Описание
When batch jobs are executed by pgAgent, a script is created in a temporary directory and then executed. In versions of pgAgent prior to 4.2.3, an insufficiently seeded random number generator is used when generating the directory name, leading to the possibility for a local attacker to pre-create the directory and thus prevent pgAgent from executing jobs, disrupting scheduled tasks.
Уязвимые конфигурации
EPSS
5.5 Medium
CVSS3
7.1 High
CVSS3
Дефекты
Связанные уязвимости
When batch jobs are executed by pgAgent, a script is created in a temporary directory and then executed. In versions of pgAgent prior to 4.2.3, an insufficiently seeded random number generator is used when generating the directory name, leading to the possibility for a local attacker to pre-create the directory and thus prevent pgAgent from executing jobs, disrupting scheduled tasks.
When batch jobs are executed by pgAgent, a script is created in a temp ...
When batch jobs are executed by pgAgent, a script is created in a temporary directory and then executed. In versions of pgAgent prior to 4.2.3, an insufficiently seeded random number generator is used when generating the directory name, leading to the possibility for a local attacker to pre-create the directory and thus prevent pgAgent from executing jobs, disrupting scheduled tasks.
Уязвимость планировщика задач для PostgreSQL pgAgent, связанная с недостатками прогнозирования, позволяющая нарушителю вызвать отказ в обслуживании
EPSS
5.5 Medium
CVSS3
7.1 High
CVSS3