 postgresql
Definition Synopsis:
rpm test Oracle Linux 5.x AND rpm test postgresql84-python is earlier than 0:8.4.20-1.el5_10 AND postgresql84-devel is earlier than 0:8.4.20-1.el5_10 AND postgresql84-tcl is earlier than 0:8.4.20-1.el5_10 AND postgresql84-docs is earlier than 0:8.4.20-1.el5_10 AND postgresql84-pltcl is earlier than 0:8.4.20-1.el5_10 AND postgresql84-server is earlier than 0:8.4.20-1.el5_10 AND postgresql84-test is earlier than 0:8.4.20-1.el5_10 AND postgresql84-plpython is earlier than 0:8.4.20-1.el5_10 AND postgresql84-libs is earlier than 0:8.4.20-1.el5_10 AND postgresql84-contrib is earlier than 0:8.4.20-1.el5_10 AND postgresql84 is earlier than 0:8.4.20-1.el5_10 AND postgresql84-plperl is earlier than 0:8.4.20-1.el5_10 OR rpm test Oracle Linux 6.x AND rpm test postgresql-contrib is earlier than 0:8.4.20-1.el6_5 AND postgresql-libs is earlier than 0:8.4.20-1.el6_5 AND postgresql-docs is earlier than 0:8.4.20-1.el6_5 AND postgresql-server is earlier than 0:8.4.20-1.el6_5 AND postgresql-test is earlier than 0:8.4.20-1.el6_5 AND postgresql-devel is earlier than 0:8.4.20-1.el6_5 AND postgresql-plperl is earlier than 0:8.4.20-1.el6_5 AND postgresql-pltcl is earlier than 0:8.4.20-1.el6_5 AND postgresql-plpython is earlier than 0:8.4.20-1.el6_5 AND postgresql is earlier than 0:8.4.20-1.el6_5

Definition Id: oval:org.mitre.oval:def:24127

Oval ID:	oval:org.mitre.oval:def:24127
Title:	RHSA-2014:0211: postgresql84 and postgresql security update (Important)
Description:	PostgreSQL is an advanced object-relational database management system (DBMS). Multiple stack-based buffer overflow flaws were found in the date/time implementation of PostgreSQL. An authenticated database user could provide a specially crafted date/time value that, when processed, could cause PostgreSQL to crash or, potentially, execute arbitrary code with the permissions of the user running PostgreSQL. (CVE-2014-0063) Multiple integer overflow flaws, leading to heap-based buffer overflows, were found in various type input functions in PostgreSQL. An authenticated database user could possibly use these flaws to crash PostgreSQL or, potentially, execute arbitrary code with the permissions of the user running PostgreSQL. (CVE-2014-0064) Multiple potential buffer overflow flaws were found in PostgreSQL. An authenticated database user could possibly use these flaws to crash PostgreSQL or, potentially, execute arbitrary code with the permissions of the user running PostgreSQL. (CVE-2014-0065) It was found that granting an SQL role to a database user in a PostgreSQL database without specifying the "ADMIN" option allowed the grantee to remove other users from their granted role. An authenticated database user could use this flaw to remove a user from an SQL role which they were granted access to. (CVE-2014-0060) A flaw was found in the validator functions provided by PostgreSQL's procedural languages (PLs). An authenticated database user could possibly use this flaw to escalate their privileges. (CVE-2014-0061) A race condition was found in the way the CREATE INDEX command performed multiple independent lookups of a table that had to be indexed. An authenticated database user could possibly use this flaw to escalate their privileges. (CVE-2014-0062) It was found that the chkpass extension of PostgreSQL did not check the return value of the crypt() function. An authenticated database user could possibly use this flaw to crash PostgreSQL via a null pointer dereference. (CVE-2014-0066) Red Hat would like to thank the PostgreSQL project for reporting these issues. Upstream acknowledges Noah Misch as the original reporter of CVE-2014-0060 and CVE-2014-0063, Heikki Linnakangas and Noah Misch as the original reporters of CVE-2014-0064, Peter Eisentraut and Jozef Mlich as the original reporters of CVE-2014-0065, Andres Freund as the original reporter of CVE-2014-0061, Robert Haas and Andres Freund as the original reporters of CVE-2014-0062, and Honza Horak and Bruce Momjian as the original reporters of CVE-2014-0066. These updated packages upgrade PostgreSQL to version 8.4.20, which fixes these issues as well as several non-security issues. Refer to the PostgreSQL Release Notes for a full list of changes: http://www.postgresql.org/docs/8.4/static/release-8-4-19.html http://www.postgresql.org/docs/8.4/static/release-8-4-20.html All PostgreSQL users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. If the postgresql service is running, it will be automatically restarted after installing this update.
Family:	unix	Class:	patch
Reference(s):	RHSA-2014:0211-00 CESA-2014:0211 CVE-2014-0060 CVE-2014-0061 CVE-2014-0062 CVE-2014-0063 CVE-2014-0064 CVE-2014-0065 CVE-2014-0066	Version:	21
Platform(s):	Red Hat Enterprise Linux 6 Red Hat Enterprise Linux 5 CentOS Linux 5 CentOS Linux 6	Product(s):	postgresql84 postgresql
Definition Synopsis:
Operation system section Redhat 5 or Centos 5 release The operating system installed on the system is Red Hat Enterprise Linux 5 AND The operating system installed on the system is CentOS Linux 5.x Packages section postgresql84-python is earlier than 0:8.4.20-1.el5_10 AND postgresql84-devel is earlier than 0:8.4.20-1.el5_10 AND postgresql84-tcl is earlier than 0:8.4.20-1.el5_10 AND postgresql84-docs is earlier than 0:8.4.20-1.el5_10 AND postgresql84-pltcl is earlier than 0:8.4.20-1.el5_10 AND postgresql84-server is earlier than 0:8.4.20-1.el5_10 AND postgresql84-test is earlier than 0:8.4.20-1.el5_10 AND postgresql84-plpython is earlier than 0:8.4.20-1.el5_10 AND postgresql84-libs is earlier than 0:8.4.20-1.el5_10 AND postgresql84-contrib is earlier than 0:8.4.20-1.el5_10 AND postgresql84 is earlier than 0:8.4.20-1.el5_10 AND postgresql84-plperl is earlier than 0:8.4.20-1.el5_10 AND Operation system section Redhat 6 or Centos 6 release The operating system installed on the system is Red Hat Enterprise Linux 6 AND The operating system installed on the system is CentOS Linux 6.x Packages section postgresql-contrib is earlier than 0:8.4.20-1.el6_5 AND postgresql-libs is earlier than 0:8.4.20-1.el6_5 AND postgresql-docs is earlier than 0:8.4.20-1.el6_5 AND postgresql-server is earlier than 0:8.4.20-1.el6_5 AND postgresql-test is earlier than 0:8.4.20-1.el6_5 AND postgresql-devel is earlier than 0:8.4.20-1.el6_5 AND postgresql-plperl is earlier than 0:8.4.20-1.el6_5 AND postgresql-pltcl is earlier than 0:8.4.20-1.el6_5 AND postgresql-plpython is earlier than 0:8.4.20-1.el6_5 AND postgresql is earlier than 0:8.4.20-1.el6_5

Definition Id: oval:org.mitre.oval:def:24230

Oval ID:	oval:org.mitre.oval:def:24230
Title:	RHSA-2014:0249: postgresql security update (Important)
Description:	PostgreSQL is an advanced object-relational database management system (DBMS). Multiple stack-based buffer overflow flaws were found in the date/time implementation of PostgreSQL. An authenticated database user could provide a specially crafted date/time value that, when processed, could cause PostgreSQL to crash or, potentially, execute arbitrary code with the permissions of the user running PostgreSQL. (CVE-2014-0063) Multiple integer overflow flaws, leading to heap-based buffer overflows, were found in various type input functions in PostgreSQL. An authenticated database user could possibly use these flaws to crash PostgreSQL or, potentially, execute arbitrary code with the permissions of the user running PostgreSQL. (CVE-2014-0064) Multiple potential buffer overflow flaws were found in PostgreSQL. An authenticated database user could possibly use these flaws to crash PostgreSQL or, potentially, execute arbitrary code with the permissions of the user running PostgreSQL. (CVE-2014-0065) It was found that granting an SQL role to a database user in a PostgreSQL database without specifying the "ADMIN" option allowed the grantee to remove other users from their granted role. An authenticated database user could use this flaw to remove a user from an SQL role which they were granted access to. (CVE-2014-0060) A flaw was found in the validator functions provided by PostgreSQL's procedural languages (PLs). An authenticated database user could possibly use this flaw to escalate their privileges. (CVE-2014-0061) A race condition was found in the way the CREATE INDEX command performed multiple independent lookups of a table that had to be indexed. An authenticated database user could possibly use this flaw to escalate their privileges. (CVE-2014-0062) It was found that the chkpass extension of PostgreSQL did not check the return value of the crypt() function. An authenticated database user could possibly use this flaw to crash PostgreSQL via a null pointer dereference. (CVE-2014-0066) Red Hat would like to thank the PostgreSQL project for reporting these issues. Upstream acknowledges Noah Misch as the original reporter of CVE-2014-0060 and CVE-2014-0063, Heikki Linnakangas and Noah Misch as the original reporters of CVE-2014-0064, Peter Eisentraut and Jozef Mlich as the original reporters of CVE-2014-0065, Andres Freund as the original reporter of CVE-2014-0061, Robert Haas and Andres Freund as the original reporters of CVE-2014-0062, and Honza Horak and Bruce Momjian as the original reporters of CVE-2014-0066. These updated packages upgrade PostgreSQL to version 8.4.20, which fixes these issues as well as several non-security issues. Refer to the PostgreSQL Release Notes for a full list of changes: http://www.postgresql.org/docs/8.4/static/release-8-4-19.html http://www.postgresql.org/docs/8.4/static/release-8-4-20.html All PostgreSQL users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. If the postgresql service is running, it will be automatically restarted after installing this update.
Family:	unix	Class:	patch
Reference(s):	RHSA-2014:0249-00 CESA-2014:0249 CVE-2014-0060 CVE-2014-0061 CVE-2014-0062 CVE-2014-0063 CVE-2014-0064 CVE-2014-0065 CVE-2014-0066	Version:	21
Platform(s):	Red Hat Enterprise Linux 5 CentOS Linux 5	Product(s):	postgresql
Definition Synopsis:
Redhat 5 or Centos 5 release The operating system installed on the system is Red Hat Enterprise Linux 5 AND The operating system installed on the system is CentOS Linux 5.x Packages section postgresql-contrib is earlier than 0:8.1.23-10.el5_10 AND postgresql-docs is earlier than 0:8.1.23-10.el5_10 AND postgresql-devel is earlier than 0:8.1.23-10.el5_10 AND postgresql is earlier than 0:8.1.23-10.el5_10 AND postgresql-test is earlier than 0:8.1.23-10.el5_10 AND postgresql-pl is earlier than 0:8.1.23-10.el5_10 AND postgresql-python is earlier than 0:8.1.23-10.el5_10 AND postgresql-tcl is earlier than 0:8.1.23-10.el5_10 AND postgresql-server is earlier than 0:8.1.23-10.el5_10 AND postgresql-libs is earlier than 0:8.1.23-10.el5_10

Definition Id: oval:org.mitre.oval:def:24345

Oval ID:	oval:org.mitre.oval:def:24345
Title:	USN-2120-1 -- postgresql-8.4, postgresql-9.1 vulnerabilities
Description:	Several security issues were fixed in PostgreSQL.
Family:	unix	Class:	patch
Reference(s):	USN-2120-1 CVE-2014-0060 CVE-2014-0061 CVE-2014-0062 CVE-2014-0063 CVE-2014-0064 CVE-2014-0065 CVE-2014-0066	Version:	5
Platform(s):	Ubuntu 13.10 Ubuntu 12.10 Ubuntu 12.04 Ubuntu 10.04	Product(s):	postgresql-9.1 postgresql-8.4
Definition Synopsis:
Ubuntu 13.10 release section Ubuntu 13.10 is installed AND postgresql-9.1 DPKG is earlier than 0:9.1.12-0ubuntu0.13.10 AND Ubuntu 12.10 release section Ubuntu 12.10 is installed AND postgresql-9.1 DPKG is earlier than 0:9.1.12-0ubuntu0.12.10 AND Ubuntu 12.04 release section Ubuntu 12.04 is installed AND postgresql-9.1 DPKG is earlier than 0:9.1.12-0ubuntu0.12.04 AND Ubuntu 10.04 release section Ubuntu 10.04 is installed AND postgresql-8.4 DPKG is earlier than 0:8.4.20-0ubuntu010.04

Definition Id: oval:org.mitre.oval:def:24493

Oval ID:	oval:org.mitre.oval:def:24493
Title:	ELSA-2014:0211: postgresql84 and postgresql security update (Important)
Description:	PostgreSQL is an advanced object-relational database management system (DBMS). Multiple stack-based buffer overflow flaws were found in the date/time implementation of PostgreSQL. An authenticated database user could provide a specially crafted date/time value that, when processed, could cause PostgreSQL to crash or, potentially, execute arbitrary code with the permissions of the user running PostgreSQL. (CVE-2014-0063) Multiple integer overflow flaws, leading to heap-based buffer overflows, were found in various type input functions in PostgreSQL. An authenticated database user could possibly use these flaws to crash PostgreSQL or, potentially, execute arbitrary code with the permissions of the user running PostgreSQL. (CVE-2014-0064) Multiple potential buffer overflow flaws were found in PostgreSQL. An authenticated database user could possibly use these flaws to crash PostgreSQL or, potentially, execute arbitrary code with the permissions of the user running PostgreSQL. (CVE-2014-0065) It was found that granting an SQL role to a database user in a PostgreSQL database without specifying the "ADMIN" option allowed the grantee to remove other users from their granted role. An authenticated database user could use this flaw to remove a user from an SQL role which they were granted access to. (CVE-2014-0060) A flaw was found in the validator functions provided by PostgreSQL's procedural languages (PLs). An authenticated database user could possibly use this flaw to escalate their privileges. (CVE-2014-0061) A race condition was found in the way the CREATE INDEX command performed multiple independent lookups of a table that had to be indexed. An authenticated database user could possibly use this flaw to escalate their privileges. (CVE-2014-0062) It was found that the chkpass extension of PostgreSQL did not check the return value of the crypt() function. An authenticated database user could possibly use this flaw to crash PostgreSQL via a null pointer dereference. (CVE-2014-0066) Red Hat would like to thank the PostgreSQL project for reporting these issues. Upstream acknowledges Noah Misch as the original reporter of CVE-2014-0060 and CVE-2014-0063, Heikki Linnakangas and Noah Misch as the original reporters of CVE-2014-0064, Peter Eisentraut and Jozef Mlich as the original reporters of CVE-2014-0065, Andres Freund as the original reporter of CVE-2014-0061, Robert Haas and Andres Freund as the original reporters of CVE-2014-0062, and Honza Horak and Bruce Momjian as the original reporters of CVE-2014-0066. These updated packages upgrade PostgreSQL to version 8.4.20, which fixes these issues as well as several non-security issues. Refer to the PostgreSQL Release Notes for a full list of changes: http://www.postgresql.org/docs/8.4/static/release-8-4-19.html http://www.postgresql.org/docs/8.4/static/release-8-4-20.html All PostgreSQL users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. If the postgresql service is running, it will be automatically restarted after installing this update.
Family:	unix	Class:	patch
Reference(s):	ELSA-2014:0211-00 CVE-2014-0060 CVE-2014-0061 CVE-2014-0062 CVE-2014-0063 CVE-2014-0064 CVE-2014-0065 CVE-2014-0066	Version:	11
Platform(s):	Oracle Linux 6 Oracle Linux 5	Product(s):	postgresql84 postgresql
Definition Synopsis:
rpm test Oracle Linux 5.x AND rpm test postgresql84-python is earlier than 0:8.4.20-1.el5_10 AND postgresql84-devel is earlier than 0:8.4.20-1.el5_10 AND postgresql84-tcl is earlier than 0:8.4.20-1.el5_10 AND postgresql84-docs is earlier than 0:8.4.20-1.el5_10 AND postgresql84-pltcl is earlier than 0:8.4.20-1.el5_10 AND postgresql84-server is earlier than 0:8.4.20-1.el5_10 AND postgresql84-test is earlier than 0:8.4.20-1.el5_10 AND postgresql84-plpython is earlier than 0:8.4.20-1.el5_10 AND postgresql84-libs is earlier than 0:8.4.20-1.el5_10 AND postgresql84-contrib is earlier than 0:8.4.20-1.el5_10 AND postgresql84 is earlier than 0:8.4.20-1.el5_10 AND postgresql84-plperl is earlier than 0:8.4.20-1.el5_10 OR rpm test Oracle Linux 6.x AND rpm test postgresql-contrib is earlier than 0:8.4.20-1.el6_5 AND postgresql-libs is earlier than 0:8.4.20-1.el6_5 AND postgresql-docs is earlier than 0:8.4.20-1.el6_5 AND postgresql-server is earlier than 0:8.4.20-1.el6_5 AND postgresql-test is earlier than 0:8.4.20-1.el6_5 AND postgresql-devel is earlier than 0:8.4.20-1.el6_5 AND postgresql-plperl is earlier than 0:8.4.20-1.el6_5 AND postgresql-pltcl is earlier than 0:8.4.20-1.el6_5 AND postgresql-plpython is earlier than 0:8.4.20-1.el6_5 AND postgresql is earlier than 0:8.4.20-1.el6_5

Definition Id: oval:org.mitre.oval:def:27322

Oval ID:	oval:org.mitre.oval:def:27322
Title:	DEPRECATED: ELSA-2014-0211 -- postgresql84 and postgresql security update (important)
Description:	[8.4.20-1] - Update to PostgreSQL 8.4.20 (#1065843) for fixes described at http://www.postgresql.org/docs/8.4/static/release-8-4-19.html http://www.postgresql.org/docs/8.4/static/release-8-4-20.html
Family:	unix	Class:	patch
Reference(s):	ELSA-2014-0211 CVE-2014-0060 CVE-2014-0061 CVE-2014-0062 CVE-2014-0063 CVE-2014-0064 CVE-2014-0065 CVE-2014-0066	Version:	4
Platform(s):	Oracle Linux 5 Oracle Linux 6	Product(s):	postgresql84 postgresql
Definition Synopsis:
Oracle Linux 5 release section Oracle Linux 5.x Packages match section postgresql84 is earlier than 0:8.4.20-1.el5_10 AND postgresql84-contrib is earlier than 0:8.4.20-1.el5_10 AND postgresql84-devel is earlier than 0:8.4.20-1.el5_10 AND postgresql84-docs is earlier than 0:8.4.20-1.el5_10 AND postgresql84-libs is earlier than 0:8.4.20-1.el5_10 AND postgresql84-plperl is earlier than 0:8.4.20-1.el5_10 AND postgresql84-plpython is earlier than 0:8.4.20-1.el5_10 AND postgresql84-pltcl is earlier than 0:8.4.20-1.el5_10 AND postgresql84-python is earlier than 0:8.4.20-1.el5_10 AND postgresql84-server is earlier than 0:8.4.20-1.el5_10 AND postgresql84-tcl is earlier than 0:8.4.20-1.el5_10 AND postgresql84-test is earlier than 0:8.4.20-1.el5_10 AND Oracle Linux 6 release section Oracle Linux 6.x Packages match section postgresql is earlier than 0:8.4.20-1.el6_5 AND postgresql-contrib is earlier than 0:8.4.20-1.el6_5 AND postgresql-devel is earlier than 0:8.4.20-1.el6_5 AND postgresql-docs is earlier than 0:8.4.20-1.el6_5 AND postgresql-libs is earlier than 0:8.4.20-1.el6_5 AND postgresql-plperl is earlier than 0:8.4.20-1.el6_5 AND postgresql-plpython is earlier than 0:8.4.20-1.el6_5 AND postgresql-pltcl is earlier than 0:8.4.20-1.el6_5 AND postgresql-server is earlier than 0:8.4.20-1.el6_5 AND postgresql-test is earlier than 0:8.4.20-1.el6_5

Definition Id: oval:org.mitre.oval:def:27336

Oval ID:	oval:org.mitre.oval:def:27336
Title:	DEPRECATED: ELSA-2014-0249 -- postgresql security update (important)
Description:	[8.1.23-10] - related #1065840: CVE-2014-0062 [8.1.23-9] - fix #1065840: CVE-2014-0060, CVE-2014-0061, CVE-2014-0063, CVE-2014-0064, CVE-2014-0065 - better incorporate strlcpy function (upstream git diff c92f7e..062421)
Family:	unix	Class:	patch
Reference(s):	ELSA-2014-0249 CVE-2014-0060 CVE-2014-0061 CVE-2014-0062 CVE-2014-0063 CVE-2014-0064 CVE-2014-0065 CVE-2014-0066	Version:	4
Platform(s):	Oracle Linux 5	Product(s):	postgresql
Definition Synopsis:
Oracle Linux 5.x Packages match section postgresql is earlier than 0:8.1.23-10.el5_10 AND postgresql-contrib is earlier than 0:8.1.23-10.el5_10 AND postgresql-devel is earlier than 0:8.1.23-10.el5_10 AND postgresql-docs is earlier than 0:8.1.23-10.el5_10 AND postgresql-libs is earlier than 0:8.1.23-10.el5_10 AND postgresql-pl is earlier than 0:8.1.23-10.el5_10 AND postgresql-python is earlier than 0:8.1.23-10.el5_10 AND postgresql-server is earlier than 0:8.1.23-10.el5_10 AND postgresql-tcl is earlier than 0:8.1.23-10.el5_10 AND postgresql-test is earlier than 0:8.1.23-10.el5_10

CPE : Common Platform Enumeration

Type	Description	Count
Application	Postgresql cpe:2.3:a:postgresql:postgresql:9.3.2:::::::* cpe:2.3:a:postgresql:postgresql:9.3.1:::::::* cpe:2.3:a:postgresql:postgresql:9.3:::::::* cpe:2.3:a:postgresql:postgresql:9.2.6:::::::* cpe:2.3:a:postgresql:postgresql:9.2.5:::::::* cpe:2.3:a:postgresql:postgresql:9.2.4:::::::* cpe:2.3:a:postgresql:postgresql:9.2.3:::::::* cpe:2.3:a:postgresql:postgresql:9.2.2:::::::* cpe:2.3:a:postgresql:postgresql:9.2.1:::::::* cpe:2.3:a:postgresql:postgresql:9.2:::::::* cpe:2.3:a:postgresql:postgresql:9.1.9:::::::* cpe:2.3:a:postgresql:postgresql:9.1.8:::::::* cpe:2.3:a:postgresql:postgresql:9.1.7:::::::* cpe:2.3:a:postgresql:postgresql:9.1.6:::::::* cpe:2.3:a:postgresql:postgresql:9.1.5:::::::* cpe:2.3:a:postgresql:postgresql:9.1.4:::::::* cpe:2.3:a:postgresql:postgresql:9.1.3:::::::* cpe:2.3:a:postgresql:postgresql:9.1.2:::::::* cpe:2.3:a:postgresql:postgresql:9.1.11:::::::* cpe:2.3:a:postgresql:postgresql:9.1.10:::::::* cpe:2.3:a:postgresql:postgresql:9.1.1:::::::* cpe:2.3:a:postgresql:postgresql:9.1:::::::* cpe:2.3:a:postgresql:postgresql:9.0.9:::::::* cpe:2.3:a:postgresql:postgresql:9.0.8:::::::* cpe:2.3:a:postgresql:postgresql:9.0.7:::::::* cpe:2.3:a:postgresql:postgresql:9.0.6:::::::* cpe:2.3:a:postgresql:postgresql:9.0.5:::::::* cpe:2.3:a:postgresql:postgresql:9.0.4:::::::* cpe:2.3:a:postgresql:postgresql:9.0.3:::::::* cpe:2.3:a:postgresql:postgresql:9.0.2:::::::* cpe:2.3:a:postgresql:postgresql:9.0.15:::::::* cpe:2.3:a:postgresql:postgresql:9.0.14:::::::* cpe:2.3:a:postgresql:postgresql:9.0.13:::::::* cpe:2.3:a:postgresql:postgresql:9.0.12:::::::* cpe:2.3:a:postgresql:postgresql:9.0.11:::::::* cpe:2.3:a:postgresql:postgresql:9.0.10:::::::* cpe:2.3:a:postgresql:postgresql:9.0.1:::::::* cpe:2.3:a:postgresql:postgresql:9.0:::::::* cpe:2.3:a:postgresql:postgresql:8.4.9:::::::* cpe:2.3:a:postgresql:postgresql:8.4.8:::::::* cpe:2.3:a:postgresql:postgresql:8.4.7:::::::* cpe:2.3:a:postgresql:postgresql:8.4.6:::::::* cpe:2.3:a:postgresql:postgresql:8.4.5:::::::* cpe:2.3:a:postgresql:postgresql:8.4.4:::::::* cpe:2.3:a:postgresql:postgresql:8.4.3:::::::* cpe:2.3:a:postgresql:postgresql:8.4.2:::::::* cpe:2.3:a:postgresql:postgresql:8.4.19:::::::* cpe:2.3:a:postgresql:postgresql:8.4.18:::::::* cpe:2.3:a:postgresql:postgresql:8.4.17:::::::* cpe:2.3:a:postgresql:postgresql:8.4.16:::::::* cpe:2.3:a:postgresql:postgresql:8.4.15:::::::* cpe:2.3:a:postgresql:postgresql:8.4.14:::::::* cpe:2.3:a:postgresql:postgresql:8.4.13:::::::* cpe:2.3:a:postgresql:postgresql:8.4.12:::::::* cpe:2.3:a:postgresql:postgresql:8.4.11:::::::* cpe:2.3:a:postgresql:postgresql:8.4.10:::::::* cpe:2.3:a:postgresql:postgresql:8.4.1:::::::* cpe:2.3:a:postgresql:postgresql:8.4.0:::::::* cpe:2.3:a:postgresql:postgresql:8.4:::::::* cpe:2.3:a:postgresql:postgresql:8.3.9:::::::* cpe:2.3:a:postgresql:postgresql:8.3.8:::::::* cpe:2.3:a:postgresql:postgresql:8.3.7:::::::* cpe:2.3:a:postgresql:postgresql:8.3.6:::::::* cpe:2.3:a:postgresql:postgresql:8.3.5:::::::* cpe:2.3:a:postgresql:postgresql:8.3.4:::::::* cpe:2.3:a:postgresql:postgresql:8.3.3:::::::* cpe:2.3:a:postgresql:postgresql:8.3.23:::::::* cpe:2.3:a:postgresql:postgresql:8.3.22:::::::* cpe:2.3:a:postgresql:postgresql:8.3.21:::::::* cpe:2.3:a:postgresql:postgresql:8.3.20:::::::* cpe:2.3:a:postgresql:postgresql:8.3.2:::::::* cpe:2.3:a:postgresql:postgresql:8.3.19:::::::* cpe:2.3:a:postgresql:postgresql:8.3.18:::::::* cpe:2.3:a:postgresql:postgresql:8.3.17:::::::* cpe:2.3:a:postgresql:postgresql:8.3.16:::::::* cpe:2.3:a:postgresql:postgresql:8.3.15:::::::* cpe:2.3:a:postgresql:postgresql:8.3.14:::::::* cpe:2.3:a:postgresql:postgresql:8.3.13:::::::* cpe:2.3:a:postgresql:postgresql:8.3.12:::::::* cpe:2.3:a:postgresql:postgresql:8.3.11:::::::* cpe:2.3:a:postgresql:postgresql:8.3.10:::::::* cpe:2.3:a:postgresql:postgresql:8.3.1:::::::* cpe:2.3:a:postgresql:postgresql:8.3.0:::::::* cpe:2.3:a:postgresql:postgresql:8.3:::::::* cpe:2.3:a:postgresql:postgresql:8.2.9:::::::* cpe:2.3:a:postgresql:postgresql:8.2.8:::::::* cpe:2.3:a:postgresql:postgresql:8.2.7:::::::* cpe:2.3:a:postgresql:postgresql:8.2.6:::::::* cpe:2.3:a:postgresql:postgresql:8.2.5:::::::* cpe:2.3:a:postgresql:postgresql:8.2.4:::::::* cpe:2.3:a:postgresql:postgresql:8.2.3:::::::* cpe:2.3:a:postgresql:postgresql:8.2.23:::::::* cpe:2.3:a:postgresql:postgresql:8.2.22:::::::* cpe:2.3:a:postgresql:postgresql:8.2.21:::::::* cpe:2.3:a:postgresql:postgresql:8.2.20:::::::* cpe:2.3:a:postgresql:postgresql:8.2.2:::::::* cpe:2.3:a:postgresql:postgresql:8.2.19:::::::* cpe:2.3:a:postgresql:postgresql:8.2.18:::::::* cpe:2.3:a:postgresql:postgresql:8.2.17:::::::* cpe:2.3:a:postgresql:postgresql:8.2.16:::::::* cpe:2.3:a:postgresql:postgresql:8.2.15:::::::* cpe:2.3:a:postgresql:postgresql:8.2.14:::::::* cpe:2.3:a:postgresql:postgresql:8.2.13:::::::* cpe:2.3:a:postgresql:postgresql:8.2.12:::::::* cpe:2.3:a:postgresql:postgresql:8.2.11:::::::* cpe:2.3:a:postgresql:postgresql:8.2.10:::::::* cpe:2.3:a:postgresql:postgresql:8.2.1:::::::* cpe:2.3:a:postgresql:postgresql:8.2.0:::::::* cpe:2.3:a:postgresql:postgresql:8.2:::::::* cpe:2.3:a:postgresql:postgresql:8.1.9:::::::* cpe:2.3:a:postgresql:postgresql:8.1.8:::::::* cpe:2.3:a:postgresql:postgresql:8.1.7:::::::* cpe:2.3:a:postgresql:postgresql:8.1.6:::::::* cpe:2.3:a:postgresql:postgresql:8.1.5:::::::* cpe:2.3:a:postgresql:postgresql:8.1.4:::::::* cpe:2.3:a:postgresql:postgresql:8.1.3:::::::* cpe:2.3:a:postgresql:postgresql:8.1.23:::::::* cpe:2.3:a:postgresql:postgresql:8.1.22:::::::* cpe:2.3:a:postgresql:postgresql:8.1.21:::::::* cpe:2.3:a:postgresql:postgresql:8.1.20:::::::* cpe:2.3:a:postgresql:postgresql:8.1.2:::::::* cpe:2.3:a:postgresql:postgresql:8.1.19:::::::* cpe:2.3:a:postgresql:postgresql:8.1.18:::::::* cpe:2.3:a:postgresql:postgresql:8.1.17:::::::* cpe:2.3:a:postgresql:postgresql:8.1.16:::::::* cpe:2.3:a:postgresql:postgresql:8.1.15:::::::* cpe:2.3:a:postgresql:postgresql:8.1.14:::::::* cpe:2.3:a:postgresql:postgresql:8.1.13:::::::* cpe:2.3:a:postgresql:postgresql:8.1.12:::::::* cpe:2.3:a:postgresql:postgresql:8.1.11:::::::* cpe:2.3:a:postgresql:postgresql:8.1.10:::::::* cpe:2.3:a:postgresql:postgresql:8.1.1:::::::* cpe:2.3:a:postgresql:postgresql:8.1.0:::::::* cpe:2.3:a:postgresql:postgresql:8.1:::::::* cpe:2.3:a:postgresql:postgresql:8.0.9:::::::* cpe:2.3:a:postgresql:postgresql:8.0.8:::::::* cpe:2.3:a:postgresql:postgresql:8.0.7:::::::* cpe:2.3:a:postgresql:postgresql:8.0.6:::::::* cpe:2.3:a:postgresql:postgresql:8.0.5:::::::* cpe:2.3:a:postgresql:postgresql:8.0.4:::::::* cpe:2.3:a:postgresql:postgresql:8.0.317:::::::* cpe:2.3:a:postgresql:postgresql:8.0.3:::::::* cpe:2.3:a:postgresql:postgresql:8.0.26:::::::* cpe:2.3:a:postgresql:postgresql:8.0.25:::::::* cpe:2.3:a:postgresql:postgresql:8.0.24:::::::* cpe:2.3:a:postgresql:postgresql:8.0.23:::::::* cpe:2.3:a:postgresql:postgresql:8.0.22:::::::* cpe:2.3:a:postgresql:postgresql:8.0.21:::::::* cpe:2.3:a:postgresql:postgresql:8.0.20:::::::* cpe:2.3:a:postgresql:postgresql:8.0.2:::::::* cpe:2.3:a:postgresql:postgresql:8.0.19:::::::* cpe:2.3:a:postgresql:postgresql:8.0.18:::::::* cpe:2.3:a:postgresql:postgresql:8.0.17:::::::* cpe:2.3:a:postgresql:postgresql:8.0.16:::::::* cpe:2.3:a:postgresql:postgresql:8.0.15:::::::* cpe:2.3:a:postgresql:postgresql:8.0.14:::::::* cpe:2.3:a:postgresql:postgresql:8.0.13:::::::* cpe:2.3:a:postgresql:postgresql:8.0.12:::::::* cpe:2.3:a:postgresql:postgresql:8.0.11:::::::* cpe:2.3:a:postgresql:postgresql:8.0.10:::::::* cpe:2.3:a:postgresql:postgresql:8.0.1:::::::* cpe:2.3:a:postgresql:postgresql:8.0.0:::::::* cpe:2.3:a:postgresql:postgresql:8.0:::::::* cpe:2.3:a:postgresql:postgresql:7.4.9:::::::* cpe:2.3:a:postgresql:postgresql:7.4.8:::::::* cpe:2.3:a:postgresql:postgresql:7.4.7:::::::* cpe:2.3:a:postgresql:postgresql:7.4.6:::::::* cpe:2.3:a:postgresql:postgresql:7.4.5:::::::* cpe:2.3:a:postgresql:postgresql:7.4.4:::::::* cpe:2.3:a:postgresql:postgresql:7.4.30:::::::* cpe:2.3:a:postgresql:postgresql:7.4.3:::::::* cpe:2.3:a:postgresql:postgresql:7.4.29:::::::* cpe:2.3:a:postgresql:postgresql:7.4.28:::::::* cpe:2.3:a:postgresql:postgresql:7.4.27:::::::* cpe:2.3:a:postgresql:postgresql:7.4.26:::::::* cpe:2.3:a:postgresql:postgresql:7.4.25:::::::* cpe:2.3:a:postgresql:postgresql:7.4.24:::::::* cpe:2.3:a:postgresql:postgresql:7.4.23:::::::* cpe:2.3:a:postgresql:postgresql:7.4.22:::::::* cpe:2.3:a:postgresql:postgresql:7.4.21:::::::* cpe:2.3:a:postgresql:postgresql:7.4.20:::::::* cpe:2.3:a:postgresql:postgresql:7.4.2:::::::* cpe:2.3:a:postgresql:postgresql:7.4.19:::::::* cpe:2.3:a:postgresql:postgresql:7.4.18:::::::* cpe:2.3:a:postgresql:postgresql:7.4.17:::::::* cpe:2.3:a:postgresql:postgresql:7.4.16:::::::* cpe:2.3:a:postgresql:postgresql:7.4.15:::::::* cpe:2.3:a:postgresql:postgresql:7.4.14:::::::* cpe:2.3:a:postgresql:postgresql:7.4.13:::::::* cpe:2.3:a:postgresql:postgresql:7.4.12:::::::* cpe:2.3:a:postgresql:postgresql:7.4.11:::::::* cpe:2.3:a:postgresql:postgresql:7.4.10:::::::* cpe:2.3:a:postgresql:postgresql:7.4.1:::::::* cpe:2.3:a:postgresql:postgresql:7.4:::::::* cpe:2.3:a:postgresql:postgresql:7.3.9:::::::* cpe:2.3:a:postgresql:postgresql:7.3.8:::::::* cpe:2.3:a:postgresql:postgresql:7.3.7:::::::* cpe:2.3:a:postgresql:postgresql:7.3.6:::::::* cpe:2.3:a:postgresql:postgresql:7.3.5:::::::* cpe:2.3:a:postgresql:postgresql:7.3.4:::::::* cpe:2.3:a:postgresql:postgresql:7.3.3:::::::* cpe:2.3:a:postgresql:postgresql:7.3.21:::::::* cpe:2.3:a:postgresql:postgresql:7.3.20:::::::* cpe:2.3:a:postgresql:postgresql:7.3.2:::::::* cpe:2.3:a:postgresql:postgresql:7.3.19:::::::* cpe:2.3:a:postgresql:postgresql:7.3.18:::::::* cpe:2.3:a:postgresql:postgresql:7.3.17:::::::* cpe:2.3:a:postgresql:postgresql:7.3.16:::::::* cpe:2.3:a:postgresql:postgresql:7.3.15:::::::* cpe:2.3:a:postgresql:postgresql:7.3.14:::::::* cpe:2.3:a:postgresql:postgresql:7.3.13:::::::* cpe:2.3:a:postgresql:postgresql:7.3.12:::::::* cpe:2.3:a:postgresql:postgresql:7.3.11:::::::* cpe:2.3:a:postgresql:postgresql:7.3.10:::::::* cpe:2.3:a:postgresql:postgresql:7.3.1:::::::* cpe:2.3:a:postgresql:postgresql:7.3.0:::::::* cpe:2.3:a:postgresql:postgresql:7.3:::::::* cpe:2.3:a:postgresql:postgresql:7.2.8:::::::* cpe:2.3:a:postgresql:postgresql:7.2.7:::::::* cpe:2.3:a:postgresql:postgresql:7.2.6:::::::* cpe:2.3:a:postgresql:postgresql:7.2.5:::::::* cpe:2.3:a:postgresql:postgresql:7.2.4:::::::* cpe:2.3:a:postgresql:postgresql:7.2.3:::::::* cpe:2.3:a:postgresql:postgresql:7.2.2:::::::* cpe:2.3:a:postgresql:postgresql:7.2.1:::::::* cpe:2.3:a:postgresql:postgresql:7.2:::::::* cpe:2.3:a:postgresql:postgresql:7.1.3:::::::* cpe:2.3:a:postgresql:postgresql:7.1.2:::::::* cpe:2.3:a:postgresql:postgresql:7.1.1:::::::* cpe:2.3:a:postgresql:postgresql:7.1:::::::* cpe:2.3:a:postgresql:postgresql:7.0.3:::::::* cpe:2.3:a:postgresql:postgresql:7.0.2:::::::* cpe:2.3:a:postgresql:postgresql:7.0.1:::::::* cpe:2.3:a:postgresql:postgresql:7.0:::::::* cpe:2.3:a:postgresql:postgresql:6.5.3.1:::::::* cpe:2.3:a:postgresql:postgresql:6.5.3:::::::* cpe:2.3:a:postgresql:postgresql:6.5.2:::::::* cpe:2.3:a:postgresql:postgresql:6.5.1:::::::* cpe:2.3:a:postgresql:postgresql:6.5.0:::::::* cpe:2.3:a:postgresql:postgresql:6.5:::::::* cpe:2.3:a:postgresql:postgresql:6.4.2:::::::* cpe:2.3:a:postgresql:postgresql:6.4.1:::::::* cpe:2.3:a:postgresql:postgresql:6.4:::::::* cpe:2.3:a:postgresql:postgresql:6.3.2:::::::* cpe:2.3:a:postgresql:postgresql:6.3.1:::::::* cpe:2.3:a:postgresql:postgresql:6.3:::::::* cpe:2.3:a:postgresql:postgresql:6.2.1:::::::* cpe:2.3:a:postgresql:postgresql:6.2:::::::* cpe:2.3:a:postgresql:postgresql:6.1.1:::::::* cpe:2.3:a:postgresql:postgresql:6.1:::::::* cpe:2.3:a:postgresql:postgresql:6.0:::::::* cpe:2.3:a:postgresql:postgresql:1.09:::::::* cpe:2.3:a:postgresql:postgresql:1.08:::::::* cpe:2.3:a:postgresql:postgresql:1.02:::::::* cpe:2.3:a:postgresql:postgresql:1.01:::::::* cpe:2.3:a:postgresql:postgresql:1.0:::::::* cpe:2.3:a:postgresql:postgresql:::::::: cpe:2.3:a:postgresql:postgresql:-:::::debian:: cpe:2.3:a:postgresql:postgresql:-:::::ubuntu:: cpe:2.3:a:postgresql:postgresql:-:::::::*	260

Information Assurance Vulnerability Management (IAVM)

Date	Description
2014-02-27	IAVM : 2014-B-0022 - Multiple Vulnerabilities in PostgreSQL Severity : Category I - VMSKEY : V0044531

Nessus® Vulnerability Scanner

Date	Description
2015-03-30	Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2015-110.nasl - Type : ACT_GATHER_INFO
2014-10-21	Name : The remote host is missing a security update for OS X Server. File : macosx_server_4_0.nasl - Type : ACT_GATHER_INFO
2014-09-19	Name : The remote host is missing a security update for OS X Server. File : macosx_server_3_2_1.nasl - Type : ACT_GATHER_INFO
2014-08-30	Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201408-15.nasl - Type : ACT_GATHER_INFO
2014-06-13	Name : The remote openSUSE host is missing a security update. File : openSUSE-2014-192.nasl - Type : ACT_GATHER_INFO
2014-03-31	Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_libecpg6-140303.nasl - Type : ACT_GATHER_INFO
2014-03-18	Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2014-306.nasl - Type : ACT_GATHER_INFO
2014-03-18	Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2014-305.nasl - Type : ACT_GATHER_INFO
2014-03-07	Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2014-0221.nasl - Type : ACT_GATHER_INFO
2014-03-05	Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2014-0249.nasl - Type : ACT_GATHER_INFO
2014-03-05	Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20140304_postgresql_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2014-03-05	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2014-0249.nasl - Type : ACT_GATHER_INFO
2014-03-05	Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2014-0249.nasl - Type : ACT_GATHER_INFO
2014-02-26	Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20140225_postgresql84_and_postgresql_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2014-02-26	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2014-0211.nasl - Type : ACT_GATHER_INFO
2014-02-26	Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2014-0211.nasl - Type : ACT_GATHER_INFO
2014-02-26	Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2014-0211.nasl - Type : ACT_GATHER_INFO
2014-02-25	Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-2120-1.nasl - Type : ACT_GATHER_INFO
2014-02-24	Name : The remote database server is affected by multiple vulnerabilities. File : postgresql_20140220.nasl - Type : ACT_GATHER_INFO
2014-02-23	Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2014-047.nasl - Type : ACT_GATHER_INFO
2014-02-21	Name : The remote Debian host is missing a security-related update. File : debian_DSA-2864.nasl - Type : ACT_GATHER_INFO
2014-02-21	Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_42d420909a4d11e3b02908002798f6ff.nasl - Type : ACT_GATHER_INFO
2014-02-21	Name : The remote Debian host is missing a security-related update. File : debian_DSA-2865.nasl - Type : ACT_GATHER_INFO

Sources (Detail)

Source	Url
APPLE	http://archives.neohapsis.com/archives/bugtraq/2014-10/0103.html
CONFIRM	http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705 http://support.apple.com/kb/HT6448 http://wiki.postgresql.org/wiki/20140220securityrelease http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html http://www.postgresql.org/about/news/1506/ https://support.apple.com/kb/HT6536
DEBIAN	http://www.debian.org/security/2014/dsa-2864 http://www.debian.org/security/2014/dsa-2865
REDHAT	http://rhn.redhat.com/errata/RHSA-2014-0211.html http://rhn.redhat.com/errata/RHSA-2014-0221.html http://rhn.redhat.com/errata/RHSA-2014-0249.html http://rhn.redhat.com/errata/RHSA-2014-0469.html
SUSE	http://lists.opensuse.org/opensuse-updates/2014-03/msg00018.html http://lists.opensuse.org/opensuse-updates/2014-03/msg00038.html
UBUNTU	http://www.ubuntu.com/usn/USN-2120-1

Alert History

If you want to see full details history, please login or register.

Date	Informations
2023-02-13 05:28:22	Multiple Updates
2023-02-02 21:28:33	Multiple Updates
2021-05-04 12:29:20	Multiple Updates
2021-04-22 01:35:37	Multiple Updates
2020-05-23 01:50:39	Multiple Updates
2020-05-23 00:39:17	Multiple Updates
2019-06-14 12:05:38	Multiple Updates
2019-06-13 12:05:51	Multiple Updates
2018-10-19 12:05:32	Multiple Updates
2018-03-27 12:00:53	Multiple Updates
2017-12-19 13:23:50	Multiple Updates
2017-12-16 09:21:39	Multiple Updates
2017-12-09 12:04:14	Multiple Updates
2017-10-20 09:22:59	Multiple Updates
2016-12-08 09:23:29	Multiple Updates
2016-06-28 22:29:49	Multiple Updates
2016-04-27 00:01:52	Multiple Updates
2015-03-31 13:28:08	Multiple Updates
2014-10-24 13:26:09	Multiple Updates
2014-10-22 13:25:42	Multiple Updates
2014-09-23 13:27:46	Multiple Updates
2014-09-20 13:25:15	Multiple Updates
2014-08-31 13:24:59	Multiple Updates
2014-06-14 13:36:50	Multiple Updates
2014-05-20 09:21:11	Multiple Updates
2014-04-03 21:22:16	Multiple Updates
2014-04-01 14:40:34	Multiple Updates
2014-04-01 14:39:25	Multiple Updates
2014-03-31 21:21:49	First insertion

Global Informations

Type	Count
CWE ID(s)	1
Oval ID(s)	8
CPE ID(s)	260
Sources(s)	16
IAVM(s)	1
Nessus® Exploit(s)	23

	Related
8.5	GLSA-201408-15
6.5	USN-2120-1
6.5	RHSA-2014:0249
6.5	RHSA-2014:0221
6.5	RHSA-2014:0211
6.5	MDVSA-2015:110
6.5	MDVSA-2014:047
6.5	DSA-2865
6.5	DSA-2864
Info : listing not affected by your CVSS Env Score

Same Subject	Severity
Login to view 9 more Alert(s)

4 - CVE-2014-0066

Executive Summary

Security-Database Scoring CVSS v3

Security-Database Scoring CVSS v2

Detail

Original Source

CWE : Common Weakness Enumeration

OVAL Definitions

CPE : Common Platform Enumeration

Information Assurance Vulnerability Management (IAVM)

Nessus® Vulnerability Scanner

Sources (Detail)

Alert History

Global Informations

Open Standards

Other Databases

COMPANY

STANDARDS

RECENT POSTS

MENU