Executive Summary
Summary | |
---|---|
Title | PostgreSQL: Multiple vulnerabilities |
Informations | |||
---|---|---|---|
Name | GLSA-202003-03 | First vendor Publication | 2020-03-12 |
Vendor | Gentoo | Last vendor Modification | 2020-03-12 |
Severity (Vendor) | N/A | Revision | N/A |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:S/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 9 | Attack Range | Network |
Cvss Impact Score | 10 | Attack Complexity | Low |
Cvss Expoit Score | 8 | Authentication | Requires single instance |
Calculate full CVSS 2.0 Vectors scores |
Detail
Synopsis Multiple vulnerabilities have been found in PostgreSQL, the worst of which could result in the execution of arbitrary code. Background Description Impact Workaround Resolution All PostgreSQL 9.5.x users should upgrade to the latest version: All PostgreSQL 9.6.x users should upgrade to the latest version: All PostgreSQL 10.x users should upgrade to the latest version: All PostgreSQL 11.x users should upgrade to the latest version: All PostgreSQL 12.x users should upgrade to the latest version: References Availability https://security.gentoo.org/glsa/202003-03 |
Original Source
Url : http://security.gentoo.org/glsa/glsa-202003-03.xml |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
33 % | CWE-787 | Out-of-bounds Write (CWE/SANS Top 25) |
33 % | CWE-284 | Access Control (Authorization) Issues |
33 % | CWE-125 | Out-of-bounds Read |
CPE : Common Platform Enumeration
Snort® IPS/IDS
Date | Description |
---|---|
2019-12-03 | PostgreSQL SCRAM authentication stack buffer overflow attempt RuleID : 52039 - Revision : 1 - Type : SERVER-OTHER |
2019-12-03 | PostgreSQL SCRAM authentication stack buffer overflow attempt RuleID : 52038 - Revision : 1 - Type : SERVER-OTHER |
Alert History
Date | Informations |
---|---|
2020-03-13 00:18:18 |
|