Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2013-1900

Опубликовано: 04 апр. 2013
Источник: redhat
CVSS2: 4.3
EPSS Низкий

Описание

PostgreSQL 9.2.x before 9.2.4, 9.1.x before 9.1.9, 9.0.x before 9.0.13, and 8.4.x before 8.4.17, when using OpenSSL, generates insufficiently random numbers, which might allow remote authenticated users to have an unspecified impact via vectors related to the "contrib/pgcrypto functions."

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
CloudForms Management Engine 5postgresqlWill not fix
Red Hat Enterprise Linux 5postgresqlWill not fix
CloudForms Management Engine 5.xcfmeFixedRHEA-2013:148731.10.2013
CloudForms Management Engine 5.xcfme-vnc-pluginFixedRHEA-2013:148731.10.2013
CloudForms Management Engine 5.xlibdnetFixedRHEA-2013:148731.10.2013
CloudForms Management Engine 5.xlshwFixedRHEA-2013:148731.10.2013
CloudForms Management Engine 5.xnetapp-manageability-sdkFixedRHEA-2013:148731.10.2013
CloudForms Management Engine 5.xopen-vm-toolsFixedRHEA-2013:148731.10.2013
CloudForms Management Engine 5.xpostgresql92FixedRHEA-2013:148731.10.2013
CloudForms Management Engine 5.xpostgresql92-postgresqlFixedRHEA-2013:148731.10.2013

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Low
https://bugzilla.redhat.com/show_bug.cgi?id=929255postgresql: Improper randomization of pgcrypto functions (requiring random seed)

EPSS

Процентиль: 80%
0.01474
Низкий

4.3 Medium

CVSS2

Связанные уязвимости

ubuntu логотип

CVE-2013-1900

ubuntu
больше 12 лет назад

PostgreSQL 9.2.x before 9.2.4, 9.1.x before 9.1.9, 9.0.x before 9.0.13, and 8.4.x before 8.4.17, when using OpenSSL, generates insufficiently random numbers, which might allow remote authenticated users to have an unspecified impact via vectors related to the "contrib/pgcrypto functions."

nvd логотип

CVE-2013-1900

nvd
больше 12 лет назад

PostgreSQL 9.2.x before 9.2.4, 9.1.x before 9.1.9, 9.0.x before 9.0.13, and 8.4.x before 8.4.17, when using OpenSSL, generates insufficiently random numbers, which might allow remote authenticated users to have an unspecified impact via vectors related to the "contrib/pgcrypto functions."

debian логотип

CVE-2013-1900

debian
больше 12 лет назад

PostgreSQL 9.2.x before 9.2.4, 9.1.x before 9.1.9, 9.0.x before 9.0.13 ...

github логотип

GHSA-wx2r-82wc-89gq

github
около 3 лет назад

PostgreSQL 9.2.x before 9.2.4, 9.1.x before 9.1.9, 9.0.x before 9.0.13, and 8.4.x before 8.4.17, when using OpenSSL, generates insufficiently random numbers, which might allow remote authenticated users to have an unspecified impact via vectors related to the "contrib/pgcrypto functions."

oracle-oval логотип

ELSA-2013-1475

oracle-oval
почти 12 лет назад

ELSA-2013-1475: postgresql and postgresql84 security update (MODERATE)

EPSS

Процентиль: 80%
0.01474
Низкий

4.3 Medium

CVSS2

Уязвимость CVE-2013-1900