Vulnerabilities > CVE-2017-7548
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
HIGH Availability impact
NONE Summary
PostgreSQL versions before 9.4.13, 9.5.8 and 9.6.4 are vulnerable to authorization flaw allowing remote authenticated attackers with no privileges on a large object to overwrite the entire contents of the object, resulting in a denial of service.
Vulnerable Configurations
Nessus
NASL family SuSE Local Security Checks NASL id OPENSUSE-2017-985.NASL description Postgresql93 was updated to 9.3.18 to fix the following issues : - CVE-2017-7547: Further restrict visibility of pg_user_mappings.umoptions, to protect passwords stored as user mapping options. (bsc#1051685) - CVE-2017-7546: Disallow empty passwords in all password-based authentication methods. (bsc#1051684) - CVE-2017-7548: lo_put() function ignores ACLs. (bsc#1053259) The changelog for the release is here : 	https://www.postgresql.org/docs/9.3/static/release-9-3-18.html This update was imported from the SUSE:SLE-12:Update update project. last seen 2020-06-05 modified 2017-08-31 plugin id 102847 published 2017-08-31 reporter This script is Copyright (C) 2017-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/102847 title openSUSE Security Update : postgresql93 (openSUSE-2017-985) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from openSUSE Security Update openSUSE-2017-985. # # The text description of this plugin is (C) SUSE LLC. # include("compat.inc"); if (description) { script_id(102847); script_version("3.6"); script_set_attribute(attribute:"plugin_modification_date", value:"2020/06/04"); script_cve_id("CVE-2017-7546", "CVE-2017-7547", "CVE-2017-7548"); script_name(english:"openSUSE Security Update : postgresql93 (openSUSE-2017-985)"); script_summary(english:"Check for the openSUSE-2017-985 patch"); script_set_attribute( attribute:"synopsis", value:"The remote openSUSE host is missing a security update." ); script_set_attribute( attribute:"description", value: "Postgresql93 was updated to 9.3.18 to fix the following issues : - CVE-2017-7547: Further restrict visibility of pg_user_mappings.umoptions, to protect passwords stored as user mapping options. (bsc#1051685) - CVE-2017-7546: Disallow empty passwords in all password-based authentication methods. (bsc#1051684) - CVE-2017-7548: lo_put() function ignores ACLs. (bsc#1053259) The changelog for the release is here : 	https://www.postgresql.org/docs/9.3/static/release-9-3-18.html This update was imported from the SUSE:SLE-12:Update update project." ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1051684" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1051685" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1053259" ); # https://www.postgresql.org/docs/9.3/static/release-9-3-18.html script_set_attribute( attribute:"see_also", value:"https://www.postgresql.org/docs/9.3/release-9-3-18.html" ); script_set_attribute( attribute:"solution", value:"Update the affected postgresql93 packages." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P"); script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:postgresql93"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:postgresql93-contrib"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:postgresql93-contrib-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:postgresql93-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:postgresql93-debugsource"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:postgresql93-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:postgresql93-devel-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:postgresql93-libs-debugsource"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:postgresql93-plperl"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:postgresql93-plperl-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:postgresql93-plpython"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:postgresql93-plpython-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:postgresql93-pltcl"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:postgresql93-pltcl-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:postgresql93-server"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:postgresql93-server-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:postgresql93-test"); script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:42.2"); script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:42.3"); script_set_attribute(attribute:"patch_publication_date", value:"2017/08/30"); script_set_attribute(attribute:"plugin_publication_date", value:"2017/08/31"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2017-2020 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"SuSE Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/SuSE/release"); if (isnull(release) || release =~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "openSUSE"); if (release !~ "^(SUSE42\.2|SUSE42\.3)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "42.2 / 42.3", release); if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); ourarch = get_kb_item("Host/cpu"); if (!ourarch) audit(AUDIT_UNKNOWN_ARCH); if (ourarch !~ "^(i586|i686|x86_64)$") audit(AUDIT_ARCH_NOT, "i586 / i686 / x86_64", ourarch); flag = 0; if ( rpm_check(release:"SUSE42.2", reference:"postgresql93-devel-9.3.18-5.12.1") ) flag++; if ( rpm_check(release:"SUSE42.2", reference:"postgresql93-devel-debuginfo-9.3.18-5.12.1") ) flag++; if ( rpm_check(release:"SUSE42.2", reference:"postgresql93-libs-debugsource-9.3.18-5.12.1") ) flag++; if ( rpm_check(release:"SUSE42.2", cpu:"x86_64", reference:"postgresql93-9.3.18-5.12.1") ) flag++; if ( rpm_check(release:"SUSE42.2", cpu:"x86_64", reference:"postgresql93-contrib-9.3.18-5.12.1") ) flag++; if ( rpm_check(release:"SUSE42.2", cpu:"x86_64", reference:"postgresql93-contrib-debuginfo-9.3.18-5.12.1") ) flag++; if ( rpm_check(release:"SUSE42.2", cpu:"x86_64", reference:"postgresql93-debuginfo-9.3.18-5.12.1") ) flag++; if ( rpm_check(release:"SUSE42.2", cpu:"x86_64", reference:"postgresql93-debugsource-9.3.18-5.12.1") ) flag++; if ( rpm_check(release:"SUSE42.2", cpu:"x86_64", reference:"postgresql93-plperl-9.3.18-5.12.1") ) flag++; if ( rpm_check(release:"SUSE42.2", cpu:"x86_64", reference:"postgresql93-plperl-debuginfo-9.3.18-5.12.1") ) flag++; if ( rpm_check(release:"SUSE42.2", cpu:"x86_64", reference:"postgresql93-plpython-9.3.18-5.12.1") ) flag++; if ( rpm_check(release:"SUSE42.2", cpu:"x86_64", reference:"postgresql93-plpython-debuginfo-9.3.18-5.12.1") ) flag++; if ( rpm_check(release:"SUSE42.2", cpu:"x86_64", reference:"postgresql93-pltcl-9.3.18-5.12.1") ) flag++; if ( rpm_check(release:"SUSE42.2", cpu:"x86_64", reference:"postgresql93-pltcl-debuginfo-9.3.18-5.12.1") ) flag++; if ( rpm_check(release:"SUSE42.2", cpu:"x86_64", reference:"postgresql93-server-9.3.18-5.12.1") ) flag++; if ( rpm_check(release:"SUSE42.2", cpu:"x86_64", reference:"postgresql93-server-debuginfo-9.3.18-5.12.1") ) flag++; if ( rpm_check(release:"SUSE42.2", cpu:"x86_64", reference:"postgresql93-test-9.3.18-5.12.1") ) flag++; if ( rpm_check(release:"SUSE42.3", reference:"postgresql93-devel-9.3.18-8.1") ) flag++; if ( rpm_check(release:"SUSE42.3", reference:"postgresql93-devel-debuginfo-9.3.18-8.1") ) flag++; if ( rpm_check(release:"SUSE42.3", reference:"postgresql93-libs-debugsource-9.3.18-8.1") ) flag++; if ( rpm_check(release:"SUSE42.3", cpu:"x86_64", reference:"postgresql93-9.3.18-8.1") ) flag++; if ( rpm_check(release:"SUSE42.3", cpu:"x86_64", reference:"postgresql93-contrib-9.3.18-8.1") ) flag++; if ( rpm_check(release:"SUSE42.3", cpu:"x86_64", reference:"postgresql93-contrib-debuginfo-9.3.18-8.1") ) flag++; if ( rpm_check(release:"SUSE42.3", cpu:"x86_64", reference:"postgresql93-debuginfo-9.3.18-8.1") ) flag++; if ( rpm_check(release:"SUSE42.3", cpu:"x86_64", reference:"postgresql93-debugsource-9.3.18-8.1") ) flag++; if ( rpm_check(release:"SUSE42.3", cpu:"x86_64", reference:"postgresql93-plperl-9.3.18-8.1") ) flag++; if ( rpm_check(release:"SUSE42.3", cpu:"x86_64", reference:"postgresql93-plperl-debuginfo-9.3.18-8.1") ) flag++; if ( rpm_check(release:"SUSE42.3", cpu:"x86_64", reference:"postgresql93-plpython-9.3.18-8.1") ) flag++; if ( rpm_check(release:"SUSE42.3", cpu:"x86_64", reference:"postgresql93-plpython-debuginfo-9.3.18-8.1") ) flag++; if ( rpm_check(release:"SUSE42.3", cpu:"x86_64", reference:"postgresql93-pltcl-9.3.18-8.1") ) flag++; if ( rpm_check(release:"SUSE42.3", cpu:"x86_64", reference:"postgresql93-pltcl-debuginfo-9.3.18-8.1") ) flag++; if ( rpm_check(release:"SUSE42.3", cpu:"x86_64", reference:"postgresql93-server-9.3.18-8.1") ) flag++; if ( rpm_check(release:"SUSE42.3", cpu:"x86_64", reference:"postgresql93-server-debuginfo-9.3.18-8.1") ) flag++; if ( rpm_check(release:"SUSE42.3", cpu:"x86_64", reference:"postgresql93-test-9.3.18-8.1") ) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get()); else security_hole(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "postgresql93-devel / postgresql93-devel-debuginfo / etc"); }
NASL family FreeBSD Local Security Checks NASL id FREEBSD_PKG_982872F17DD311E797366CC21735F730.NASL description The PostgreSQL project reports : - CVE-2017-7546: Empty password accepted in some authentication methods - CVE-2017-7547: The last seen 2020-06-01 modified 2020-06-02 plugin id 102408 published 2017-08-11 reporter This script is Copyright (C) 2017-2018 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/102408 title FreeBSD : PostgreSQL vulnerabilities (982872f1-7dd3-11e7-9736-6cc21735f730) code # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from the FreeBSD VuXML database : # # Copyright 2003-2018 Jacques Vidrine and contributors # # Redistribution and use in source (VuXML) and 'compiled' forms (SGML, # HTML, PDF, PostScript, RTF and so forth) with or without modification, # are permitted provided that the following conditions are met: # 1. Redistributions of source code (VuXML) must retain the above # copyright notice, this list of conditions and the following # disclaimer as the first lines of this file unmodified. # 2. Redistributions in compiled form (transformed to other DTDs, # published online in any format, converted to PDF, PostScript, # RTF and other formats) must reproduce the above copyright # notice, this list of conditions and the following disclaimer # in the documentation and/or other materials provided with the # distribution. # # THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS "AS IS" # AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, # THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR # PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS # BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, # OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT # OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR # BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, # WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE # OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION, # EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. # include("compat.inc"); if (description) { script_id(102408); script_version("3.7"); script_cvs_date("Date: 2018/11/10 11:49:46"); script_cve_id("CVE-2017-7546", "CVE-2017-7547", "CVE-2017-7548"); script_name(english:"FreeBSD : PostgreSQL vulnerabilities (982872f1-7dd3-11e7-9736-6cc21735f730)"); script_summary(english:"Checks for updated packages in pkg_info output"); script_set_attribute( attribute:"synopsis", value: "The remote FreeBSD host is missing one or more security-related updates." ); script_set_attribute( attribute:"description", value: "The PostgreSQL project reports : - CVE-2017-7546: Empty password accepted in some authentication methods - CVE-2017-7547: The 'pg_user_mappings' catalog view discloses passwords to users lacking server privileges - CVE-2017-7548: lo_put() function ignores ACLs" ); # https://vuxml.freebsd.org/freebsd/982872f1-7dd3-11e7-9736-6cc21735f730.html script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?79156910" ); script_set_attribute(attribute:"solution", value:"Update the affected packages."); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P"); script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:freebsd:freebsd:postgresql92-server"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:freebsd:freebsd:postgresql93-server"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:freebsd:freebsd:postgresql94-server"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:freebsd:freebsd:postgresql95-server"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:freebsd:freebsd:postgresql96-server"); script_set_attribute(attribute:"cpe", value:"cpe:/o:freebsd:freebsd"); script_set_attribute(attribute:"vuln_publication_date", value:"2017/08/10"); script_set_attribute(attribute:"patch_publication_date", value:"2017/08/10"); script_set_attribute(attribute:"plugin_publication_date", value:"2017/08/11"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2017-2018 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"FreeBSD Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/FreeBSD/release", "Host/FreeBSD/pkg_info"); exit(0); } include("audit.inc"); include("freebsd_package.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); if (!get_kb_item("Host/FreeBSD/release")) audit(AUDIT_OS_NOT, "FreeBSD"); if (!get_kb_item("Host/FreeBSD/pkg_info")) audit(AUDIT_PACKAGE_LIST_MISSING); flag = 0; if (pkg_test(save_report:TRUE, pkg:"postgresql92-server>=9.2.0<9.2.22")) flag++; if (pkg_test(save_report:TRUE, pkg:"postgresql93-server>=9.3.0<9.3.18")) flag++; if (pkg_test(save_report:TRUE, pkg:"postgresql94-server>=9.4.0<9.4.13")) flag++; if (pkg_test(save_report:TRUE, pkg:"postgresql95-server>=9.5.0<9.5.8")) flag++; if (pkg_test(save_report:TRUE, pkg:"postgresql96-server>=9.6.0<9.6.4")) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:pkg_report_get()); else security_hole(0); exit(0); } else audit(AUDIT_HOST_NOT, "affected");
NASL family SuSE Local Security Checks NASL id OPENSUSE-2018-204.NASL description This update for postgresql95 fixes the following issues : Upate to PostgreSQL 9.5.11 : Security issues fixed : - https://www.postgresql.org/docs/9.5/static/release-9-5-11.html - CVE-2018-1053, boo#1077983: Ensure that all temporary files made by pg_upgrade are non-world-readable. - boo#1079757: Rename pg_rewind last seen 2020-06-05 modified 2018-02-23 plugin id 106965 published 2018-02-23 reporter This script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/106965 title openSUSE Security Update : postgresql95 (openSUSE-2018-204) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from openSUSE Security Update openSUSE-2018-204. # # The text description of this plugin is (C) SUSE LLC. # include("compat.inc"); if (description) { script_id(106965); script_version("3.3"); script_set_attribute(attribute:"plugin_modification_date", value:"2020/06/04"); script_cve_id("CVE-2017-15098", "CVE-2017-15099", "CVE-2017-7546", "CVE-2017-7547", "CVE-2017-7548", "CVE-2018-1053"); script_name(english:"openSUSE Security Update : postgresql95 (openSUSE-2018-204)"); script_summary(english:"Check for the openSUSE-2018-204 patch"); script_set_attribute( attribute:"synopsis", value:"The remote openSUSE host is missing a security update." ); script_set_attribute( attribute:"description", value: "This update for postgresql95 fixes the following issues : Upate to PostgreSQL 9.5.11 : Security issues fixed : - https://www.postgresql.org/docs/9.5/static/release-9-5-11.html - CVE-2018-1053, boo#1077983: Ensure that all temporary files made by pg_upgrade are non-world-readable. - boo#1079757: Rename pg_rewind's copy_file_range function to avoid conflict with new Linux system call of that name. In version 9.5.10 : - https://www.postgresql.org/docs/9.5/static/release-9-5-10.html - CVE-2017-15098, boo#1067844: Memory disclosure in JSON functions. - CVE-2017-15099, boo#1067841: INSERT ... ON CONFLICT DO UPDATE fails to enforce SELECT privileges. In version 9.5.9 : - https://www.postgresql.org/docs/9.5/static/release-9-5-9.html - Show foreign tables in information_schema.table_privileges view. - Clean up handling of a fatal exit (e.g., due to receipt of SIGTERM) that occurs while trying to execute a ROLLBACK of a failed transaction. - Remove assertion that could trigger during a fatal exit. - Correctly identify columns that are of a range type or domain type over a composite type or domain type being searched for. - Fix crash in pg_restore when using parallel mode and using a list file to select a subset of items to restore. - Change ecpg's parser to allow RETURNING clauses without attached C variables. In version 9.5.8 - https://www.postgresql.org/docs/9.5/static/release-9-5-8.html - CVE-2017-7547, boo#1051685: Further restrict visibility of pg_user_mappings.umoptions, to protect passwords stored as user mapping options. - CVE-2017-7546, boo#1051684: Disallow empty passwords in all password-based authentication methods. - CVE-2017-7548, boo#1053259: lo_put() function ignores ACLs." ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1051684" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1051685" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1053259" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1067841" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1067844" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1077983" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1079757" ); # https://www.postgresql.org/docs/9.5/static/release-9-5-10.html script_set_attribute( attribute:"see_also", value:"https://www.postgresql.org/docs/9.5/release-9-5-10.html" ); # https://www.postgresql.org/docs/9.5/static/release-9-5-11.html script_set_attribute( attribute:"see_also", value:"https://www.postgresql.org/docs/9.5/release-9-5-11.html" ); # https://www.postgresql.org/docs/9.5/static/release-9-5-8.html script_set_attribute( attribute:"see_also", value:"https://www.postgresql.org/docs/9.5/release-9-5-8.html" ); # https://www.postgresql.org/docs/9.5/static/release-9-5-9.html script_set_attribute( attribute:"see_also", value:"https://www.postgresql.org/docs/9.5/release-9-5-9.html" ); script_set_attribute( attribute:"solution", value:"Update the affected postgresql95 packages." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P"); script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:postgresql95"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:postgresql95-contrib"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:postgresql95-contrib-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:postgresql95-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:postgresql95-debugsource"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:postgresql95-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:postgresql95-devel-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:postgresql95-libs-debugsource"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:postgresql95-plperl"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:postgresql95-plperl-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:postgresql95-plpython"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:postgresql95-plpython-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:postgresql95-pltcl"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:postgresql95-pltcl-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:postgresql95-server"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:postgresql95-server-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:postgresql95-test"); script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:42.3"); script_set_attribute(attribute:"patch_publication_date", value:"2018/02/22"); script_set_attribute(attribute:"plugin_publication_date", value:"2018/02/23"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"SuSE Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/SuSE/release"); if (isnull(release) || release =~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "openSUSE"); if (release !~ "^(SUSE42\.3)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "42.3", release); if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); ourarch = get_kb_item("Host/cpu"); if (!ourarch) audit(AUDIT_UNKNOWN_ARCH); if (ourarch !~ "^(i586|i686|x86_64)$") audit(AUDIT_ARCH_NOT, "i586 / i686 / x86_64", ourarch); flag = 0; if ( rpm_check(release:"SUSE42.3", reference:"postgresql95-9.5.11-2.3.1") ) flag++; if ( rpm_check(release:"SUSE42.3", reference:"postgresql95-contrib-9.5.11-2.3.1") ) flag++; if ( rpm_check(release:"SUSE42.3", reference:"postgresql95-contrib-debuginfo-9.5.11-2.3.1") ) flag++; if ( rpm_check(release:"SUSE42.3", reference:"postgresql95-debuginfo-9.5.11-2.3.1") ) flag++; if ( rpm_check(release:"SUSE42.3", reference:"postgresql95-debugsource-9.5.11-2.3.1") ) flag++; if ( rpm_check(release:"SUSE42.3", reference:"postgresql95-devel-9.5.11-2.3.1") ) flag++; if ( rpm_check(release:"SUSE42.3", reference:"postgresql95-devel-debuginfo-9.5.11-2.3.1") ) flag++; if ( rpm_check(release:"SUSE42.3", reference:"postgresql95-libs-debugsource-9.5.11-2.3.1") ) flag++; if ( rpm_check(release:"SUSE42.3", reference:"postgresql95-plperl-9.5.11-2.3.1") ) flag++; if ( rpm_check(release:"SUSE42.3", reference:"postgresql95-plperl-debuginfo-9.5.11-2.3.1") ) flag++; if ( rpm_check(release:"SUSE42.3", reference:"postgresql95-plpython-9.5.11-2.3.1") ) flag++; if ( rpm_check(release:"SUSE42.3", reference:"postgresql95-plpython-debuginfo-9.5.11-2.3.1") ) flag++; if ( rpm_check(release:"SUSE42.3", reference:"postgresql95-pltcl-9.5.11-2.3.1") ) flag++; if ( rpm_check(release:"SUSE42.3", reference:"postgresql95-pltcl-debuginfo-9.5.11-2.3.1") ) flag++; if ( rpm_check(release:"SUSE42.3", reference:"postgresql95-server-9.5.11-2.3.1") ) flag++; if ( rpm_check(release:"SUSE42.3", reference:"postgresql95-server-debuginfo-9.5.11-2.3.1") ) flag++; if ( rpm_check(release:"SUSE42.3", reference:"postgresql95-test-9.5.11-2.3.1") ) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get()); else security_hole(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "postgresql95-devel / postgresql95-devel-debuginfo / etc"); }
NASL family Debian Local Security Checks NASL id DEBIAN_DSA-3935.NASL description Several vulnerabilities have been found in the PostgreSQL database system : - CVE-2017-7546 In some authentication methods empty passwords were accepted. - CVE-2017-7547 User mappings could leak data to unprivileged users. - CVE-2017-7548 The lo_put() function ignored ACLs. For more in-depth descriptions of the security vulnerabilities, please see https://www.postgresql.org/about/news/1772/ last seen 2020-06-01 modified 2020-06-02 plugin id 102442 published 2017-08-14 reporter This script is Copyright (C) 2017-2018 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/102442 title Debian DSA-3935-1 : postgresql-9.4 - security update code # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Debian Security Advisory DSA-3935. The text # itself is copyright (C) Software in the Public Interest, Inc. # include("compat.inc"); if (description) { script_id(102442); script_version("3.10"); script_cvs_date("Date: 2018/11/10 11:49:38"); script_cve_id("CVE-2017-7546", "CVE-2017-7547", "CVE-2017-7548"); script_xref(name:"DSA", value:"3935"); script_name(english:"Debian DSA-3935-1 : postgresql-9.4 - security update"); script_summary(english:"Checks dpkg output for the updated package"); script_set_attribute( attribute:"synopsis", value:"The remote Debian host is missing a security-related update." ); script_set_attribute( attribute:"description", value: "Several vulnerabilities have been found in the PostgreSQL database system : - CVE-2017-7546 In some authentication methods empty passwords were accepted. - CVE-2017-7547 User mappings could leak data to unprivileged users. - CVE-2017-7548 The lo_put() function ignored ACLs. For more in-depth descriptions of the security vulnerabilities, please see https://www.postgresql.org/about/news/1772/" ); script_set_attribute( attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2017-7546" ); script_set_attribute( attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2017-7547" ); script_set_attribute( attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2017-7548" ); script_set_attribute( attribute:"see_also", value:"https://www.postgresql.org/about/news/1772/" ); script_set_attribute( attribute:"see_also", value:"https://packages.debian.org/source/jessie/postgresql-9.4" ); script_set_attribute( attribute:"see_also", value:"https://www.debian.org/security/2017/dsa-3935" ); script_set_attribute( attribute:"solution", value: "Upgrade the postgresql-9.4 packages. For the oldstable distribution (jessie), these problems have been fixed in version 9.4.13-0+deb8u1." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"); script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"exploit_available", value:"false"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:postgresql-9.4"); script_set_attribute(attribute:"cpe", value:"cpe:/o:debian:debian_linux:8.0"); script_set_attribute(attribute:"patch_publication_date", value:"2017/08/10"); script_set_attribute(attribute:"plugin_publication_date", value:"2017/08/14"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2017-2018 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Debian Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/Debian/release", "Host/Debian/dpkg-l"); exit(0); } include("audit.inc"); include("debian_package.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); if (!get_kb_item("Host/Debian/release")) audit(AUDIT_OS_NOT, "Debian"); if (!get_kb_item("Host/Debian/dpkg-l")) audit(AUDIT_PACKAGE_LIST_MISSING); flag = 0; if (deb_check(release:"8.0", prefix:"libecpg-compat3", reference:"9.4.13-0+deb8u1")) flag++; if (deb_check(release:"8.0", prefix:"libecpg-dev", reference:"9.4.13-0+deb8u1")) flag++; if (deb_check(release:"8.0", prefix:"libecpg6", reference:"9.4.13-0+deb8u1")) flag++; if (deb_check(release:"8.0", prefix:"libpgtypes3", reference:"9.4.13-0+deb8u1")) flag++; if (deb_check(release:"8.0", prefix:"libpq-dev", reference:"9.4.13-0+deb8u1")) flag++; if (deb_check(release:"8.0", prefix:"libpq5", reference:"9.4.13-0+deb8u1")) flag++; if (deb_check(release:"8.0", prefix:"postgresql-9.4", reference:"9.4.13-0+deb8u1")) flag++; if (deb_check(release:"8.0", prefix:"postgresql-9.4-dbg", reference:"9.4.13-0+deb8u1")) flag++; if (deb_check(release:"8.0", prefix:"postgresql-client-9.4", reference:"9.4.13-0+deb8u1")) flag++; if (deb_check(release:"8.0", prefix:"postgresql-contrib-9.4", reference:"9.4.13-0+deb8u1")) flag++; if (deb_check(release:"8.0", prefix:"postgresql-doc-9.4", reference:"9.4.13-0+deb8u1")) flag++; if (deb_check(release:"8.0", prefix:"postgresql-plperl-9.4", reference:"9.4.13-0+deb8u1")) flag++; if (deb_check(release:"8.0", prefix:"postgresql-plpython-9.4", reference:"9.4.13-0+deb8u1")) flag++; if (deb_check(release:"8.0", prefix:"postgresql-plpython3-9.4", reference:"9.4.13-0+deb8u1")) flag++; if (deb_check(release:"8.0", prefix:"postgresql-pltcl-9.4", reference:"9.4.13-0+deb8u1")) flag++; if (deb_check(release:"8.0", prefix:"postgresql-server-dev-9.4", reference:"9.4.13-0+deb8u1")) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get()); else security_hole(0); exit(0); } else audit(AUDIT_HOST_NOT, "affected");
NASL family SuSE Local Security Checks NASL id SUSE_SU-2017-2236-1.NASL description Postgresql93 was updated to 9.3.18 to fix the following issues : - CVE-2017-7547: Further restrict visibility of pg_user_mappings.umoptions, to protect passwords stored as user mapping options. (bsc#1051685) - CVE-2017-7546: Disallow empty passwords in all password-based authentication methods. (bsc#1051684) - CVE-2017-7548: lo_put() function ignores ACLs. (bsc#1053259) The changelog for the release is here: 	https://www.postgresql.org/docs/9.3/static/release-9 -3-18.html Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 102695 published 2017-08-23 reporter This script is Copyright (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/102695 title SUSE SLES12 Security Update : postgresql93 (SUSE-SU-2017:2236-1) code # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from SUSE update advisory SUSE-SU-2017:2236-1. # The text itself is copyright (C) SUSE. # include("compat.inc"); if (description) { script_id(102695); script_version("3.10"); script_cvs_date("Date: 2019/09/11 11:22:16"); script_cve_id("CVE-2017-7546", "CVE-2017-7547", "CVE-2017-7548"); script_name(english:"SUSE SLES12 Security Update : postgresql93 (SUSE-SU-2017:2236-1)"); script_summary(english:"Checks rpm output for the updated packages."); script_set_attribute( attribute:"synopsis", value:"The remote SUSE host is missing one or more security updates." ); script_set_attribute( attribute:"description", value: "Postgresql93 was updated to 9.3.18 to fix the following issues : - CVE-2017-7547: Further restrict visibility of pg_user_mappings.umoptions, to protect passwords stored as user mapping options. (bsc#1051685) - CVE-2017-7546: Disallow empty passwords in all password-based authentication methods. (bsc#1051684) - CVE-2017-7548: lo_put() function ignores ACLs. (bsc#1053259) The changelog for the release is here: 	https://www.postgresql.org/docs/9.3/static/release-9 -3-18.html Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues." ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1051684" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1051685" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1053259" ); # https://www.postgresql.org/docs/9.3/static/release-9-3-18.html script_set_attribute( attribute:"see_also", value:"https://www.postgresql.org/docs/9.3/release-9-3-18.html" ); script_set_attribute( attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2017-7546/" ); script_set_attribute( attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2017-7547/" ); script_set_attribute( attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2017-7548/" ); # https://www.suse.com/support/update/announcement/2017/suse-su-20172236-1/ script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?98401eff" ); script_set_attribute( attribute:"solution", value: "To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product : SUSE Linux Enterprise Server for SAP 12:zypper in -t patch SUSE-SLE-SAP-12-2017-1368=1 SUSE Linux Enterprise Server 12-LTSS:zypper in -t patch SUSE-SLE-SERVER-12-2017-1368=1 To bring your system up-to-date, use 'zypper patch'." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"); script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"exploit_available", value:"false"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:postgresql93"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:postgresql93-contrib"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:postgresql93-contrib-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:postgresql93-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:postgresql93-debugsource"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:postgresql93-server"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:postgresql93-server-debuginfo"); script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:suse_linux:12"); script_set_attribute(attribute:"vuln_publication_date", value:"2017/08/16"); script_set_attribute(attribute:"patch_publication_date", value:"2017/08/22"); script_set_attribute(attribute:"plugin_publication_date", value:"2017/08/23"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"SuSE Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/SuSE/release"); if (isnull(release) || release !~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "SUSE"); os_ver = pregmatch(pattern: "^(SLE(S|D)\d+)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "SUSE"); os_ver = os_ver[1]; if (! preg(pattern:"^(SLES12)$", string:os_ver)) audit(AUDIT_OS_NOT, "SUSE SLES12", "SUSE " + os_ver); if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if (cpu !~ "^i[3-6]86$" && "x86_64" >!< cpu && "s390x" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "SUSE " + os_ver, cpu); sp = get_kb_item("Host/SuSE/patchlevel"); if (isnull(sp)) sp = "0"; if (os_ver == "SLES12" && (! preg(pattern:"^(0)$", string:sp))) audit(AUDIT_OS_NOT, "SLES12 SP0", os_ver + " SP" + sp); flag = 0; if (rpm_check(release:"SLES12", sp:"0", reference:"postgresql93-9.3.18-25.5.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"postgresql93-contrib-9.3.18-25.5.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"postgresql93-contrib-debuginfo-9.3.18-25.5.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"postgresql93-debuginfo-9.3.18-25.5.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"postgresql93-debugsource-9.3.18-25.5.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"postgresql93-server-9.3.18-25.5.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"postgresql93-server-debuginfo-9.3.18-25.5.1")) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get()); else security_hole(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "postgresql93"); }
NASL family SuSE Local Security Checks NASL id SUSE_SU-2017-2258-1.NASL description Postgresql94 was updated to 9.4.13 to fix the following issues : - CVE-2017-7547: Further restrict visibility of pg_user_mappings.umoptions, to protect passwords stored as user mapping options. (bsc#1051685) - CVE-2017-7546: Disallow empty passwords in all password-based authentication methods. (bsc#1051684) - CVE-2017-7548: lo_put() function ignores ACLs. (bsc#1053259) The changelog for this release is here: https://www.postgresql.org/docs/9.4/static/release-9-4-1 3.html Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 102800 published 2017-08-28 reporter This script is Copyright (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/102800 title SUSE SLES11 Security Update : postgresql94 (SUSE-SU-2017:2258-1) code # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from SUSE update advisory SUSE-SU-2017:2258-1. # The text itself is copyright (C) SUSE. # include("compat.inc"); if (description) { script_id(102800); script_version("3.10"); script_cvs_date("Date: 2019/09/11 11:22:16"); script_cve_id("CVE-2017-7546", "CVE-2017-7547", "CVE-2017-7548"); script_name(english:"SUSE SLES11 Security Update : postgresql94 (SUSE-SU-2017:2258-1)"); script_summary(english:"Checks rpm output for the updated packages."); script_set_attribute( attribute:"synopsis", value:"The remote SUSE host is missing one or more security updates." ); script_set_attribute( attribute:"description", value: "Postgresql94 was updated to 9.4.13 to fix the following issues : - CVE-2017-7547: Further restrict visibility of pg_user_mappings.umoptions, to protect passwords stored as user mapping options. (bsc#1051685) - CVE-2017-7546: Disallow empty passwords in all password-based authentication methods. (bsc#1051684) - CVE-2017-7548: lo_put() function ignores ACLs. (bsc#1053259) The changelog for this release is here: https://www.postgresql.org/docs/9.4/static/release-9-4-1 3.html Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues." ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1051684" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1051685" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1053259" ); # https://www.postgresql.org/docs/9.4/static/release-9-4-13.html script_set_attribute( attribute:"see_also", value:"https://www.postgresql.org/docs/9.4/release-9-4-13.html" ); script_set_attribute( attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2017-7546/" ); script_set_attribute( attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2017-7547/" ); script_set_attribute( attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2017-7548/" ); # https://www.suse.com/support/update/announcement/2017/suse-su-20172258-1/ script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?57c3d237" ); script_set_attribute( attribute:"solution", value: "To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product : SUSE Linux Enterprise Software Development Kit 11-SP4:zypper in -t patch sdksp4-postgresql94-13247=1 SUSE Linux Enterprise Server 11-SP4:zypper in -t patch slessp4-postgresql94-13247=1 SUSE Linux Enterprise Server 11-SP3-LTSS:zypper in -t patch slessp3-postgresql94-13247=1 SUSE Linux Enterprise Point of Sale 11-SP3:zypper in -t patch sleposp3-postgresql94-13247=1 SUSE Linux Enterprise Debuginfo 11-SP4:zypper in -t patch dbgsp4-postgresql94-13247=1 SUSE Linux Enterprise Debuginfo 11-SP3:zypper in -t patch dbgsp3-postgresql94-13247=1 To bring your system up-to-date, use 'zypper patch'." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"); script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"exploit_available", value:"false"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libecpg6"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libpq5"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:postgresql94"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:postgresql94-contrib"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:postgresql94-docs"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:postgresql94-server"); script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:suse_linux:11"); script_set_attribute(attribute:"vuln_publication_date", value:"2017/08/16"); script_set_attribute(attribute:"patch_publication_date", value:"2017/08/25"); script_set_attribute(attribute:"plugin_publication_date", value:"2017/08/28"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"SuSE Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/SuSE/release"); if (isnull(release) || release !~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "SUSE"); os_ver = pregmatch(pattern: "^(SLE(S|D)\d+)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "SUSE"); os_ver = os_ver[1]; if (! preg(pattern:"^(SLES11)$", string:os_ver)) audit(AUDIT_OS_NOT, "SUSE SLES11", "SUSE " + os_ver); if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if (cpu !~ "^i[3-6]86$" && "x86_64" >!< cpu && "s390x" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "SUSE " + os_ver, cpu); sp = get_kb_item("Host/SuSE/patchlevel"); if (isnull(sp)) sp = "0"; if (os_ver == "SLES11" && (! preg(pattern:"^(3|4)$", string:sp))) audit(AUDIT_OS_NOT, "SLES11 SP3/4", os_ver + " SP" + sp); flag = 0; if (rpm_check(release:"SLES11", sp:"4", cpu:"x86_64", reference:"libpq5-32bit-9.4.13-0.23.5.1")) flag++; if (rpm_check(release:"SLES11", sp:"4", cpu:"s390x", reference:"libpq5-32bit-9.4.13-0.23.5.1")) flag++; if (rpm_check(release:"SLES11", sp:"4", reference:"libecpg6-9.4.13-0.23.5.1")) flag++; if (rpm_check(release:"SLES11", sp:"4", reference:"libpq5-9.4.13-0.23.5.1")) flag++; if (rpm_check(release:"SLES11", sp:"4", reference:"postgresql94-9.4.13-0.23.5.1")) flag++; if (rpm_check(release:"SLES11", sp:"4", reference:"postgresql94-contrib-9.4.13-0.23.5.1")) flag++; if (rpm_check(release:"SLES11", sp:"4", reference:"postgresql94-docs-9.4.13-0.23.5.1")) flag++; if (rpm_check(release:"SLES11", sp:"4", reference:"postgresql94-server-9.4.13-0.23.5.1")) flag++; if (rpm_check(release:"SLES11", sp:"3", cpu:"x86_64", reference:"libpq5-32bit-9.4.13-0.23.5.1")) flag++; if (rpm_check(release:"SLES11", sp:"3", cpu:"s390x", reference:"libpq5-32bit-9.4.13-0.23.5.1")) flag++; if (rpm_check(release:"SLES11", sp:"3", reference:"libecpg6-9.4.13-0.23.5.1")) flag++; if (rpm_check(release:"SLES11", sp:"3", reference:"libpq5-9.4.13-0.23.5.1")) flag++; if (rpm_check(release:"SLES11", sp:"3", reference:"postgresql94-9.4.13-0.23.5.1")) flag++; if (rpm_check(release:"SLES11", sp:"3", reference:"postgresql94-contrib-9.4.13-0.23.5.1")) flag++; if (rpm_check(release:"SLES11", sp:"3", reference:"postgresql94-docs-9.4.13-0.23.5.1")) flag++; if (rpm_check(release:"SLES11", sp:"3", reference:"postgresql94-server-9.4.13-0.23.5.1")) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get()); else security_hole(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "postgresql94"); }
NASL family SuSE Local Security Checks NASL id SUSE_SU-2017-2356-1.NASL description This update for postgresql96 fixes the following issues : - CVE-2017-7547: Further restrict visibility of pg_user_mappings.umoptions, to protect passwords stored as user mapping options. (bsc#1051685) - CVE-2017-7546: Disallow empty passwords in all password-based authentication methods. (bsc#1051684) - CVE-2017-7548: lo_put() function ignores ACLs. (bsc#1053259) The changelog for this release is here: https://www.postgresql.org/docs/9.6/static/release-9-6-4 .html Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 102974 published 2017-09-06 reporter This script is Copyright (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/102974 title SUSE SLED12 / SLES12 Security Update : postgresql96 (SUSE-SU-2017:2356-1) code # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from SUSE update advisory SUSE-SU-2017:2356-1. # The text itself is copyright (C) SUSE. # include("compat.inc"); if (description) { script_id(102974); script_version("3.10"); script_cvs_date("Date: 2019/09/11 11:22:16"); script_cve_id("CVE-2017-7546", "CVE-2017-7547", "CVE-2017-7548"); script_name(english:"SUSE SLED12 / SLES12 Security Update : postgresql96 (SUSE-SU-2017:2356-1)"); script_summary(english:"Checks rpm output for the updated packages."); script_set_attribute( attribute:"synopsis", value:"The remote SUSE host is missing one or more security updates." ); script_set_attribute( attribute:"description", value: "This update for postgresql96 fixes the following issues : - CVE-2017-7547: Further restrict visibility of pg_user_mappings.umoptions, to protect passwords stored as user mapping options. (bsc#1051685) - CVE-2017-7546: Disallow empty passwords in all password-based authentication methods. (bsc#1051684) - CVE-2017-7548: lo_put() function ignores ACLs. (bsc#1053259) The changelog for this release is here: https://www.postgresql.org/docs/9.6/static/release-9-6-4 .html Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues." ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1051684" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1051685" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1053259" ); # https://www.postgresql.org/docs/9.6/static/release-9-6-4.html script_set_attribute( attribute:"see_also", value:"https://www.postgresql.org/docs/9.6/release-9-6-4.html" ); script_set_attribute( attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2017-7546/" ); script_set_attribute( attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2017-7547/" ); script_set_attribute( attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2017-7548/" ); # https://www.suse.com/support/update/announcement/2017/suse-su-20172356-1/ script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?7e8dc195" ); script_set_attribute( attribute:"solution", value: "To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product : SUSE OpenStack Cloud 6:zypper in -t patch SUSE-OpenStack-Cloud-6-2017-1461=1 SUSE Linux Enterprise Software Development Kit 12-SP3:zypper in -t patch SUSE-SLE-SDK-12-SP3-2017-1461=1 SUSE Linux Enterprise Software Development Kit 12-SP2:zypper in -t patch SUSE-SLE-SDK-12-SP2-2017-1461=1 SUSE Linux Enterprise Server for SAP 12-SP1:zypper in -t patch SUSE-SLE-SAP-12-SP1-2017-1461=1 SUSE Linux Enterprise Server for SAP 12:zypper in -t patch SUSE-SLE-SAP-12-2017-1461=1 SUSE Linux Enterprise Server for Raspberry Pi 12-SP2:zypper in -t patch SUSE-SLE-RPI-12-SP2-2017-1461=1 SUSE Linux Enterprise Server 12-SP3:zypper in -t patch SUSE-SLE-SERVER-12-SP3-2017-1461=1 SUSE Linux Enterprise Server 12-SP2:zypper in -t patch SUSE-SLE-SERVER-12-SP2-2017-1461=1 SUSE Linux Enterprise Server 12-SP1-LTSS:zypper in -t patch SUSE-SLE-SERVER-12-SP1-2017-1461=1 SUSE Linux Enterprise Server 12-LTSS:zypper in -t patch SUSE-SLE-SERVER-12-2017-1461=1 SUSE Linux Enterprise Desktop 12-SP3:zypper in -t patch SUSE-SLE-DESKTOP-12-SP3-2017-1461=1 SUSE Linux Enterprise Desktop 12-SP2:zypper in -t patch SUSE-SLE-DESKTOP-12-SP2-2017-1461=1 To bring your system up-to-date, use 'zypper patch'." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"); script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"exploit_available", value:"false"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libecpg6"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libecpg6-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libpq5"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libpq5-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:postgresql96"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:postgresql96-contrib"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:postgresql96-contrib-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:postgresql96-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:postgresql96-debugsource"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:postgresql96-libs-debugsource"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:postgresql96-server"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:postgresql96-server-debuginfo"); script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:suse_linux:12"); script_set_attribute(attribute:"vuln_publication_date", value:"2017/08/16"); script_set_attribute(attribute:"patch_publication_date", value:"2017/09/05"); script_set_attribute(attribute:"plugin_publication_date", value:"2017/09/06"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"SuSE Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/SuSE/release"); if (isnull(release) || release !~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "SUSE"); os_ver = pregmatch(pattern: "^(SLE(S|D)\d+)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "SUSE"); os_ver = os_ver[1]; if (! preg(pattern:"^(SLED12|SLES12)$", string:os_ver)) audit(AUDIT_OS_NOT, "SUSE SLED12 / SLES12", "SUSE " + os_ver); if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if (cpu !~ "^i[3-6]86$" && "x86_64" >!< cpu && "s390x" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "SUSE " + os_ver, cpu); sp = get_kb_item("Host/SuSE/patchlevel"); if (isnull(sp)) sp = "0"; if (os_ver == "SLES12" && (! preg(pattern:"^(0|1|2|3)$", string:sp))) audit(AUDIT_OS_NOT, "SLES12 SP0/1/2/3", os_ver + " SP" + sp); if (os_ver == "SLED12" && (! preg(pattern:"^(2|3)$", string:sp))) audit(AUDIT_OS_NOT, "SLED12 SP2/3", os_ver + " SP" + sp); flag = 0; if (rpm_check(release:"SLES12", sp:"1", reference:"libecpg6-9.6.4-3.6.1")) flag++; if (rpm_check(release:"SLES12", sp:"1", reference:"libecpg6-debuginfo-9.6.4-3.6.1")) flag++; if (rpm_check(release:"SLES12", sp:"1", reference:"libpq5-9.6.4-3.6.1")) flag++; if (rpm_check(release:"SLES12", sp:"1", reference:"libpq5-debuginfo-9.6.4-3.6.1")) flag++; if (rpm_check(release:"SLES12", sp:"1", reference:"postgresql96-9.6.4-3.6.1")) flag++; if (rpm_check(release:"SLES12", sp:"1", reference:"postgresql96-contrib-9.6.4-3.6.1")) flag++; if (rpm_check(release:"SLES12", sp:"1", reference:"postgresql96-contrib-debuginfo-9.6.4-3.6.1")) flag++; if (rpm_check(release:"SLES12", sp:"1", reference:"postgresql96-debuginfo-9.6.4-3.6.1")) flag++; if (rpm_check(release:"SLES12", sp:"1", reference:"postgresql96-debugsource-9.6.4-3.6.1")) flag++; if (rpm_check(release:"SLES12", sp:"1", reference:"postgresql96-libs-debugsource-9.6.4-3.6.1")) flag++; if (rpm_check(release:"SLES12", sp:"1", reference:"postgresql96-server-9.6.4-3.6.1")) flag++; if (rpm_check(release:"SLES12", sp:"1", reference:"postgresql96-server-debuginfo-9.6.4-3.6.1")) flag++; if (rpm_check(release:"SLES12", sp:"1", reference:"libpq5-32bit-9.6.4-3.6.1")) flag++; if (rpm_check(release:"SLES12", sp:"1", reference:"libpq5-debuginfo-32bit-9.6.4-3.6.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"libecpg6-9.6.4-3.6.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"libecpg6-debuginfo-9.6.4-3.6.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"libpq5-9.6.4-3.6.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"libpq5-debuginfo-9.6.4-3.6.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"postgresql96-9.6.4-3.6.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"postgresql96-contrib-9.6.4-3.6.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"postgresql96-contrib-debuginfo-9.6.4-3.6.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"postgresql96-debuginfo-9.6.4-3.6.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"postgresql96-debugsource-9.6.4-3.6.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"postgresql96-libs-debugsource-9.6.4-3.6.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"postgresql96-server-9.6.4-3.6.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"postgresql96-server-debuginfo-9.6.4-3.6.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"libpq5-32bit-9.6.4-3.6.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"libpq5-debuginfo-32bit-9.6.4-3.6.1")) flag++; if (rpm_check(release:"SLES12", sp:"3", reference:"libecpg6-9.6.4-3.6.1")) flag++; if (rpm_check(release:"SLES12", sp:"3", reference:"libecpg6-debuginfo-9.6.4-3.6.1")) flag++; if (rpm_check(release:"SLES12", sp:"3", reference:"libpq5-9.6.4-3.6.1")) flag++; if (rpm_check(release:"SLES12", sp:"3", reference:"libpq5-debuginfo-9.6.4-3.6.1")) flag++; if (rpm_check(release:"SLES12", sp:"3", reference:"postgresql96-9.6.4-3.6.1")) flag++; if (rpm_check(release:"SLES12", sp:"3", reference:"postgresql96-contrib-9.6.4-3.6.1")) flag++; if (rpm_check(release:"SLES12", sp:"3", reference:"postgresql96-contrib-debuginfo-9.6.4-3.6.1")) flag++; if (rpm_check(release:"SLES12", sp:"3", reference:"postgresql96-debuginfo-9.6.4-3.6.1")) flag++; if (rpm_check(release:"SLES12", sp:"3", reference:"postgresql96-debugsource-9.6.4-3.6.1")) flag++; if (rpm_check(release:"SLES12", sp:"3", reference:"postgresql96-libs-debugsource-9.6.4-3.6.1")) flag++; if (rpm_check(release:"SLES12", sp:"3", reference:"postgresql96-server-9.6.4-3.6.1")) flag++; if (rpm_check(release:"SLES12", sp:"3", reference:"postgresql96-server-debuginfo-9.6.4-3.6.1")) flag++; if (rpm_check(release:"SLES12", sp:"3", reference:"libpq5-32bit-9.6.4-3.6.1")) flag++; if (rpm_check(release:"SLES12", sp:"3", reference:"libpq5-debuginfo-32bit-9.6.4-3.6.1")) flag++; if (rpm_check(release:"SLES12", sp:"2", reference:"libecpg6-9.6.4-3.6.1")) flag++; if (rpm_check(release:"SLES12", sp:"2", reference:"libecpg6-debuginfo-9.6.4-3.6.1")) flag++; if (rpm_check(release:"SLES12", sp:"2", reference:"libpq5-9.6.4-3.6.1")) flag++; if (rpm_check(release:"SLES12", sp:"2", reference:"libpq5-debuginfo-9.6.4-3.6.1")) flag++; if (rpm_check(release:"SLES12", sp:"2", reference:"postgresql96-9.6.4-3.6.1")) flag++; if (rpm_check(release:"SLES12", sp:"2", reference:"postgresql96-contrib-9.6.4-3.6.1")) flag++; if (rpm_check(release:"SLES12", sp:"2", reference:"postgresql96-contrib-debuginfo-9.6.4-3.6.1")) flag++; if (rpm_check(release:"SLES12", sp:"2", reference:"postgresql96-debuginfo-9.6.4-3.6.1")) flag++; if (rpm_check(release:"SLES12", sp:"2", reference:"postgresql96-debugsource-9.6.4-3.6.1")) flag++; if (rpm_check(release:"SLES12", sp:"2", reference:"postgresql96-libs-debugsource-9.6.4-3.6.1")) flag++; if (rpm_check(release:"SLES12", sp:"2", reference:"postgresql96-server-9.6.4-3.6.1")) flag++; if (rpm_check(release:"SLES12", sp:"2", reference:"postgresql96-server-debuginfo-9.6.4-3.6.1")) flag++; if (rpm_check(release:"SLES12", sp:"2", reference:"libpq5-32bit-9.6.4-3.6.1")) flag++; if (rpm_check(release:"SLES12", sp:"2", reference:"libpq5-debuginfo-32bit-9.6.4-3.6.1")) flag++; if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"libecpg6-9.6.4-3.6.1")) flag++; if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"libecpg6-debuginfo-9.6.4-3.6.1")) flag++; if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"libpq5-32bit-9.6.4-3.6.1")) flag++; if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"libpq5-9.6.4-3.6.1")) flag++; if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"libpq5-debuginfo-32bit-9.6.4-3.6.1")) flag++; if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"libpq5-debuginfo-9.6.4-3.6.1")) flag++; if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"postgresql96-9.6.4-3.6.1")) flag++; if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"postgresql96-debuginfo-9.6.4-3.6.1")) flag++; if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"postgresql96-debugsource-9.6.4-3.6.1")) flag++; if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"postgresql96-libs-debugsource-9.6.4-3.6.1")) flag++; if (rpm_check(release:"SLED12", sp:"2", cpu:"x86_64", reference:"libecpg6-9.6.4-3.6.1")) flag++; if (rpm_check(release:"SLED12", sp:"2", cpu:"x86_64", reference:"libecpg6-debuginfo-9.6.4-3.6.1")) flag++; if (rpm_check(release:"SLED12", sp:"2", cpu:"x86_64", reference:"libpq5-32bit-9.6.4-3.6.1")) flag++; if (rpm_check(release:"SLED12", sp:"2", cpu:"x86_64", reference:"libpq5-9.6.4-3.6.1")) flag++; if (rpm_check(release:"SLED12", sp:"2", cpu:"x86_64", reference:"libpq5-debuginfo-32bit-9.6.4-3.6.1")) flag++; if (rpm_check(release:"SLED12", sp:"2", cpu:"x86_64", reference:"libpq5-debuginfo-9.6.4-3.6.1")) flag++; if (rpm_check(release:"SLED12", sp:"2", cpu:"x86_64", reference:"postgresql96-9.6.4-3.6.1")) flag++; if (rpm_check(release:"SLED12", sp:"2", cpu:"x86_64", reference:"postgresql96-debuginfo-9.6.4-3.6.1")) flag++; if (rpm_check(release:"SLED12", sp:"2", cpu:"x86_64", reference:"postgresql96-debugsource-9.6.4-3.6.1")) flag++; if (rpm_check(release:"SLED12", sp:"2", cpu:"x86_64", reference:"postgresql96-libs-debugsource-9.6.4-3.6.1")) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get()); else security_hole(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "postgresql96"); }
NASL family Debian Local Security Checks NASL id DEBIAN_DSA-3936.NASL description Several vulnerabilities have been found in the PostgreSQL database system : - CVE-2017-7546 In some authentication methods empty passwords were accepted. - CVE-2017-7547 User mappings could leak data to unprivileged users. - CVE-2017-7548 The lo_put() function ignored ACLs. For more in-depth descriptions of the security vulnerabilities, please see https://www.postgresql.org/about/news/1772/ last seen 2020-06-01 modified 2020-06-02 plugin id 102443 published 2017-08-14 reporter This script is Copyright (C) 2017-2018 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/102443 title Debian DSA-3936-1 : postgresql-9.6 - security update NASL family Fedora Local Security Checks NASL id FEDORA_2017-D9CAC37BD8.NASL description rebase: update to 9.6.4, security fix for CVE-2017-7546 CVE-2017-7547 CVE-2017-7548 Per release notes: https://www.postgresql.org/docs/9.6/static/release-9-6-4.html Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-05 modified 2017-08-15 plugin id 102490 published 2017-08-15 reporter This script is Copyright (C) 2017-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/102490 title Fedora 26 : postgresql (2017-d9cac37bd8) NASL family SuSE Local Security Checks NASL id OPENSUSE-2017-1020.NASL description This update for postgresql94 fixes the following issues : - CVE-2017-7547: Further restrict visibility of pg_user_mappings.umoptions, to protect passwords stored as user mapping options. (bsc#1051685) - CVE-2017-7546: Disallow empty passwords in all password-based authentication methods. (bsc#1051684) - CVE-2017-7548: lo_put() function ignores ACLs. (bsc#1053259) This update was imported from the SUSE:SLE-12:Update update project. last seen 2020-06-05 modified 2017-09-13 plugin id 103156 published 2017-09-13 reporter This script is Copyright (C) 2017-2020 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/103156 title openSUSE Security Update : postgresql94 (openSUSE-2017-1020) NASL family Fedora Local Security Checks NASL id FEDORA_2017-9148FE36B9.NASL description rebase: update to 9.5.8, security fix for CVE-2017-7546 CVE-2017-7547 CVE-2017-7548 Per release notes: http://www.postgresql.org/docs/9.5/static/release-9-5-8.html Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-05 modified 2017-08-30 plugin id 102828 published 2017-08-30 reporter This script is Copyright (C) 2017-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/102828 title Fedora 25 : postgresql (2017-9148fe36b9) NASL family SuSE Local Security Checks NASL id OPENSUSE-2017-1021.NASL description This update for postgresql96 fixes the following issues : - CVE-2017-7547: Further restrict visibility of pg_user_mappings.umoptions, to protect passwords stored as user mapping options. (bsc#1051685) - CVE-2017-7546: Disallow empty passwords in all password-based authentication methods. (bsc#1051684) - CVE-2017-7548: lo_put() function ignores ACLs. (bsc#1053259) The changelog for this release is here: 	https://www.postgresql.org/docs/9.6/static/release-9-6-4.html This update was imported from the SUSE:SLE-12:Update update project. last seen 2020-06-05 modified 2017-09-13 plugin id 103157 published 2017-09-13 reporter This script is Copyright (C) 2017-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/103157 title openSUSE Security Update : postgresql96 (openSUSE-2017-1021) NASL family Databases NASL id POSTGRESQL_20170810.NASL description The version of PostgreSQL installed on the remote host is 9.2.x prior to 9.2.22, 9.3.x prior to 9.3.18, 9.4.x prior to 9.4.13, 9.5.x prior to 9.5.8, or 9.6.x prior to 9.6.4. It is, therefore, affected by multiple vulnerabilities : - An authentication bypass flaw exists in that an empty password is accepted in some authentication methods. (CVE-2017-7546) - An information disclosure vulnerability exists in the last seen 2020-06-01 modified 2020-06-02 plugin id 102527 published 2017-08-16 reporter This script is Copyright (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/102527 title PostgreSQL 9.2.x < 9.2.22 / 9.3.x < 9.3.18 / 9.4.x < 9.4.13 / 9.5.x < 9.5.8 / 9.6.x < 9.6.4 Multiple Vulnerabilities NASL family Amazon Linux Local Security Checks NASL id ALA_ALAS-2017-885.NASL description pg_user_mappings view discloses passwords to users lacking server privileges : An authorization flaw was found in the way PostgreSQL handled access to the pg_user_mappings view on foreign servers. A remote authenticated attacker could potentially use this flaw to retrieve passwords from the user mappings defined by the foreign server owners without actually having the privileges to do so. (CVE-2017-7547) Empty password accepted in some authentication methods : It was found that authenticating to a PostgreSQL database account with an empty password was possible despite libpq last seen 2020-06-01 modified 2020-06-02 plugin id 102873 published 2017-09-01 reporter This script is Copyright (C) 2017-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/102873 title Amazon Linux AMI : postgresql94 / postgresql95 (ALAS-2017-885) NASL family Gentoo Local Security Checks NASL id GENTOO_GLSA-201710-06.NASL description The remote host is affected by the vulnerability described in GLSA-201710-06 (PostgreSQL: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in PostgreSQL. Please review the referenced CVE identifiers for details. Impact : A remote attacker could escalate privileges, cause a Denial of Service condition, obtain passwords, cause a loss in information, or obtain sensitive information. Workaround : There is no known workaround at this time. last seen 2020-06-01 modified 2020-06-02 plugin id 103724 published 2017-10-09 reporter This script is Copyright (C) 2017-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/103724 title GLSA-201710-06 : PostgreSQL: Multiple vulnerabilities NASL family Ubuntu Local Security Checks NASL id UBUNTU_USN-3390-1.NASL description Ben de Graaff, Jelte Fennema, and Jeroen van der Ham discovered that PostgreSQL allowed the use of empty passwords in some authentication methods, contrary to expected behaviour. A remote attacker could use an empty password to authenticate to servers that were believed to have password login disabled. (CVE-2017-7546) Jeff Janes discovered that PostgreSQL incorrectly handled the pg_user_mappings catalog view. A remote attacker without server privileges could possibly use this issue to obtain certain passwords. (CVE-2017-7547) Chapman Flack discovered that PostgreSQL incorrectly handled lo_put() permissions. A remote attacker could possibly use this issue to change the data in a large object. (CVE-2017-7548). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 102522 published 2017-08-16 reporter Ubuntu Security Notice (C) 2017-2019 Canonical, Inc. / NASL script (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/102522 title Ubuntu 14.04 LTS / 16.04 LTS / 17.04 : postgresql-9.3, postgresql-9.5, postgresql-9.6 vulnerabilities (USN-3390-1) NASL family SuSE Local Security Checks NASL id SUSE_SU-2017-2355-1.NASL description This update for postgresql94 fixes the following issues : - CVE-2017-7547: Further restrict visibility of pg_user_mappings.umoptions, to protect passwords stored as user mapping options. (bsc#1051685) - CVE-2017-7546: Disallow empty passwords in all password-based authentication methods. (bsc#1051684) - CVE-2017-7548: lo_put() function ignores ACLs. (bsc#1053259) Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 102973 published 2017-09-06 reporter This script is Copyright (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/102973 title SUSE SLED12 / SLES12 Security Update : postgresql94 (SUSE-SU-2017:2355-1)
Redhat
advisories |
| ||||||||
rpms |
|
References
- https://www.postgresql.org/about/news/1772/
- http://www.securitytracker.com/id/1039142
- http://www.securityfocus.com/bid/100276
- https://security.gentoo.org/glsa/201710-06
- http://www.debian.org/security/2017/dsa-3936
- http://www.debian.org/security/2017/dsa-3935
- https://access.redhat.com/errata/RHSA-2017:2678
- https://access.redhat.com/errata/RHSA-2017:2677