Download
| Alert*
oval:org.secpod.oval:def:203771
PostgreSQL is an advanced object-relational database management system . A memory leak error was discovered in the crypt function of the pgCrypto extension. An authenticated attacker could possibly use this flaw to disclose a limited amount of the server memory. A stack overflow flaw was discovered ... oval:org.secpod.oval:def:33655 The host is installed with PostgreSQL 9.3.x before 9.3.10 and 9.4.x before 9.4.5 and is prone to multiple stack-based buffer overflow vulnerabilities. The flaws are present in the application, which fails due to unspecified vectors, which are not properly handled in (1) json or (2) jsonb values. Suc ... oval:org.secpod.oval:def:504922 PostgreSQL is an advanced object-relational database management system . A memory leak error was discovered in the crypt function of the pgCrypto extension. An authenticated attacker could possibly use this flaw to disclose a limited amount of the server memory. A stack overflow flaw was discovered ... oval:org.secpod.oval:def:89045165 An update that fixes two vulnerabilities is now available. Description: This update of postgresql94 to 9.4.5 fixes the following issues: * CVE-2015-5289: json or jsonb input values constructed from arbitrary user input could have crashed the PostgreSQL server and caused a denial of service (bsc#949 ... oval:org.secpod.oval:def:504827 PostgreSQL is an advanced object-relational database management system . A memory leak error was discovered in the crypt function of the pgCrypto extension. An authenticated attacker could possibly use this flaw to disclose a limited amount of the server memory. A stack overflow flaw was discovered ... oval:org.secpod.oval:def:30208 postgresql-9.4: Object-relational SQL database - postgresql-9.3: Object-relational SQL database - postgresql-9.1: Object-relational SQL database PostgreSQL could be made to crash or expose private information if it handled specially crafted data. oval:org.secpod.oval:def:109765 PostgreSQL is an advanced Object-Relational database management system . The base postgresql package contains the client programs that you"ll need to access a PostgreSQL DBMS server, as well as HTML documentation for the whole system. These client programs can be located on the same machine as the P ... oval:org.secpod.oval:def:602248 Several vulnerabilities have been found in PostgreSQL-9.4, a SQL database system. CVE-2015-5288 Josh Kupershmidt discovered a vulnerability in the crypt function in the pgCrypto extension. Certain invalid salt arguments can cause the server to crash or to disclose a few bytes of server memory. CVE-2 ... oval:org.secpod.oval:def:52160 postgresql-9.4: Object-relational SQL database - postgresql-9.3: Object-relational SQL database - postgresql-9.1: Object-relational SQL database PostgreSQL could be made to crash or expose private information if it handled specially crafted data. oval:org.secpod.oval:def:1200180 Multiple stack-based buffer overflows in json parsing in PostgreSQL before 9.3.x before 9.3.10 and 9.4.x before 9.4.5 allow attackers to cause a denial of service via unspecified vectors, which are not properly handled in json or jsonb values. The crypt function in contrib/pgcrypto in PostgreSQL ... oval:org.secpod.oval:def:89045169 This update for postgresql94 fixes the following issues: - Security and bugfix release 9.4.6: * *** IMPORTANT *** Users of version 9.4 will need to reindex any jsonb_path_ops indexes they have created, in order to fix a persistent issue with missing index entries. * Fix infinite loops and buffer-ove ... oval:org.secpod.oval:def:501701 PostgreSQL is an advanced object-relational database management system . A memory leak error was discovered in the crypt function of the pgCrypto extension. An authenticated attacker could possibly use this flaw to disclose a limited amount of the server memory. A stack overflow flaw was discovered ... oval:org.secpod.oval:def:1501248 The remote host is missing a patch containing a security fix, which affects the following package(s): postgresql |