Executive Summary

Title postgresql-common vulnerability
NameUSN-4194-2First vendor Publication2019-12-03
VendorUbuntuLast vendor Modification2019-12-03
Severity (Vendor) N/ARevisionN/A

Security-Database Scoring CVSS v2

Cvss vector :
Cvss Base ScoreN/AAttack RangeN/A
Cvss Impact ScoreN/AAttack ComplexityN/A
Cvss Expoit ScoreN/AAuthenticationN/A
Calculate full CVSS 2.0 Vectors scores


A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 14.04 ESM


postgresql-common could be made to create arbitrary directories.

Software Description: - postgresql-common: PostgreSQL database-cluster manager


USN-4194-1 fixed a vulnerability in postgresql-common. This update provides the corresponding update for Ubuntu 14.04 ESM.

Original advisory details:

テつ Rich Mirch discovered that the postgresql-common pg_ctlcluster script テつ incorrectly handled directory creation. A local attacker could possibly use テつ this issue to escalate privileges.

Update instructions:

The problem can be corrected by updating your system to the following package versions:

Ubuntu 14.04 ESM: テつ postgresql-commonテつ テつ テつ テつ テつ テつ テつ テつ テつ テつ テつ テつ テつ テつ テつ 154ubuntu1.1+esm1

In general, a standard system update will make all the necessary changes.

References: テつ https://usn.ubuntu.com/4194-2 テつ https://usn.ubuntu.com/4194-1 テつ CVE-2019-3466

Original Source

Url : http://www.ubuntu.com/usn/USN-4194-2

Alert History

If you want to see full details history, please login or register.
2019-12-03 21:19:40
  • First insertion