Описание
Double free vulnerability in PostgreSQL before 9.0.20, 9.1.x before 9.1.16, 9.2.x before 9.2.11, 9.3.x before 9.3.7, and 9.4.x before 9.4.2 allows remote attackers to cause a denial of service (crash) by closing an SSL session at a time when the authentication timeout will expire during the session shutdown sequence.
Double free vulnerability in PostgreSQL before 9.0.20, 9.1.x before 9.1.16, 9.2.x before 9.2.11, 9.3.x before 9.3.7, and 9.4.x before 9.4.2 allows remote attackers to cause a denial of service (crash) by closing an SSL session at a time when the authentication timeout will expire during the session shutdown sequence.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2015-3165
- https://security.gentoo.org/glsa/201507-20
- https://support.apple.com/HT205219
- http://lists.apple.com/archives/security-announce/2015/Sep/msg00004.html
- http://rhn.redhat.com/errata/RHSA-2015-1194.html
- http://rhn.redhat.com/errata/RHSA-2015-1195.html
- http://rhn.redhat.com/errata/RHSA-2015-1196.html
- http://www.debian.org/security/2015/dsa-3269
- http://www.debian.org/security/2015/dsa-3270
- http://www.postgresql.org/about/news/1587
- http://www.postgresql.org/docs/9.0/static/release-9-0-20.html
- http://www.postgresql.org/docs/9.1/static/release-9-1-16.html
- http://www.postgresql.org/docs/9.2/static/release-9-2-11.html
- http://www.postgresql.org/docs/9.3/static/release-9-3-7.html
- http://www.postgresql.org/docs/9.4/static/release-9-4-2.html
- http://www.securityfocus.com/bid/74787
- http://www.ubuntu.com/usn/USN-2621-1
EPSS
CVE ID
Связанные уязвимости
Double free vulnerability in PostgreSQL before 9.0.20, 9.1.x before 9.1.16, 9.2.x before 9.2.11, 9.3.x before 9.3.7, and 9.4.x before 9.4.2 allows remote attackers to cause a denial of service (crash) by closing an SSL session at a time when the authentication timeout will expire during the session shutdown sequence.
Double free vulnerability in PostgreSQL before 9.0.20, 9.1.x before 9.1.16, 9.2.x before 9.2.11, 9.3.x before 9.3.7, and 9.4.x before 9.4.2 allows remote attackers to cause a denial of service (crash) by closing an SSL session at a time when the authentication timeout will expire during the session shutdown sequence.
Double free vulnerability in PostgreSQL before 9.0.20, 9.1.x before 9.1.16, 9.2.x before 9.2.11, 9.3.x before 9.3.7, and 9.4.x before 9.4.2 allows remote attackers to cause a denial of service (crash) by closing an SSL session at a time when the authentication timeout will expire during the session shutdown sequence.
Double free vulnerability in PostgreSQL before 9.0.20, 9.1.x before 9. ...
Уязвимость операционной системы Debian GNU\Linux, позволяющая нарушителю вызвать отказ в обслуживании
EPSS