PostgreSQL 'make Check' Local Privilege Escalation Vulnerability July14 (Windows) Network Vulnerability

Summary

This host is installed with PostgreSQL and is prone to local privilege escalation vulnerability.

Impact

Successful exploitation may allow local attacker to gain temporary server access and elevated privileges. Impact Level: System/Application

Solution

No Solution or patch is available as of 7th July, 2014. Information regarding this issue will updated once the solution details are available. For updates refer to http://www.postgresql.org/download

Insight

Flaw is due to an error when creating a PostgreSQL database cluster during 'make check'.

Affected

PostgreSQL version 9.3.3 and earlier

Detection

Get the installed version with the help of detect NVT and check the version is vulnerable or not.

References

http://secunia.com/advisories/57054
http://wiki.postgresql.org/wiki/20140220securityrelease
http://www.osvdb.com/103550
http://xforce.iss.net/xforce/xfdb/91459

Updated on 2015-03-25

Severity

Classification

CVE CVE-2014-0067

CVSS	Base Score: 4.6 AV:L/AC:L/Au:N/C:P/I:P/A:P

Related Vulnerabilities

Oracle MySQL Multiple Unspecified vulnerabilities-01 July14 (Windows)
Oracle Database Server Multiple Unspecified Vulnerabilities-02 Jan2014
IBM DB2 Client Interfaces component Unspecified Vulnerabilities (Win)
MariaDB Denial Of Service Vulnerability (Windows)
MySQL UNINSTALL PLUGIN Security Bypass Vulnerability

PostgreSQL 'make check' Local Privilege Escalation Vulnerability July14 (Windows)

Take action and discover your vulnerabilities