Описание
An issue was discovered in PostgreSQL 12.2 allows attackers to cause a denial of service via repeatedly sending SIGHUP signals. NOTE: this is disputed by the vendor because untrusted users cannot send SIGHUP signals; they can only be sent by a PostgreSQL superuser, a user with pg_reload_conf access, or a user with sufficient privileges at the OS level (the postgres account or the root account).
Ссылки
- ExploitMailing ListVendor Advisory
- Mailing List
- Product
- ExploitMailing ListVendor Advisory
- Mailing List
- Product
Уязвимые конфигурации
EPSS
4.4 Medium
CVSS3
Дефекты
Связанные уязвимости
** DISPUTED ** An issue was discovered in PostgreSQL 12.2 allows attackers to cause a denial of service via repeatedly sending SIGHUP signals. NOTE: this is disputed by the vendor because untrusted users cannot send SIGHUP signals; they can only be sent by a PostgreSQL superuser, a user with pg_reload_conf access, or a user with sufficient privileges at the OS level (the postgres account or the root account).
An issue was discovered in PostgreSQL 12.2 allows attackers to cause a denial of service via repeatedly sending SIGHUP signals. NOTE: this is disputed by the vendor because untrusted users cannot send SIGHUP signals; they can only be sent by a PostgreSQL superuser, a user with pg_reload_conf access, or a user with sufficient privileges at the OS level (the postgres account or the root account).
An issue was discovered in PostgreSQL 12.2 allows attackers to cause a ...
An issue was discovered in PostgreSQL 12.2 allows attackers to cause a denial of service via repeatedly sending SIGHUP signals.
Уязвимость обработчика сигнала HUP (SIGHUP) системы управления базами данных PostgreSQL, позволяющая нарушителю вызвать отказ в обслуживании
EPSS
4.4 Medium
CVSS3