Vulnerabilities > CVE-2017-15097 - Unspecified vulnerability in Redhat products
Attack vector
LOCAL Attack complexity
LOW Privileges required
HIGH Confidentiality impact
HIGH Integrity impact
HIGH Availability impact
HIGH Summary
Privilege escalation flaws were found in the Red Hat initialization scripts of PostgreSQL. An attacker with access to the postgres user account could use these flaws to obtain root access on the server machine.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| OS | 6 |
Nessus
NASL family Huawei Local Security Checks NASL id EULEROS_SA-2017-1341.NASL description According to the versions of the postgresql packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Privilege escalation flaws were found in the initialization scripts of PostgreSQL. An attacker with access to the postgres user account could use these flaws to obtain root access on the server machine. (CVE-2017-12172, CVE-2017-15097) Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-05-06 modified 2017-12-18 plugin id 105322 published 2017-12-18 reporter This script is Copyright (C) 2017-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/105322 title EulerOS 2.0 SP2 : postgresql (EulerOS-SA-2017-1341) code # # (C) Tenable Network Security, Inc. # include("compat.inc"); if (description) { script_id(105322); script_version("3.14"); script_set_attribute(attribute:"plugin_modification_date", value:"2020/05/04"); script_cve_id( "CVE-2017-12172", "CVE-2017-15097" ); script_name(english:"EulerOS 2.0 SP2 : postgresql (EulerOS-SA-2017-1341)"); script_summary(english:"Checks the rpm output for the updated packages."); script_set_attribute(attribute:"synopsis", value: "The remote EulerOS host is missing multiple security updates."); script_set_attribute(attribute:"description", value: "According to the versions of the postgresql packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Privilege escalation flaws were found in the initialization scripts of PostgreSQL. An attacker with access to the postgres user account could use these flaws to obtain root access on the server machine. (CVE-2017-12172, CVE-2017-15097) Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues."); # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2017-1341 script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?06772c28"); script_set_attribute(attribute:"solution", value: "Update the affected postgresql packages."); script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"); script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C"); script_set_attribute(attribute:"patch_publication_date", value:"2017/12/14"); script_set_attribute(attribute:"plugin_publication_date", value:"2017/12/18"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:postgresql"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:postgresql-contrib"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:postgresql-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:postgresql-docs"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:postgresql-libs"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:postgresql-plperl"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:postgresql-plpython"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:postgresql-pltcl"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:postgresql-server"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:postgresql-test"); script_set_attribute(attribute:"cpe", value:"cpe:/o:huawei:euleros:2.0"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_family(english:"Huawei Local Security Checks"); script_copyright(english:"This script is Copyright (C) 2017-2020 and is owned by Tenable, Inc. or an Affiliate thereof."); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/EulerOS/release", "Host/EulerOS/rpm-list", "Host/EulerOS/sp"); script_exclude_keys("Host/EulerOS/uvp_version"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/EulerOS/release"); if (isnull(release) || release !~ "^EulerOS") audit(AUDIT_OS_NOT, "EulerOS"); if (release !~ "^EulerOS release 2\.0(\D|$)") audit(AUDIT_OS_NOT, "EulerOS 2.0"); sp = get_kb_item("Host/EulerOS/sp"); if (isnull(sp) || sp !~ "^(2)$") audit(AUDIT_OS_NOT, "EulerOS 2.0 SP2"); uvp = get_kb_item("Host/EulerOS/uvp_version"); if (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, "EulerOS 2.0 SP2", "EulerOS UVP " + uvp); if (!get_kb_item("Host/EulerOS/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "aarch64" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "EulerOS", cpu); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_ARCH_NOT, "i686 / x86_64", cpu); flag = 0; pkgs = ["postgresql-9.2.23-3", "postgresql-contrib-9.2.23-3", "postgresql-devel-9.2.23-3", "postgresql-docs-9.2.23-3", "postgresql-libs-9.2.23-3", "postgresql-plperl-9.2.23-3", "postgresql-plpython-9.2.23-3", "postgresql-pltcl-9.2.23-3", "postgresql-server-9.2.23-3", "postgresql-test-9.2.23-3"]; foreach (pkg in pkgs) if (rpm_check(release:"EulerOS-2.0", sp:"2", reference:pkg)) flag++; if (flag) { security_report_v4( port : 0, severity : SECURITY_HOLE, extra : rpm_report_get() ); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "postgresql"); }NASL family Huawei Local Security Checks NASL id EULEROS_SA-2017-1340.NASL description According to the versions of the postgresql packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Privilege escalation flaws were found in the initialization scripts of PostgreSQL. An attacker with access to the postgres user account could use these flaws to obtain root access on the server machine. (CVE-2017-12172, CVE-2017-15097) Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-05-06 modified 2017-12-18 plugin id 105321 published 2017-12-18 reporter This script is Copyright (C) 2017-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/105321 title EulerOS 2.0 SP1 : postgresql (EulerOS-SA-2017-1340) NASL family CentOS Local Security Checks NASL id CENTOS_RHSA-2017-3402.NASL description An update for postgresql is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. PostgreSQL is an advanced object-relational database management system (DBMS). Security Fix(es) : * Privilege escalation flaws were found in the initialization scripts of PostgreSQL. An attacker with access to the postgres user account could use these flaws to obtain root access on the server machine. (CVE-2017-12172, CVE-2017-15097) Note: This patch drops the script privileges from root to the postgres user. Therefore, this update works properly only if the postgres user has write access to the postgres last seen 2020-06-01 modified 2020-06-02 plugin id 105114 published 2017-12-11 reporter This script is Copyright (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/105114 title CentOS 7 : postgresql (CESA-2017:3402) NASL family Scientific Linux Local Security Checks NASL id SL_20171219_POSTGRESQL_ON_SL7_X.NASL description Security Fix(es) : - Privilege escalation flaws were found in the initialization scripts of PostgreSQL. An attacker with access to the postgres user account could use these flaws to obtain root access on the server machine. (CVE-2017-12172, CVE-2017-15097) Note: This patch drops the script privileges from root to the postgres user. Therefore, this update works properly only if the postgres user has write access to the postgres last seen 2020-03-18 modified 2017-12-20 plugin id 105387 published 2017-12-20 reporter This script is Copyright (C) 2017-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/105387 title Scientific Linux Security Update : postgresql on SL7.x x86_64 (20171219) NASL family Oracle Linux Local Security Checks NASL id ORACLELINUX_ELSA-2017-3402.NASL description From Red Hat Security Advisory 2017:3402 : An update for postgresql is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. PostgreSQL is an advanced object-relational database management system (DBMS). Security Fix(es) : * Privilege escalation flaws were found in the initialization scripts of PostgreSQL. An attacker with access to the postgres user account could use these flaws to obtain root access on the server machine. (CVE-2017-12172, CVE-2017-15097) Note: This patch drops the script privileges from root to the postgres user. Therefore, this update works properly only if the postgres user has write access to the postgres last seen 2020-06-01 modified 2020-06-02 plugin id 105142 published 2017-12-11 reporter This script is Copyright (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/105142 title Oracle Linux 7 : postgresql (ELSA-2017-3402) NASL family NewStart CGSL Local Security Checks NASL id NEWSTART_CGSL_NS-SA-2019-0006_POSTGRESQL.NASL description The remote NewStart CGSL host, running version MAIN 5.04, has postgresql packages installed that are affected by multiple vulnerabilities: - Privilege escalation flaws were found in the Red Hat initialization scripts of PostgreSQL. An attacker with access to the postgres user account could use these flaws to obtain root access on the server machine. (CVE-2017-15097) - Privilege escalation flaws were found in the initialization scripts of PostgreSQL. An attacker with access to the postgres user account could use these flaws to obtain root access on the server machine. (CVE-2017-12172) Note that Nessus has not tested for this issue but has instead relied only on the application last seen 2020-06-01 modified 2020-06-02 plugin id 127150 published 2019-08-12 reporter This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/127150 title NewStart CGSL MAIN 5.04 : postgresql Multiple Vulnerabilities (NS-SA-2019-0006) NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2017-3402.NASL description An update for postgresql is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. PostgreSQL is an advanced object-relational database management system (DBMS). Security Fix(es) : * Privilege escalation flaws were found in the initialization scripts of PostgreSQL. An attacker with access to the postgres user account could use these flaws to obtain root access on the server machine. (CVE-2017-12172, CVE-2017-15097) Note: This patch drops the script privileges from root to the postgres user. Therefore, this update works properly only if the postgres user has write access to the postgres last seen 2020-06-01 modified 2020-06-02 plugin id 105092 published 2017-12-08 reporter This script is Copyright (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/105092 title RHEL 7 : postgresql (RHSA-2017:3402)
Redhat
| advisories |
| ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| rpms |
|
References
- http://www.securitytracker.com/id/1039983
- http://www.securitytracker.com/id/1039983
- https://access.redhat.com/errata/RHSA-2017:3402
- https://access.redhat.com/errata/RHSA-2017:3402
- https://access.redhat.com/errata/RHSA-2017:3403
- https://access.redhat.com/errata/RHSA-2017:3403
- https://access.redhat.com/errata/RHSA-2017:3404
- https://access.redhat.com/errata/RHSA-2017:3404
- https://access.redhat.com/errata/RHSA-2017:3405
- https://access.redhat.com/errata/RHSA-2017:3405
- https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-15097
- https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-15097