Ubuntu Update For Postgresql-9.1 USN-1461-1 Network Vulnerability

Summary

Ubuntu Update for Linux kernel vulnerabilities USN-1461-1

Solution

Please Install the Updated Packages.

Insight

It was discovered that PostgreSQL incorrectly handled certain bytes passed to the crypt() function when using DES encryption. An attacker could use this flaw to incorrectly handle authentication. (CVE-2012-2143) It was discovered that PostgreSQL incorrectly handled SECURITY DEFINER and SET attributes on procedural call handlers. An attacker could use this flaw to cause PostgreSQL to crash, leading to a denial of service. (CVE-2012-2655)

Affected

postgresql-9.1 on Ubuntu 12.04 LTS , Ubuntu 11.10 , Ubuntu 11.04 , Ubuntu 10.04 LTS , Ubuntu 8.04 LTS

Severity

Classification

CVE CVE-2012-2143, CVE-2012-2655
CVSS Base Score: 4.3
AV:N/AC:M/Au:N/C:N/I:P/A:N

Related Vulnerabilities

Ubuntu Update for backuppc USN-1249-1
Ubuntu Update for curl USN-1894-1
Ubuntu Update for curl USN-2167-1
Ubuntu Update for clamav vulnerability USN-1076-1
Ubuntu Update for apt USN-1385-1

Ubuntu Update for postgresql-9.1 USN-1461-1

Take action and discover your vulnerabilities