Download
| Alert*
|
oval:org.secpod.oval:def:604608
postgresql-common is installed oval:org.secpod.oval:def:703884 postgresql-common is installed oval:org.secpod.oval:def:705284 postgresql-common: PostgreSQL database-cluster manager postgresql-common could be made to create arbitrary directories. oval:org.secpod.oval:def:69920 Rich Mirch discovered that the pg_ctlcluster script didn"t drop privileges when creating socket/statistics temporary directories, which could result in local privilege escalation. oval:org.secpod.oval:def:51532 postgresql-common: PostgreSQL database-cluster manager postgresql-common could be made to overwrite files as the administrator. oval:org.secpod.oval:def:703883 postgresql-common: PostgreSQL database-cluster manager postgresql-common could be made to overwrite files as the administrator. oval:org.secpod.oval:def:53176 It was discovered that the pg_ctlcluster, pg_createcluster and pg_upgradecluster commands handled symbolic links insecurely which could result in local denial of service by overwriting arbitrary files. oval:org.secpod.oval:def:603164 It was discovered that the pg_ctlcluster, pg_createcluster and pg_upgradecluster commands handled symbolic links insecurely which could result in local denial of service by overwriting arbitrary files. |
