Executive Summary
Summary | |
---|---|
Title | Pike vulnerability |
Informations | |||
---|---|---|---|
Name | USN-367-1 | First vendor Publication | 2006-10-18 |
Vendor | Ubuntu | Last vendor Modification | 2006-10-18 |
Severity (Vendor) | N/A | Revision | N/A |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:N/C:P/I:P/A:P) | |||
---|---|---|---|
Cvss Base Score | 7.5 | Attack Range | Network |
Cvss Impact Score | 6.4 | Attack Complexity | Low |
Cvss Expoit Score | 10 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
A security issue affects the following Ubuntu releases: Ubuntu 5.04 This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 5.04: In general, a standard system upgrade is sufficient to effect the necessary changes. Details follow: An SQL injection was discovered in Pike's PostgreSQL module. Applications using a PostgreSQL database and uncommon character encodings could be fooled into running arbitrary SQL commands, which could result in privilege escalation within the application, application data exposure, or denial of service. Please refer to http://www.ubuntu.com/usn/usn-288-1 for more detailled information. |
Original Source
Url : http://www.ubuntu.com/usn/USN-367-1 |
CPE : Common Platform Enumeration
OpenVAS Exploits
Date | Description |
---|---|
2008-09-24 | Name : Gentoo Security Advisory GLSA 200608-10 (pike) File : nvt/glsa_200608_10.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
26238 | Pike Unspecified SQL Injection |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2007-11-10 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-367-1.nasl - Type : ACT_GATHER_INFO |
2006-08-07 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200608-10.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2014-02-17 12:03:52 |
|
2013-05-11 12:25:38 |
|