 |
Home ▼ Bookkeeping
Online ▼ Security
Audits ▼
Managed
DNS ▼
About
Order
FAQ
Acceptable Use Policy
Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password Network
Monitor ▼
Enterprise Package
Advanced Package
Standard Package
Free Trial
FAQ
Price/Feature Summary
Order/Renew
Examples
Configure/Status Alert Profiles | ||
| Test ID: | 1.3.6.1.4.1.25623.1.0.56343 |
| Category: | Fedora Local Security Checks |
| Title: | Fedora Legacy Security Advisory FLSA-2006:157366 |
| Summary: | NOSUMMARY |
| Description: | Description: The remote host is missing updates announced in advisory FLSA-2006:157366. The PostgreSQL community discovered two distinct errors in initial system catalog entries that could allow authorized database users to crash the database and possibly escalate their privileges. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CVE-2005-1409 and CVE-2005-1410 to these issues. Although installing this update will protect new (freshly initdb'd) database installations from these errors, administrators MUST TAKE MANUAL ACTION to repair the errors in pre-existing databases. The appropriate procedures are explained at http://www.postgresql.org/docs/8.0/static/release-7-4-8.html for Fedora Core 2 users, or http://www.postgresql.org/docs/8.0/static/release-7-3-10.html for Fedora Core 1 and Red Hat Linux 9 users. This update also includes fixes for several other errors, including two race conditions that could result in apparent data inconsistency or actual data loss. All users of PostgreSQL are advised to upgrade to these updated packages and to apply the recommended manual corrections to existing databases. Affected platforms: Redhat 9 Fedora Core 1 Fedora Core 2 Solution: https://secure1.securityspace.com/smysecure/catid.html?in=FLSA-2006:157366 Risk factor : High CVSS Score: 7.5 |
| Cross-Ref: |
Common Vulnerability Exposure (CVE) ID: CVE-2005-1409 13476 http://www.securityfocus.com/bid/13476 ADV-2005-0453 http://www.vupen.com/english/advisories/2005/0453 FLSA-2006:157366 http://www.securityfocus.com/archive/1/426302/30/6680/threaded RHSA-2005:433 http://www.redhat.com/support/errata/RHSA-2005-433.html SUSE-SA:2005:036 http://www.novell.com/linux/security/advisories/2005_36_sudo.html [pgsql-announce] 20050502 IMPORTANT: two new PostgreSQL security problems found http://archives.postgresql.org/pgsql-announce/2005-05/msg00001.php http://www.postgresql.org/about/news.315 oval:org.mitre.oval:def:10050 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10050 oval:org.mitre.oval:def:676 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A676 Common Vulnerability Exposure (CVE) ID: CVE-2005-1410 13475 http://www.securityfocus.com/bid/13475 oval:org.mitre.oval:def:1086 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1086 oval:org.mitre.oval:def:9343 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9343 |
| Copyright | Copyright (c) 2006 E-Soft Inc. http://www.securityspace.com |
| This is only one of 146377 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below. |