Download
| Alert*
|
oval:org.secpod.oval:def:33754
The host is installed with PostgreSQL 9.0.x before 9.0.16, 9.1.x before 9.1.12, 9.2.x before 9.2.7 or 9.3.x before 9.3.3 and is prone to multiple integer overflow vulnerabilities. The flaws are present in the application, which fails to handle vectors related to the (1) hstore_recv, (2) hstore_from_ ... oval:org.secpod.oval:def:601218 Various vulnerabilities were discovered in PostgreSQL: * Shore up GRANT ... WITH ADMIN OPTION restrictions Granting a role without ADMIN OPTION is supposed to prevent the grantee from adding or removing members from the granted role, but this restriction was easily bypassed by doing SET ROLE first. ... |
