Ubuntu Local Security Checks : Ubuntu Update for postgresql-9.4 USN-2894-1

Búsqueda de Vulnerabilidad		Buscar 219043 Descripciones CVE y 99761 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.842636

Categoría: Ubuntu Local Security Checks

Título: Ubuntu Update for postgresql-9.4 USN-2894-1

Resumen: The remote host is missing an update for the 'postgresql-9.4'; package(s) announced via the referenced advisory.

Descripción: Summary:
The remote host is missing an update for the 'postgresql-9.4'
package(s) announced via the referenced advisory.

Vulnerability Insight:
It was discovered that PostgreSQL incorrectly
handled certain regular expressions. A remote attacker could possibly use this
issue to cause PostgreSQL to crash, resulting in a denial of service. (CVE-2016-0773)

It was discovered that PostgreSQL incorrectly handled certain configuration
settings (GUCS) for users of PL/Java. A remote attacker could possibly use
this issue to escalate privileges. (CVE-2016-0766)

Affected Software/OS:
postgresql-9.4 on Ubuntu 15.10,
Ubuntu 14.04 LTS,
Ubuntu 12.04 LTS

Solution:
Please Install the Updated Packages.

CVSS Score:
9.0

CVSS Vector:
AV:N/AC:L/Au:S/C:C/I:C/A:C

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2016-0773
BugTraq ID: 83184
http://www.securityfocus.com/bid/83184
Debian Security Information: DSA-3475 (Google Search)
http://www.debian.org/security/2016/dsa-3475
Debian Security Information: DSA-3476 (Google Search)
http://www.debian.org/security/2016/dsa-3476
http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177878.html
http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177820.html
https://security.gentoo.org/glsa/201701-33
RedHat Security Advisories: RHSA-2016:1060
http://rhn.redhat.com/errata/RHSA-2016-1060.html
http://www.securitytracker.com/id/1035005
SuSE Security Announcement: SUSE-SU-2016:0539 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00052.html
SuSE Security Announcement: SUSE-SU-2016:0555 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00054.html
SuSE Security Announcement: SUSE-SU-2016:0677 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00016.html
SuSE Security Announcement: openSUSE-SU-2016:0531 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00049.html
SuSE Security Announcement: openSUSE-SU-2016:0578 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00056.html
http://www.ubuntu.com/usn/USN-2894-1
Common Vulnerability Exposure (CVE) ID: CVE-2016-0766

Copyright Copyright (C) 2016 Greenbone Networks GmbH

Esta es sólo una de 99761 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.842636
Categoría:	Ubuntu Local Security Checks
Título:	Ubuntu Update for postgresql-9.4 USN-2894-1
Resumen:	The remote host is missing an update for the 'postgresql-9.4'; package(s) announced via the referenced advisory.
Descripción:	Summary: The remote host is missing an update for the 'postgresql-9.4' package(s) announced via the referenced advisory. Vulnerability Insight: It was discovered that PostgreSQL incorrectly handled certain regular expressions. A remote attacker could possibly use this issue to cause PostgreSQL to crash, resulting in a denial of service. (CVE-2016-0773) It was discovered that PostgreSQL incorrectly handled certain configuration settings (GUCS) for users of PL/Java. A remote attacker could possibly use this issue to escalate privileges. (CVE-2016-0766) Affected Software/OS: postgresql-9.4 on Ubuntu 15.10, Ubuntu 14.04 LTS, Ubuntu 12.04 LTS Solution: Please Install the Updated Packages. CVSS Score: 9.0 CVSS Vector: AV:N/AC:L/Au:S/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2016-0773 BugTraq ID: 83184 http://www.securityfocus.com/bid/83184 Debian Security Information: DSA-3475 (Google Search) http://www.debian.org/security/2016/dsa-3475 Debian Security Information: DSA-3476 (Google Search) http://www.debian.org/security/2016/dsa-3476 http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177878.html http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177820.html https://security.gentoo.org/glsa/201701-33 RedHat Security Advisories: RHSA-2016:1060 http://rhn.redhat.com/errata/RHSA-2016-1060.html http://www.securitytracker.com/id/1035005 SuSE Security Announcement: SUSE-SU-2016:0539 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00052.html SuSE Security Announcement: SUSE-SU-2016:0555 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00054.html SuSE Security Announcement: SUSE-SU-2016:0677 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00016.html SuSE Security Announcement: openSUSE-SU-2016:0531 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00049.html SuSE Security Announcement: openSUSE-SU-2016:0578 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00056.html http://www.ubuntu.com/usn/USN-2894-1 Common Vulnerability Exposure (CVE) ID: CVE-2016-0766
Copyright	Copyright (C) 2016 Greenbone Networks GmbH