Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.OPENSUSE-2013-306.NASL
HistoryJun 13, 2014 - 12:00 a.m.

openSUSE Security Update : postgresql92 (openSUSE-SU-2013:0628-1)

2014-06-1300:00:00
This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
19

CVSS2

8.5

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:S/C:C/I:C/A:C

EPSS

0.971

Percentile

99.8%

JSON

postgresql was updated to version 9.2.4 (bnc#812525) :

  • CVE-2013-1899: Fix insecure parsing of server command-line switches. A connection request containing a database name that begins with โ€˜-โ€™ could be crafted to damage or destroy files within the serverโ€™s data directory, even if the request is eventually rejected.

  • CVE-2013-1900: Reset OpenSSL randomness state in each postmaster child process. This avoids a scenario wherein random numbers generated by โ€˜contrib/pgcryptoโ€™ functions might be relatively easy for another database user to guess. The risk is only significant when the postmaster is configured with ssl = on but most connections donโ€™t use SSL encryption.

  • CVE-2013-1901: Make REPLICATION privilege checks test current user not authenticated user. An unprivileged database user could exploit this mistake to call pg_start_backup() or pg_stop_backup(), thus possibly interfering with creation of routine backups.

  • See the release notes for the rest of the changes:
    http://www.postgresql.org/docs/9.2/static/release-9-2-4.
    html /usr/share/doc/packages/postgresql92/HISTORY

#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from openSUSE Security Update openSUSE-2013-306.
#
# The text description of this plugin is (C) SUSE LLC.
#

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(74962);
  script_version("1.6");
  script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/19");

  script_cve_id("CVE-2013-1899", "CVE-2013-1900", "CVE-2013-1901");

  script_name(english:"openSUSE Security Update : postgresql92 (openSUSE-SU-2013:0628-1)");
  script_summary(english:"Check for the openSUSE-2013-306 patch");

  script_set_attribute(
    attribute:"synopsis", 
    value:"The remote openSUSE host is missing a security update."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"postgresql was updated to version 9.2.4 (bnc#812525) :

  - CVE-2013-1899: Fix insecure parsing of server
    command-line switches. A connection request containing a
    database name that begins with '-' could be crafted to
    damage or destroy files within the server's data
    directory, even if the request is eventually rejected.

  - CVE-2013-1900: Reset OpenSSL randomness state in each
    postmaster child process. This avoids a scenario wherein
    random numbers generated by 'contrib/pgcrypto' functions
    might be relatively easy for another database user to
    guess. The risk is only significant when the postmaster
    is configured with ssl = on but most connections don't
    use SSL encryption.

  - CVE-2013-1901: Make REPLICATION privilege checks test
    current user not authenticated user. An unprivileged
    database user could exploit this mistake to call
    pg_start_backup() or pg_stop_backup(), thus possibly
    interfering with creation of routine backups.

  - See the release notes for the rest of the changes:
    http://www.postgresql.org/docs/9.2/static/release-9-2-4.
    html /usr/share/doc/packages/postgresql92/HISTORY"
  );
  # http://www.postgresql.org/docs/9.2/static/release-9-2-4.html
  script_set_attribute(
    attribute:"see_also",
    value:"https://www.postgresql.org/docs/9.2/release-9-2-4.html"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.novell.com/show_bug.cgi?id=812525"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://lists.opensuse.org/opensuse-updates/2013-04/msg00045.html"
  );
  script_set_attribute(
    attribute:"solution", 
    value:"Update the affected postgresql92 packages."
  );
  script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:S/C:C/I:C/A:C");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libecpg6");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libecpg6-32bit");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libecpg6-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libecpg6-debuginfo-32bit");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libpq5");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libpq5-32bit");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libpq5-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libpq5-debuginfo-32bit");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:postgresql92");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:postgresql92-contrib");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:postgresql92-contrib-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:postgresql92-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:postgresql92-debugsource");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:postgresql92-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:postgresql92-devel-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:postgresql92-libs-debugsource");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:postgresql92-plperl");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:postgresql92-plperl-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:postgresql92-plpython");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:postgresql92-plpython-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:postgresql92-pltcl");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:postgresql92-pltcl-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:postgresql92-server");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:postgresql92-server-debuginfo");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:12.3");

  script_set_attribute(attribute:"patch_publication_date", value:"2013/04/05");
  script_set_attribute(attribute:"plugin_publication_date", value:"2014/06/13");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.");
  script_family(english:"SuSE Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("rpm.inc");

if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/SuSE/release");
if (isnull(release) || release =~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "openSUSE");
if (release !~ "^(SUSE12\.3)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "12.3", release);
if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

ourarch = get_kb_item("Host/cpu");
if (!ourarch) audit(AUDIT_UNKNOWN_ARCH);
if (ourarch !~ "^(i586|i686|x86_64)$") audit(AUDIT_ARCH_NOT, "i586 / i686 / x86_64", ourarch);

flag = 0;

if ( rpm_check(release:"SUSE12.3", reference:"libecpg6-9.2.4-1.8.1") ) flag++;
if ( rpm_check(release:"SUSE12.3", reference:"libecpg6-debuginfo-9.2.4-1.8.1") ) flag++;
if ( rpm_check(release:"SUSE12.3", reference:"libpq5-9.2.4-1.8.1") ) flag++;
if ( rpm_check(release:"SUSE12.3", reference:"libpq5-debuginfo-9.2.4-1.8.1") ) flag++;
if ( rpm_check(release:"SUSE12.3", reference:"postgresql92-9.2.4-1.8.1") ) flag++;
if ( rpm_check(release:"SUSE12.3", reference:"postgresql92-contrib-9.2.4-1.8.1") ) flag++;
if ( rpm_check(release:"SUSE12.3", reference:"postgresql92-contrib-debuginfo-9.2.4-1.8.1") ) flag++;
if ( rpm_check(release:"SUSE12.3", reference:"postgresql92-debuginfo-9.2.4-1.8.1") ) flag++;
if ( rpm_check(release:"SUSE12.3", reference:"postgresql92-debugsource-9.2.4-1.8.1") ) flag++;
if ( rpm_check(release:"SUSE12.3", reference:"postgresql92-devel-9.2.4-1.8.1") ) flag++;
if ( rpm_check(release:"SUSE12.3", reference:"postgresql92-devel-debuginfo-9.2.4-1.8.1") ) flag++;
if ( rpm_check(release:"SUSE12.3", reference:"postgresql92-libs-debugsource-9.2.4-1.8.1") ) flag++;
if ( rpm_check(release:"SUSE12.3", reference:"postgresql92-plperl-9.2.4-1.8.1") ) flag++;
if ( rpm_check(release:"SUSE12.3", reference:"postgresql92-plperl-debuginfo-9.2.4-1.8.1") ) flag++;
if ( rpm_check(release:"SUSE12.3", reference:"postgresql92-plpython-9.2.4-1.8.1") ) flag++;
if ( rpm_check(release:"SUSE12.3", reference:"postgresql92-plpython-debuginfo-9.2.4-1.8.1") ) flag++;
if ( rpm_check(release:"SUSE12.3", reference:"postgresql92-pltcl-9.2.4-1.8.1") ) flag++;
if ( rpm_check(release:"SUSE12.3", reference:"postgresql92-pltcl-debuginfo-9.2.4-1.8.1") ) flag++;
if ( rpm_check(release:"SUSE12.3", reference:"postgresql92-server-9.2.4-1.8.1") ) flag++;
if ( rpm_check(release:"SUSE12.3", reference:"postgresql92-server-debuginfo-9.2.4-1.8.1") ) flag++;
if ( rpm_check(release:"SUSE12.3", cpu:"x86_64", reference:"libecpg6-32bit-9.2.4-1.8.1") ) flag++;
if ( rpm_check(release:"SUSE12.3", cpu:"x86_64", reference:"libecpg6-debuginfo-32bit-9.2.4-1.8.1") ) flag++;
if ( rpm_check(release:"SUSE12.3", cpu:"x86_64", reference:"libpq5-32bit-9.2.4-1.8.1") ) flag++;
if ( rpm_check(release:"SUSE12.3", cpu:"x86_64", reference:"libpq5-debuginfo-32bit-9.2.4-1.8.1") ) flag++;

if (flag)
{
  if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
  else security_hole(0);
  exit(0);
}
else
{
  tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, "postgresql92");
}

Related

openvas 31
debian 5
nessus 27
fedora 3
ubuntu 1
securityvulns 6
amazon 2
suse 5
freebsd 1
vmware 1
osv 2
ubuntucve 3
threatpost 1
checkpoint_advisories 1
metasploit 1
huawei 2
seebug 2
postgresql 3
cvelist 3
nvd 3
cve 3
prion 3
veracode 1
packetstorm 1
redhat 1
centos 1
oraclelinux 1
gentoo 1
oracle 1
openvas
openvas
Debian Security Advisory DSA 2657-1 (postgresql-8.4 - guessable random numbers)
2013-04-04 00:00:00
Ubuntu Update for postgresql-9.1 USN-1789-1
2013-04-05 00:00:00
Debian Security Advisory DSA 2658-1 (postgresql-9.1 - several vulnerabilities)
2013-04-04 00:00:00
debian
debian
[BSA-080] Security Update for postgresql-9.1
2013-04-08 08:27:20
[SECURITY] [DSA 2658-1] postgresql-9.1 security update
2013-04-04 14:06:34
[SECURITY] [DSA 2657-1] postgresql-8.4 security update
2013-04-04 13:47:32
nessus
nessus
openSUSE Security Update : postgresql91 (openSUSE-SU-2013:0627-1)
2014-06-13 00:00:00
Debian DSA-2657-1 : postgresql-8.4 - guessable random numbers
2013-04-05 00:00:00
Amazon Linux AMI : postgresql9 (ALAS-2013-178)
2013-09-04 00:00:00
fedora
fedora
[SECURITY] Fedora 19 Update: postgresql-9.2.4-1.fc19
2013-04-20 19:59:46
[SECURITY] Fedora 18 Update: postgresql-9.2.4-1.fc18
2013-04-05 22:59:41
[SECURITY] Fedora 17 Update: postgresql-9.1.9-1.fc17
2013-04-05 23:11:53
ubuntu
ubuntu
PostgreSQL vulnerabilities
2013-04-04 00:00:00
securityvulns
securityvulns
PostgreSQL multiple security vulnerabilities
2013-04-08 00:00:00
[USN-1789-1] PostgreSQL vulnerabilities
2013-04-08 00:00:00
ESA-2013-040: RSAยฎ Authentication Manager 8.0 Multiple Vulnerabilities
2013-06-04 00:00:00
amazon
amazon
Critical: postgresql9
2013-04-04 11:49:00
Medium: postgresql8
2013-11-03 12:09:00
suse
suse
postgresql: security and bugfix update to 9.0.13 (important)
2013-04-08 07:04:30
postgresql92: Various security fixes. Update to 9.2.4. (important)
2013-04-05 10:04:42
Security update for PostgreSQL (important)
2013-04-05 19:06:20
freebsd
freebsd
PostgreSQL -- anonymous remote access data corruption vulnerability
2013-04-04 00:00:00
vmware
vmware
VMware vFabric Postgres security updates
2013-04-04 00:00:00
osv
osv
postgresql-9.1 - several
2013-04-04 00:00:00
postgresql-8.4 - guessable random numbers
2013-04-04 00:00:00
ubuntucve
ubuntucve
CVE-2013-1899
2013-04-04 00:00:00
CVE-2013-1901
2013-04-04 00:00:00
CVE-2013-1900
2013-04-04 00:00:00
threatpost
threatpost
Vulnerability Patched in PostgreSQL Database Server
2013-04-04 14:41:38
checkpoint_advisories
checkpoint_advisories
PostgreSQL Database Name Command Line Flag Injection (CVE-2013-1899)
2013-11-18 00:00:00
metasploit
metasploit
PostgreSQL Database Name Command Line Flag Injection
2013-04-04 15:19:47
huawei
huawei
Security Advisory - Command Injection Vulnerability in the GaussDB
2017-05-31 00:00:00
Security Advisory - Authentication Bypass Vulnerability in the Backup Function of GaussDB
2017-05-31 00:00:00
seebug
seebug
PostgreSQL ๆ‹’็ปๆœๅŠกๅ’Œไปฃ็ ๆ‰ง่กŒๆผๆดž(CVE-2013-1899)
2013-04-08 00:00:00
PostgreSQL ๅฎ‰ๅ…จ็ป•่ฟ‡ๆผๆดž(CVE-2013-1901)
2013-04-08 00:00:00
postgresql
postgresql
Vulnerability in core server (CVE-2013-1899)
2013-04-04 17:55:00
Vulnerability in contrib module (CVE-2013-1900)
2013-04-04 17:55:00
Vulnerability in core server (CVE-2013-1901)
2013-04-04 17:55:00
cvelist
cvelist
CVE-2013-1901
2013-04-04 17:00:00
CVE-2013-1899
2013-04-04 17:00:00
CVE-2013-1900
2013-04-04 17:00:00
nvd
nvd
CVE-2013-1899
2013-04-04 17:55:00
CVE-2013-1901
2013-04-04 17:55:00
CVE-2013-1900
2013-04-04 17:55:00
cve
cve
CVE-2013-1899
2013-04-04 17:55:00
CVE-2013-1901
2013-04-04 17:55:00
CVE-2013-1900
2013-04-04 17:55:00
prion
prion
Code injection
2013-04-04 17:55:00
Design/Logic Flaw
2013-04-04 17:55:00
Design/Logic Flaw
2013-04-04 17:55:00
veracode
veracode
Weak Random Number Generator
2019-05-02 04:56:48
packetstorm
packetstorm
PostgreSQL Database Name Command Line Flag Injection
2024-08-31 00:00:00
redhat
redhat
(RHSA-2013:1475) Moderate: postgresql and postgresql84 security update
2013-10-29 00:00:00
centos
centos
postgresql, postgresql84 security update
2013-10-29 20:28:29
oraclelinux
oraclelinux
postgresql and postgresql84 security update
2013-10-29 00:00:00
gentoo
gentoo
PostgreSQL: Multiple vulnerabilities
2014-08-29 00:00:00
oracle
oracle
Oracle Critical Patch Update - October 2017
2017-10-17 00:00:00

CVSS2

8.5

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:S/C:C/I:C/A:C

EPSS

0.971

Percentile

99.8%

JSON
Related for OPENSUSE-2013-306.NASL
openvas31debian5nessus27fedora3ubuntu1securityvulns6amazon2suse5freebsd1vmware1osv2ubuntucve3threatpost1checkpoint_advisories1metasploit1huawei2seebug2postgresql3cvelist3nvd3cve3prion3veracode1packetstorm1redhat1centos1oraclelinux1gentoo1oracle1