Description

A race condition in the postgresql init script could be used by attackers able to access the postgresql account to escalate their privileges to root.

Remediation

References

CVE-2017-14798

Related Vulnerabilities

WordPress Plugin WordPress Backup to Ziddu Cross-Site Scripting (1)

WordPress Plugin Delete All Comments Cross-Site Request Forgery (1.0)

MediaWiki Incorrect Default Permissions Vulnerability (CVE-2017-0369)

MySQL Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2005-0709)

WordPress Plugin Otter-Gutenberg Blocks-Page Builder for Gutenberg Editor & FSE PHAR Deserialization (2.2.5)

Severity

High

Classification

CVE-2017-14798 CWE-362 CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

Tags

Missing Update Known Vulnerabilities