Vulnerabilities > CVE-2016-0773 - Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products

047910
CVSS 7.5 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
NONE
Availability impact
HIGH
network
low complexity
postgresql
canonical
debian
CWE-119
nessus

Summary

PostgreSQL before 9.1.20, 9.2.x before 9.2.15, 9.3.x before 9.3.11, 9.4.x before 9.4.6, and 9.5.x before 9.5.1 allows remote attackers to cause a denial of service (infinite loop or buffer overflow and crash) via a large Unicode character range in a regular expression.

Vulnerable Configurations

Part Description Count
Application
Postgresql
290
OS
Canonical
3
OS
Debian
2

Common Attack Pattern Enumeration and Classification (CAPEC)

  • Buffer Overflow via Environment Variables
    This attack pattern involves causing a buffer overflow through manipulation of environment variables. Once the attacker finds that they can modify an environment variable, they may try to overflow associated buffers. This attack leverages implicit trust often placed in environment variables.
  • Overflow Buffers
    Buffer Overflow attacks target improper or missing bounds checking on buffer operations, typically triggered by input injected by an attacker. As a consequence, an attacker is able to write past the boundaries of allocated buffer regions in memory, causing a program crash or potentially redirection of execution as per the attackers' choice.
  • Client-side Injection-induced Buffer Overflow
    This type of attack exploits a buffer overflow vulnerability in targeted client software through injection of malicious content from a custom-built hostile service.
  • Filter Failure through Buffer Overflow
    In this attack, the idea is to cause an active filter to fail by causing an oversized transaction. An attacker may try to feed overly long input strings to the program in an attempt to overwhelm the filter (by causing a buffer overflow) and hoping that the filter does not fail securely (i.e. the user input is let into the system unfiltered).
  • MIME Conversion
    An attacker exploits a weakness in the MIME conversion routine to cause a buffer overflow and gain control over the mail server machine. The MIME system is designed to allow various different information formats to be interpreted and sent via e-mail. Attack points exist when data are converted to MIME compatible format and back.

Nessus

  • NASL familyScientific Linux Local Security Checks
    NASL idSL_20160302_POSTGRESQL_ON_SL7_X.NASL
    descriptionAn integer overflow flaw, leading to a heap-based buffer overflow, was found in the PostgreSQL handling code for regular expressions. A remote attacker could use a specially crafted regular expression to cause PostgreSQL to crash or possibly execute arbitrary code. (CVE-2016-0773) If the postgresql service is running, it will be automatically restarted after installing this update.
    last seen2020-03-18
    modified2016-03-03
    plugin id89099
    published2016-03-03
    reporterThis script is Copyright (C) 2016-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/89099
    titleScientific Linux Security Update : postgresql on SL7.x x86_64 (20160302)
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text is (C) Scientific Linux.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(89099);
      script_version("2.9");
      script_set_attribute(attribute:"plugin_modification_date", value:"2020/02/25");
    
      script_cve_id("CVE-2016-0773");
    
      script_name(english:"Scientific Linux Security Update : postgresql on SL7.x x86_64 (20160302)");
      script_summary(english:"Checks rpm output for the updated packages");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:
    "The remote Scientific Linux host is missing one or more security
    updates."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "An integer overflow flaw, leading to a heap-based buffer overflow, was
    found in the PostgreSQL handling code for regular expressions. A
    remote attacker could use a specially crafted regular expression to
    cause PostgreSQL to crash or possibly execute arbitrary code.
    (CVE-2016-0773)
    
    If the postgresql service is running, it will be automatically
    restarted after installing this update."
      );
      # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1603&L=scientific-linux-errata&F=&S=&P=1782
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.nessus.org/u?8577807f"
      );
      script_set_attribute(attribute:"solution", value:"Update the affected packages.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P");
      script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:postgresql");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:postgresql-contrib");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:postgresql-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:postgresql-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:postgresql-docs");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:postgresql-libs");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:postgresql-plperl");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:postgresql-plpython");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:postgresql-pltcl");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:postgresql-server");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:postgresql-test");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:postgresql-upgrade");
      script_set_attribute(attribute:"cpe", value:"x-cpe:/o:fermilab:scientific_linux");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2016/02/17");
      script_set_attribute(attribute:"patch_publication_date", value:"2016/03/02");
      script_set_attribute(attribute:"plugin_publication_date", value:"2016/03/03");
      script_set_attribute(attribute:"generated_plugin", value:"current");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2016-2020 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"Scientific Linux Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/RedHat/release", "Host/RedHat/rpm-list");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("misc_func.inc");
    include("rpm.inc");
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/RedHat/release");
    if (isnull(release) || "Scientific Linux " >!< release) audit(AUDIT_HOST_NOT, "running Scientific Linux");
    os_ver = pregmatch(pattern: "Scientific Linux.*release ([0-9]+(\.[0-9]+)?)", string:release);
    if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Scientific Linux");
    os_ver = os_ver[1];
    if (! preg(pattern:"^7([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Scientific Linux 7.x", "Scientific Linux " + os_ver);
    if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if (cpu >!< "x86_64" && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Scientific Linux", cpu);
    if ("x86_64" >!< cpu) audit(AUDIT_ARCH_NOT, "x86_64", cpu);
    
    
    flag = 0;
    if (rpm_check(release:"SL7", cpu:"x86_64", reference:"postgresql-9.2.15-1.el7_2")) flag++;
    if (rpm_check(release:"SL7", cpu:"x86_64", reference:"postgresql-contrib-9.2.15-1.el7_2")) flag++;
    if (rpm_check(release:"SL7", cpu:"x86_64", reference:"postgresql-debuginfo-9.2.15-1.el7_2")) flag++;
    if (rpm_check(release:"SL7", cpu:"x86_64", reference:"postgresql-devel-9.2.15-1.el7_2")) flag++;
    if (rpm_check(release:"SL7", cpu:"x86_64", reference:"postgresql-docs-9.2.15-1.el7_2")) flag++;
    if (rpm_check(release:"SL7", cpu:"x86_64", reference:"postgresql-libs-9.2.15-1.el7_2")) flag++;
    if (rpm_check(release:"SL7", cpu:"x86_64", reference:"postgresql-plperl-9.2.15-1.el7_2")) flag++;
    if (rpm_check(release:"SL7", cpu:"x86_64", reference:"postgresql-plpython-9.2.15-1.el7_2")) flag++;
    if (rpm_check(release:"SL7", cpu:"x86_64", reference:"postgresql-pltcl-9.2.15-1.el7_2")) flag++;
    if (rpm_check(release:"SL7", cpu:"x86_64", reference:"postgresql-server-9.2.15-1.el7_2")) flag++;
    if (rpm_check(release:"SL7", cpu:"x86_64", reference:"postgresql-test-9.2.15-1.el7_2")) flag++;
    if (rpm_check(release:"SL7", cpu:"x86_64", reference:"postgresql-upgrade-9.2.15-1.el7_2")) flag++;
    
    
    if (flag)
    {
      security_report_v4(
        port       : 0,
        severity   : SECURITY_WARNING,
        extra      : rpm_report_get()
      );
      exit(0);
    }
    else
    {
      tested = pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "postgresql / postgresql-contrib / postgresql-debuginfo / etc");
    }
    
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2016-E0A6C9EBC4.NASL
    descriptionminor versino rebase with security fix for CVE-2016-0773 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-05
    modified2016-03-04
    plugin id89623
    published2016-03-04
    reporterThis script is Copyright (C) 2016-2020 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/89623
    titleFedora 23 : postgresql-9.4.6-1.fc23 (2016-e0a6c9ebc4)
    code
    #%NASL_MIN_LEVEL 80502
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were  
    # extracted from Fedora Security Advisory 2016-e0a6c9ebc4.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(89623);
      script_version("1.8");
      script_set_attribute(attribute:"plugin_modification_date", value:"2020/06/04");
    
      script_cve_id("CVE-2016-0773");
      script_xref(name:"FEDORA", value:"2016-e0a6c9ebc4");
    
      script_name(english:"Fedora 23 : postgresql-9.4.6-1.fc23 (2016-e0a6c9ebc4)");
      script_summary(english:"Checks rpm output for the updated package.");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote Fedora host is missing a security update."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "minor versino rebase with security fix for CVE-2016-0773
    
    Note that Tenable Network Security has extracted the preceding
    description block directly from the Fedora security advisory. Tenable
    has attempted to automatically clean and format it as much as possible
    without introducing additional issues."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.redhat.com/show_bug.cgi?id=1303832"
      );
      # https://lists.fedoraproject.org/pipermail/package-announce/2016-February/177820.html
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.nessus.org/u?2d4c0b83"
      );
      script_set_attribute(
        attribute:"solution", 
        value:"Update the affected postgresql package."
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P");
      script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:postgresql");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:fedoraproject:fedora:23");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2016/02/23");
      script_set_attribute(attribute:"plugin_publication_date", value:"2016/03/04");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2016-2020 Tenable Network Security, Inc.");
      script_family(english:"Fedora Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/RedHat/release");
    if (isnull(release) || "Fedora" >!< release) audit(AUDIT_OS_NOT, "Fedora");
    os_ver = eregmatch(pattern: "Fedora.*release ([0-9]+)", string:release);
    if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Fedora");
    os_ver = os_ver[1];
    if (! ereg(pattern:"^23([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Fedora 23.x", "Fedora " + os_ver);
    
    if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Fedora", cpu);
    
    flag = 0;
    if (rpm_check(release:"FC23", reference:"postgresql-9.4.6-1.fc23")) flag++;
    
    
    if (flag)
    {
      if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());
      else security_warning(0);
      exit(0);
    }
    else
    {
      tested = pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "postgresql");
    }
    
  • NASL familySuSE Local Security Checks
    NASL idSUSE_SU-2016-0539-1.NASL
    descriptionThis update for postgresql93 fixes the following issues : - Security and bugfix release 9.3.11 : - Fix infinite loops and buffer-overrun problems in regular expressions (CVE-2016-0773, bsc#966436). - Fix regular-expression compiler to handle loops of constraint arcs (CVE-2007-4772). - Prevent certain PL/Java parameters from being set by non-superusers (CVE-2016-0766, bsc#966435). - Fix many issues in pg_dump with specific object types - Prevent over-eager pushdown of HAVING clauses for GROUPING SETS - Fix deparsing error with ON CONFLICT ... WHERE clauses - Fix tableoid errors for postgres_fdw - Prevent floating-point exceptions in pgbench - Make \det search Foreign Table names consistently - Fix quoting of domain constraint names in pg_dump - Prevent putting expanded objects into Const nodes - Allow compile of PL/Java on Windows - Fix
    last seen2020-06-01
    modified2020-06-02
    plugin id88891
    published2016-02-23
    reporterThis script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/88891
    titleSUSE SLED12 / SLES12 Security Update : postgresql93 (SUSE-SU-2016:0539-1)
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were
    # extracted from SUSE update advisory SUSE-SU-2016:0539-1.
    # The text itself is copyright (C) SUSE.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(88891);
      script_version("2.19");
      script_cvs_date("Date: 2019/09/11 11:22:13");
    
      script_cve_id("CVE-2007-4772", "CVE-2016-0766", "CVE-2016-0773");
      script_bugtraq_id(27163);
    
      script_name(english:"SUSE SLED12 / SLES12 Security Update : postgresql93 (SUSE-SU-2016:0539-1)");
      script_summary(english:"Checks rpm output for the updated packages.");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote SUSE host is missing one or more security updates."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "This update for postgresql93 fixes the following issues :
    
      - Security and bugfix release 9.3.11 :
    
      - Fix infinite loops and buffer-overrun problems in
        regular expressions (CVE-2016-0773, bsc#966436).
    
      - Fix regular-expression compiler to handle loops of
        constraint arcs (CVE-2007-4772).
    
      - Prevent certain PL/Java parameters from being set by
        non-superusers (CVE-2016-0766, bsc#966435).
    
      - Fix many issues in pg_dump with specific object types
    
      - Prevent over-eager pushdown of HAVING clauses for
        GROUPING SETS
    
      - Fix deparsing error with ON CONFLICT ... WHERE clauses
    
      - Fix tableoid errors for postgres_fdw
    
      - Prevent floating-point exceptions in pgbench
    
      - Make \det search Foreign Table names consistently
    
      - Fix quoting of domain constraint names in pg_dump
    
      - Prevent putting expanded objects into Const nodes
    
      - Allow compile of PL/Java on Windows
    
      - Fix 'unresolved symbol' errors in PL/Python execution
    
      - Allow Python2 and Python3 to be used in the same
        database
    
      - Add support for Python 3.5 in PL/Python
    
      - Fix issue with subdirectory creation during initdb
    
      - Make pg_ctl report status correctly on Windows
    
      - Suppress confusing error when using pg_receivexlog with
        older servers
    
      - Multiple documentation corrections and additions
    
      - Fix erroneous hash calculations in
        gin_extract_jsonb_path()
    
      - For the full release notse, see:
        http://www.postgresql.org/docs/9.3/static/release-9-3-11
        .html
    
    Note that Tenable Network Security has extracted the preceding
    description block directly from the SUSE security advisory. Tenable
    has attempted to automatically clean and format it as much as possible
    without introducing additional issues."
      );
      # http://www.postgresql.org/docs/9.3/static/release-9-3-11.html
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.postgresql.org/docs/9.3/release-9-3-11.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=966435"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=966436"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2007-4772/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2016-0766/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2016-0773/"
      );
      # https://www.suse.com/support/update/announcement/2016/suse-su-20160539-1/
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.nessus.org/u?ffa9a769"
      );
      script_set_attribute(
        attribute:"solution", 
        value:
    "To install this SUSE Security Update use YaST online_update.
    Alternatively you can run the command listed for your product :
    
    SUSE Linux Enterprise Software Development Kit 12 :
    
    zypper in -t patch SUSE-SLE-SDK-12-2016-292=1
    
    SUSE Linux Enterprise Server 12 :
    
    zypper in -t patch SUSE-SLE-SERVER-12-2016-292=1
    
    SUSE Linux Enterprise Desktop 12 :
    
    zypper in -t patch SUSE-SLE-DESKTOP-12-2016-292=1
    
    To bring your system up-to-date, use 'zypper patch'."
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:S/C:C/I:C/A:C");
      script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
      script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H");
      script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"false");
      script_cwe_id(399);
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:postgresql93");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:postgresql93-contrib");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:postgresql93-contrib-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:postgresql93-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:postgresql93-debugsource");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:postgresql93-server");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:postgresql93-server-debuginfo");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:suse_linux:12");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2008/01/09");
      script_set_attribute(attribute:"patch_publication_date", value:"2016/02/22");
      script_set_attribute(attribute:"plugin_publication_date", value:"2016/02/23");
      script_set_attribute(attribute:"generated_plugin", value:"current");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"SuSE Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/SuSE/release");
    if (isnull(release) || release !~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "SUSE");
    os_ver = pregmatch(pattern: "^(SLE(S|D)\d+)", string:release);
    if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "SUSE");
    os_ver = os_ver[1];
    if (! preg(pattern:"^(SLED12|SLES12)$", string:os_ver)) audit(AUDIT_OS_NOT, "SUSE SLED12 / SLES12", "SUSE " + os_ver);
    
    if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if (cpu !~ "^i[3-6]86$" && "x86_64" >!< cpu && "s390x" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "SUSE " + os_ver, cpu);
    
    sp = get_kb_item("Host/SuSE/patchlevel");
    if (isnull(sp)) sp = "0";
    if (os_ver == "SLES12" && (! preg(pattern:"^(0)$", string:sp))) audit(AUDIT_OS_NOT, "SLES12 SP0", os_ver + " SP" + sp);
    if (os_ver == "SLED12" && (! preg(pattern:"^(0)$", string:sp))) audit(AUDIT_OS_NOT, "SLED12 SP0", os_ver + " SP" + sp);
    
    
    flag = 0;
    if (rpm_check(release:"SLES12", sp:"0", reference:"postgresql93-9.3.11-14.2")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"postgresql93-contrib-9.3.11-14.2")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"postgresql93-contrib-debuginfo-9.3.11-14.2")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"postgresql93-debuginfo-9.3.11-14.2")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"postgresql93-debugsource-9.3.11-14.2")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"postgresql93-server-9.3.11-14.2")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"postgresql93-server-debuginfo-9.3.11-14.2")) flag++;
    if (rpm_check(release:"SLED12", sp:"0", cpu:"x86_64", reference:"postgresql93-9.3.11-14.2")) flag++;
    if (rpm_check(release:"SLED12", sp:"0", cpu:"x86_64", reference:"postgresql93-debuginfo-9.3.11-14.2")) flag++;
    if (rpm_check(release:"SLED12", sp:"0", cpu:"x86_64", reference:"postgresql93-debugsource-9.3.11-14.2")) flag++;
    
    
    if (flag)
    {
      if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
      else security_hole(0);
      exit(0);
    }
    else
    {
      tested = pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "postgresql93");
    }
    
  • NASL familyAmazon Linux Local Security Checks
    NASL idALA_ALAS-2016-689.NASL
    descriptionAn integer overflow flaw, leading to a heap-based buffer overflow, was found in the PostgreSQL handling code for regular expressions. A remote attacker could use a specially crafted regular expression to cause PostgreSQL to crash or possibly execute arbitrary code.
    last seen2020-06-01
    modified2020-06-02
    plugin id90631
    published2016-04-22
    reporterThis script is Copyright (C) 2016-2018 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/90631
    titleAmazon Linux AMI : postgresql8 (ALAS-2016-689)
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were
    # extracted from Amazon Linux AMI Security Advisory ALAS-2016-689.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(90631);
      script_version("2.3");
      script_cvs_date("Date: 2018/04/18 15:09:35");
    
      script_cve_id("CVE-2016-0773");
      script_xref(name:"ALAS", value:"2016-689");
    
      script_name(english:"Amazon Linux AMI : postgresql8 (ALAS-2016-689)");
      script_summary(english:"Checks rpm output for the updated packages");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote Amazon Linux AMI host is missing a security update."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "An integer overflow flaw, leading to a heap-based buffer overflow, was
    found in the PostgreSQL handling code for regular expressions. A
    remote attacker could use a specially crafted regular expression to
    cause PostgreSQL to crash or possibly execute arbitrary code."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://alas.aws.amazon.com/ALAS-2016-689.html"
      );
      script_set_attribute(
        attribute:"solution", 
        value:"Run 'yum update postgresql8' to update your system."
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P");
      script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:postgresql8");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:postgresql8-contrib");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:postgresql8-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:postgresql8-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:postgresql8-docs");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:postgresql8-libs");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:postgresql8-plperl");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:postgresql8-plpython");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:postgresql8-pltcl");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:postgresql8-server");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:postgresql8-test");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:amazon:linux");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2016/04/21");
      script_set_attribute(attribute:"plugin_publication_date", value:"2016/04/22");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2016-2018 Tenable Network Security, Inc.");
      script_family(english:"Amazon Linux Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/AmazonLinux/release", "Host/AmazonLinux/rpm-list");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    
    release = get_kb_item("Host/AmazonLinux/release");
    if (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, "Amazon Linux");
    os_ver = pregmatch(pattern: "^AL(A|\d)", string:release);
    if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Amazon Linux");
    os_ver = os_ver[1];
    if (os_ver != "A")
    {
      if (os_ver == 'A') os_ver = 'AMI';
      audit(AUDIT_OS_NOT, "Amazon Linux AMI", "Amazon Linux " + os_ver);
    }
    
    if (!get_kb_item("Host/AmazonLinux/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    
    flag = 0;
    if (rpm_check(release:"ALA", reference:"postgresql8-8.4.20-5.52.amzn1")) flag++;
    if (rpm_check(release:"ALA", reference:"postgresql8-contrib-8.4.20-5.52.amzn1")) flag++;
    if (rpm_check(release:"ALA", reference:"postgresql8-debuginfo-8.4.20-5.52.amzn1")) flag++;
    if (rpm_check(release:"ALA", reference:"postgresql8-devel-8.4.20-5.52.amzn1")) flag++;
    if (rpm_check(release:"ALA", reference:"postgresql8-docs-8.4.20-5.52.amzn1")) flag++;
    if (rpm_check(release:"ALA", reference:"postgresql8-libs-8.4.20-5.52.amzn1")) flag++;
    if (rpm_check(release:"ALA", reference:"postgresql8-plperl-8.4.20-5.52.amzn1")) flag++;
    if (rpm_check(release:"ALA", reference:"postgresql8-plpython-8.4.20-5.52.amzn1")) flag++;
    if (rpm_check(release:"ALA", reference:"postgresql8-pltcl-8.4.20-5.52.amzn1")) flag++;
    if (rpm_check(release:"ALA", reference:"postgresql8-server-8.4.20-5.52.amzn1")) flag++;
    if (rpm_check(release:"ALA", reference:"postgresql8-test-8.4.20-5.52.amzn1")) flag++;
    
    if (flag)
    {
      if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());
      else security_warning(0);
      exit(0);
    }
    else
    {
      tested = pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "postgresql8 / postgresql8-contrib / postgresql8-debuginfo / etc");
    }
    
  • NASL familyDebian Local Security Checks
    NASL idDEBIAN_DSA-3476.NASL
    descriptionSeveral vulnerabilities have been found in PostgreSQL-9.4, a SQL database system. - CVE-2016-0766 A privilege escalation vulnerability for users of PL/Java was discovered. Certain custom configuration settings (GUCs) for PL/Java will now be modifiable only by the database superuser to mitigate this issue. - CVE-2016-0773 Tom Lane and Greg Stark discovered a flaw in the way PostgreSQL processes specially crafted regular expressions. Very large character ranges in bracket expressions could cause infinite loops or memory overwrites. A remote attacker can exploit this flaw to cause a denial of service or, potentially, to execute arbitrary code.
    last seen2020-06-01
    modified2020-06-02
    plugin id88727
    published2016-02-15
    reporterThis script is Copyright (C) 2016-2018 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/88727
    titleDebian DSA-3476-1 : postgresql-9.4 - security update
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were  
    # extracted from Debian Security Advisory DSA-3476. The text 
    # itself is copyright (C) Software in the Public Interest, Inc.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(88727);
      script_version("2.8");
      script_cvs_date("Date: 2018/11/10 11:49:37");
    
      script_cve_id("CVE-2016-0766", "CVE-2016-0773");
      script_xref(name:"DSA", value:"3476");
    
      script_name(english:"Debian DSA-3476-1 : postgresql-9.4 - security update");
      script_summary(english:"Checks dpkg output for the updated package");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote Debian host is missing a security-related update."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "Several vulnerabilities have been found in PostgreSQL-9.4, a SQL
    database system.
    
      - CVE-2016-0766
        A privilege escalation vulnerability for users of
        PL/Java was discovered. Certain custom configuration
        settings (GUCs) for PL/Java will now be modifiable only
        by the database superuser to mitigate this issue.
    
      - CVE-2016-0773
        Tom Lane and Greg Stark discovered a flaw in the way
        PostgreSQL processes specially crafted regular
        expressions. Very large character ranges in bracket
        expressions could cause infinite loops or memory
        overwrites. A remote attacker can exploit this flaw to
        cause a denial of service or, potentially, to execute
        arbitrary code."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://security-tracker.debian.org/tracker/CVE-2016-0766"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://security-tracker.debian.org/tracker/CVE-2016-0773"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://packages.debian.org/source/jessie/postgresql-9.4"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.debian.org/security/2016/dsa-3476"
      );
      script_set_attribute(
        attribute:"solution", 
        value:
    "Upgrade the postgresql-9.4 packages.
    
    For the stable distribution (jessie), these problems have been fixed
    in version 9.4.6-0+deb8u1."
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:S/C:C/I:C/A:C");
      script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:postgresql-9.4");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:debian:debian_linux:8.0");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2016/02/13");
      script_set_attribute(attribute:"plugin_publication_date", value:"2016/02/15");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2016-2018 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"Debian Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/Debian/release", "Host/Debian/dpkg-l");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("debian_package.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    if (!get_kb_item("Host/Debian/release")) audit(AUDIT_OS_NOT, "Debian");
    if (!get_kb_item("Host/Debian/dpkg-l")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    
    flag = 0;
    if (deb_check(release:"8.0", prefix:"libecpg-compat3", reference:"9.4.6-0+deb8u1")) flag++;
    if (deb_check(release:"8.0", prefix:"libecpg-dev", reference:"9.4.6-0+deb8u1")) flag++;
    if (deb_check(release:"8.0", prefix:"libecpg6", reference:"9.4.6-0+deb8u1")) flag++;
    if (deb_check(release:"8.0", prefix:"libpgtypes3", reference:"9.4.6-0+deb8u1")) flag++;
    if (deb_check(release:"8.0", prefix:"libpq-dev", reference:"9.4.6-0+deb8u1")) flag++;
    if (deb_check(release:"8.0", prefix:"libpq5", reference:"9.4.6-0+deb8u1")) flag++;
    if (deb_check(release:"8.0", prefix:"postgresql-9.4", reference:"9.4.6-0+deb8u1")) flag++;
    if (deb_check(release:"8.0", prefix:"postgresql-9.4-dbg", reference:"9.4.6-0+deb8u1")) flag++;
    if (deb_check(release:"8.0", prefix:"postgresql-client-9.4", reference:"9.4.6-0+deb8u1")) flag++;
    if (deb_check(release:"8.0", prefix:"postgresql-contrib-9.4", reference:"9.4.6-0+deb8u1")) flag++;
    if (deb_check(release:"8.0", prefix:"postgresql-doc-9.4", reference:"9.4.6-0+deb8u1")) flag++;
    if (deb_check(release:"8.0", prefix:"postgresql-plperl-9.4", reference:"9.4.6-0+deb8u1")) flag++;
    if (deb_check(release:"8.0", prefix:"postgresql-plpython-9.4", reference:"9.4.6-0+deb8u1")) flag++;
    if (deb_check(release:"8.0", prefix:"postgresql-plpython3-9.4", reference:"9.4.6-0+deb8u1")) flag++;
    if (deb_check(release:"8.0", prefix:"postgresql-pltcl-9.4", reference:"9.4.6-0+deb8u1")) flag++;
    if (deb_check(release:"8.0", prefix:"postgresql-server-dev-9.4", reference:"9.4.6-0+deb8u1")) flag++;
    
    if (flag)
    {
      if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());
      else security_hole(0);
      exit(0);
    }
    else audit(AUDIT_HOST_NOT, "affected");
    
  • NASL familyUbuntu Local Security Checks
    NASL idUBUNTU_USN-2894-1.NASL
    descriptionIt was discovered that PostgreSQL incorrectly handled certain regular expressions. A remote attacker could possibly use this issue to cause PostgreSQL to crash, resulting in a denial of service. (CVE-2016-0773) It was discovered that PostgreSQL incorrectly handled certain configuration settings (GUCS) for users of PL/Java. A remote attacker could possibly use this issue to escalate privileges. (CVE-2016-0766). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id88712
    published2016-02-12
    reporterUbuntu Security Notice (C) 2016-2019 Canonical, Inc. / NASL script (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/88712
    titleUbuntu 12.04 LTS / 14.04 LTS / 15.10 : postgresql-9.1, postgresql-9.3, postgresql-9.4 vulnerabilities (USN-2894-1)
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were
    # extracted from Ubuntu Security Notice USN-2894-1. The text 
    # itself is copyright (C) Canonical, Inc. See 
    # <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered 
    # trademark of Canonical, Inc.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(88712);
      script_version("1.13");
      script_cvs_date("Date: 2019/09/18 12:31:45");
    
      script_cve_id("CVE-2016-0766", "CVE-2016-0773");
      script_xref(name:"USN", value:"2894-1");
    
      script_name(english:"Ubuntu 12.04 LTS / 14.04 LTS / 15.10 : postgresql-9.1, postgresql-9.3, postgresql-9.4 vulnerabilities (USN-2894-1)");
      script_summary(english:"Checks dpkg output for updated packages.");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:
    "The remote Ubuntu host is missing one or more security-related
    patches."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "It was discovered that PostgreSQL incorrectly handled certain regular
    expressions. A remote attacker could possibly use this issue to cause
    PostgreSQL to crash, resulting in a denial of service. (CVE-2016-0773)
    
    It was discovered that PostgreSQL incorrectly handled certain
    configuration settings (GUCS) for users of PL/Java. A remote attacker
    could possibly use this issue to escalate privileges. (CVE-2016-0766).
    
    Note that Tenable Network Security has extracted the preceding
    description block directly from the Ubuntu security advisory. Tenable
    has attempted to automatically clean and format it as much as possible
    without introducing additional issues."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://usn.ubuntu.com/2894-1/"
      );
      script_set_attribute(
        attribute:"solution", 
        value:
    "Update the affected postgresql-9.1, postgresql-9.3 and / or
    postgresql-9.4 packages."
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:S/C:C/I:C/A:C");
      script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
      script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H");
      script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"false");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:postgresql-9.1");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:postgresql-9.3");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:postgresql-9.4");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:12.04:-:lts");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:14.04");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:15.10");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2016/02/17");
      script_set_attribute(attribute:"patch_publication_date", value:"2016/02/11");
      script_set_attribute(attribute:"plugin_publication_date", value:"2016/02/12");
      script_set_attribute(attribute:"generated_plugin", value:"current");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"Ubuntu Security Notice (C) 2016-2019 Canonical, Inc. / NASL script (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"Ubuntu Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/cpu", "Host/Ubuntu", "Host/Ubuntu/release", "Host/Debian/dpkg-l");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("ubuntu.inc");
    include("misc_func.inc");
    
    if ( ! get_kb_item("Host/local_checks_enabled") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/Ubuntu/release");
    if ( isnull(release) ) audit(AUDIT_OS_NOT, "Ubuntu");
    release = chomp(release);
    if (! preg(pattern:"^(12\.04|14\.04|15\.10)$", string:release)) audit(AUDIT_OS_NOT, "Ubuntu 12.04 / 14.04 / 15.10", "Ubuntu " + release);
    if ( ! get_kb_item("Host/Debian/dpkg-l") ) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Ubuntu", cpu);
    
    flag = 0;
    
    if (ubuntu_check(osver:"12.04", pkgname:"postgresql-9.1", pkgver:"9.1.20-0ubuntu0.12.04")) flag++;
    if (ubuntu_check(osver:"14.04", pkgname:"postgresql-9.3", pkgver:"9.3.11-0ubuntu0.14.04")) flag++;
    if (ubuntu_check(osver:"15.10", pkgname:"postgresql-9.4", pkgver:"9.4.6-0ubuntu0.15.10")) flag++;
    
    if (flag)
    {
      security_report_v4(
        port       : 0,
        severity   : SECURITY_HOLE,
        extra      : ubuntu_report_get()
      );
      exit(0);
    }
    else
    {
      tested = ubuntu_pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "postgresql-9.1 / postgresql-9.3 / postgresql-9.4");
    }
    
  • NASL familyDebian Local Security Checks
    NASL idDEBIAN_DSA-3475.NASL
    descriptionSeveral vulnerabilities have been found in PostgreSQL-9.1, a SQL database system. - CVE-2015-5288 Josh Kupershmidt discovered a vulnerability in the crypt() function in the pgCrypto extension. Certain invalid salt arguments can cause the server to crash or to disclose a few bytes of server memory. - CVE-2016-0766 A privilege escalation vulnerability for users of PL/Java was discovered. Certain custom configuration settings (GUCs) for PL/Java will now be modifiable only by the database superuser to mitigate this issue. - CVE-2016-0773 Tom Lane and Greg Stark discovered a flaw in the way PostgreSQL processes specially crafted regular expressions. Very large character ranges in bracket expressions could cause infinite loops or memory overwrites. A remote attacker can exploit this flaw to cause a denial of service or, potentially, to execute arbitrary code.
    last seen2020-06-01
    modified2020-06-02
    plugin id88726
    published2016-02-15
    reporterThis script is Copyright (C) 2016-2018 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/88726
    titleDebian DSA-3475-1 : postgresql-9.1 - security update
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were  
    # extracted from Debian Security Advisory DSA-3475. The text 
    # itself is copyright (C) Software in the Public Interest, Inc.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(88726);
      script_version("2.10");
      script_cvs_date("Date: 2018/11/10 11:49:37");
    
      script_cve_id("CVE-2015-5288", "CVE-2016-0766", "CVE-2016-0773");
      script_xref(name:"DSA", value:"3475");
    
      script_name(english:"Debian DSA-3475-1 : postgresql-9.1 - security update");
      script_summary(english:"Checks dpkg output for the updated package");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote Debian host is missing a security-related update."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "Several vulnerabilities have been found in PostgreSQL-9.1, a SQL
    database system.
    
      - CVE-2015-5288
        Josh Kupershmidt discovered a vulnerability in the
        crypt() function in the pgCrypto extension. Certain
        invalid salt arguments can cause the server to crash or
        to disclose a few bytes of server memory.
    
      - CVE-2016-0766
        A privilege escalation vulnerability for users of
        PL/Java was discovered. Certain custom configuration
        settings (GUCs) for PL/Java will now be modifiable only
        by the database superuser to mitigate this issue.
    
      - CVE-2016-0773
        Tom Lane and Greg Stark discovered a flaw in the way
        PostgreSQL processes specially crafted regular
        expressions. Very large character ranges in bracket
        expressions could cause infinite loops or memory
        overwrites. A remote attacker can exploit this flaw to
        cause a denial of service or, potentially, to execute
        arbitrary code."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://security-tracker.debian.org/tracker/CVE-2015-5288"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://security-tracker.debian.org/tracker/CVE-2016-0766"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://security-tracker.debian.org/tracker/CVE-2016-0773"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://packages.debian.org/source/wheezy/postgresql-9.1"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.debian.org/security/2016/dsa-3475"
      );
      script_set_attribute(
        attribute:"solution", 
        value:
    "Upgrade the postgresql-9.1 packages.
    
    For the oldstable distribution (wheezy), these problems have been
    fixed in version 9.1.20-0+deb7u1."
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:S/C:C/I:C/A:C");
      script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:postgresql-9.1");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:debian:debian_linux:7.0");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2016/02/13");
      script_set_attribute(attribute:"plugin_publication_date", value:"2016/02/15");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2016-2018 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"Debian Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/Debian/release", "Host/Debian/dpkg-l");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("debian_package.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    if (!get_kb_item("Host/Debian/release")) audit(AUDIT_OS_NOT, "Debian");
    if (!get_kb_item("Host/Debian/dpkg-l")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    
    flag = 0;
    if (deb_check(release:"7.0", prefix:"libecpg-compat3", reference:"9.1.20-0+deb7u1")) flag++;
    if (deb_check(release:"7.0", prefix:"libecpg-dev", reference:"9.1.20-0+deb7u1")) flag++;
    if (deb_check(release:"7.0", prefix:"libecpg6", reference:"9.1.20-0+deb7u1")) flag++;
    if (deb_check(release:"7.0", prefix:"libpgtypes3", reference:"9.1.20-0+deb7u1")) flag++;
    if (deb_check(release:"7.0", prefix:"libpq-dev", reference:"9.1.20-0+deb7u1")) flag++;
    if (deb_check(release:"7.0", prefix:"libpq5", reference:"9.1.20-0+deb7u1")) flag++;
    if (deb_check(release:"7.0", prefix:"postgresql-9.1", reference:"9.1.20-0+deb7u1")) flag++;
    if (deb_check(release:"7.0", prefix:"postgresql-9.1-dbg", reference:"9.1.20-0+deb7u1")) flag++;
    if (deb_check(release:"7.0", prefix:"postgresql-client-9.1", reference:"9.1.20-0+deb7u1")) flag++;
    if (deb_check(release:"7.0", prefix:"postgresql-contrib-9.1", reference:"9.1.20-0+deb7u1")) flag++;
    if (deb_check(release:"7.0", prefix:"postgresql-doc-9.1", reference:"9.1.20-0+deb7u1")) flag++;
    if (deb_check(release:"7.0", prefix:"postgresql-plperl-9.1", reference:"9.1.20-0+deb7u1")) flag++;
    if (deb_check(release:"7.0", prefix:"postgresql-plpython-9.1", reference:"9.1.20-0+deb7u1")) flag++;
    if (deb_check(release:"7.0", prefix:"postgresql-plpython3-9.1", reference:"9.1.20-0+deb7u1")) flag++;
    if (deb_check(release:"7.0", prefix:"postgresql-pltcl-9.1", reference:"9.1.20-0+deb7u1")) flag++;
    if (deb_check(release:"7.0", prefix:"postgresql-server-dev-9.1", reference:"9.1.20-0+deb7u1")) flag++;
    
    if (flag)
    {
      if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());
      else security_hole(0);
      exit(0);
    }
    else audit(AUDIT_HOST_NOT, "affected");
    
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2016-0347.NASL
    descriptionUpdated postgresql packages that fix one security issue are now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Important security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. PostgreSQL is an advanced object-relational database management system (DBMS). An integer overflow flaw, leading to a heap-based buffer overflow, was found in the PostgreSQL handling code for regular expressions. A remote attacker could use a specially crafted regular expression to cause PostgreSQL to crash or possibly execute arbitrary code. (CVE-2016-0773) Red Hat would like to thank PostgreSQL upstream for reporting this issue. Upstream acknowledges Tom Lane and Greg Stark as the original reporters. All PostgreSQL users are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. If the postgresql service is running, it will be automatically restarted after installing this update.
    last seen2020-06-01
    modified2020-06-02
    plugin id89097
    published2016-03-03
    reporterThis script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/89097
    titleRHEL 6 : postgresql (RHSA-2016:0347)
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were  
    # extracted from Red Hat Security Advisory RHSA-2016:0347. The text 
    # itself is copyright (C) Red Hat, Inc.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(89097);
      script_version("2.17");
      script_cvs_date("Date: 2019/10/24 15:35:41");
    
      script_cve_id("CVE-2016-0773");
      script_xref(name:"RHSA", value:"2016:0347");
    
      script_name(english:"RHEL 6 : postgresql (RHSA-2016:0347)");
      script_summary(english:"Checks the rpm output for the updated packages");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote Red Hat host is missing one or more security updates."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "Updated postgresql packages that fix one security issue are now
    available for Red Hat Enterprise Linux 6.
    
    Red Hat Product Security has rated this update as having Important
    security impact. A Common Vulnerability Scoring System (CVSS) base
    score, which gives a detailed severity rating, is available from the
    CVE link in the References section.
    
    PostgreSQL is an advanced object-relational database management system
    (DBMS).
    
    An integer overflow flaw, leading to a heap-based buffer overflow, was
    found in the PostgreSQL handling code for regular expressions. A
    remote attacker could use a specially crafted regular expression to
    cause PostgreSQL to crash or possibly execute arbitrary code.
    (CVE-2016-0773)
    
    Red Hat would like to thank PostgreSQL upstream for reporting this
    issue. Upstream acknowledges Tom Lane and Greg Stark as the original
    reporters.
    
    All PostgreSQL users are advised to upgrade to these updated packages,
    which contain a backported patch to correct this issue. If the
    postgresql service is running, it will be automatically restarted
    after installing this update."
      );
      # http://www.postgresql.org/about/news/1644/
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.postgresql.org/about/news/1644/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/errata/RHSA-2016:0347"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/security/cve/cve-2016-0773"
      );
      script_set_attribute(attribute:"solution", value:"Update the affected packages.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P");
      script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
      script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H");
      script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"false");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:postgresql");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:postgresql-contrib");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:postgresql-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:postgresql-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:postgresql-docs");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:postgresql-libs");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:postgresql-plperl");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:postgresql-plpython");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:postgresql-pltcl");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:postgresql-server");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:postgresql-test");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:6");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:6.7");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2016/02/17");
      script_set_attribute(attribute:"patch_publication_date", value:"2016/03/02");
      script_set_attribute(attribute:"plugin_publication_date", value:"2016/03/03");
      script_set_attribute(attribute:"generated_plugin", value:"current");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"Red Hat Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list", "Host/cpu");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("misc_func.inc");
    include("rpm.inc");
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/RedHat/release");
    if (isnull(release) || "Red Hat" >!< release) audit(AUDIT_OS_NOT, "Red Hat");
    os_ver = pregmatch(pattern: "Red Hat Enterprise Linux.*release ([0-9]+(\.[0-9]+)?)", string:release);
    if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Red Hat");
    os_ver = os_ver[1];
    if (! preg(pattern:"^6([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Red Hat 6.x", "Red Hat " + os_ver);
    
    if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "s390" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Red Hat", cpu);
    
    yum_updateinfo = get_kb_item("Host/RedHat/yum-updateinfo");
    if (!empty_or_null(yum_updateinfo)) 
    {
      rhsa = "RHSA-2016:0347";
      yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);
      if (!empty_or_null(yum_report))
      {
        security_report_v4(
          port       : 0,
          severity   : SECURITY_WARNING,
          extra      : yum_report 
        );
        exit(0);
      }
      else
      {
        audit_message = "affected by Red Hat security advisory " + rhsa;
        audit(AUDIT_OS_NOT, audit_message);
      }
    }
    else
    {
      flag = 0;
      if (rpm_check(release:"RHEL6", reference:"postgresql-8.4.20-5.el6_7")) flag++;
    
      if (rpm_check(release:"RHEL6", cpu:"i686", reference:"postgresql-contrib-8.4.20-5.el6_7")) flag++;
    
      if (rpm_check(release:"RHEL6", cpu:"s390x", reference:"postgresql-contrib-8.4.20-5.el6_7")) flag++;
    
      if (rpm_check(release:"RHEL6", cpu:"x86_64", reference:"postgresql-contrib-8.4.20-5.el6_7")) flag++;
    
      if (rpm_check(release:"RHEL6", reference:"postgresql-debuginfo-8.4.20-5.el6_7")) flag++;
    
      if (rpm_check(release:"RHEL6", reference:"postgresql-devel-8.4.20-5.el6_7")) flag++;
    
      if (rpm_check(release:"RHEL6", cpu:"i686", reference:"postgresql-docs-8.4.20-5.el6_7")) flag++;
    
      if (rpm_check(release:"RHEL6", cpu:"s390x", reference:"postgresql-docs-8.4.20-5.el6_7")) flag++;
    
      if (rpm_check(release:"RHEL6", cpu:"x86_64", reference:"postgresql-docs-8.4.20-5.el6_7")) flag++;
    
      if (rpm_check(release:"RHEL6", reference:"postgresql-libs-8.4.20-5.el6_7")) flag++;
    
      if (rpm_check(release:"RHEL6", cpu:"i686", reference:"postgresql-plperl-8.4.20-5.el6_7")) flag++;
    
      if (rpm_check(release:"RHEL6", cpu:"s390x", reference:"postgresql-plperl-8.4.20-5.el6_7")) flag++;
    
      if (rpm_check(release:"RHEL6", cpu:"x86_64", reference:"postgresql-plperl-8.4.20-5.el6_7")) flag++;
    
      if (rpm_check(release:"RHEL6", cpu:"i686", reference:"postgresql-plpython-8.4.20-5.el6_7")) flag++;
    
      if (rpm_check(release:"RHEL6", cpu:"s390x", reference:"postgresql-plpython-8.4.20-5.el6_7")) flag++;
    
      if (rpm_check(release:"RHEL6", cpu:"x86_64", reference:"postgresql-plpython-8.4.20-5.el6_7")) flag++;
    
      if (rpm_check(release:"RHEL6", cpu:"i686", reference:"postgresql-pltcl-8.4.20-5.el6_7")) flag++;
    
      if (rpm_check(release:"RHEL6", cpu:"s390x", reference:"postgresql-pltcl-8.4.20-5.el6_7")) flag++;
    
      if (rpm_check(release:"RHEL6", cpu:"x86_64", reference:"postgresql-pltcl-8.4.20-5.el6_7")) flag++;
    
      if (rpm_check(release:"RHEL6", cpu:"i686", reference:"postgresql-server-8.4.20-5.el6_7")) flag++;
    
      if (rpm_check(release:"RHEL6", cpu:"s390x", reference:"postgresql-server-8.4.20-5.el6_7")) flag++;
    
      if (rpm_check(release:"RHEL6", cpu:"x86_64", reference:"postgresql-server-8.4.20-5.el6_7")) flag++;
    
      if (rpm_check(release:"RHEL6", cpu:"i686", reference:"postgresql-test-8.4.20-5.el6_7")) flag++;
    
      if (rpm_check(release:"RHEL6", cpu:"s390x", reference:"postgresql-test-8.4.20-5.el6_7")) flag++;
    
      if (rpm_check(release:"RHEL6", cpu:"x86_64", reference:"postgresql-test-8.4.20-5.el6_7")) flag++;
    
    
      if (flag)
      {
        security_report_v4(
          port       : 0,
          severity   : SECURITY_WARNING,
          extra      : rpm_report_get() + redhat_report_package_caveat()
        );
        exit(0);
      }
      else
      {
        tested = pkg_tests_get();
        if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
        else audit(AUDIT_PACKAGE_NOT_INSTALLED, "postgresql / postgresql-contrib / postgresql-debuginfo / etc");
      }
    }
    
  • NASL familySuSE Local Security Checks
    NASL idSUSE_SU-2016-0555-1.NASL
    descriptionThis update for postgresql94 fixes the following issues : - Security and bugfix release 9.4.6 : - *** IMPORTANT *** Users of version 9.4 will need to reindex any jsonb_path_ops indexes they have created, in order to fix a persistent issue with missing index entries. - Fix infinite loops and buffer-overrun problems in regular expressions (CVE-2016-0773, bsc#966436). - Fix regular-expression compiler to handle loops of constraint arcs (CVE-2007-4772). - Prevent certain PL/Java parameters from being set by non-superusers (CVE-2016-0766, bsc#966435). - Fix many issues in pg_dump with specific object types - Prevent over-eager pushdown of HAVING clauses for GROUPING SETS - Fix deparsing error with ON CONFLICT ... WHERE clauses - Fix tableoid errors for postgres_fdw - Prevent floating-point exceptions in pgbench - Make \det search Foreign Table names consistently - Fix quoting of domain constraint names in pg_dump - Prevent putting expanded objects into Const nodes - Allow compile of PL/Java on Windows - Fix
    last seen2020-06-01
    modified2020-06-02
    plugin id88948
    published2016-02-25
    reporterThis script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/88948
    titleSUSE SLED12 / SLES12 Security Update : postgresql94 (SUSE-SU-2016:0555-1)
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2016-B0C2412AB2.NASL
    descriptionminor version update with security fix for CVE-2016-0773 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-05
    modified2016-03-04
    plugin id89596
    published2016-03-04
    reporterThis script is Copyright (C) 2016-2020 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/89596
    titleFedora 22 : postgresql-9.4.6-1.fc22 (2016-b0c2412ab2)
  • NASL familyHuawei Local Security Checks
    NASL idEULEROS_SA-2016-1001.NASL
    descriptionAccording to the version of the postgresql packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - An integer overflow flaw, leading to a heap-based buffer overflow, was found in the PostgreSQL handling code for regular expressions. A remote attacker could use a specially crafted regular expression to cause PostgreSQL to crash or possibly execute arbitrary code.(CVE-2016-0773) Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-05-06
    modified2017-05-01
    plugin id99764
    published2017-05-01
    reporterThis script is Copyright (C) 2017-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/99764
    titleEulerOS 2.0 SP1 : postgresql (EulerOS-SA-2016-1001)
  • NASL familyFreeBSD Local Security Checks
    NASL idFREEBSD_PKG_E8B6605BD29F11E584586CC21735F730.NASL
    descriptionPostgreSQL project reports : Security Fixes for Regular Expressions, PL/Java - CVE-2016-0773: This release closes security hole CVE-2016-0773, an issue with regular expression (regex) parsing. Prior code allowed users to pass in expressions which included out-of-range Unicode characters, triggering a backend crash. This issue is critical for PostgreSQL systems with untrusted users or which generate regexes based on user input. - CVE-2016-0766: The update also fixes CVE-2016-0766, a privilege escalation issue for users of PL/Java. Certain custom configuration settings (GUCS) for PL/Java will now be modifiable only by the database superuser
    last seen2020-06-01
    modified2020-06-02
    plugin id88731
    published2016-02-15
    reporterThis script is Copyright (C) 2016-2018 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/88731
    titleFreeBSD : PostgreSQL -- Security Fixes for Regular Expressions, PL/Java. (e8b6605b-d29f-11e5-8458-6cc21735f730)
  • NASL familySuSE Local Security Checks
    NASL idOPENSUSE-2016-271.NASL
    descriptionThis update for postgresql94 fixes the following issues : - Security and bugfix release 9.4.6 : - *** IMPORTANT *** Users of version 9.4 will need to reindex any jsonb_path_ops indexes they have created, in order to fix a persistent issue with missing index entries. - Fix infinite loops and buffer-overrun problems in regular expressions (CVE-2016-0773, bsc#966436). - Fix regular-expression compiler to handle loops of constraint arcs (CVE-2007-4772). - Prevent certain PL/Java parameters from being set by non-superusers (CVE-2016-0766, bsc#966435). - Fix many issues in pg_dump with specific object types - Prevent over-eager pushdown of HAVING clauses for GROUPING SETS - Fix deparsing error with ON CONFLICT ... WHERE clauses - Fix tableoid errors for postgres_fdw - Prevent floating-point exceptions in pgbench - Make \det search Foreign Table names consistently - Fix quoting of domain constraint names in pg_dump - Prevent putting expanded objects into Const nodes - Allow compile of PL/Java on Windows - Fix
    last seen2020-06-05
    modified2016-02-26
    plugin id88980
    published2016-02-26
    reporterThis script is Copyright (C) 2016-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/88980
    titleopenSUSE Security Update : postgresql94 (openSUSE-2016-271)
  • NASL familyScientific Linux Local Security Checks
    NASL idSL_20160302_POSTGRESQL_ON_SL6_X.NASL
    descriptionAn integer overflow flaw, leading to a heap-based buffer overflow, was found in the PostgreSQL handling code for regular expressions. A remote attacker could use a specially crafted regular expression to cause PostgreSQL to crash or possibly execute arbitrary code. (CVE-2016-0773) If the postgresql service is running, it will be automatically restarted after installing this update.
    last seen2020-03-18
    modified2016-03-03
    plugin id89098
    published2016-03-03
    reporterThis script is Copyright (C) 2016-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/89098
    titleScientific Linux Security Update : postgresql on SL6.x i386/x86_64 (20160302)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_SU-2016-0677-1.NASL
    descriptionThis update for postgresql94 fixes the following issues : - Security and bugfix release 9.4.6 : - *** IMPORTANT *** Users of version 9.4 will need to reindex any jsonb_path_ops indexes they have created, in order to fix a persistent issue with missing index entries. - Fix infinite loops and buffer-overrun problems in regular expressions (CVE-2016-0773, bsc#966436). - Fix regular-expression compiler to handle loops of constraint arcs (CVE-2007-4772). - Prevent certain PL/Java parameters from being set by non-superusers (CVE-2016-0766, bsc#966435). - Fix many issues in pg_dump with specific object types - Prevent over-eager pushdown of HAVING clauses for GROUPING SETS - Fix deparsing error with ON CONFLICT ... WHERE clauses - Fix tableoid errors for postgres_fdw - Prevent floating-point exceptions in pgbench - Make \det search Foreign Table names consistently - Fix quoting of domain constraint names in pg_dump - Prevent putting expanded objects into Const nodes - Allow compile of PL/Java on Windows - Fix
    last seen2020-06-01
    modified2020-06-02
    plugin id89730
    published2016-03-08
    reporterThis script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/89730
    titleSUSE SLED11 / SLES11 Security Update : postgresql94 (SUSE-SU-2016:0677-1)
  • NASL familyDatabases
    NASL idPOSTGRESQL_20160215.NASL
    descriptionThe version of PostgreSQL installed on the remote host is 9.1.x prior to 9.1.20, 9.2.x prior to 9.2.15, 9.3.x prior to 9.3.11, 9.4.x prior to 9.4.6, or 9.5.x prior to 9.5.1. It is, therefore, affected by the following vulnerabilities : - An integer overflow condition exists due to improper validation of user-supplied input when handling regular expressions. An authenticated, remote attacker can exploit this, via a large Unicode character range in a regular expression, to cause a denial of service condition or the execution of arbitrary code. (CVE-2016-0773) - A privilege escalation vulnerability exists due to a flaw in the init_custom_variable() function that is triggered during the handling of PL/Java. An authenticated, remote attacker can exploit this to gain elevation privileges. (CVE-2016-0766)
    last seen2020-06-01
    modified2020-06-02
    plugin id88808
    published2016-02-17
    reporterThis script is Copyright (C) 2016-2018 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/88808
    titlePostgreSQL 9.1.x < 9.1.20 / 9.2.x < 9.2.15 / 9.3.x < 9.3.11 / 9.4.x < 9.4.6 / 9.5.x < 9.5.1 Multiple Vulnerabilities
  • NASL familyCentOS Local Security Checks
    NASL idCENTOS_RHSA-2016-0347.NASL
    descriptionUpdated postgresql packages that fix one security issue are now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Important security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. PostgreSQL is an advanced object-relational database management system (DBMS). An integer overflow flaw, leading to a heap-based buffer overflow, was found in the PostgreSQL handling code for regular expressions. A remote attacker could use a specially crafted regular expression to cause PostgreSQL to crash or possibly execute arbitrary code. (CVE-2016-0773) Red Hat would like to thank PostgreSQL upstream for reporting this issue. Upstream acknowledges Tom Lane and Greg Stark as the original reporters. All PostgreSQL users are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. If the postgresql service is running, it will be automatically restarted after installing this update.
    last seen2020-06-01
    modified2020-06-02
    plugin id89088
    published2016-03-03
    reporterThis script is Copyright (C) 2016-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/89088
    titleCentOS 6 : postgresql (CESA-2016:0347)
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2016-0346.NASL
    descriptionUpdated postgresql packages that fix one security issue are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Important security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. PostgreSQL is an advanced object-relational database management system (DBMS). An integer overflow flaw, leading to a heap-based buffer overflow, was found in the PostgreSQL handling code for regular expressions. A remote attacker could use a specially crafted regular expression to cause PostgreSQL to crash or possibly execute arbitrary code. (CVE-2016-0773) Red Hat would like to thank PostgreSQL upstream for reporting this issue. Upstream acknowledges Tom Lane and Greg Stark as the original reporters. This update upgrades PostgreSQL to version 9.2.15. Refer to the Release Notes linked to in the References section for a detailed list of changes since the previous version. All PostgreSQL users are advised to upgrade to these updated packages, which correct this issue. If the postgresql service is running, it will be automatically restarted after installing this update.
    last seen2020-06-01
    modified2020-06-02
    plugin id89096
    published2016-03-03
    reporterThis script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/89096
    titleRHEL 7 : postgresql (RHSA-2016:0346)
  • NASL familyAmazon Linux Local Security Checks
    NASL idALA_ALAS-2016-662.NASL
    descriptionAn integer overflow flaw, leading to a heap-based buffer overflow, was found in the PostgreSQL handling code for regular expressions. A remote attacker could use a specially crafted regular expression to cause PostgreSQL to crash or possibly execute arbitrary code.
    last seen2020-06-01
    modified2020-06-02
    plugin id89843
    published2016-03-11
    reporterThis script is Copyright (C) 2016-2018 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/89843
    titleAmazon Linux AMI : postgresql94 / postgresql93,postgresql92 (ALAS-2016-662)
  • NASL familyGentoo Local Security Checks
    NASL idGENTOO_GLSA-201701-33.NASL
    descriptionThe remote host is affected by the vulnerability described in GLSA-201701-33 (PostgreSQL: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in PostgreSQL. Please review the CVE identifiers referenced below for details. Impact : A remote attacker could possibly execute arbitrary code with the privileges of the process, cause a Denial of Service condition, or escalate privileges. Workaround : There is no known workaround at this time.
    last seen2020-06-01
    modified2020-06-02
    plugin id96474
    published2017-01-13
    reporterThis script is Copyright (C) 2017 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/96474
    titleGLSA-201701-33 : PostgreSQL: Multiple vulnerabilities
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2016-1060.NASL
    descriptionAn update for postgresql92-postgresql is now available for Red Hat Satellite 5.7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. PostgreSQL is an advanced object-relational database management system (DBMS). Security Fix(es) : * An integer overflow flaw, leading to a heap-based buffer overflow, was found in the PostgreSQL handling code for regular expressions. A remote attacker could use a specially crafted regular expression to cause PostgreSQL to crash or possibly execute arbitrary code. (CVE-2016-0773) Red Hat would like to thank PostgreSQL upstream for reporting this issue. Upstream acknowledges Tom Lane and Greg Stark as the original reporters.
    last seen2020-06-01
    modified2020-06-02
    plugin id91118
    published2016-05-13
    reporterThis script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/91118
    titleRHEL 6 : postgresql92 in Satellite Server (RHSA-2016:1060)
  • NASL familyOracle Linux Local Security Checks
    NASL idORACLELINUX_ELSA-2016-0347.NASL
    descriptionFrom Red Hat Security Advisory 2016:0347 : Updated postgresql packages that fix one security issue are now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Important security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. PostgreSQL is an advanced object-relational database management system (DBMS). An integer overflow flaw, leading to a heap-based buffer overflow, was found in the PostgreSQL handling code for regular expressions. A remote attacker could use a specially crafted regular expression to cause PostgreSQL to crash or possibly execute arbitrary code. (CVE-2016-0773) Red Hat would like to thank PostgreSQL upstream for reporting this issue. Upstream acknowledges Tom Lane and Greg Stark as the original reporters. All PostgreSQL users are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. If the postgresql service is running, it will be automatically restarted after installing this update.
    last seen2020-06-01
    modified2020-06-02
    plugin id89095
    published2016-03-03
    reporterThis script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/89095
    titleOracle Linux 6 : postgresql (ELSA-2016-0347)
  • NASL familyCentOS Local Security Checks
    NASL idCENTOS_RHSA-2016-0346.NASL
    descriptionUpdated postgresql packages that fix one security issue are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Important security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. PostgreSQL is an advanced object-relational database management system (DBMS). An integer overflow flaw, leading to a heap-based buffer overflow, was found in the PostgreSQL handling code for regular expressions. A remote attacker could use a specially crafted regular expression to cause PostgreSQL to crash or possibly execute arbitrary code. (CVE-2016-0773) Red Hat would like to thank PostgreSQL upstream for reporting this issue. Upstream acknowledges Tom Lane and Greg Stark as the original reporters. This update upgrades PostgreSQL to version 9.2.15. Refer to the Release Notes linked to in the References section for a detailed list of changes since the previous version. All PostgreSQL users are advised to upgrade to these updated packages, which correct this issue. If the postgresql service is running, it will be automatically restarted after installing this update.
    last seen2020-06-01
    modified2020-06-02
    plugin id89087
    published2016-03-03
    reporterThis script is Copyright (C) 2016-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/89087
    titleCentOS 7 : postgresql (CESA-2016:0346)
  • NASL familyDebian Local Security Checks
    NASL idDEBIAN_DLA-432.NASL
    descriptionSeveral bugs were discovered in PostgreSQL, a relational database server system. The 8.4 branch is EOLed upstream, but still present in Debian squeeze. This new LTS minor version contains fixes that were applied upstream to the 9.1.20 version, backported to 8.4.22 which was the last version officially released by the PostgreSQL developers. This LTS effort for squeeze-lts is a community project sponsored by credativ GmbH. This release is the last LTS update for PostgreSQL 8.4. Users should migrate to a newer PostgreSQL at the earliest opportunity. ## Migration to Version 8.4.22lts6 A dump/restore is not required for those running 8.4.X. However, if you are upgrading from a version earlier than 8.4.22, see the relevant release notes. ## Fixes Fix infinite loops and buffer-overrun problems in regular expressions (Tom Lane) Very large character ranges in bracket expressions could cause infinite loops in some cases, and memory overwrites in other cases. (CVE-2016-0773) Perform an immediate shutdown if the postmaster.pid file is removed (Tom Lane) The postmaster now checks every minute or so that postmaster.pid is still there and still contains its own PID. If not, it performs an immediate shutdown, as though it had received SIGQUIT. The main motivation for this change is to ensure that failed buildfarm runs will get cleaned up without manual intervention; but it also serves to limit the bad effects if a DBA forcibly removes postmaster.pid and then starts a new postmaster. NOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-03-17
    modified2016-02-26
    plugin id88973
    published2016-02-26
    reporterThis script is Copyright (C) 2016-2020 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/88973
    titleDebian DLA-432-1 : postgresql-8.4 update
  • NASL familySuSE Local Security Checks
    NASL idOPENSUSE-2016-253.NASL
    descriptionThis update for postgresql93 fixes the following issues : - Security and bugfix release 9.3.11 : - Fix infinite loops and buffer-overrun problems in regular expressions (CVE-2016-0773, boo#966436). - Fix regular-expression compiler to handle loops of constraint arcs (CVE-2007-4772). - Prevent certain PL/Java parameters from being set by non-superusers (CVE-2016-0766, boo#966435). - Fix many issues in pg_dump with specific object types - Prevent over-eager pushdown of HAVING clauses for GROUPING SETS - Fix deparsing error with ON CONFLICT ... WHERE clauses - Fix tableoid errors for postgres_fdw - Prevent floating-point exceptions in pgbench - Make \det search Foreign Table names consistently - Fix quoting of domain constraint names in pg_dump - Prevent putting expanded objects into Const nodes - Allow compile of PL/Java on Windows - Fix
    last seen2020-06-05
    modified2016-02-24
    plugin id88926
    published2016-02-24
    reporterThis script is Copyright (C) 2016-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/88926
    titleopenSUSE Security Update : postgresql93 (openSUSE-2016-253)
  • NASL familyOracle Linux Local Security Checks
    NASL idORACLELINUX_ELSA-2016-0346.NASL
    descriptionFrom Red Hat Security Advisory 2016:0346 : Updated postgresql packages that fix one security issue are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Important security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. PostgreSQL is an advanced object-relational database management system (DBMS). An integer overflow flaw, leading to a heap-based buffer overflow, was found in the PostgreSQL handling code for regular expressions. A remote attacker could use a specially crafted regular expression to cause PostgreSQL to crash or possibly execute arbitrary code. (CVE-2016-0773) Red Hat would like to thank PostgreSQL upstream for reporting this issue. Upstream acknowledges Tom Lane and Greg Stark as the original reporters. This update upgrades PostgreSQL to version 9.2.15. Refer to the Release Notes linked to in the References section for a detailed list of changes since the previous version. All PostgreSQL users are advised to upgrade to these updated packages, which correct this issue. If the postgresql service is running, it will be automatically restarted after installing this update.
    last seen2020-06-01
    modified2020-06-02
    plugin id89094
    published2016-03-03
    reporterThis script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/89094
    titleOracle Linux 7 : postgresql (ELSA-2016-0346)

Redhat

advisories
  • bugzilla
    id1303832
    titleCVE-2016-0773 postgresql: case insensitive range handling integer overflow leading to buffer overflow
    oval
    OR
    • commentRed Hat Enterprise Linux must be installed
      ovaloval:com.redhat.rhba:tst:20070304026
    • AND
      • commentRed Hat Enterprise Linux 7 is installed
        ovaloval:com.redhat.rhba:tst:20150364027
      • OR
        • AND
          • commentpostgresql-upgrade is earlier than 0:9.2.15-1.el7_2
            ovaloval:com.redhat.rhsa:tst:20160346001
          • commentpostgresql-upgrade is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20150750030
        • AND
          • commentpostgresql-libs is earlier than 0:9.2.15-1.el7_2
            ovaloval:com.redhat.rhsa:tst:20160346003
          • commentpostgresql-libs is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20100908014
        • AND
          • commentpostgresql is earlier than 0:9.2.15-1.el7_2
            ovaloval:com.redhat.rhsa:tst:20160346005
          • commentpostgresql is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20100908002
        • AND
          • commentpostgresql-devel is earlier than 0:9.2.15-1.el7_2
            ovaloval:com.redhat.rhsa:tst:20160346007
          • commentpostgresql-devel is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20100908016
        • AND
          • commentpostgresql-server is earlier than 0:9.2.15-1.el7_2
            ovaloval:com.redhat.rhsa:tst:20160346009
          • commentpostgresql-server is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20100908020
        • AND
          • commentpostgresql-docs is earlier than 0:9.2.15-1.el7_2
            ovaloval:com.redhat.rhsa:tst:20160346011
          • commentpostgresql-docs is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20100908010
        • AND
          • commentpostgresql-plpython is earlier than 0:9.2.15-1.el7_2
            ovaloval:com.redhat.rhsa:tst:20160346013
          • commentpostgresql-plpython is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20100908018
        • AND
          • commentpostgresql-pltcl is earlier than 0:9.2.15-1.el7_2
            ovaloval:com.redhat.rhsa:tst:20160346015
          • commentpostgresql-pltcl is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20100908004
        • AND
          • commentpostgresql-plperl is earlier than 0:9.2.15-1.el7_2
            ovaloval:com.redhat.rhsa:tst:20160346017
          • commentpostgresql-plperl is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20100908012
        • AND
          • commentpostgresql-contrib is earlier than 0:9.2.15-1.el7_2
            ovaloval:com.redhat.rhsa:tst:20160346019
          • commentpostgresql-contrib is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20100908008
        • AND
          • commentpostgresql-test is earlier than 0:9.2.15-1.el7_2
            ovaloval:com.redhat.rhsa:tst:20160346021
          • commentpostgresql-test is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20100908006
    rhsa
    idRHSA-2016:0346
    released2016-03-02
    severityImportant
    titleRHSA-2016:0346: postgresql security update (Important)
  • bugzilla
    id1303832
    titleCVE-2016-0773 postgresql: case insensitive range handling integer overflow leading to buffer overflow
    oval
    OR
    • commentRed Hat Enterprise Linux must be installed
      ovaloval:com.redhat.rhba:tst:20070304026
    • AND
      • commentRed Hat Enterprise Linux 6 is installed
        ovaloval:com.redhat.rhba:tst:20111656003
      • OR
        • AND
          • commentpostgresql-libs is earlier than 0:8.4.20-5.el6_7
            ovaloval:com.redhat.rhsa:tst:20160347001
          • commentpostgresql-libs is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20100908014
        • AND
          • commentpostgresql is earlier than 0:8.4.20-5.el6_7
            ovaloval:com.redhat.rhsa:tst:20160347003
          • commentpostgresql is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20100908002
        • AND
          • commentpostgresql-test is earlier than 0:8.4.20-5.el6_7
            ovaloval:com.redhat.rhsa:tst:20160347005
          • commentpostgresql-test is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20100908006
        • AND
          • commentpostgresql-docs is earlier than 0:8.4.20-5.el6_7
            ovaloval:com.redhat.rhsa:tst:20160347007
          • commentpostgresql-docs is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20100908010
        • AND
          • commentpostgresql-pltcl is earlier than 0:8.4.20-5.el6_7
            ovaloval:com.redhat.rhsa:tst:20160347009
          • commentpostgresql-pltcl is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20100908004
        • AND
          • commentpostgresql-plpython is earlier than 0:8.4.20-5.el6_7
            ovaloval:com.redhat.rhsa:tst:20160347011
          • commentpostgresql-plpython is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20100908018
        • AND
          • commentpostgresql-contrib is earlier than 0:8.4.20-5.el6_7
            ovaloval:com.redhat.rhsa:tst:20160347013
          • commentpostgresql-contrib is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20100908008
        • AND
          • commentpostgresql-server is earlier than 0:8.4.20-5.el6_7
            ovaloval:com.redhat.rhsa:tst:20160347015
          • commentpostgresql-server is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20100908020
        • AND
          • commentpostgresql-devel is earlier than 0:8.4.20-5.el6_7
            ovaloval:com.redhat.rhsa:tst:20160347017
          • commentpostgresql-devel is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20100908016
        • AND
          • commentpostgresql-plperl is earlier than 0:8.4.20-5.el6_7
            ovaloval:com.redhat.rhsa:tst:20160347019
          • commentpostgresql-plperl is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20100908012
    rhsa
    idRHSA-2016:0347
    released2016-03-02
    severityImportant
    titleRHSA-2016:0347: postgresql security update (Important)
  • rhsa
    idRHSA-2016:1060
rpms
  • postgresql-0:9.2.15-1.el7_2
  • postgresql-contrib-0:9.2.15-1.el7_2
  • postgresql-debuginfo-0:9.2.15-1.el7_2
  • postgresql-devel-0:9.2.15-1.el7_2
  • postgresql-docs-0:9.2.15-1.el7_2
  • postgresql-libs-0:9.2.15-1.el7_2
  • postgresql-plperl-0:9.2.15-1.el7_2
  • postgresql-plpython-0:9.2.15-1.el7_2
  • postgresql-pltcl-0:9.2.15-1.el7_2
  • postgresql-server-0:9.2.15-1.el7_2
  • postgresql-test-0:9.2.15-1.el7_2
  • postgresql-upgrade-0:9.2.15-1.el7_2
  • postgresql-0:8.4.20-5.el6_7
  • postgresql-contrib-0:8.4.20-5.el6_7
  • postgresql-debuginfo-0:8.4.20-5.el6_7
  • postgresql-devel-0:8.4.20-5.el6_7
  • postgresql-docs-0:8.4.20-5.el6_7
  • postgresql-libs-0:8.4.20-5.el6_7
  • postgresql-plperl-0:8.4.20-5.el6_7
  • postgresql-plpython-0:8.4.20-5.el6_7
  • postgresql-pltcl-0:8.4.20-5.el6_7
  • postgresql-server-0:8.4.20-5.el6_7
  • postgresql-test-0:8.4.20-5.el6_7
  • rh-postgresql94-postgresql-0:9.4.6-1.el6
  • rh-postgresql94-postgresql-0:9.4.6-1.el7
  • rh-postgresql94-postgresql-contrib-0:9.4.6-1.el6
  • rh-postgresql94-postgresql-contrib-0:9.4.6-1.el7
  • rh-postgresql94-postgresql-debuginfo-0:9.4.6-1.el6
  • rh-postgresql94-postgresql-debuginfo-0:9.4.6-1.el7
  • rh-postgresql94-postgresql-devel-0:9.4.6-1.el6
  • rh-postgresql94-postgresql-devel-0:9.4.6-1.el7
  • rh-postgresql94-postgresql-docs-0:9.4.6-1.el6
  • rh-postgresql94-postgresql-docs-0:9.4.6-1.el7
  • rh-postgresql94-postgresql-libs-0:9.4.6-1.el6
  • rh-postgresql94-postgresql-libs-0:9.4.6-1.el7
  • rh-postgresql94-postgresql-plperl-0:9.4.6-1.el6
  • rh-postgresql94-postgresql-plperl-0:9.4.6-1.el7
  • rh-postgresql94-postgresql-plpython-0:9.4.6-1.el6
  • rh-postgresql94-postgresql-plpython-0:9.4.6-1.el7
  • rh-postgresql94-postgresql-pltcl-0:9.4.6-1.el6
  • rh-postgresql94-postgresql-pltcl-0:9.4.6-1.el7
  • rh-postgresql94-postgresql-server-0:9.4.6-1.el6
  • rh-postgresql94-postgresql-server-0:9.4.6-1.el7
  • rh-postgresql94-postgresql-test-0:9.4.6-1.el6
  • rh-postgresql94-postgresql-test-0:9.4.6-1.el7
  • rh-postgresql94-postgresql-upgrade-0:9.4.6-1.el6
  • rh-postgresql94-postgresql-upgrade-0:9.4.6-1.el7
  • postgresql92-postgresql-0:9.2.15-1.el6
  • postgresql92-postgresql-0:9.2.15-1.el7
  • postgresql92-postgresql-contrib-0:9.2.15-1.el6
  • postgresql92-postgresql-contrib-0:9.2.15-1.el7
  • postgresql92-postgresql-debuginfo-0:9.2.15-1.el6
  • postgresql92-postgresql-debuginfo-0:9.2.15-1.el7
  • postgresql92-postgresql-devel-0:9.2.15-1.el6
  • postgresql92-postgresql-devel-0:9.2.15-1.el7
  • postgresql92-postgresql-docs-0:9.2.15-1.el6
  • postgresql92-postgresql-docs-0:9.2.15-1.el7
  • postgresql92-postgresql-libs-0:9.2.15-1.el6
  • postgresql92-postgresql-libs-0:9.2.15-1.el7
  • postgresql92-postgresql-plperl-0:9.2.15-1.el6
  • postgresql92-postgresql-plperl-0:9.2.15-1.el7
  • postgresql92-postgresql-plpython-0:9.2.15-1.el6
  • postgresql92-postgresql-plpython-0:9.2.15-1.el7
  • postgresql92-postgresql-pltcl-0:9.2.15-1.el6
  • postgresql92-postgresql-pltcl-0:9.2.15-1.el7
  • postgresql92-postgresql-server-0:9.2.15-1.el6
  • postgresql92-postgresql-server-0:9.2.15-1.el7
  • postgresql92-postgresql-test-0:9.2.15-1.el6
  • postgresql92-postgresql-test-0:9.2.15-1.el7
  • postgresql92-postgresql-upgrade-0:9.2.15-1.el6
  • postgresql92-postgresql-upgrade-0:9.2.15-1.el7
  • postgresql92-postgresql-0:9.2.15-2.el6
  • postgresql92-postgresql-contrib-0:9.2.15-2.el6
  • postgresql92-postgresql-debuginfo-0:9.2.15-2.el6
  • postgresql92-postgresql-libs-0:9.2.15-2.el6
  • postgresql92-postgresql-pltcl-0:9.2.15-2.el6
  • postgresql92-postgresql-server-0:9.2.15-2.el6
  • postgresql92-postgresql-upgrade-0:9.2.15-2.el6

References