Summary
This host is installed with PostgreSQL and is prone to denial of service vulnerability.
Impact
Successful exploitation will allow remote attackers to execute arbitary SQL query, gain access or manipulate arbitrary files, and cause denial of service.
Impact Level: Application
Solution
Upgrade to PostgreSQL 9.0.13, 9.1.9, 9.2.4 or later, For updates refer to http://www.postgresql.org/download
Insight
Improper validation of connection request that contains database name begins with the '-' symbol
Affected
PostgreSQL version 9.2.x before 9.2.4, 9.1.x before 9.1.9, and 9.0.x before 9.0.13
References
Severity
Classification
-
CVE CVE-2013-1899 -
CVSS Base Score: 6.5
AV:N/AC:L/Au:S/C:P/I:P/A:P
Related Vulnerabilities