Description
The "make check" command for the test suites in PostgreSQL 9.3.3 and earlier does not properly invoke initdb to specify the authentication requirements for a database cluster to be used for the tests, which allows local users to gain privileges by leveraging access to this cluster.
Remediation
References
Related Vulnerabilities
MediaWiki Incorrect Permission Assignment for Critical Resource Vulnerability (CVE-2022-47927)
Apache HTTP Server Other Vulnerability (CVE-2005-2728)
WordPress Plugin NextGEN Gallery-WordPress Gallery Remote Code Execution (2.1.59)
PHP HTML entity encoder heap overflow vulnerability
WordPress Plugin WebEngage Feedback, Survey and Notification Cross-Site Scripting (2.0.0)