SB2018022307 - openSUSE update for postgresql95 

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB2018022307

SB2018022307 - openSUSE update for postgresql95

Published: February 23, 2018 Updated: February 26, 2018

Security Bulletin ID SB2018022307
Severity
Low
Patch available
YES
Number of vulnerabilities 6
Exploitation vector Remote access
Highest impact Data manipulation

Breakdown by Severity

Low 100%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 6 secuirty vulnerabilities.


1) Data handling (CVE-ID: CVE-2017-15098)

The vulnerability allows a remote authenticated attacker to cause DoS condition or obtain potentially sensitive information on a targeted system.

The weakness exists due to improper data handling. A remote attacker can send specially crafted data to trigger a rowtype mismatch in json{b}_populate_recordset(), cause the application to crash or read arbitrary data.

2) Security restrictions bypass (CVE-ID: CVE-2017-15099)

The vulnerability allows a remote attacker to bypass security restrictions on a targeted system.

The weakness exists due to improper security restrictions in the case of an arbiter specified by constraint name. A remote attacker can submit specially crafted INSERT requests and bypass security controls on the update path of 'INSERT ... ON CONFLICT DO UPDATE' function to conduct further attacks.

3) Authentication bypass (CVE-ID: CVE-2017-7546)

The vulnerability allows a remote attacker to bypass authentication on the target system.

The weakness exists in the systems using libpq or a libpq-based connection driver to perform password-based authentication methods due to insufficient security restrictions. A remote attacker can submit an empty password to disable password login and log in to the system.

Successful exploitation of the vulnerability may result in unauthorized access to the system and further attacks.

4) Information disclosure (CVE-ID: CVE-2017-7547)

The vulnerability allows a remote authenticated attacker to obtain potentially sensitive information on the target system.

The weakness exists in the pg_user_mappings function due to insufficient security restrictions. A remote attacker can gain access to important data and conduct further attacks.

5) Denial of service (CVE-ID: CVE-2017-7548)

The vulnerability allows a remote authenticated attacker to cause DoS condition on the target system.

The weakness exists due to an access control flaw in the lo_put() function to change the data in a large object. A remote attacker can cause the application to crash.

6) Information disclosure (CVE-ID: CVE-2018-1053)

A vulnerability allows a remote authenticated attacker to obtain potentially sensitive information on the target system.

The vulnerability exists due to insufficient security restrictions. A remote attacker can gain access to sensitive information.

Remediation

Install update from vendor's website.

References