Summary
This host is installed with PostgreSQL and is prone to multiple integer overflow vulnerabilities.
Impact
Successful exploitation may allow an attacker to gain elevated privileges.
Impact Level: System/Application
Solution
Upgrade to version 9.3.3, 9.2.7, 9.1.12, and 9.0.16, or higher, For updates refer to http://www.postgresql.org/download
Insight
Flaw is due to an unspecified user-supplied input which is not properly validated.
Affected
PostgreSQL version before 9.0.x before 9.0.16, 9.1.x before 9.1.12, 9.2.x before 9.2.7, and 9.3.x before 9.3.3
Detection
Get the installed version with the help of detect NVT and check the version is vulnerable or not.
References
Severity
Classification
-
CVE CVE-2014-2669 -
CVSS Base Score: 6.5
AV:N/AC:L/Au:S/C:P/I:P/A:P
Related Vulnerabilities
- IBM solidDB 'SELECT' Statement Denial Of Service Vulnerability
- PostgreSQL 'intarray' Module 'gettoken()' Buffer Overflow Vulnerability
- IBM DB2 db2pd Denial Of Service Vulnerability (Linux)
- IBM DB2 OLAP Specification Query Denial of Service Vulnerability
- Oracle Database Server Authentication Protocol Security Bypass Vulnerability