Mandrake Local Security Checks : Mandriva Update for postgresql8.3 MDVSA-2012:027 (postgresql8.3)

Búsqueda de Vulnerabilidad		Buscar 219043 Descripciones CVE y 99761 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.831559

Categoría: Mandrake Local Security Checks

Título: Mandriva Update for postgresql8.3 MDVSA-2012:027 (postgresql8.3)

Resumen: The remote host is missing an update for the 'postgresql8.3'; package(s) announced via the referenced advisory.

Descripción: Summary:
The remote host is missing an update for the 'postgresql8.3'
package(s) announced via the referenced advisory.

Vulnerability Insight:
Multiple vulnerabilities has been discovered and corrected in
postgresql:

Permissions on a function called by a trigger are not properly checked
(CVE-2012-0866).

Line breaks in object names can be exploited to execute arbitrary
SQL when reloading a pg_dump file (CVE-2012-0868).

This advisory provides the latest version of PostgreSQL that is not
vulnerable to these issues.

Affected Software/OS:
postgresql8.3 on Mandriva Enterprise Server 5,
Mandriva Enterprise Server 5/X86_64

Solution:
Please Install the Updated Packages.

CVSS Score:
6.8

CVSS Vector:
AV:N/AC:M/Au:N/C:P/I:P/A:P

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2012-0866
Debian Security Information: DSA-2418 (Google Search)
http://www.debian.org/security/2012/dsa-2418
http://www.mandriva.com/security/advisories?name=MDVSA-2012:026
http://www.mandriva.com/security/advisories?name=MDVSA-2012:027
http://www.mandriva.com/security/advisories?name=MDVSA-2012:092
RedHat Security Advisories: RHSA-2012:0677
http://rhn.redhat.com/errata/RHSA-2012-0677.html
RedHat Security Advisories: RHSA-2012:0678
http://rhn.redhat.com/errata/RHSA-2012-0678.html
http://secunia.com/advisories/49272
http://secunia.com/advisories/49273
SuSE Security Announcement: openSUSE-SU-2012:1173 (Google Search)
http://lists.opensuse.org/opensuse-updates/2012-09/msg00060.html
Common Vulnerability Exposure (CVE) ID: CVE-2012-0868

Copyright Copyright (c) 2012 Greenbone Networks GmbH

Esta es sólo una de 99761 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.831559
Categoría:	Mandrake Local Security Checks
Título:	Mandriva Update for postgresql8.3 MDVSA-2012:027 (postgresql8.3)
Resumen:	The remote host is missing an update for the 'postgresql8.3'; package(s) announced via the referenced advisory.
Descripción:	Summary: The remote host is missing an update for the 'postgresql8.3' package(s) announced via the referenced advisory. Vulnerability Insight: Multiple vulnerabilities has been discovered and corrected in postgresql: Permissions on a function called by a trigger are not properly checked (CVE-2012-0866). Line breaks in object names can be exploited to execute arbitrary SQL when reloading a pg_dump file (CVE-2012-0868). This advisory provides the latest version of PostgreSQL that is not vulnerable to these issues. Affected Software/OS: postgresql8.3 on Mandriva Enterprise Server 5, Mandriva Enterprise Server 5/X86_64 Solution: Please Install the Updated Packages. CVSS Score: 6.8 CVSS Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2012-0866 Debian Security Information: DSA-2418 (Google Search) http://www.debian.org/security/2012/dsa-2418 http://www.mandriva.com/security/advisories?name=MDVSA-2012:026 http://www.mandriva.com/security/advisories?name=MDVSA-2012:027 http://www.mandriva.com/security/advisories?name=MDVSA-2012:092 RedHat Security Advisories: RHSA-2012:0677 http://rhn.redhat.com/errata/RHSA-2012-0677.html RedHat Security Advisories: RHSA-2012:0678 http://rhn.redhat.com/errata/RHSA-2012-0678.html http://secunia.com/advisories/49272 http://secunia.com/advisories/49273 SuSE Security Announcement: openSUSE-SU-2012:1173 (Google Search) http://lists.opensuse.org/opensuse-updates/2012-09/msg00060.html Common Vulnerability Exposure (CVE) ID: CVE-2012-0868
Copyright	Copyright (c) 2012 Greenbone Networks GmbH