Vulnerabilities > CVE-2018-1058
Attack vector
NETWORK Attack complexity
LOW Privileges required
LOW Confidentiality impact
HIGH Integrity impact
HIGH Availability impact
HIGH Summary
A flaw was found in the way Postgresql allowed a user to modify the behavior of a query for other users. An attacker with a user account could use this flaw to execute code with the permissions of superuser in the database. Versions 9.3 through 10 are affected.
Vulnerable Configurations
Nessus
NASL family PhotonOS Local Security Checks NASL id PHOTONOS_PHSA-2018-2_0-0031_POSTGRESQL.NASL description An update of the postgresql package has been released. last seen 2020-03-17 modified 2019-02-07 plugin id 121931 published 2019-02-07 reporter This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/121931 title Photon OS 2.0: Postgresql PHSA-2018-2.0-0031 NASL family SuSE Local Security Checks NASL id OPENSUSE-2018-279.NASL description This update for postgresql95 fixes the following issues : Security issue fixed in PostgreSQL 9.5.12 : - CVE-2018-1058: Uncontrolled search path element in pg_dump and other client applications (boo#1081925). last seen 2020-06-05 modified 2018-03-19 plugin id 108443 published 2018-03-19 reporter This script is Copyright (C) 2018-2020 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/108443 title openSUSE Security Update : postgresql95 (openSUSE-2018-279) NASL family SuSE Local Security Checks NASL id SUSE_SU-2018-0755-1.NASL description This update for postgresql94 fixes the following issues: Security issues fixed : - CVE-2018-1058: Fixed uncontrolled search path element in pg_dump and other client applications (bsc#1081925). Bug fixes : - See release notes for details : - https://www.postgresql.org/docs/9.4/static/release-9-4-17.html - https://www.postgresql.org/docs/9.4/static/release-9-4-16.html Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 108530 published 2018-03-22 reporter This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/108530 title SUSE SLES11 Security Update : postgresql94 (SUSE-SU-2018:0755-1) NASL family SuSE Local Security Checks NASL id SUSE_SU-2018-0876-1.NASL description This update for postgresql94 fixes the following issues: Security issues fixed : - CVE-2018-1058: Fixed uncontrolled search path element in pg_dump and other client applications (bsc#1081925). Bug fixes : - See release notes for details : - https://www.postgresql.org/docs/9.4/static/release-9-4-17.html - https://www.postgresql.org/docs/9.4/static/release-9-4-16.html Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 108873 published 2018-04-06 reporter This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/108873 title SUSE SLED12 / SLES12 Security Update : postgresql94 (SUSE-SU-2018:0876-1) NASL family SuSE Local Security Checks NASL id SUSE_SU-2018-0756-1.NASL description This update for postgresql96 fixes the following issues: Security issues fixed : - CVE-2018-1058: Fixed uncontrolled search path element in pg_dump and other client applications (bsc#1081925). Bug fixes : - See release notes for details : - https://www.postgresql.org/docs/9.6/static/release-9-6-8.html Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 108531 published 2018-03-22 reporter This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/108531 title SUSE SLED12 / SLES12 Security Update : postgresql96 (SUSE-SU-2018:0756-1) NASL family SuSE Local Security Checks NASL id OPENSUSE-2018-340.NASL description This update for postgresql94 fixes the following issues : Security issues fixed : - CVE-2018-1058: Fixed uncontrolled search path element in pg_dump and other client applications (bsc#1081925). Bug fixes : - See release notes for details : - https://www.postgresql.org/docs/9.4/static/release-9-4-17.html - https://www.postgresql.org/docs/9.4/static/release-9-4-16.html This update was imported from the SUSE:SLE-12:Update update project. last seen 2020-06-05 modified 2018-04-10 plugin id 108932 published 2018-04-10 reporter This script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/108932 title openSUSE Security Update : postgresql94 (openSUSE-2018-340) NASL family Ubuntu Local Security Checks NASL id UBUNTU_USN-3589-1.NASL description It was discovered that PostgreSQL incorrectly handled certain settings. An attacker could possibly use this issue to execute arbitrary code. Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 107192 published 2018-03-07 reporter Ubuntu Security Notice (C) 2018-2019 Canonical, Inc. / NASL script (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/107192 title Ubuntu 14.04 LTS / 16.04 LTS / 17.10 : postgresql-9.3, postgresql-9.5, postgresql-9.6 vulnerability (USN-3589-1) NASL family PhotonOS Local Security Checks NASL id PHOTONOS_PHSA-2018-1_0-0122.NASL description An update of 'postgresql' packages of Photon OS has been released. last seen 2019-02-08 modified 2019-02-07 plugin id 111926 published 2018-08-17 reporter Tenable source https://www.tenable.com/plugins/index.php?view=single&id=111926 title Photon OS 1.0: Postgresql PHSA-2018-1.0-0122 (deprecated) NASL family SuSE Local Security Checks NASL id OPENSUSE-2018-287.NASL description This update for postgresql96 fixes the following issues : Security issues fixed : - CVE-2018-1058: Fixed uncontrolled search path element in pg_dump and other client applications (bsc#1081925). Bug fixes : - See release notes for details : - https://www.postgresql.org/docs/9.6/static/release-9-6-8.html This update was imported from the SUSE:SLE-12:Update update project. last seen 2020-06-05 modified 2018-03-22 plugin id 108527 published 2018-03-22 reporter This script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/108527 title openSUSE Security Update : postgresql96 (openSUSE-2018-287) NASL family PhotonOS Local Security Checks NASL id PHOTONOS_PHSA-2018-2_0-0031.NASL description An update of {'postgresql'} packages of Photon OS has been released. last seen 2019-02-08 modified 2019-02-07 plugin id 111294 published 2018-07-24 reporter Tenable source https://www.tenable.com/plugins/index.php?view=single&id=111294 title Photon OS 2.0 : postgresql (PhotonOS-PHSA-2018-2.0-0031) (deprecated) NASL family FreeBSD Local Security Checks NASL id FREEBSD_PKG_E3EEDA2E1D6711E8A2EC6CC21735F730.NASL description The PostgreSQL project reports : - CVE-2018-1058: Uncontrolled search path element in pg_dump and other client applications last seen 2020-06-01 modified 2020-06-02 plugin id 107112 published 2018-03-02 reporter This script is Copyright (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/107112 title FreeBSD : PostgreSQL vulnerabilities (e3eeda2e-1d67-11e8-a2ec-6cc21735f730) NASL family Amazon Linux Local Security Checks NASL id ALA_ALAS-2018-990.NASL description Uncontrolled search path element in pg_dump and other client applications A flaw was found in the way Postgresql allowed a user to modify the behavior of a query for other users. An attacker with a user account could use this flaw to execute code with the permissions of superuser in the database. (CVE-2018-1058) last seen 2020-06-01 modified 2020-06-02 plugin id 108851 published 2018-04-06 reporter This script is Copyright (C) 2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/108851 title Amazon Linux AMI : postgresql93 / postgresql94,postgresql95,postgresql96 (ALAS-2018-990) NASL family PhotonOS Local Security Checks NASL id PHOTONOS_PHSA-2018-1_0-0122_POSTGRESQL.NASL description An update of the postgresql package has been released. last seen 2020-03-17 modified 2019-02-07 plugin id 121817 published 2019-02-07 reporter This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/121817 title Photon OS 1.0: Postgresql PHSA-2018-1.0-0122 NASL family Databases NASL id POSTGRESQL_20180301.NASL description The version of PostgreSQL installed on the remote host is 9.3.x prior to 9.3.22, 9.4.x prior to 9.4.17, 9.5.x prior to 9.5.12, 9.6.x prior to 9.6.8, or 10.x prior to 10.3. It is, therefore, affected by a privilege escalation vulnerability. last seen 2020-06-01 modified 2020-06-02 plugin id 107226 published 2018-03-08 reporter This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/107226 title PostgreSQL 9.3.x < 9.3.22 / 9.4.x < 9.4.17 / 9.5.x < 9.5.12 / 9.6.x < 9.6.8 / 10.x < 10.3 Privilege Escalation Vulnerability
Redhat
advisories |
| ||||||||||||
rpms |
|
References
- http://www.securityfocus.com/bid/103221
- http://www.securityfocus.com/bid/103221
- https://access.redhat.com/errata/RHSA-2018:2511
- https://access.redhat.com/errata/RHSA-2018:2511
- https://access.redhat.com/errata/RHSA-2018:2566
- https://access.redhat.com/errata/RHSA-2018:2566
- https://access.redhat.com/errata/RHSA-2018:3816
- https://access.redhat.com/errata/RHSA-2018:3816
- https://bugzilla.redhat.com/show_bug.cgi?id=1547044
- https://bugzilla.redhat.com/show_bug.cgi?id=1547044
- https://usn.ubuntu.com/3589-1/
- https://usn.ubuntu.com/3589-1/
- https://www.postgresql.org/about/news/1834/
- https://www.postgresql.org/about/news/1834/