SB2017051123 - Fedora 26 update for postgresql

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB2017051123

SB2017051123 - Fedora 26 update for postgresql

Published: May 11, 2017 Updated: April 24, 2025

Security Bulletin ID SB2017051123
CSH Severity
Low
Patch available
YES
Number of vulnerabilities 3
Exploitation vector Remote access
Highest impact Data manipulation

Breakdown by Severity

Low 100%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 3 vulnerabilities.


1) Information disclosure (CVE-ID: CVE-2017-7484)

CWE-ID: CWE-200 - Exposure of sensitive information to an unauthorized actor

CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear


The vulnerability allows a remote authenticated attacker to obtain potentially sensitive information on the target system.

The weakness exists due to improper privilege checking before providing information from pg_statistic. A remote attacker can send a specially crafted request to bypass SELECT privilege checks, cause memory leak and steal some information from ostensibly restricted tables.

Successful exploitation of the vulnerability results in information disclosure.

2) Man-in-the-middle attack (CVE-ID: CVE-2017-7485)

CWE-ID: CWE-300 - Channel Accessible by Non-Endpoint ('Man-in-the-Middle')

CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear


The vulnerability allows a remote attacker to conduct a man-in-the-middle attack.

The weakness exists in the PGREQUIRESSL environment due to no enforcement of a SSL/TLS connection to a PostgreSQL server. A remote attacker can launch a man-in-the-middle attack to strip the SSL/TLS protection from a connection between a client and a server and modify the communicated data.

Successful exploitation of the vulnerability results in unauthorized access to sensitive information.

3) Information disclosure (CVE-ID: CVE-2017-7486)

CWE-ID: CWE-200 - Exposure of sensitive information to an unauthorized actor

CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear


The vulnerability allows a remote authenticated attacker to obtain potentially sensitive information on the target system.

The weakness exists due to improper implementation of pg_user_mappings access qualifications. A remote attacker with USAGE privilege on the associated foreign server can send a specially crafted request to trigger memory leak in pg_user_mappings view and disclose foreign server passwords.

Successful exploitation of the vulnerability results in information disclosure.

Remediation

Install update from vendor's website.

References