Описание
PostgreSQL versions before 9.4.13, 9.5.8 and 9.6.4 are vulnerable to authorization flaw allowing remote authenticated attackers with no privileges on a large object to overwrite the entire contents of the object, resulting in a denial of service.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| postgresql-9.6 | fixed | 9.6.4-1 | package | |
| postgresql-9.4 | removed | package | ||
| postgresql-9.1 | removed | package | ||
| postgresql-9.1 | not-affected | jessie | package | |
| postgresql-9.1 | not-affected | wheezy | package | |
| postgresql-8.4 | removed | package | ||
| postgresql-8.4 | not-affected | wheezy | package |
Примечания
https://www.postgresql.org/about/news/1772/
Связанные уязвимости
PostgreSQL versions before 9.4.13, 9.5.8 and 9.6.4 are vulnerable to authorization flaw allowing remote authenticated attackers with no privileges on a large object to overwrite the entire contents of the object, resulting in a denial of service.
PostgreSQL versions before 9.4.13, 9.5.8 and 9.6.4 are vulnerable to authorization flaw allowing remote authenticated attackers with no privileges on a large object to overwrite the entire contents of the object, resulting in a denial of service.
PostgreSQL versions before 9.4.13, 9.5.8 and 9.6.4 are vulnerable to authorization flaw allowing remote authenticated attackers with no privileges on a large object to overwrite the entire contents of the object, resulting in a denial of service.
PostgreSQL versions before 9.4.13, 9.5.8 and 9.6.4 are vulnerable to authorization flaw allowing remote authenticated attackers with no privileges on a large object to overwrite the entire contents of the object, resulting in a denial of service.
Уязвимость системы управления базами данных PostgreSQL, вызванная недостатками авторизации, позволяющая нарушителю вызвать отказ системы