Vulnerabilities > CVE-2017-7548

047910
CVSS 7.5 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
HIGH
Availability impact
NONE
network
low complexity
postgresql
debian
nessus

Summary

PostgreSQL versions before 9.4.13, 9.5.8 and 9.6.4 are vulnerable to authorization flaw allowing remote authenticated attackers with no privileges on a large object to overwrite the entire contents of the object, resulting in a denial of service.

Nessus

  • NASL familySuSE Local Security Checks
    NASL idOPENSUSE-2017-985.NASL
    descriptionPostgresql93 was updated to 9.3.18 to fix the following issues : - CVE-2017-7547: Further restrict visibility of pg_user_mappings.umoptions, to protect passwords stored as user mapping options. (bsc#1051685) - CVE-2017-7546: Disallow empty passwords in all password-based authentication methods. (bsc#1051684) - CVE-2017-7548: lo_put() function ignores ACLs. (bsc#1053259) The changelog for the release is here : 	https://www.postgresql.org/docs/9.3/static/release-9-3-18.html This update was imported from the SUSE:SLE-12:Update update project.
    last seen2020-06-05
    modified2017-08-31
    plugin id102847
    published2017-08-31
    reporterThis script is Copyright (C) 2017-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/102847
    titleopenSUSE Security Update : postgresql93 (openSUSE-2017-985)
    code
    #%NASL_MIN_LEVEL 80502
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were
    # extracted from openSUSE Security Update openSUSE-2017-985.
    #
    # The text description of this plugin is (C) SUSE LLC.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(102847);
      script_version("3.6");
      script_set_attribute(attribute:"plugin_modification_date", value:"2020/06/04");
    
      script_cve_id("CVE-2017-7546", "CVE-2017-7547", "CVE-2017-7548");
    
      script_name(english:"openSUSE Security Update : postgresql93 (openSUSE-2017-985)");
      script_summary(english:"Check for the openSUSE-2017-985 patch");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote openSUSE host is missing a security update."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "Postgresql93 was updated to 9.3.18 to fix the following issues :
    
      - CVE-2017-7547: Further restrict visibility of
        pg_user_mappings.umoptions, to protect passwords stored
        as user mapping options. (bsc#1051685)
    
      - CVE-2017-7546: Disallow empty passwords in all
        password-based authentication methods. (bsc#1051684)
    
      - CVE-2017-7548: lo_put() function ignores ACLs.
        (bsc#1053259)
    
    The changelog for the release is here :
    
    	https://www.postgresql.org/docs/9.3/static/release-9-3-18.html
    
    This update was imported from the SUSE:SLE-12:Update update project."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1051684"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1051685"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1053259"
      );
      # https://www.postgresql.org/docs/9.3/static/release-9-3-18.html
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.postgresql.org/docs/9.3/release-9-3-18.html"
      );
      script_set_attribute(
        attribute:"solution", 
        value:"Update the affected postgresql93 packages."
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
      script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:postgresql93");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:postgresql93-contrib");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:postgresql93-contrib-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:postgresql93-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:postgresql93-debugsource");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:postgresql93-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:postgresql93-devel-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:postgresql93-libs-debugsource");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:postgresql93-plperl");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:postgresql93-plperl-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:postgresql93-plpython");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:postgresql93-plpython-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:postgresql93-pltcl");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:postgresql93-pltcl-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:postgresql93-server");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:postgresql93-server-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:postgresql93-test");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:42.2");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:42.3");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2017/08/30");
      script_set_attribute(attribute:"plugin_publication_date", value:"2017/08/31");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2017-2020 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"SuSE Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/SuSE/release");
    if (isnull(release) || release =~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "openSUSE");
    if (release !~ "^(SUSE42\.2|SUSE42\.3)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "42.2 / 42.3", release);
    if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    ourarch = get_kb_item("Host/cpu");
    if (!ourarch) audit(AUDIT_UNKNOWN_ARCH);
    if (ourarch !~ "^(i586|i686|x86_64)$") audit(AUDIT_ARCH_NOT, "i586 / i686 / x86_64", ourarch);
    
    flag = 0;
    
    if ( rpm_check(release:"SUSE42.2", reference:"postgresql93-devel-9.3.18-5.12.1") ) flag++;
    if ( rpm_check(release:"SUSE42.2", reference:"postgresql93-devel-debuginfo-9.3.18-5.12.1") ) flag++;
    if ( rpm_check(release:"SUSE42.2", reference:"postgresql93-libs-debugsource-9.3.18-5.12.1") ) flag++;
    if ( rpm_check(release:"SUSE42.2", cpu:"x86_64", reference:"postgresql93-9.3.18-5.12.1") ) flag++;
    if ( rpm_check(release:"SUSE42.2", cpu:"x86_64", reference:"postgresql93-contrib-9.3.18-5.12.1") ) flag++;
    if ( rpm_check(release:"SUSE42.2", cpu:"x86_64", reference:"postgresql93-contrib-debuginfo-9.3.18-5.12.1") ) flag++;
    if ( rpm_check(release:"SUSE42.2", cpu:"x86_64", reference:"postgresql93-debuginfo-9.3.18-5.12.1") ) flag++;
    if ( rpm_check(release:"SUSE42.2", cpu:"x86_64", reference:"postgresql93-debugsource-9.3.18-5.12.1") ) flag++;
    if ( rpm_check(release:"SUSE42.2", cpu:"x86_64", reference:"postgresql93-plperl-9.3.18-5.12.1") ) flag++;
    if ( rpm_check(release:"SUSE42.2", cpu:"x86_64", reference:"postgresql93-plperl-debuginfo-9.3.18-5.12.1") ) flag++;
    if ( rpm_check(release:"SUSE42.2", cpu:"x86_64", reference:"postgresql93-plpython-9.3.18-5.12.1") ) flag++;
    if ( rpm_check(release:"SUSE42.2", cpu:"x86_64", reference:"postgresql93-plpython-debuginfo-9.3.18-5.12.1") ) flag++;
    if ( rpm_check(release:"SUSE42.2", cpu:"x86_64", reference:"postgresql93-pltcl-9.3.18-5.12.1") ) flag++;
    if ( rpm_check(release:"SUSE42.2", cpu:"x86_64", reference:"postgresql93-pltcl-debuginfo-9.3.18-5.12.1") ) flag++;
    if ( rpm_check(release:"SUSE42.2", cpu:"x86_64", reference:"postgresql93-server-9.3.18-5.12.1") ) flag++;
    if ( rpm_check(release:"SUSE42.2", cpu:"x86_64", reference:"postgresql93-server-debuginfo-9.3.18-5.12.1") ) flag++;
    if ( rpm_check(release:"SUSE42.2", cpu:"x86_64", reference:"postgresql93-test-9.3.18-5.12.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", reference:"postgresql93-devel-9.3.18-8.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", reference:"postgresql93-devel-debuginfo-9.3.18-8.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", reference:"postgresql93-libs-debugsource-9.3.18-8.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", cpu:"x86_64", reference:"postgresql93-9.3.18-8.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", cpu:"x86_64", reference:"postgresql93-contrib-9.3.18-8.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", cpu:"x86_64", reference:"postgresql93-contrib-debuginfo-9.3.18-8.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", cpu:"x86_64", reference:"postgresql93-debuginfo-9.3.18-8.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", cpu:"x86_64", reference:"postgresql93-debugsource-9.3.18-8.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", cpu:"x86_64", reference:"postgresql93-plperl-9.3.18-8.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", cpu:"x86_64", reference:"postgresql93-plperl-debuginfo-9.3.18-8.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", cpu:"x86_64", reference:"postgresql93-plpython-9.3.18-8.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", cpu:"x86_64", reference:"postgresql93-plpython-debuginfo-9.3.18-8.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", cpu:"x86_64", reference:"postgresql93-pltcl-9.3.18-8.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", cpu:"x86_64", reference:"postgresql93-pltcl-debuginfo-9.3.18-8.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", cpu:"x86_64", reference:"postgresql93-server-9.3.18-8.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", cpu:"x86_64", reference:"postgresql93-server-debuginfo-9.3.18-8.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", cpu:"x86_64", reference:"postgresql93-test-9.3.18-8.1") ) flag++;
    
    if (flag)
    {
      if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
      else security_hole(0);
      exit(0);
    }
    else
    {
      tested = pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "postgresql93-devel / postgresql93-devel-debuginfo / etc");
    }
    
  • NASL familyFreeBSD Local Security Checks
    NASL idFREEBSD_PKG_982872F17DD311E797366CC21735F730.NASL
    descriptionThe PostgreSQL project reports : - CVE-2017-7546: Empty password accepted in some authentication methods - CVE-2017-7547: The
    last seen2020-06-01
    modified2020-06-02
    plugin id102408
    published2017-08-11
    reporterThis script is Copyright (C) 2017-2018 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/102408
    titleFreeBSD : PostgreSQL vulnerabilities (982872f1-7dd3-11e7-9736-6cc21735f730)
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were  
    # extracted from the FreeBSD VuXML database :
    #
    # Copyright 2003-2018 Jacques Vidrine and contributors
    #
    # Redistribution and use in source (VuXML) and 'compiled' forms (SGML,
    # HTML, PDF, PostScript, RTF and so forth) with or without modification,
    # are permitted provided that the following conditions are met:
    # 1. Redistributions of source code (VuXML) must retain the above
    #    copyright notice, this list of conditions and the following
    #    disclaimer as the first lines of this file unmodified.
    # 2. Redistributions in compiled form (transformed to other DTDs,
    #    published online in any format, converted to PDF, PostScript,
    #    RTF and other formats) must reproduce the above copyright
    #    notice, this list of conditions and the following disclaimer
    #    in the documentation and/or other materials provided with the
    #    distribution.
    # 
    # THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS "AS IS"
    # AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,
    # THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
    # PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS
    # BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
    # OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT
    # OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR
    # BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
    # WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE
    # OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,
    # EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(102408);
      script_version("3.7");
      script_cvs_date("Date: 2018/11/10 11:49:46");
    
      script_cve_id("CVE-2017-7546", "CVE-2017-7547", "CVE-2017-7548");
    
      script_name(english:"FreeBSD : PostgreSQL vulnerabilities (982872f1-7dd3-11e7-9736-6cc21735f730)");
      script_summary(english:"Checks for updated packages in pkg_info output");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:
    "The remote FreeBSD host is missing one or more security-related
    updates."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "The PostgreSQL project reports :
    
    - CVE-2017-7546: Empty password accepted in some authentication
    methods
    
    - CVE-2017-7547: The 'pg_user_mappings' catalog view discloses
    passwords to users lacking server privileges
    
    - CVE-2017-7548: lo_put() function ignores ACLs"
      );
      # https://vuxml.freebsd.org/freebsd/982872f1-7dd3-11e7-9736-6cc21735f730.html
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.nessus.org/u?79156910"
      );
      script_set_attribute(attribute:"solution", value:"Update the affected packages.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
      script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:freebsd:freebsd:postgresql92-server");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:freebsd:freebsd:postgresql93-server");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:freebsd:freebsd:postgresql94-server");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:freebsd:freebsd:postgresql95-server");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:freebsd:freebsd:postgresql96-server");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:freebsd:freebsd");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2017/08/10");
      script_set_attribute(attribute:"patch_publication_date", value:"2017/08/10");
      script_set_attribute(attribute:"plugin_publication_date", value:"2017/08/11");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2017-2018 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"FreeBSD Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/FreeBSD/release", "Host/FreeBSD/pkg_info");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("freebsd_package.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    if (!get_kb_item("Host/FreeBSD/release")) audit(AUDIT_OS_NOT, "FreeBSD");
    if (!get_kb_item("Host/FreeBSD/pkg_info")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    
    flag = 0;
    
    if (pkg_test(save_report:TRUE, pkg:"postgresql92-server>=9.2.0<9.2.22")) flag++;
    if (pkg_test(save_report:TRUE, pkg:"postgresql93-server>=9.3.0<9.3.18")) flag++;
    if (pkg_test(save_report:TRUE, pkg:"postgresql94-server>=9.4.0<9.4.13")) flag++;
    if (pkg_test(save_report:TRUE, pkg:"postgresql95-server>=9.5.0<9.5.8")) flag++;
    if (pkg_test(save_report:TRUE, pkg:"postgresql96-server>=9.6.0<9.6.4")) flag++;
    
    if (flag)
    {
      if (report_verbosity > 0) security_hole(port:0, extra:pkg_report_get());
      else security_hole(0);
      exit(0);
    }
    else audit(AUDIT_HOST_NOT, "affected");
    
  • NASL familySuSE Local Security Checks
    NASL idOPENSUSE-2018-204.NASL
    descriptionThis update for postgresql95 fixes the following issues : Upate to PostgreSQL 9.5.11 : Security issues fixed : - https://www.postgresql.org/docs/9.5/static/release-9-5-11.html - CVE-2018-1053, boo#1077983: Ensure that all temporary files made by pg_upgrade are non-world-readable. - boo#1079757: Rename pg_rewind
    last seen2020-06-05
    modified2018-02-23
    plugin id106965
    published2018-02-23
    reporterThis script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/106965
    titleopenSUSE Security Update : postgresql95 (openSUSE-2018-204)
    code
    #%NASL_MIN_LEVEL 80502
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were
    # extracted from openSUSE Security Update openSUSE-2018-204.
    #
    # The text description of this plugin is (C) SUSE LLC.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(106965);
      script_version("3.3");
      script_set_attribute(attribute:"plugin_modification_date", value:"2020/06/04");
    
      script_cve_id("CVE-2017-15098", "CVE-2017-15099", "CVE-2017-7546", "CVE-2017-7547", "CVE-2017-7548", "CVE-2018-1053");
    
      script_name(english:"openSUSE Security Update : postgresql95 (openSUSE-2018-204)");
      script_summary(english:"Check for the openSUSE-2018-204 patch");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote openSUSE host is missing a security update."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "This update for postgresql95 fixes the following issues :
    
    Upate to PostgreSQL 9.5.11 :
    
    Security issues fixed :
    
      - https://www.postgresql.org/docs/9.5/static/release-9-5-11.html 
    
      - CVE-2018-1053, boo#1077983: Ensure that all temporary
        files made by pg_upgrade are non-world-readable. 
    
      - boo#1079757: Rename pg_rewind's copy_file_range function
        to avoid conflict with new Linux system call of that
        name.
    
    In version 9.5.10 :
    
      - https://www.postgresql.org/docs/9.5/static/release-9-5-10.html
    
      - CVE-2017-15098, boo#1067844: Memory disclosure in JSON
        functions.
    
      - CVE-2017-15099, boo#1067841: INSERT ... ON CONFLICT DO
        UPDATE fails to enforce SELECT privileges.
    
    In version 9.5.9 :
    
      - https://www.postgresql.org/docs/9.5/static/release-9-5-9.html
    
      - Show foreign tables in
        information_schema.table_privileges view.
    
      - Clean up handling of a fatal exit (e.g., due to receipt
        of SIGTERM) that occurs while trying to execute a
        ROLLBACK of a failed transaction.
    
      - Remove assertion that could trigger during a fatal exit.
    
      - Correctly identify columns that are of a range type or
        domain type over a composite type or domain type being
        searched for.
    
      - Fix crash in pg_restore when using parallel mode and
        using a list file to select a subset of items to
        restore.
    
      - Change ecpg's parser to allow RETURNING clauses without
        attached C variables.
    
    In version 9.5.8
    
      - https://www.postgresql.org/docs/9.5/static/release-9-5-8.html
    
      - CVE-2017-7547, boo#1051685: Further restrict visibility
        of pg_user_mappings.umoptions, to protect passwords
        stored as user mapping options.
    
      - CVE-2017-7546, boo#1051684: Disallow empty passwords in
        all password-based authentication methods.
    
      - CVE-2017-7548, boo#1053259: lo_put() function ignores
        ACLs."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1051684"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1051685"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1053259"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1067841"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1067844"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1077983"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1079757"
      );
      # https://www.postgresql.org/docs/9.5/static/release-9-5-10.html
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.postgresql.org/docs/9.5/release-9-5-10.html"
      );
      # https://www.postgresql.org/docs/9.5/static/release-9-5-11.html
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.postgresql.org/docs/9.5/release-9-5-11.html"
      );
      # https://www.postgresql.org/docs/9.5/static/release-9-5-8.html
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.postgresql.org/docs/9.5/release-9-5-8.html"
      );
      # https://www.postgresql.org/docs/9.5/static/release-9-5-9.html
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.postgresql.org/docs/9.5/release-9-5-9.html"
      );
      script_set_attribute(
        attribute:"solution", 
        value:"Update the affected postgresql95 packages."
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
      script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:postgresql95");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:postgresql95-contrib");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:postgresql95-contrib-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:postgresql95-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:postgresql95-debugsource");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:postgresql95-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:postgresql95-devel-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:postgresql95-libs-debugsource");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:postgresql95-plperl");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:postgresql95-plperl-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:postgresql95-plpython");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:postgresql95-plpython-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:postgresql95-pltcl");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:postgresql95-pltcl-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:postgresql95-server");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:postgresql95-server-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:postgresql95-test");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:42.3");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2018/02/22");
      script_set_attribute(attribute:"plugin_publication_date", value:"2018/02/23");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"SuSE Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/SuSE/release");
    if (isnull(release) || release =~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "openSUSE");
    if (release !~ "^(SUSE42\.3)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "42.3", release);
    if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    ourarch = get_kb_item("Host/cpu");
    if (!ourarch) audit(AUDIT_UNKNOWN_ARCH);
    if (ourarch !~ "^(i586|i686|x86_64)$") audit(AUDIT_ARCH_NOT, "i586 / i686 / x86_64", ourarch);
    
    flag = 0;
    
    if ( rpm_check(release:"SUSE42.3", reference:"postgresql95-9.5.11-2.3.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", reference:"postgresql95-contrib-9.5.11-2.3.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", reference:"postgresql95-contrib-debuginfo-9.5.11-2.3.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", reference:"postgresql95-debuginfo-9.5.11-2.3.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", reference:"postgresql95-debugsource-9.5.11-2.3.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", reference:"postgresql95-devel-9.5.11-2.3.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", reference:"postgresql95-devel-debuginfo-9.5.11-2.3.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", reference:"postgresql95-libs-debugsource-9.5.11-2.3.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", reference:"postgresql95-plperl-9.5.11-2.3.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", reference:"postgresql95-plperl-debuginfo-9.5.11-2.3.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", reference:"postgresql95-plpython-9.5.11-2.3.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", reference:"postgresql95-plpython-debuginfo-9.5.11-2.3.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", reference:"postgresql95-pltcl-9.5.11-2.3.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", reference:"postgresql95-pltcl-debuginfo-9.5.11-2.3.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", reference:"postgresql95-server-9.5.11-2.3.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", reference:"postgresql95-server-debuginfo-9.5.11-2.3.1") ) flag++;
    if ( rpm_check(release:"SUSE42.3", reference:"postgresql95-test-9.5.11-2.3.1") ) flag++;
    
    if (flag)
    {
      if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
      else security_hole(0);
      exit(0);
    }
    else
    {
      tested = pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "postgresql95-devel / postgresql95-devel-debuginfo / etc");
    }
    
  • NASL familyDebian Local Security Checks
    NASL idDEBIAN_DSA-3935.NASL
    descriptionSeveral vulnerabilities have been found in the PostgreSQL database system : - CVE-2017-7546 In some authentication methods empty passwords were accepted. - CVE-2017-7547 User mappings could leak data to unprivileged users. - CVE-2017-7548 The lo_put() function ignored ACLs. For more in-depth descriptions of the security vulnerabilities, please see https://www.postgresql.org/about/news/1772/
    last seen2020-06-01
    modified2020-06-02
    plugin id102442
    published2017-08-14
    reporterThis script is Copyright (C) 2017-2018 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/102442
    titleDebian DSA-3935-1 : postgresql-9.4 - security update
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were  
    # extracted from Debian Security Advisory DSA-3935. The text 
    # itself is copyright (C) Software in the Public Interest, Inc.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(102442);
      script_version("3.10");
      script_cvs_date("Date: 2018/11/10 11:49:38");
    
      script_cve_id("CVE-2017-7546", "CVE-2017-7547", "CVE-2017-7548");
      script_xref(name:"DSA", value:"3935");
    
      script_name(english:"Debian DSA-3935-1 : postgresql-9.4 - security update");
      script_summary(english:"Checks dpkg output for the updated package");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote Debian host is missing a security-related update."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "Several vulnerabilities have been found in the PostgreSQL database
    system :
    
      - CVE-2017-7546
        In some authentication methods empty passwords were
        accepted.
    
      - CVE-2017-7547
        User mappings could leak data to unprivileged users.
    
      - CVE-2017-7548
        The lo_put() function ignored ACLs.
    
      For more in-depth descriptions of the security vulnerabilities,
      please see https://www.postgresql.org/about/news/1772/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://security-tracker.debian.org/tracker/CVE-2017-7546"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://security-tracker.debian.org/tracker/CVE-2017-7547"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://security-tracker.debian.org/tracker/CVE-2017-7548"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.postgresql.org/about/news/1772/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://packages.debian.org/source/jessie/postgresql-9.4"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.debian.org/security/2017/dsa-3935"
      );
      script_set_attribute(
        attribute:"solution", 
        value:
    "Upgrade the postgresql-9.4 packages.
    
    For the oldstable distribution (jessie), these problems have been
    fixed in version 9.4.13-0+deb8u1."
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
      script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
      script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H");
      script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"false");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:postgresql-9.4");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:debian:debian_linux:8.0");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2017/08/10");
      script_set_attribute(attribute:"plugin_publication_date", value:"2017/08/14");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2017-2018 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"Debian Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/Debian/release", "Host/Debian/dpkg-l");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("debian_package.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    if (!get_kb_item("Host/Debian/release")) audit(AUDIT_OS_NOT, "Debian");
    if (!get_kb_item("Host/Debian/dpkg-l")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    
    flag = 0;
    if (deb_check(release:"8.0", prefix:"libecpg-compat3", reference:"9.4.13-0+deb8u1")) flag++;
    if (deb_check(release:"8.0", prefix:"libecpg-dev", reference:"9.4.13-0+deb8u1")) flag++;
    if (deb_check(release:"8.0", prefix:"libecpg6", reference:"9.4.13-0+deb8u1")) flag++;
    if (deb_check(release:"8.0", prefix:"libpgtypes3", reference:"9.4.13-0+deb8u1")) flag++;
    if (deb_check(release:"8.0", prefix:"libpq-dev", reference:"9.4.13-0+deb8u1")) flag++;
    if (deb_check(release:"8.0", prefix:"libpq5", reference:"9.4.13-0+deb8u1")) flag++;
    if (deb_check(release:"8.0", prefix:"postgresql-9.4", reference:"9.4.13-0+deb8u1")) flag++;
    if (deb_check(release:"8.0", prefix:"postgresql-9.4-dbg", reference:"9.4.13-0+deb8u1")) flag++;
    if (deb_check(release:"8.0", prefix:"postgresql-client-9.4", reference:"9.4.13-0+deb8u1")) flag++;
    if (deb_check(release:"8.0", prefix:"postgresql-contrib-9.4", reference:"9.4.13-0+deb8u1")) flag++;
    if (deb_check(release:"8.0", prefix:"postgresql-doc-9.4", reference:"9.4.13-0+deb8u1")) flag++;
    if (deb_check(release:"8.0", prefix:"postgresql-plperl-9.4", reference:"9.4.13-0+deb8u1")) flag++;
    if (deb_check(release:"8.0", prefix:"postgresql-plpython-9.4", reference:"9.4.13-0+deb8u1")) flag++;
    if (deb_check(release:"8.0", prefix:"postgresql-plpython3-9.4", reference:"9.4.13-0+deb8u1")) flag++;
    if (deb_check(release:"8.0", prefix:"postgresql-pltcl-9.4", reference:"9.4.13-0+deb8u1")) flag++;
    if (deb_check(release:"8.0", prefix:"postgresql-server-dev-9.4", reference:"9.4.13-0+deb8u1")) flag++;
    
    if (flag)
    {
      if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());
      else security_hole(0);
      exit(0);
    }
    else audit(AUDIT_HOST_NOT, "affected");
    
  • NASL familySuSE Local Security Checks
    NASL idSUSE_SU-2017-2236-1.NASL
    descriptionPostgresql93 was updated to 9.3.18 to fix the following issues : - CVE-2017-7547: Further restrict visibility of pg_user_mappings.umoptions, to protect passwords stored as user mapping options. (bsc#1051685) - CVE-2017-7546: Disallow empty passwords in all password-based authentication methods. (bsc#1051684) - CVE-2017-7548: lo_put() function ignores ACLs. (bsc#1053259) The changelog for the release is here: &#9;https://www.postgresql.org/docs/9.3/static/release-9 -3-18.html Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id102695
    published2017-08-23
    reporterThis script is Copyright (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/102695
    titleSUSE SLES12 Security Update : postgresql93 (SUSE-SU-2017:2236-1)
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were
    # extracted from SUSE update advisory SUSE-SU-2017:2236-1.
    # The text itself is copyright (C) SUSE.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(102695);
      script_version("3.10");
      script_cvs_date("Date: 2019/09/11 11:22:16");
    
      script_cve_id("CVE-2017-7546", "CVE-2017-7547", "CVE-2017-7548");
    
      script_name(english:"SUSE SLES12 Security Update : postgresql93 (SUSE-SU-2017:2236-1)");
      script_summary(english:"Checks rpm output for the updated packages.");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote SUSE host is missing one or more security updates."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "Postgresql93 was updated to 9.3.18 to fix the following issues :
    
      - CVE-2017-7547: Further restrict visibility of
        pg_user_mappings.umoptions, to protect passwords stored
        as user mapping options. (bsc#1051685)
    
      - CVE-2017-7546: Disallow empty passwords in all
        password-based authentication methods. (bsc#1051684)
    
      - CVE-2017-7548: lo_put() function ignores ACLs.
        (bsc#1053259) The changelog for the release is here:
        &#9;https://www.postgresql.org/docs/9.3/static/release-9
        -3-18.html
    
    Note that Tenable Network Security has extracted the preceding
    description block directly from the SUSE security advisory. Tenable
    has attempted to automatically clean and format it as much as possible
    without introducing additional issues."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=1051684"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=1051685"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=1053259"
      );
      # https://www.postgresql.org/docs/9.3/static/release-9-3-18.html
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.postgresql.org/docs/9.3/release-9-3-18.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2017-7546/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2017-7547/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2017-7548/"
      );
      # https://www.suse.com/support/update/announcement/2017/suse-su-20172236-1/
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.nessus.org/u?98401eff"
      );
      script_set_attribute(
        attribute:"solution", 
        value:
    "To install this SUSE Security Update use YaST online_update.
    Alternatively you can run the command listed for your product :
    
    SUSE Linux Enterprise Server for SAP 12:zypper in -t patch
    SUSE-SLE-SAP-12-2017-1368=1
    
    SUSE Linux Enterprise Server 12-LTSS:zypper in -t patch
    SUSE-SLE-SERVER-12-2017-1368=1
    
    To bring your system up-to-date, use 'zypper patch'."
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
      script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
      script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H");
      script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"false");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:postgresql93");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:postgresql93-contrib");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:postgresql93-contrib-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:postgresql93-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:postgresql93-debugsource");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:postgresql93-server");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:postgresql93-server-debuginfo");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:suse_linux:12");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2017/08/16");
      script_set_attribute(attribute:"patch_publication_date", value:"2017/08/22");
      script_set_attribute(attribute:"plugin_publication_date", value:"2017/08/23");
      script_set_attribute(attribute:"generated_plugin", value:"current");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"SuSE Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/SuSE/release");
    if (isnull(release) || release !~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "SUSE");
    os_ver = pregmatch(pattern: "^(SLE(S|D)\d+)", string:release);
    if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "SUSE");
    os_ver = os_ver[1];
    if (! preg(pattern:"^(SLES12)$", string:os_ver)) audit(AUDIT_OS_NOT, "SUSE SLES12", "SUSE " + os_ver);
    
    if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if (cpu !~ "^i[3-6]86$" && "x86_64" >!< cpu && "s390x" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "SUSE " + os_ver, cpu);
    
    sp = get_kb_item("Host/SuSE/patchlevel");
    if (isnull(sp)) sp = "0";
    if (os_ver == "SLES12" && (! preg(pattern:"^(0)$", string:sp))) audit(AUDIT_OS_NOT, "SLES12 SP0", os_ver + " SP" + sp);
    
    
    flag = 0;
    if (rpm_check(release:"SLES12", sp:"0", reference:"postgresql93-9.3.18-25.5.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"postgresql93-contrib-9.3.18-25.5.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"postgresql93-contrib-debuginfo-9.3.18-25.5.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"postgresql93-debuginfo-9.3.18-25.5.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"postgresql93-debugsource-9.3.18-25.5.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"postgresql93-server-9.3.18-25.5.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"postgresql93-server-debuginfo-9.3.18-25.5.1")) flag++;
    
    
    if (flag)
    {
      if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
      else security_hole(0);
      exit(0);
    }
    else
    {
      tested = pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "postgresql93");
    }
    
  • NASL familySuSE Local Security Checks
    NASL idSUSE_SU-2017-2258-1.NASL
    descriptionPostgresql94 was updated to 9.4.13 to fix the following issues : - CVE-2017-7547: Further restrict visibility of pg_user_mappings.umoptions, to protect passwords stored as user mapping options. (bsc#1051685) - CVE-2017-7546: Disallow empty passwords in all password-based authentication methods. (bsc#1051684) - CVE-2017-7548: lo_put() function ignores ACLs. (bsc#1053259) The changelog for this release is here: https://www.postgresql.org/docs/9.4/static/release-9-4-1 3.html Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id102800
    published2017-08-28
    reporterThis script is Copyright (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/102800
    titleSUSE SLES11 Security Update : postgresql94 (SUSE-SU-2017:2258-1)
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were
    # extracted from SUSE update advisory SUSE-SU-2017:2258-1.
    # The text itself is copyright (C) SUSE.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(102800);
      script_version("3.10");
      script_cvs_date("Date: 2019/09/11 11:22:16");
    
      script_cve_id("CVE-2017-7546", "CVE-2017-7547", "CVE-2017-7548");
    
      script_name(english:"SUSE SLES11 Security Update : postgresql94 (SUSE-SU-2017:2258-1)");
      script_summary(english:"Checks rpm output for the updated packages.");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote SUSE host is missing one or more security updates."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "Postgresql94 was updated to 9.4.13 to fix the following issues :
    
      - CVE-2017-7547: Further restrict visibility of
        pg_user_mappings.umoptions, to protect passwords stored
        as user mapping options. (bsc#1051685)
    
      - CVE-2017-7546: Disallow empty passwords in all
        password-based authentication methods. (bsc#1051684)
    
      - CVE-2017-7548: lo_put() function ignores ACLs.
        (bsc#1053259) The changelog for this release is here:
        https://www.postgresql.org/docs/9.4/static/release-9-4-1
        3.html
    
    Note that Tenable Network Security has extracted the preceding
    description block directly from the SUSE security advisory. Tenable
    has attempted to automatically clean and format it as much as possible
    without introducing additional issues."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=1051684"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=1051685"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=1053259"
      );
      # https://www.postgresql.org/docs/9.4/static/release-9-4-13.html
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.postgresql.org/docs/9.4/release-9-4-13.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2017-7546/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2017-7547/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2017-7548/"
      );
      # https://www.suse.com/support/update/announcement/2017/suse-su-20172258-1/
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.nessus.org/u?57c3d237"
      );
      script_set_attribute(
        attribute:"solution", 
        value:
    "To install this SUSE Security Update use YaST online_update.
    Alternatively you can run the command listed for your product :
    
    SUSE Linux Enterprise Software Development Kit 11-SP4:zypper in -t
    patch sdksp4-postgresql94-13247=1
    
    SUSE Linux Enterprise Server 11-SP4:zypper in -t patch
    slessp4-postgresql94-13247=1
    
    SUSE Linux Enterprise Server 11-SP3-LTSS:zypper in -t patch
    slessp3-postgresql94-13247=1
    
    SUSE Linux Enterprise Point of Sale 11-SP3:zypper in -t patch
    sleposp3-postgresql94-13247=1
    
    SUSE Linux Enterprise Debuginfo 11-SP4:zypper in -t patch
    dbgsp4-postgresql94-13247=1
    
    SUSE Linux Enterprise Debuginfo 11-SP3:zypper in -t patch
    dbgsp3-postgresql94-13247=1
    
    To bring your system up-to-date, use 'zypper patch'."
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
      script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
      script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H");
      script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"false");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libecpg6");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libpq5");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:postgresql94");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:postgresql94-contrib");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:postgresql94-docs");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:postgresql94-server");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:suse_linux:11");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2017/08/16");
      script_set_attribute(attribute:"patch_publication_date", value:"2017/08/25");
      script_set_attribute(attribute:"plugin_publication_date", value:"2017/08/28");
      script_set_attribute(attribute:"generated_plugin", value:"current");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"SuSE Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/SuSE/release");
    if (isnull(release) || release !~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "SUSE");
    os_ver = pregmatch(pattern: "^(SLE(S|D)\d+)", string:release);
    if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "SUSE");
    os_ver = os_ver[1];
    if (! preg(pattern:"^(SLES11)$", string:os_ver)) audit(AUDIT_OS_NOT, "SUSE SLES11", "SUSE " + os_ver);
    
    if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if (cpu !~ "^i[3-6]86$" && "x86_64" >!< cpu && "s390x" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "SUSE " + os_ver, cpu);
    
    sp = get_kb_item("Host/SuSE/patchlevel");
    if (isnull(sp)) sp = "0";
    if (os_ver == "SLES11" && (! preg(pattern:"^(3|4)$", string:sp))) audit(AUDIT_OS_NOT, "SLES11 SP3/4", os_ver + " SP" + sp);
    
    
    flag = 0;
    if (rpm_check(release:"SLES11", sp:"4", cpu:"x86_64", reference:"libpq5-32bit-9.4.13-0.23.5.1")) flag++;
    if (rpm_check(release:"SLES11", sp:"4", cpu:"s390x", reference:"libpq5-32bit-9.4.13-0.23.5.1")) flag++;
    if (rpm_check(release:"SLES11", sp:"4", reference:"libecpg6-9.4.13-0.23.5.1")) flag++;
    if (rpm_check(release:"SLES11", sp:"4", reference:"libpq5-9.4.13-0.23.5.1")) flag++;
    if (rpm_check(release:"SLES11", sp:"4", reference:"postgresql94-9.4.13-0.23.5.1")) flag++;
    if (rpm_check(release:"SLES11", sp:"4", reference:"postgresql94-contrib-9.4.13-0.23.5.1")) flag++;
    if (rpm_check(release:"SLES11", sp:"4", reference:"postgresql94-docs-9.4.13-0.23.5.1")) flag++;
    if (rpm_check(release:"SLES11", sp:"4", reference:"postgresql94-server-9.4.13-0.23.5.1")) flag++;
    if (rpm_check(release:"SLES11", sp:"3", cpu:"x86_64", reference:"libpq5-32bit-9.4.13-0.23.5.1")) flag++;
    if (rpm_check(release:"SLES11", sp:"3", cpu:"s390x", reference:"libpq5-32bit-9.4.13-0.23.5.1")) flag++;
    if (rpm_check(release:"SLES11", sp:"3", reference:"libecpg6-9.4.13-0.23.5.1")) flag++;
    if (rpm_check(release:"SLES11", sp:"3", reference:"libpq5-9.4.13-0.23.5.1")) flag++;
    if (rpm_check(release:"SLES11", sp:"3", reference:"postgresql94-9.4.13-0.23.5.1")) flag++;
    if (rpm_check(release:"SLES11", sp:"3", reference:"postgresql94-contrib-9.4.13-0.23.5.1")) flag++;
    if (rpm_check(release:"SLES11", sp:"3", reference:"postgresql94-docs-9.4.13-0.23.5.1")) flag++;
    if (rpm_check(release:"SLES11", sp:"3", reference:"postgresql94-server-9.4.13-0.23.5.1")) flag++;
    
    
    if (flag)
    {
      if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
      else security_hole(0);
      exit(0);
    }
    else
    {
      tested = pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "postgresql94");
    }
    
  • NASL familySuSE Local Security Checks
    NASL idSUSE_SU-2017-2356-1.NASL
    descriptionThis update for postgresql96 fixes the following issues : - CVE-2017-7547: Further restrict visibility of pg_user_mappings.umoptions, to protect passwords stored as user mapping options. (bsc#1051685) - CVE-2017-7546: Disallow empty passwords in all password-based authentication methods. (bsc#1051684) - CVE-2017-7548: lo_put() function ignores ACLs. (bsc#1053259) The changelog for this release is here: https://www.postgresql.org/docs/9.6/static/release-9-6-4 .html Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id102974
    published2017-09-06
    reporterThis script is Copyright (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/102974
    titleSUSE SLED12 / SLES12 Security Update : postgresql96 (SUSE-SU-2017:2356-1)
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were
    # extracted from SUSE update advisory SUSE-SU-2017:2356-1.
    # The text itself is copyright (C) SUSE.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(102974);
      script_version("3.10");
      script_cvs_date("Date: 2019/09/11 11:22:16");
    
      script_cve_id("CVE-2017-7546", "CVE-2017-7547", "CVE-2017-7548");
    
      script_name(english:"SUSE SLED12 / SLES12 Security Update : postgresql96 (SUSE-SU-2017:2356-1)");
      script_summary(english:"Checks rpm output for the updated packages.");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote SUSE host is missing one or more security updates."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "This update for postgresql96 fixes the following issues :
    
      - CVE-2017-7547: Further restrict visibility of
        pg_user_mappings.umoptions, to protect passwords stored
        as user mapping options. (bsc#1051685)
    
      - CVE-2017-7546: Disallow empty passwords in all
        password-based authentication methods. (bsc#1051684)
    
      - CVE-2017-7548: lo_put() function ignores ACLs.
        (bsc#1053259) The changelog for this release is here:
        https://www.postgresql.org/docs/9.6/static/release-9-6-4
        .html
    
    Note that Tenable Network Security has extracted the preceding
    description block directly from the SUSE security advisory. Tenable
    has attempted to automatically clean and format it as much as possible
    without introducing additional issues."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=1051684"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=1051685"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=1053259"
      );
      # https://www.postgresql.org/docs/9.6/static/release-9-6-4.html
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.postgresql.org/docs/9.6/release-9-6-4.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2017-7546/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2017-7547/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2017-7548/"
      );
      # https://www.suse.com/support/update/announcement/2017/suse-su-20172356-1/
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.nessus.org/u?7e8dc195"
      );
      script_set_attribute(
        attribute:"solution", 
        value:
    "To install this SUSE Security Update use YaST online_update.
    Alternatively you can run the command listed for your product :
    
    SUSE OpenStack Cloud 6:zypper in -t patch
    SUSE-OpenStack-Cloud-6-2017-1461=1
    
    SUSE Linux Enterprise Software Development Kit 12-SP3:zypper in -t
    patch SUSE-SLE-SDK-12-SP3-2017-1461=1
    
    SUSE Linux Enterprise Software Development Kit 12-SP2:zypper in -t
    patch SUSE-SLE-SDK-12-SP2-2017-1461=1
    
    SUSE Linux Enterprise Server for SAP 12-SP1:zypper in -t patch
    SUSE-SLE-SAP-12-SP1-2017-1461=1
    
    SUSE Linux Enterprise Server for SAP 12:zypper in -t patch
    SUSE-SLE-SAP-12-2017-1461=1
    
    SUSE Linux Enterprise Server for Raspberry Pi 12-SP2:zypper in -t
    patch SUSE-SLE-RPI-12-SP2-2017-1461=1
    
    SUSE Linux Enterprise Server 12-SP3:zypper in -t patch
    SUSE-SLE-SERVER-12-SP3-2017-1461=1
    
    SUSE Linux Enterprise Server 12-SP2:zypper in -t patch
    SUSE-SLE-SERVER-12-SP2-2017-1461=1
    
    SUSE Linux Enterprise Server 12-SP1-LTSS:zypper in -t patch
    SUSE-SLE-SERVER-12-SP1-2017-1461=1
    
    SUSE Linux Enterprise Server 12-LTSS:zypper in -t patch
    SUSE-SLE-SERVER-12-2017-1461=1
    
    SUSE Linux Enterprise Desktop 12-SP3:zypper in -t patch
    SUSE-SLE-DESKTOP-12-SP3-2017-1461=1
    
    SUSE Linux Enterprise Desktop 12-SP2:zypper in -t patch
    SUSE-SLE-DESKTOP-12-SP2-2017-1461=1
    
    To bring your system up-to-date, use 'zypper patch'."
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
      script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
      script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H");
      script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"false");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libecpg6");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libecpg6-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libpq5");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libpq5-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:postgresql96");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:postgresql96-contrib");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:postgresql96-contrib-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:postgresql96-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:postgresql96-debugsource");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:postgresql96-libs-debugsource");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:postgresql96-server");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:postgresql96-server-debuginfo");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:suse_linux:12");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2017/08/16");
      script_set_attribute(attribute:"patch_publication_date", value:"2017/09/05");
      script_set_attribute(attribute:"plugin_publication_date", value:"2017/09/06");
      script_set_attribute(attribute:"generated_plugin", value:"current");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"SuSE Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/SuSE/release");
    if (isnull(release) || release !~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "SUSE");
    os_ver = pregmatch(pattern: "^(SLE(S|D)\d+)", string:release);
    if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "SUSE");
    os_ver = os_ver[1];
    if (! preg(pattern:"^(SLED12|SLES12)$", string:os_ver)) audit(AUDIT_OS_NOT, "SUSE SLED12 / SLES12", "SUSE " + os_ver);
    
    if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if (cpu !~ "^i[3-6]86$" && "x86_64" >!< cpu && "s390x" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "SUSE " + os_ver, cpu);
    
    sp = get_kb_item("Host/SuSE/patchlevel");
    if (isnull(sp)) sp = "0";
    if (os_ver == "SLES12" && (! preg(pattern:"^(0|1|2|3)$", string:sp))) audit(AUDIT_OS_NOT, "SLES12 SP0/1/2/3", os_ver + " SP" + sp);
    if (os_ver == "SLED12" && (! preg(pattern:"^(2|3)$", string:sp))) audit(AUDIT_OS_NOT, "SLED12 SP2/3", os_ver + " SP" + sp);
    
    
    flag = 0;
    if (rpm_check(release:"SLES12", sp:"1", reference:"libecpg6-9.6.4-3.6.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"1", reference:"libecpg6-debuginfo-9.6.4-3.6.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"1", reference:"libpq5-9.6.4-3.6.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"1", reference:"libpq5-debuginfo-9.6.4-3.6.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"1", reference:"postgresql96-9.6.4-3.6.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"1", reference:"postgresql96-contrib-9.6.4-3.6.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"1", reference:"postgresql96-contrib-debuginfo-9.6.4-3.6.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"1", reference:"postgresql96-debuginfo-9.6.4-3.6.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"1", reference:"postgresql96-debugsource-9.6.4-3.6.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"1", reference:"postgresql96-libs-debugsource-9.6.4-3.6.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"1", reference:"postgresql96-server-9.6.4-3.6.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"1", reference:"postgresql96-server-debuginfo-9.6.4-3.6.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"1", reference:"libpq5-32bit-9.6.4-3.6.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"1", reference:"libpq5-debuginfo-32bit-9.6.4-3.6.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"libecpg6-9.6.4-3.6.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"libecpg6-debuginfo-9.6.4-3.6.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"libpq5-9.6.4-3.6.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"libpq5-debuginfo-9.6.4-3.6.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"postgresql96-9.6.4-3.6.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"postgresql96-contrib-9.6.4-3.6.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"postgresql96-contrib-debuginfo-9.6.4-3.6.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"postgresql96-debuginfo-9.6.4-3.6.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"postgresql96-debugsource-9.6.4-3.6.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"postgresql96-libs-debugsource-9.6.4-3.6.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"postgresql96-server-9.6.4-3.6.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"postgresql96-server-debuginfo-9.6.4-3.6.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"libpq5-32bit-9.6.4-3.6.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"libpq5-debuginfo-32bit-9.6.4-3.6.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"3", reference:"libecpg6-9.6.4-3.6.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"3", reference:"libecpg6-debuginfo-9.6.4-3.6.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"3", reference:"libpq5-9.6.4-3.6.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"3", reference:"libpq5-debuginfo-9.6.4-3.6.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"3", reference:"postgresql96-9.6.4-3.6.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"3", reference:"postgresql96-contrib-9.6.4-3.6.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"3", reference:"postgresql96-contrib-debuginfo-9.6.4-3.6.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"3", reference:"postgresql96-debuginfo-9.6.4-3.6.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"3", reference:"postgresql96-debugsource-9.6.4-3.6.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"3", reference:"postgresql96-libs-debugsource-9.6.4-3.6.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"3", reference:"postgresql96-server-9.6.4-3.6.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"3", reference:"postgresql96-server-debuginfo-9.6.4-3.6.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"3", reference:"libpq5-32bit-9.6.4-3.6.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"3", reference:"libpq5-debuginfo-32bit-9.6.4-3.6.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"2", reference:"libecpg6-9.6.4-3.6.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"2", reference:"libecpg6-debuginfo-9.6.4-3.6.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"2", reference:"libpq5-9.6.4-3.6.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"2", reference:"libpq5-debuginfo-9.6.4-3.6.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"2", reference:"postgresql96-9.6.4-3.6.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"2", reference:"postgresql96-contrib-9.6.4-3.6.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"2", reference:"postgresql96-contrib-debuginfo-9.6.4-3.6.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"2", reference:"postgresql96-debuginfo-9.6.4-3.6.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"2", reference:"postgresql96-debugsource-9.6.4-3.6.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"2", reference:"postgresql96-libs-debugsource-9.6.4-3.6.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"2", reference:"postgresql96-server-9.6.4-3.6.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"2", reference:"postgresql96-server-debuginfo-9.6.4-3.6.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"2", reference:"libpq5-32bit-9.6.4-3.6.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"2", reference:"libpq5-debuginfo-32bit-9.6.4-3.6.1")) flag++;
    if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"libecpg6-9.6.4-3.6.1")) flag++;
    if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"libecpg6-debuginfo-9.6.4-3.6.1")) flag++;
    if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"libpq5-32bit-9.6.4-3.6.1")) flag++;
    if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"libpq5-9.6.4-3.6.1")) flag++;
    if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"libpq5-debuginfo-32bit-9.6.4-3.6.1")) flag++;
    if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"libpq5-debuginfo-9.6.4-3.6.1")) flag++;
    if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"postgresql96-9.6.4-3.6.1")) flag++;
    if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"postgresql96-debuginfo-9.6.4-3.6.1")) flag++;
    if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"postgresql96-debugsource-9.6.4-3.6.1")) flag++;
    if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"postgresql96-libs-debugsource-9.6.4-3.6.1")) flag++;
    if (rpm_check(release:"SLED12", sp:"2", cpu:"x86_64", reference:"libecpg6-9.6.4-3.6.1")) flag++;
    if (rpm_check(release:"SLED12", sp:"2", cpu:"x86_64", reference:"libecpg6-debuginfo-9.6.4-3.6.1")) flag++;
    if (rpm_check(release:"SLED12", sp:"2", cpu:"x86_64", reference:"libpq5-32bit-9.6.4-3.6.1")) flag++;
    if (rpm_check(release:"SLED12", sp:"2", cpu:"x86_64", reference:"libpq5-9.6.4-3.6.1")) flag++;
    if (rpm_check(release:"SLED12", sp:"2", cpu:"x86_64", reference:"libpq5-debuginfo-32bit-9.6.4-3.6.1")) flag++;
    if (rpm_check(release:"SLED12", sp:"2", cpu:"x86_64", reference:"libpq5-debuginfo-9.6.4-3.6.1")) flag++;
    if (rpm_check(release:"SLED12", sp:"2", cpu:"x86_64", reference:"postgresql96-9.6.4-3.6.1")) flag++;
    if (rpm_check(release:"SLED12", sp:"2", cpu:"x86_64", reference:"postgresql96-debuginfo-9.6.4-3.6.1")) flag++;
    if (rpm_check(release:"SLED12", sp:"2", cpu:"x86_64", reference:"postgresql96-debugsource-9.6.4-3.6.1")) flag++;
    if (rpm_check(release:"SLED12", sp:"2", cpu:"x86_64", reference:"postgresql96-libs-debugsource-9.6.4-3.6.1")) flag++;
    
    
    if (flag)
    {
      if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
      else security_hole(0);
      exit(0);
    }
    else
    {
      tested = pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "postgresql96");
    }
    
  • NASL familyDebian Local Security Checks
    NASL idDEBIAN_DSA-3936.NASL
    descriptionSeveral vulnerabilities have been found in the PostgreSQL database system : - CVE-2017-7546 In some authentication methods empty passwords were accepted. - CVE-2017-7547 User mappings could leak data to unprivileged users. - CVE-2017-7548 The lo_put() function ignored ACLs. For more in-depth descriptions of the security vulnerabilities, please see https://www.postgresql.org/about/news/1772/
    last seen2020-06-01
    modified2020-06-02
    plugin id102443
    published2017-08-14
    reporterThis script is Copyright (C) 2017-2018 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/102443
    titleDebian DSA-3936-1 : postgresql-9.6 - security update
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2017-D9CAC37BD8.NASL
    descriptionrebase: update to 9.6.4, security fix for CVE-2017-7546 CVE-2017-7547 CVE-2017-7548 Per release notes: https://www.postgresql.org/docs/9.6/static/release-9-6-4.html Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-05
    modified2017-08-15
    plugin id102490
    published2017-08-15
    reporterThis script is Copyright (C) 2017-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/102490
    titleFedora 26 : postgresql (2017-d9cac37bd8)
  • NASL familySuSE Local Security Checks
    NASL idOPENSUSE-2017-1020.NASL
    descriptionThis update for postgresql94 fixes the following issues : - CVE-2017-7547: Further restrict visibility of pg_user_mappings.umoptions, to protect passwords stored as user mapping options. (bsc#1051685) - CVE-2017-7546: Disallow empty passwords in all password-based authentication methods. (bsc#1051684) - CVE-2017-7548: lo_put() function ignores ACLs. (bsc#1053259) This update was imported from the SUSE:SLE-12:Update update project.
    last seen2020-06-05
    modified2017-09-13
    plugin id103156
    published2017-09-13
    reporterThis script is Copyright (C) 2017-2020 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/103156
    titleopenSUSE Security Update : postgresql94 (openSUSE-2017-1020)
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2017-9148FE36B9.NASL
    descriptionrebase: update to 9.5.8, security fix for CVE-2017-7546 CVE-2017-7547 CVE-2017-7548 Per release notes: http://www.postgresql.org/docs/9.5/static/release-9-5-8.html Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-05
    modified2017-08-30
    plugin id102828
    published2017-08-30
    reporterThis script is Copyright (C) 2017-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/102828
    titleFedora 25 : postgresql (2017-9148fe36b9)
  • NASL familySuSE Local Security Checks
    NASL idOPENSUSE-2017-1021.NASL
    descriptionThis update for postgresql96 fixes the following issues : - CVE-2017-7547: Further restrict visibility of pg_user_mappings.umoptions, to protect passwords stored as user mapping options. (bsc#1051685) - CVE-2017-7546: Disallow empty passwords in all password-based authentication methods. (bsc#1051684) - CVE-2017-7548: lo_put() function ignores ACLs. (bsc#1053259) The changelog for this release is here: &#9;https://www.postgresql.org/docs/9.6/static/release-9-6-4.html This update was imported from the SUSE:SLE-12:Update update project.
    last seen2020-06-05
    modified2017-09-13
    plugin id103157
    published2017-09-13
    reporterThis script is Copyright (C) 2017-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/103157
    titleopenSUSE Security Update : postgresql96 (openSUSE-2017-1021)
  • NASL familyDatabases
    NASL idPOSTGRESQL_20170810.NASL
    descriptionThe version of PostgreSQL installed on the remote host is 9.2.x prior to 9.2.22, 9.3.x prior to 9.3.18, 9.4.x prior to 9.4.13, 9.5.x prior to 9.5.8, or 9.6.x prior to 9.6.4. It is, therefore, affected by multiple vulnerabilities : - An authentication bypass flaw exists in that an empty password is accepted in some authentication methods. (CVE-2017-7546) - An information disclosure vulnerability exists in the
    last seen2020-06-01
    modified2020-06-02
    plugin id102527
    published2017-08-16
    reporterThis script is Copyright (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/102527
    titlePostgreSQL 9.2.x < 9.2.22 / 9.3.x < 9.3.18 / 9.4.x < 9.4.13 / 9.5.x < 9.5.8 / 9.6.x < 9.6.4 Multiple Vulnerabilities
  • NASL familyAmazon Linux Local Security Checks
    NASL idALA_ALAS-2017-885.NASL
    descriptionpg_user_mappings view discloses passwords to users lacking server privileges : An authorization flaw was found in the way PostgreSQL handled access to the pg_user_mappings view on foreign servers. A remote authenticated attacker could potentially use this flaw to retrieve passwords from the user mappings defined by the foreign server owners without actually having the privileges to do so. (CVE-2017-7547) Empty password accepted in some authentication methods : It was found that authenticating to a PostgreSQL database account with an empty password was possible despite libpq
    last seen2020-06-01
    modified2020-06-02
    plugin id102873
    published2017-09-01
    reporterThis script is Copyright (C) 2017-2018 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/102873
    titleAmazon Linux AMI : postgresql94 / postgresql95 (ALAS-2017-885)
  • NASL familyGentoo Local Security Checks
    NASL idGENTOO_GLSA-201710-06.NASL
    descriptionThe remote host is affected by the vulnerability described in GLSA-201710-06 (PostgreSQL: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in PostgreSQL. Please review the referenced CVE identifiers for details. Impact : A remote attacker could escalate privileges, cause a Denial of Service condition, obtain passwords, cause a loss in information, or obtain sensitive information. Workaround : There is no known workaround at this time.
    last seen2020-06-01
    modified2020-06-02
    plugin id103724
    published2017-10-09
    reporterThis script is Copyright (C) 2017-2018 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/103724
    titleGLSA-201710-06 : PostgreSQL: Multiple vulnerabilities
  • NASL familyUbuntu Local Security Checks
    NASL idUBUNTU_USN-3390-1.NASL
    descriptionBen de Graaff, Jelte Fennema, and Jeroen van der Ham discovered that PostgreSQL allowed the use of empty passwords in some authentication methods, contrary to expected behaviour. A remote attacker could use an empty password to authenticate to servers that were believed to have password login disabled. (CVE-2017-7546) Jeff Janes discovered that PostgreSQL incorrectly handled the pg_user_mappings catalog view. A remote attacker without server privileges could possibly use this issue to obtain certain passwords. (CVE-2017-7547) Chapman Flack discovered that PostgreSQL incorrectly handled lo_put() permissions. A remote attacker could possibly use this issue to change the data in a large object. (CVE-2017-7548). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id102522
    published2017-08-16
    reporterUbuntu Security Notice (C) 2017-2019 Canonical, Inc. / NASL script (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/102522
    titleUbuntu 14.04 LTS / 16.04 LTS / 17.04 : postgresql-9.3, postgresql-9.5, postgresql-9.6 vulnerabilities (USN-3390-1)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_SU-2017-2355-1.NASL
    descriptionThis update for postgresql94 fixes the following issues : - CVE-2017-7547: Further restrict visibility of pg_user_mappings.umoptions, to protect passwords stored as user mapping options. (bsc#1051685) - CVE-2017-7546: Disallow empty passwords in all password-based authentication methods. (bsc#1051684) - CVE-2017-7548: lo_put() function ignores ACLs. (bsc#1053259) Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id102973
    published2017-09-06
    reporterThis script is Copyright (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/102973
    titleSUSE SLED12 / SLES12 Security Update : postgresql94 (SUSE-SU-2017:2355-1)

Redhat

advisories
  • rhsa
    idRHSA-2017:2677
  • rhsa
    idRHSA-2017:2678
rpms
  • rh-postgresql95-postgresql-0:9.5.9-1.el6
  • rh-postgresql95-postgresql-0:9.5.9-1.el7
  • rh-postgresql95-postgresql-contrib-0:9.5.9-1.el6
  • rh-postgresql95-postgresql-contrib-0:9.5.9-1.el7
  • rh-postgresql95-postgresql-debuginfo-0:9.5.9-1.el6
  • rh-postgresql95-postgresql-debuginfo-0:9.5.9-1.el7
  • rh-postgresql95-postgresql-devel-0:9.5.9-1.el6
  • rh-postgresql95-postgresql-devel-0:9.5.9-1.el7
  • rh-postgresql95-postgresql-docs-0:9.5.9-1.el6
  • rh-postgresql95-postgresql-docs-0:9.5.9-1.el7
  • rh-postgresql95-postgresql-libs-0:9.5.9-1.el6
  • rh-postgresql95-postgresql-libs-0:9.5.9-1.el7
  • rh-postgresql95-postgresql-plperl-0:9.5.9-1.el6
  • rh-postgresql95-postgresql-plperl-0:9.5.9-1.el7
  • rh-postgresql95-postgresql-plpython-0:9.5.9-1.el6
  • rh-postgresql95-postgresql-plpython-0:9.5.9-1.el7
  • rh-postgresql95-postgresql-pltcl-0:9.5.9-1.el6
  • rh-postgresql95-postgresql-pltcl-0:9.5.9-1.el7
  • rh-postgresql95-postgresql-server-0:9.5.9-1.el6
  • rh-postgresql95-postgresql-server-0:9.5.9-1.el7
  • rh-postgresql95-postgresql-static-0:9.5.9-1.el6
  • rh-postgresql95-postgresql-static-0:9.5.9-1.el7
  • rh-postgresql95-postgresql-test-0:9.5.9-1.el6
  • rh-postgresql95-postgresql-test-0:9.5.9-1.el7
  • rh-postgresql94-postgresql-0:9.4.14-1.el6
  • rh-postgresql94-postgresql-0:9.4.14-1.el7
  • rh-postgresql94-postgresql-contrib-0:9.4.14-1.el6
  • rh-postgresql94-postgresql-contrib-0:9.4.14-1.el7
  • rh-postgresql94-postgresql-debuginfo-0:9.4.14-1.el6
  • rh-postgresql94-postgresql-debuginfo-0:9.4.14-1.el7
  • rh-postgresql94-postgresql-devel-0:9.4.14-1.el6
  • rh-postgresql94-postgresql-devel-0:9.4.14-1.el7
  • rh-postgresql94-postgresql-docs-0:9.4.14-1.el6
  • rh-postgresql94-postgresql-docs-0:9.4.14-1.el7
  • rh-postgresql94-postgresql-libs-0:9.4.14-1.el6
  • rh-postgresql94-postgresql-libs-0:9.4.14-1.el7
  • rh-postgresql94-postgresql-plperl-0:9.4.14-1.el6
  • rh-postgresql94-postgresql-plperl-0:9.4.14-1.el7
  • rh-postgresql94-postgresql-plpython-0:9.4.14-1.el6
  • rh-postgresql94-postgresql-plpython-0:9.4.14-1.el7
  • rh-postgresql94-postgresql-pltcl-0:9.4.14-1.el6
  • rh-postgresql94-postgresql-pltcl-0:9.4.14-1.el7
  • rh-postgresql94-postgresql-server-0:9.4.14-1.el6
  • rh-postgresql94-postgresql-server-0:9.4.14-1.el7
  • rh-postgresql94-postgresql-static-0:9.4.14-1.el6
  • rh-postgresql94-postgresql-static-0:9.4.14-1.el7
  • rh-postgresql94-postgresql-test-0:9.4.14-1.el6
  • rh-postgresql94-postgresql-test-0:9.4.14-1.el7
  • rh-postgresql94-postgresql-upgrade-0:9.4.14-1.el6
  • rh-postgresql94-postgresql-upgrade-0:9.4.14-1.el7