Summary
This host is installed with PostgreSQL and is prone to security bypass vulnerability.
Impact
Successful exploitation will allow remote attackers to bypass security access to restricted backup files.
Impact Level: Application
Solution
Upgrade to PostgreSQL 9.1.8 or 9.2.3 or later,
For updates refer to http://www.postgresql.org/download
Insight
Improper handling of a call for the pg_start_backup() or pg_stop_backup() functions.
Affected
PostgreSQL version 9.2.x before 9.2.4 and 9.1.x before 9.1.9
References
Severity
Classification
-
CVE CVE-2013-1901 -
CVSS Base Score: 4.0
AV:N/AC:L/Au:S/C:N/I:P/A:N
Related Vulnerabilities
- Avant Browser Address Bar Spoofing Vulnerability
- Apple Safari Address Bar Spoofing Vulnerability june-10 (Win)
- Adobe Reader Information Disclosure & Denial of Service Vulnerabilities (Windows)
- APC PowerChute Business Edition Unspecified Cross Site Scripting Vulnerability
- Adobe Digital Edition Information Disclosure Vulnerability (Windows)