Описание
The "make check" command for the test suites in PostgreSQL 9.3.3 and earlier does not properly invoke initdb to specify the authentication requirements for a database cluster to be used for the tests, which allows local users to gain privileges by leveraging access to this cluster.
Отчет
Not vulnerable. This issue did not affect postgresql packages as shipped with Red Hat Enterprise Linux and Red Hat Software Collections. Refer to bug 1065863 for further details: https://bugzilla.redhat.com/show_bug.cgi?id=1065863
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 5 | postgresql | Will not fix | ||
| Red Hat Enterprise Linux 5 | postgresql84 | Will not fix | ||
| Red Hat Enterprise Linux 6 | postgresql | Will not fix | ||
| Red Hat Software Collections | postgresql92-postgresql | Will not fix |
Показывать по
Дополнительная информация
Статус:
4.6 Medium
CVSS2
Связанные уязвимости
The "make check" command for the test suites in PostgreSQL 9.3.3 and earlier does not properly invoke initdb to specify the authentication requirements for a database cluster to be used for the tests, which allows local users to gain privileges by leveraging access to this cluster.
The "make check" command for the test suites in PostgreSQL 9.3.3 and earlier does not properly invoke initdb to specify the authentication requirements for a database cluster to be used for the tests, which allows local users to gain privileges by leveraging access to this cluster.
The "make check" command for the test suites in PostgreSQL 9.3.3 and e ...
The "make check" command for the test suites in PostgreSQL 9.3.3 and earlier does not properly invoke initdb to specify the authentication requirements for a database cluster to be used for the tests, which allows local users to gain privileges by leveraging access to this cluster.
4.6 Medium
CVSS2