KLA10592
Denial of service vulnerability in PostgreSQL
Обновлено: 17/06/2019
Дата обнаружения
28/05/2015
Уровень угрозы
Warning
Описание

Multiple serious vulnerabilities have been found in PostgreSQL. Malicious users can exploit these vulnerabilities to cause denial of service or conduct some other impact.

Below is a complete list of vulnerabilities

  1. Double free vulnerability can be exploited remotely via SSL session manipulations;
  2. Multiple errors can be exploited remotely via vectors related to pgcrypto and other unknown vectors.
Пораженные продукты

PostgreSQL versions earlier than 9.0.20
PostgreSQL 9.1 versions earlier than 9.1.16
PostgreSQL 9.2 versions earlier than 9.2.11
PostgreSQL 9.3 versions earlier than 9.3.7
PostgreSQL 9.4 versions earlier than 9.4.2

Решение

Update to the latest version
Get PostgreSQL

Первичный источник обнаружения
PostrgeSQL blog entry
Оказываемое влияние
?
DoS 
[?]
Связанные продукты
PostgreSQL
CVE-IDS
CVE-2015-31654.3Warning