ID CVE-2013-1900
Summary PostgreSQL 9.2.x before 9.2.4, 9.1.x before 9.1.9, 9.0.x before 9.0.13, and 8.4.x before 8.4.17, when using OpenSSL, generates insufficiently random numbers, which might allow remote authenticated users to have an unspecified impact via vectors related to the "contrib/pgcrypto functions."
References
Vulnerable Configurations
  • PostgreSQL 9.2
    cpe:2.3:a:postgresql:postgresql:9.2
  • PostgreSQL 9.2.1
    cpe:2.3:a:postgresql:postgresql:9.2.1
  • PostgreSQL 9.2.2
    cpe:2.3:a:postgresql:postgresql:9.2.2
  • PostgreSQL PostgreSQL 9.2.3
    cpe:2.3:a:postgresql:postgresql:9.2.3
  • PostgreSQL 9.1
    cpe:2.3:a:postgresql:postgresql:9.1
  • PostgreSQL 9.1.1
    cpe:2.3:a:postgresql:postgresql:9.1.1
  • PostgreSQL 9.1.2
    cpe:2.3:a:postgresql:postgresql:9.1.2
  • PostgreSQL 9.1.3
    cpe:2.3:a:postgresql:postgresql:9.1.3
  • PostgreSQL 9.1.4
    cpe:2.3:a:postgresql:postgresql:9.1.4
  • PostgreSQL 9.1.5
    cpe:2.3:a:postgresql:postgresql:9.1.5
  • PostgreSQL 9.1.6
    cpe:2.3:a:postgresql:postgresql:9.1.6
  • PostgreSQL 9.1.7
    cpe:2.3:a:postgresql:postgresql:9.1.7
  • PostgreSQL 9.1.8
    cpe:2.3:a:postgresql:postgresql:9.1.8
  • PostgreSQL 9.0
    cpe:2.3:a:postgresql:postgresql:9.0
  • PostgreSQL 9.0.1
    cpe:2.3:a:postgresql:postgresql:9.0.1
  • PostgreSQL 9.0.2
    cpe:2.3:a:postgresql:postgresql:9.0.2
  • PostgreSQL 9.0.3
    cpe:2.3:a:postgresql:postgresql:9.0.3
  • PostgreSQL 9.0.4
    cpe:2.3:a:postgresql:postgresql:9.0.4
  • PostgreSQL 9.0.5
    cpe:2.3:a:postgresql:postgresql:9.0.5
  • PostgreSQL 9.0.6
    cpe:2.3:a:postgresql:postgresql:9.0.6
  • PostgreSQL 9.0.7
    cpe:2.3:a:postgresql:postgresql:9.0.7
  • PostgreSQL 9.0.8
    cpe:2.3:a:postgresql:postgresql:9.0.8
  • PostgreSQL 9.0.9
    cpe:2.3:a:postgresql:postgresql:9.0.9
  • PostgreSQL 9.0.10
    cpe:2.3:a:postgresql:postgresql:9.0.10
  • PostgreSQL 9.0.11
    cpe:2.3:a:postgresql:postgresql:9.0.11
  • PostgreSQL 9.0.12
    cpe:2.3:a:postgresql:postgresql:9.0.12
  • PostgreSQL 8.4
    cpe:2.3:a:postgresql:postgresql:8.4
  • PostgreSQL 8.4.1
    cpe:2.3:a:postgresql:postgresql:8.4.1
  • PostgreSQL 8.4.2
    cpe:2.3:a:postgresql:postgresql:8.4.2
  • PostgreSQL 8.4.3
    cpe:2.3:a:postgresql:postgresql:8.4.3
  • PostgreSQL 8.4.4
    cpe:2.3:a:postgresql:postgresql:8.4.4
  • PostgreSQL 8.4.5
    cpe:2.3:a:postgresql:postgresql:8.4.5
  • PostgreSQL 8.4.6
    cpe:2.3:a:postgresql:postgresql:8.4.6
  • PostgreSQL 8.4.7
    cpe:2.3:a:postgresql:postgresql:8.4.7
  • PostgreSQL 8.4.8
    cpe:2.3:a:postgresql:postgresql:8.4.8
  • PostgreSQL 8.4.9
    cpe:2.3:a:postgresql:postgresql:8.4.9
  • PostgreSQL 8.4.10
    cpe:2.3:a:postgresql:postgresql:8.4.10
  • PostgreSQL 8.4.11
    cpe:2.3:a:postgresql:postgresql:8.4.11
  • PostgreSQL 8.4.12
    cpe:2.3:a:postgresql:postgresql:8.4.12
  • PostgreSQL 8.4.13
    cpe:2.3:a:postgresql:postgresql:8.4.13
  • PostgreSQL 8.4.14
    cpe:2.3:a:postgresql:postgresql:8.4.14
  • PostgreSQL 8.4.15
    cpe:2.3:a:postgresql:postgresql:8.4.15
  • PostgreSQL 8.4.16
    cpe:2.3:a:postgresql:postgresql:8.4.16
  • Canonical Ubuntu Linux 8.04 LTS (Long-Term Support)
    cpe:2.3:o:canonical:ubuntu_linux:8.04:-:lts
  • Canonical Ubuntu Linux 10.04 LTS
    cpe:2.3:o:canonical:ubuntu_linux:10.04:-:lts
  • Canonical Ubuntu Linux 11.10
    cpe:2.3:o:canonical:ubuntu_linux:11.10
  • Canonical Ubuntu Linux 12.04 LTS (Long-Term Support)
    cpe:2.3:o:canonical:ubuntu_linux:12.04:-:lts
  • Canonical Ubuntu Linux 12.10
    cpe:2.3:o:canonical:ubuntu_linux:12.10
CVSS
Base: 8.5 (as of 04-04-2013 - 14:26)
Impact:
Exploitability:
CWE CWE-189
CAPEC
Access
VectorComplexityAuthentication
NETWORK MEDIUM SINGLE_INSTANCE
Impact
ConfidentialityIntegrityAvailability
COMPLETE COMPLETE COMPLETE
nessus via4
  • NASL family MacOS X Local Security Checks
    NASL id MACOSX_SERVER_2_2_2.NASL
    description The remote Mac OS X 10.8 host has a version of OS X Server installed that is prior to 2.2.2. It is, therefore, affected by the following vulnerabilities : - Two vulnerabilities exist in the included ClamAV software, the most serious of which could allow an attacker to execute arbitrary code remotely. (CVE-2013-2020 / CVE-2013-2021) - Three vulnerabilities exist in the included PostgreSQL software, the most serious of which could result in data corruption or privilege escalation. (CVE-2013-1899 / CVE-2013-1900 / CVE-2013-1901) - Multiple cross-site scripting issues exist in the included Wiki Server software (CVE-2013-1034)
    last seen 2019-02-21
    modified 2018-07-14
    plugin id 69932
    published 2013-09-17
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=69932
    title Mac OS X : OS X Server < 2.2.2 Multiple Vulnerabilities
  • NASL family FreeBSD Local Security Checks
    NASL id FREEBSD_PKG_3F332F169B6B11E28FE908002798F6FF.NASL
    description PostgreSQL project reports : The PostgreSQL Global Development Group has released a security update to all current versions of the PostgreSQL database system, including versions 9.2.4, 9.1.9, 9.0.13, and 8.4.17. This update fixes a high-exposure security vulnerability in versions 9.0 and later. All users of the affected versions are strongly urged to apply the update *immediately*. A major security issue (for versions 9.x only) fixed in this release, [CVE-2013-1899](http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013 -1899), makes it possible for a connection request containing a database name that begins with '-' to be crafted that can damage or destroy files within a server's data directory. Anyone with access to the port the PostgreSQL server listens on can initiate this request. This issue was discovered by Mitsumasa Kondo and Kyotaro Horiguchi of NTT Open Source Software Center. Two lesser security fixes are also included in this release : [CVE-2013-1900](http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013 -1900), wherein random numbers generated by contrib/pgcrypto functions may be easy for another database user to guess (all versions), and [CVE-2013-1901](http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013 -1901), which mistakenly allows an unprivileged user to run commands that could interfere with in-progress backups (for versions 9.x only).
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 65841
    published 2013-04-08
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=65841
    title FreeBSD : PostgreSQL -- anonymous remote access data corruption vulnerability (3f332f16-9b6b-11e2-8fe9-08002798f6ff)
  • NASL family Debian Local Security Checks
    NASL id DEBIAN_DSA-2657.NASL
    description A vulnerability was discovered in PostgreSQL database server. Random numbers generated by contrib/pgcrypto functions may be easy for another database user to guess.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 65812
    published 2013-04-05
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=65812
    title Debian DSA-2657-1 : postgresql-8.4 - guessable random numbers
  • NASL family Gentoo Local Security Checks
    NASL id GENTOO_GLSA-201408-15.NASL
    description The remote host is affected by the vulnerability described in GLSA-201408-15 (PostgreSQL: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in PostgreSQL. Please review the CVE identifiers referenced below for details. Impact : A remote authenticated attacker may be able to create a Denial of Service condition, bypass security restrictions, or have other unspecified impact. Workaround : There is no known workaround at this time.
    last seen 2019-02-21
    modified 2018-07-12
    plugin id 77459
    published 2014-08-30
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=77459
    title GLSA-201408-15 : PostgreSQL: Multiple vulnerabilities
  • NASL family Databases
    NASL id POSTGRESQL_CVE20131900.NASL
    description The version of PostgreSQL installed on the remote host is 8.4.x prior to 8.4.17, 9.0.x prior to 9.0.13, 9.1.x prior to 9.1.9, or 9.2.x prior to 9.2.4. As such, it is potentially affected by an issue where random numbers generated by contrib/pgcrypto functions may be easy for another database user to guess.
    last seen 2019-02-21
    modified 2018-11-15
    plugin id 65856
    published 2013-04-08
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=65856
    title PostgreSQL 8.4 < 8.4.17 / 9.0 < 9.0.13 / 9.1 < 9.1.9 / 9.2 < 9.2.4 Predictable Random Number Generator
  • NASL family Ubuntu Local Security Checks
    NASL id UBUNTU_USN-1789-1.NASL
    description Mitsumasa Kondo and Kyotaro Horiguchi discovered that PostgreSQL incorrectly handled certain connection requests containing database names starting with a dash. A remote attacker could use this flaw to damage or destroy files within a server's data directory. This issue only applied to Ubuntu 11.10, Ubuntu 12.04 LTS, and Ubuntu 12.10. (CVE-2013-1899) Marko Kreen discovered that PostgreSQL incorrectly generated random numbers. An authenticated attacker could use this flaw to possibly guess another database user's random numbers. (CVE-2013-1900) Noah Misch discovered that PostgreSQL incorrectly handled certain privilege checks. An unprivileged attacker could use this flaw to possibly interfere with in-progress backups. This issue only applied to Ubuntu 11.10, Ubuntu 12.04 LTS, and Ubuntu 12.10. (CVE-2013-1901). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-12-01
    plugin id 65818
    published 2013-04-05
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=65818
    title Ubuntu 8.04 LTS / 10.04 LTS / 11.10 / 12.04 LTS / 12.10 : postgresql-8.3, postgresql-8.4, postgresql-9.1 vulnerabilities (USN-1789-1)
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2013-6148.NASL
    description - Update to PostgreSQL 9.2.4, for various fixes described at http://www.postgresql.org/docs/9.2/static/release-9-2-4. html including the fixes for CVE-2013-1899, CVE-2013-1900, CVE-2013-1901 - fix build for aarch64 and ppc64p7 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-12-24
    plugin id 66168
    published 2013-04-22
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=66168
    title Fedora 19 : postgresql-9.2.4-1.fc19 (2013-6148)
  • NASL family Mandriva Local Security Checks
    NASL id MANDRIVA_MDVSA-2013-142.NASL
    description Multiple vulnerabilities has been discovered and corrected in postgresql : PostgreSQL 9.2.x before 9.2.3, 9.1.x before 9.1.8, 9.0.x before 9.0.12, 8.4.x before 8.4.16, and 8.3.x before 8.3.23 does not properly declare the enum_recv function in backend/utils/adt/enum.c, which causes it to be invoked with incorrect arguments and allows remote authenticated users to cause a denial of service (server crash) or read sensitive process memory via a crafted SQL command, which triggers an array index error and an out-of-bounds read (CVE-2013-0255). Argument injection vulnerability in PostgreSQL 9.2.x before 9.2.4, 9.1.x before 9.1.9, and 9.0.x before 9.0.13 allows remote attackers to cause a denial of service (file corruption), and allows remote authenticated users to modify configuration settings and execute arbitrary code, via a connection request using a database name that begins with a - (hyphen) (CVE-2013-1899). PostgreSQL 9.2.x before 9.2.4, 9.1.x before 9.1.9, 9.0.x before 9.0.13, and 8.4.x before 8.4.17, when using OpenSSL, generates insufficiently random numbers, which might allow remote authenticated users to have an unspecified impact via vectors related to the contrib/pgcrypto functions. (CVE-2013-1900). PostgreSQL 9.2.x before 9.2.4 and 9.1.x before 9.1.9 does not properly check REPLICATION privileges, which allows remote authenticated users to bypass intended backup restrictions by calling the (1) pg_start_backup or (2) pg_stop_backup functions (CVE-2013-1901). This advisory provides the latest versions of PostgreSQL that is not vulnerable to these issues.
    last seen 2019-02-21
    modified 2018-07-19
    plugin id 66154
    published 2013-04-20
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=66154
    title Mandriva Linux Security Advisory : postgresql (MDVSA-2013:142)
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2013-5000.NASL
    description - Update to PostgreSQL 9.1.9, for various fixes described at http://www.postgresql.org/docs/9.1/static/release-9-1-9. html including the fixes for CVE-2013-1899, CVE-2013-1900, CVE-2013-1901 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-12-24
    plugin id 65828
    published 2013-04-07
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=65828
    title Fedora 17 : postgresql-9.1.9-1.fc17 (2013-5000)
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2013-4951.NASL
    description - Update to PostgreSQL 9.2.4, for various fixes described at http://www.postgresql.org/docs/9.2/static/release-9-2-4. html including the fixes for CVE-2013-1899, CVE-2013-1900, CVE-2013-1901 - fix build for aarch64 and ppc64p7 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-12-24
    plugin id 65827
    published 2013-04-07
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=65827
    title Fedora 18 : postgresql-9.2.4-1.fc18 (2013-4951)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_11_LIBECPG6-130402.NASL
    description This update to version 9.1.9 fixes : - Fix insecure parsing of server command-line switches. (CVE-2013-1899) - Reset OpenSSL randomness state in each postmaster child process. (CVE-2013-1900) - Make REPLICATION privilege checks test current user not authenticated user. (CVE-2013-1901)
    last seen 2019-02-21
    modified 2015-01-13
    plugin id 65829
    published 2013-04-07
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=65829
    title SuSE 11.2 Security Update : PostgreSQL (SAT Patch Number 7585)
  • NASL family SuSE Local Security Checks
    NASL id OPENSUSE-2013-307.NASL
    description postgresql was updated to version 9.1.9 (bnc#812525) : - CVE-2013-1899: Fix insecure parsing of server command-line switches. A connection request containing a database name that begins with '-' could be crafted to damage or destroy files within the server's data directory, even if the request is eventually rejected. - CVE-2013-1900: Reset OpenSSL randomness state in each postmaster child process. This avoids a scenario wherein random numbers generated by 'contrib/pgcrypto' functions might be relatively easy for another database user to guess. The risk is only significant when the postmaster is configured with ssl = on but most connections don't use SSL encryption. - CVE-2013-1901: Make REPLICATION privilege checks test current user not authenticated user. An unprivileged database user could exploit this mistake to call pg_start_backup() or pg_stop_backup(), thus possibly interfering with creation of routine backups. - See the release notes for the rest of the changes: http://www.postgresql.org/docs/9.1/static/release-9-1-9. html /usr/share/doc/packages/postgresql91/HISTORY
    last seen 2019-02-21
    modified 2018-12-18
    plugin id 74963
    published 2014-06-13
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=74963
    title openSUSE Security Update : postgresql91 (openSUSE-SU-2013:0627-1)
  • NASL family Amazon Linux Local Security Checks
    NASL id ALA_ALAS-2013-178.NASL
    description Argument injection vulnerability in PostgreSQL 9.2.x before 9.2.4, 9.1.x before 9.1.9, and 9.0.x before 9.0.13 allows remote attackers to cause a denial of service (file corruption), and allows remote authenticated users to modify configuration settings and execute arbitrary code, via a connection request using a database name that begins with a '-' (hyphen). PostgreSQL 9.2.x before 9.2.4 and 9.1.x before 9.1.9 does not properly check REPLICATION privileges, which allows remote authenticated users to bypass intended backup restrictions by calling the (1) pg_start_backup or (2) pg_stop_backup functions. PostgreSQL 9.2.x before 9.2.4, 9.1.x before 9.1.9, 9.0.x before 9.0.13, and 8.4.x before 8.4.17, when using OpenSSL, generates insufficiently random numbers, which might allow remote authenticated users to have an unspecified impact via vectors related to the 'contrib/pgcrypto functions.'
    last seen 2019-02-21
    modified 2018-04-18
    plugin id 69737
    published 2013-09-04
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=69737
    title Amazon Linux AMI : postgresql9 (ALAS-2013-178)
  • NASL family MacOS X Local Security Checks
    NASL id MACOSX_SECUPD2013-004.NASL
    description The remote host is running a version of Mac OS X 10.6 or 10.7 that does not have Security Update 2013-004 applied. This update contains several security-related fixes for the following component : - Apache - Bind - Certificate Trust Policy - ClamAV - Installer - IPSec - Mobile Device Management - OpenSSL - PHP - PostgreSQL - QuickTime - sudo Note that successful exploitation of the most serious issues could result in arbitrary code execution.
    last seen 2019-02-21
    modified 2018-07-14
    plugin id 69878
    published 2013-09-13
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=69878
    title Mac OS X Multiple Vulnerabilities (Security Update 2013-004)
  • NASL family Scientific Linux Local Security Checks
    NASL id SL_20131029_POSTGRESQL_AND_POSTGRESQL84_ON_SL5_X.NASL
    description An array index error, leading to a heap-based out-of-bounds buffer read flaw, was found in the way PostgreSQL performed certain error processing using enumeration types. An unprivileged database user could issue a specially crafted SQL query that, when processed by the server component of the PostgreSQL service, would lead to a denial of service (daemon crash) or disclosure of certain portions of server memory. (CVE-2013-0255) A flaw was found in the way the pgcrypto contrib module of PostgreSQL (re)initialized its internal random number generator. This could lead to random numbers with less bits of entropy being used by certain pgcrypto functions, possibly allowing an attacker to conduct other attacks. (CVE-2013-1900) These updated packages upgrade PostgreSQL to version 8.4.18, which fixes these issues as well as several non-security issues. Refer to the PostgreSQL Release Notes for a full list of changes : http://www.postgresql.org/docs/8.4/static/release-8-4-18.html After installing this update, it is advisable to rebuild, using the REINDEX command, Generalized Search Tree (GiST) indexes that meet one or more of the following conditions : - GiST indexes on box, polygon, circle, or point columns - GiST indexes for variable-width data types, that is text, bytea, bit, and numeric - GiST multi-column indexes If the postgresql service is running, it will be automatically restarted after installing this update.
    last seen 2019-02-21
    modified 2018-12-31
    plugin id 70705
    published 2013-10-31
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=70705
    title Scientific Linux Security Update : postgresql and postgresql84 on SL5.x, SL6.x i386/x86_64
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2013-1475.NASL
    description Updated postgresql and postgresql84 packages that fix two security issues are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. PostgreSQL is an advanced object-relational database management system (DBMS). An array index error, leading to a heap-based out-of-bounds buffer read flaw, was found in the way PostgreSQL performed certain error processing using enumeration types. An unprivileged database user could issue a specially crafted SQL query that, when processed by the server component of the PostgreSQL service, would lead to a denial of service (daemon crash) or disclosure of certain portions of server memory. (CVE-2013-0255) A flaw was found in the way the pgcrypto contrib module of PostgreSQL (re)initialized its internal random number generator. This could lead to random numbers with less bits of entropy being used by certain pgcrypto functions, possibly allowing an attacker to conduct other attacks. (CVE-2013-1900) Red Hat would like to thank the PostgreSQL project for reporting these issues. Upstream acknowledges Sumit Soni via Secunia SVCRP as the original reporter of CVE-2013-0255, and Marko Kreen as the original reporter of CVE-2013-1900. These updated packages upgrade PostgreSQL to version 8.4.18, which fixes these issues as well as several non-security issues. Refer to the PostgreSQL Release Notes for a full list of changes : http://www.postgresql.org/docs/8.4/static/release-8-4-18.html After installing this update, it is advisable to rebuild, using the REINDEX command, Generalized Search Tree (GiST) indexes that meet one or more of the following conditions : * GiST indexes on box, polygon, circle, or point columns * GiST indexes for variable-width data types, that is text, bytea, bit, and numeric * GiST multi-column indexes All PostgreSQL users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. If the postgresql service is running, it will be automatically restarted after installing this update.
    last seen 2019-02-21
    modified 2018-11-26
    plugin id 70696
    published 2013-10-30
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=70696
    title RHEL 5 / 6 : postgresql and postgresql84 (RHSA-2013:1475)
  • NASL family MacOS X Local Security Checks
    NASL id MACOSX_10_8_5.NASL
    description The remote host is running a version of Mac OS X 10.8.x that is prior to 10.8.5. The newer version contains multiple security-related fixes for the following components : - Apache - Bind - Certificate Trust Policy - CoreGraphics - ImageIO - Installer - IPSec - Kernel - Mobile Device Management - OpenSSL - PHP - PostgreSQL - Power Management - QuickTime - Screen Lock - sudo This update also addresses an issue in which certain Unicode strings could cause applications to unexpectedly quit. Note that successful exploitation of the most serious issues could result in arbitrary code execution.
    last seen 2019-02-21
    modified 2018-07-14
    plugin id 69877
    published 2013-09-13
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=69877
    title Mac OS X 10.8.x < 10.8.5 Multiple Vulnerabilities
  • NASL family CentOS Local Security Checks
    NASL id CENTOS_RHSA-2013-1475.NASL
    description Updated postgresql and postgresql84 packages that fix two security issues are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. PostgreSQL is an advanced object-relational database management system (DBMS). An array index error, leading to a heap-based out-of-bounds buffer read flaw, was found in the way PostgreSQL performed certain error processing using enumeration types. An unprivileged database user could issue a specially crafted SQL query that, when processed by the server component of the PostgreSQL service, would lead to a denial of service (daemon crash) or disclosure of certain portions of server memory. (CVE-2013-0255) A flaw was found in the way the pgcrypto contrib module of PostgreSQL (re)initialized its internal random number generator. This could lead to random numbers with less bits of entropy being used by certain pgcrypto functions, possibly allowing an attacker to conduct other attacks. (CVE-2013-1900) Red Hat would like to thank the PostgreSQL project for reporting these issues. Upstream acknowledges Sumit Soni via Secunia SVCRP as the original reporter of CVE-2013-0255, and Marko Kreen as the original reporter of CVE-2013-1900. These updated packages upgrade PostgreSQL to version 8.4.18, which fixes these issues as well as several non-security issues. Refer to the PostgreSQL Release Notes for a full list of changes : http://www.postgresql.org/docs/8.4/static/release-8-4-18.html After installing this update, it is advisable to rebuild, using the REINDEX command, Generalized Search Tree (GiST) indexes that meet one or more of the following conditions : * GiST indexes on box, polygon, circle, or point columns * GiST indexes for variable-width data types, that is text, bytea, bit, and numeric * GiST multi-column indexes All PostgreSQL users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. If the postgresql service is running, it will be automatically restarted after installing this update.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 70687
    published 2013-10-30
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=70687
    title CentOS 5 / 6 : postgresql / postgresql84 (CESA-2013:1475)
  • NASL family Oracle Linux Local Security Checks
    NASL id ORACLELINUX_ELSA-2013-1475.NASL
    description From Red Hat Security Advisory 2013:1475 : Updated postgresql and postgresql84 packages that fix two security issues are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. PostgreSQL is an advanced object-relational database management system (DBMS). An array index error, leading to a heap-based out-of-bounds buffer read flaw, was found in the way PostgreSQL performed certain error processing using enumeration types. An unprivileged database user could issue a specially crafted SQL query that, when processed by the server component of the PostgreSQL service, would lead to a denial of service (daemon crash) or disclosure of certain portions of server memory. (CVE-2013-0255) A flaw was found in the way the pgcrypto contrib module of PostgreSQL (re)initialized its internal random number generator. This could lead to random numbers with less bits of entropy being used by certain pgcrypto functions, possibly allowing an attacker to conduct other attacks. (CVE-2013-1900) Red Hat would like to thank the PostgreSQL project for reporting these issues. Upstream acknowledges Sumit Soni via Secunia SVCRP as the original reporter of CVE-2013-0255, and Marko Kreen as the original reporter of CVE-2013-1900. These updated packages upgrade PostgreSQL to version 8.4.18, which fixes these issues as well as several non-security issues. Refer to the PostgreSQL Release Notes for a full list of changes : http://www.postgresql.org/docs/8.4/static/release-8-4-18.html After installing this update, it is advisable to rebuild, using the REINDEX command, Generalized Search Tree (GiST) indexes that meet one or more of the following conditions : * GiST indexes on box, polygon, circle, or point columns * GiST indexes for variable-width data types, that is text, bytea, bit, and numeric * GiST multi-column indexes All PostgreSQL users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. If the postgresql service is running, it will be automatically restarted after installing this update.
    last seen 2019-02-21
    modified 2018-09-05
    plugin id 70692
    published 2013-10-30
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=70692
    title Oracle Linux 5 / 6 : postgresql / postgresql84 (ELSA-2013-1475)
  • NASL family Amazon Linux Local Security Checks
    NASL id ALA_ALAS-2013-244.NASL
    description An array index error, leading to a heap-based out-of-bounds buffer read flaw, was found in the way PostgreSQL performed certain error processing using enumeration types. An unprivileged database user could issue a specially crafted SQL query that, when processed by the server component of the PostgreSQL service, would lead to a denial of service (daemon crash) or disclosure of certain portions of server memory. (CVE-2013-0255) A flaw was found in the way the pgcrypto contrib module of PostgreSQL (re)initialized its internal random number generator. This could lead to random numbers with less bits of entropy being used by certain pgcrypto functions, possibly allowing an attacker to conduct other attacks. (CVE-2013-1900)
    last seen 2019-02-21
    modified 2018-04-18
    plugin id 70906
    published 2013-11-14
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=70906
    title Amazon Linux AMI : postgresql8 (ALAS-2013-244)
  • NASL family SuSE Local Security Checks
    NASL id OPENSUSE-2013-306.NASL
    description postgresql was updated to version 9.2.4 (bnc#812525) : - CVE-2013-1899: Fix insecure parsing of server command-line switches. A connection request containing a database name that begins with '-' could be crafted to damage or destroy files within the server's data directory, even if the request is eventually rejected. - CVE-2013-1900: Reset OpenSSL randomness state in each postmaster child process. This avoids a scenario wherein random numbers generated by 'contrib/pgcrypto' functions might be relatively easy for another database user to guess. The risk is only significant when the postmaster is configured with ssl = on but most connections don't use SSL encryption. - CVE-2013-1901: Make REPLICATION privilege checks test current user not authenticated user. An unprivileged database user could exploit this mistake to call pg_start_backup() or pg_stop_backup(), thus possibly interfering with creation of routine backups. - See the release notes for the rest of the changes: http://www.postgresql.org/docs/9.2/static/release-9-2-4. html /usr/share/doc/packages/postgresql92/HISTORY
    last seen 2019-02-21
    modified 2018-12-18
    plugin id 74962
    published 2014-06-13
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=74962
    title openSUSE Security Update : postgresql92 (openSUSE-SU-2013:0628-1)
redhat via4
advisories
bugzilla
id 929255
title CVE-2013-1900 postgresql: Improper randomization of pgcrypto functions (requiring random seed)
oval
OR
  • AND
    • OR
      • comment Red Hat Enterprise Linux 6 Client is installed
        oval oval:com.redhat.rhsa:tst:20100842001
      • comment Red Hat Enterprise Linux 6 Server is installed
        oval oval:com.redhat.rhsa:tst:20100842002
      • comment Red Hat Enterprise Linux 6 Workstation is installed
        oval oval:com.redhat.rhsa:tst:20100842003
      • comment Red Hat Enterprise Linux 6 ComputeNode is installed
        oval oval:com.redhat.rhsa:tst:20100842004
    • OR
      • AND
        • comment postgresql is earlier than 0:8.4.18-1.el6_4
          oval oval:com.redhat.rhsa:tst:20131475005
        • comment postgresql is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20100908006
      • AND
        • comment postgresql-contrib is earlier than 0:8.4.18-1.el6_4
          oval oval:com.redhat.rhsa:tst:20131475019
        • comment postgresql-contrib is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20100908014
      • AND
        • comment postgresql-devel is earlier than 0:8.4.18-1.el6_4
          oval oval:com.redhat.rhsa:tst:20131475023
        • comment postgresql-devel is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20100908010
      • AND
        • comment postgresql-docs is earlier than 0:8.4.18-1.el6_4
          oval oval:com.redhat.rhsa:tst:20131475009
        • comment postgresql-docs is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20100908016
      • AND
        • comment postgresql-libs is earlier than 0:8.4.18-1.el6_4
          oval oval:com.redhat.rhsa:tst:20131475021
        • comment postgresql-libs is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20100908024
      • AND
        • comment postgresql-plperl is earlier than 0:8.4.18-1.el6_4
          oval oval:com.redhat.rhsa:tst:20131475017
        • comment postgresql-plperl is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20100908022
      • AND
        • comment postgresql-plpython is earlier than 0:8.4.18-1.el6_4
          oval oval:com.redhat.rhsa:tst:20131475013
        • comment postgresql-plpython is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20100908018
      • AND
        • comment postgresql-pltcl is earlier than 0:8.4.18-1.el6_4
          oval oval:com.redhat.rhsa:tst:20131475007
        • comment postgresql-pltcl is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20100908020
      • AND
        • comment postgresql-server is earlier than 0:8.4.18-1.el6_4
          oval oval:com.redhat.rhsa:tst:20131475015
        • comment postgresql-server is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20100908012
      • AND
        • comment postgresql-test is earlier than 0:8.4.18-1.el6_4
          oval oval:com.redhat.rhsa:tst:20131475011
        • comment postgresql-test is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20100908008
  • AND
    • comment Red Hat Enterprise Linux 5 is installed
      oval oval:com.redhat.rhsa:tst:20070055001
    • OR
      • AND
        • comment postgresql84 is earlier than 0:8.4.18-1.el5_10
          oval oval:com.redhat.rhsa:tst:20131475026
        • comment postgresql84 is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20100430003
      • AND
        • comment postgresql84-contrib is earlier than 0:8.4.18-1.el5_10
          oval oval:com.redhat.rhsa:tst:20131475048
        • comment postgresql84-contrib is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20100430023
      • AND
        • comment postgresql84-devel is earlier than 0:8.4.18-1.el5_10
          oval oval:com.redhat.rhsa:tst:20131475036
        • comment postgresql84-devel is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20100430017
      • AND
        • comment postgresql84-docs is earlier than 0:8.4.18-1.el5_10
          oval oval:com.redhat.rhsa:tst:20131475038
        • comment postgresql84-docs is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20100430011
      • AND
        • comment postgresql84-libs is earlier than 0:8.4.18-1.el5_10
          oval oval:com.redhat.rhsa:tst:20131475030
        • comment postgresql84-libs is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20100430013
      • AND
        • comment postgresql84-plperl is earlier than 0:8.4.18-1.el5_10
          oval oval:com.redhat.rhsa:tst:20131475046
        • comment postgresql84-plperl is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20100430005
      • AND
        • comment postgresql84-plpython is earlier than 0:8.4.18-1.el5_10
          oval oval:com.redhat.rhsa:tst:20131475040
        • comment postgresql84-plpython is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20100430019
      • AND
        • comment postgresql84-pltcl is earlier than 0:8.4.18-1.el5_10
          oval oval:com.redhat.rhsa:tst:20131475028
        • comment postgresql84-pltcl is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20100430015
      • AND
        • comment postgresql84-python is earlier than 0:8.4.18-1.el5_10
          oval oval:com.redhat.rhsa:tst:20131475034
        • comment postgresql84-python is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20100430025
      • AND
        • comment postgresql84-server is earlier than 0:8.4.18-1.el5_10
          oval oval:com.redhat.rhsa:tst:20131475042
        • comment postgresql84-server is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20100430007
      • AND
        • comment postgresql84-tcl is earlier than 0:8.4.18-1.el5_10
          oval oval:com.redhat.rhsa:tst:20131475032
        • comment postgresql84-tcl is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20100430009
      • AND
        • comment postgresql84-test is earlier than 0:8.4.18-1.el5_10
          oval oval:com.redhat.rhsa:tst:20131475044
        • comment postgresql84-test is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20100430021
rhsa
id RHSA-2013:1475
released 2013-10-29
severity Moderate
title RHSA-2013:1475: postgresql and postgresql84 security update (Moderate)
rpms
  • postgresql-0:8.4.18-1.el6_4
  • postgresql-contrib-0:8.4.18-1.el6_4
  • postgresql-devel-0:8.4.18-1.el6_4
  • postgresql-docs-0:8.4.18-1.el6_4
  • postgresql-libs-0:8.4.18-1.el6_4
  • postgresql-plperl-0:8.4.18-1.el6_4
  • postgresql-plpython-0:8.4.18-1.el6_4
  • postgresql-pltcl-0:8.4.18-1.el6_4
  • postgresql-server-0:8.4.18-1.el6_4
  • postgresql-test-0:8.4.18-1.el6_4
  • postgresql84-0:8.4.18-1.el5_10
  • postgresql84-contrib-0:8.4.18-1.el5_10
  • postgresql84-devel-0:8.4.18-1.el5_10
  • postgresql84-docs-0:8.4.18-1.el5_10
  • postgresql84-libs-0:8.4.18-1.el5_10
  • postgresql84-plperl-0:8.4.18-1.el5_10
  • postgresql84-plpython-0:8.4.18-1.el5_10
  • postgresql84-pltcl-0:8.4.18-1.el5_10
  • postgresql84-python-0:8.4.18-1.el5_10
  • postgresql84-server-0:8.4.18-1.el5_10
  • postgresql84-tcl-0:8.4.18-1.el5_10
  • postgresql84-test-0:8.4.18-1.el5_10
refmap via4
apple
  • APPLE-SA-2013-09-12-1
  • APPLE-SA-2013-09-17-1
confirm
debian
  • DSA-2657
  • DSA-2658
fedora
  • FEDORA-2013-5000
  • FEDORA-2013-6148
mandriva MDVSA-2013:142
suse
  • SUSE-SU-2013:0633
  • openSUSE-SU-2013:0627
  • openSUSE-SU-2013:0628
  • openSUSE-SU-2013:0635
ubuntu USN-1789-1
vmware via4
description VMware vFabric Postgres has been updated to resolve several security issues that were found to be present in Postgres.
id VMSA-2013-0005
last_updated 2013-04-04T00:00:00
published 2013-04-04T00:00:00
title VMware vFabric Postgres security vulnerabilities
Last major update 03-01-2014 - 23:46
Published 04-04-2013 - 13:55
Last modified 19-10-2017 - 21:29
Back to Top