Multiple vulnerabilities in PostgreSQL
| Risk | Low |
| Patch available | YES |
| Number of vulnerabilities | 2 |
| CVE-ID | CVE-2016-10165 CVE-2010-0733 |
| CWE-ID | CWE-200 CWE-20 |
| Exploitation vector | Network |
| Public exploit | Public exploit code for vulnerability #2 is available. |
| Vulnerable software |
lcms2 (Alpine package) Operating systems & Components / Operating system package or component PostgreSQL Server applications / Database software |
| Vendor |
Alpine Linux Development Team PostgreSQL Global Development Group |
Security Bulletin
This security bulletin contains information about 2 vulnerabilities.
1) Information disclosure
EUVDB-ID: #VU8861
Risk: Low
CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2016-10165
CWE-ID:
CWE-200 - Exposure of sensitive information to an unauthorized actor
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to obtain potentially sensitive information.
The weakness exists due to a flaw in the 2D (Little CMS 2) component. A remote attacker can read arbitrary files on the target system.
Install update from vendor's website.
Vulnerable software versionslcms2 (Alpine package): 2.7-r0 - 2.8-r0
CPE2.3- cpe:2.3:a:alpine:lcms2_alpine_package:2.7-r0:*:*:*:*:alpine_linux:*:3.2
- cpe:2.3:a:alpine:lcms2_alpine_package:2.8-r0:*:*:*:*:alpine_linux:*:3.2
https://git.alpinelinux.org/aports/commit/?id=915850b0d532b041eb0b09854f5c78165dca8a07
https://git.alpinelinux.org/aports/commit/?id=348c14c7421c7d8fcdc82fd7014fb75eed11f56f
https://git.alpinelinux.org/aports/commit/?id=8953503d0b2ba78af71d42ecbc264b2fcd48963f
https://git.alpinelinux.org/aports/commit/?id=514646bd5fbeb993692f17edac8c7e62dd6366a7
https://git.alpinelinux.org/aports/commit/?id=b6d951d81ae9eb2ce283f666d6096b2cd4f79b31
https://git.alpinelinux.org/aports/commit/?id=9cf28c9c1826985529dadb8af7121eba8da757ad
https://git.alpinelinux.org/aports/commit/?id=1d63920ee914de55e36d9a299ef937e7e6109b6b
https://git.alpinelinux.org/aports/commit/?id=f86d34d33688a4b5b218dfa32279228969280460
https://git.alpinelinux.org/aports/commit/?id=c9d1081114d13e615a2bafddd82df7793666aad6
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Input validation error
EUVDB-ID: #VU111771
Risk: Low
CVSSv4.0: 2.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P/U:Clear]
CVE-ID: CVE-2010-0733
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: Yes
DescriptionThe vulnerability allows a remote user to perform service disruption.
Integer overflow in src/backend/executor/nodeHash.c in PostgreSQL 8.4.1 and earlier, and 8.5 through 8.5alpha2, allows remote authenticated users to cause a denial of service (daemon crash) via a SELECT statement with many LEFT JOIN clauses, related to certain hashtable size calculations.
MitigationInstall update from vendor's website.
Vulnerable software versionsPostgreSQL: 8.4 - 8.4.1
CPE2.3- cpe:2.3:a:postgresql_global_development_group:postgresql:8.4:*:*:*:*:*:*:*
- cpe:2.3:a:postgresql_global_development_group:postgresql:*:*:*:*:*:*:*:*
- cpe:2.3:a:postgresql_global_development_group:postgresql:8.4.1:*:*:*:*:*:*:*
https://archives.postgresql.org/pgsql-bugs/2009-10/msg00289.php
https://www.openwall.com/lists/oss-security/2010/03/09/2
https://bugzilla.redhat.com/show_bug.cgi?id=546621
https://www.openwall.com/lists/oss-security/2010/03/16/10
https://archives.postgresql.org/pgsql-bugs/2009-10/msg00287.php
https://archives.postgresql.org/pgsql-bugs/2009-10/msg00310.php
https://archives.postgresql.org/pgsql-bugs/2009-10/msg00277.php
https://www.redhat.com/support/errata/RHSA-2010-0428.html
https://www.redhat.com/support/errata/RHSA-2010-0427.html
https://www.redhat.com/support/errata/RHSA-2010-0429.html
https://www.securityfocus.com/bid/38619
https://secunia.com/advisories/39820
https://www.vupen.com/english/advisories/2010/1197
https://lists.opensuse.org/opensuse-security-announce/2010-08/msg00001.html
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10691
https://git.postgresql.org/gitweb?p=postgresql.git%3Ba=commit%3Bh=64b057e6823655fb6c5d1f24a28f236b94dd6c54
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
