SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Application (Database)  >   PostgreSQL Vendors:   postgresql.org
(Oracle Issues Fix for Oracle Linux) PostgreSQL Bugs Let Remote Users Bypass Authentication in Certain Cases and Let Remote Authenticated Users Obtain Passwords and Deny Service
SecurityTracker Alert ID:  1039361
SecurityTracker URL:  http://securitytracker.com/id/1039361
CVE Reference:   CVE-2017-7546, CVE-2017-7547   (Links to External Site)
Date:  Sep 15 2017
Impact:   Denial of service via network, Disclosure of authentication information, User access via network
Fix Available:  Yes  Vendor Confirmed:  Yes  

Description:   Several vulnerabilities were reported in PostgreSQL. A remote authenticated user can cause denial of service conditions. A remote authenticated user can obtain passwords on the target system. A remote user can gain access to the target system.

Because libpq and libpq-based connection drivers do not send empty password values to the server during an authentication attempt, setting a target user's password to an empty value effectively disables password authentication for the target user's account when using those specific connection drivers. However, other connection drivers that are not based on libpq may forward an empty password, allowing a remote user to supply an empty password to access the target user's account for accounts that have set an empty password value [CVE-2017-7546].

A remote authenticated user can exploit a flaw in the the foreign data wrapper functionality to view passwords in the pg_user_mappings catalog view [CVE-2017-7547].

A remote authenticated user can exploit an access control flaw in the lo_put() function to change the data in a large object and cause denial of service conditions [CVE-2017-7548].

Chapman Flack, Jeff Janes, Ben de Graaff, Jelte Fennema, and Jeroen van der Ham reported these vulnerabilities.

Impact:   A remote authenticated user can cause denial of service conditions.

A remote authenticated user can obtain passwords on the target system.

A remote user can gain access to the target database in certain cases.

Solution:   Oracle has issued a fix for CVE-2017-7546 and CVE-2017-7547.

The Oracle Linux advisory is available at:

http://linux.oracle.com/errata/ELSA-2017-2728.html

Vendor URL:  linux.oracle.com/errata/ELSA-2017-2728.html (Links to External Site)
Cause:   Access control error, Authentication error
Underlying OS:  Linux (Oracle)
Underlying OS Comments:  7

Message History:   This archive entry is a follow-up to the message listed below.
Aug 11 2017 PostgreSQL Bugs Let Remote Users Bypass Authentication in Certain Cases and Let Remote Authenticated Users Obtain Passwords and Deny Service



 Source Message Contents

Subject:  [El-errata] ELSA-2017-2728 Moderate: Oracle Linux 7 postgresql security update

Oracle Linux Security Advisory ELSA-2017-2728

http://linux.oracle.com/errata/ELSA-2017-2728.html

The following updated rpms for Oracle Linux 7 have been uploaded to the 
Unbreakable Linux Network:

x86_64:
postgresql-9.2.23-1.el7_4.i686.rpm
postgresql-9.2.23-1.el7_4.x86_64.rpm
postgresql-contrib-9.2.23-1.el7_4.x86_64.rpm
postgresql-devel-9.2.23-1.el7_4.i686.rpm
postgresql-devel-9.2.23-1.el7_4.x86_64.rpm
postgresql-docs-9.2.23-1.el7_4.x86_64.rpm
postgresql-libs-9.2.23-1.el7_4.i686.rpm
postgresql-libs-9.2.23-1.el7_4.x86_64.rpm
postgresql-plperl-9.2.23-1.el7_4.x86_64.rpm
postgresql-plpython-9.2.23-1.el7_4.x86_64.rpm
postgresql-pltcl-9.2.23-1.el7_4.x86_64.rpm
postgresql-server-9.2.23-1.el7_4.x86_64.rpm
postgresql-static-9.2.23-1.el7_4.i686.rpm
postgresql-static-9.2.23-1.el7_4.x86_64.rpm
postgresql-test-9.2.23-1.el7_4.x86_64.rpm
postgresql-upgrade-9.2.23-1.el7_4.x86_64.rpm


SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/postgresql-9.2.23-1.el7_4.src.rpm



Description of changes:

[9.2.23-1]
- update to 9.2.23 per release notes
   http://www.postgresql.org/docs/9.2/static/release-9-2-23.html

[9.2.22-1]
- update to 9.2.22 per release notes
   http://www.postgresql.org/docs/9.2/static/release-9-2-22.html


_______________________________________________
El-errata mailing list
El-errata@oss.oracle.com
https://oss.oracle.com/mailman/listinfo/el-errata
 
 


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2019, SecurityGlobal.net LLC