Multiple vulnerabilities in PostgreSQL



Published: 2018-08-13
Risk Low
Patch available YES
Number of vulnerabilities 2
CVE-ID CVE-2018-10915
CVE-2018-10925
CWE-ID CWE-89
CWE-200
Exploitation vector Network
Public exploit N/A
Vulnerable software
Subscribe 		PostgreSQL
Server applications / Database software

Vendor PostgreSQL Global Development Group

Security Bulletin

This security bulletin contains information about 2 vulnerabilities.

1) SQL injection

EUVDB-ID: #VU14326

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2018-10915

CWE-ID: CWE-89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary SQL commands in web application database.

The vulnerability exists due to insufficient sanitization of user-supplied data. A remote attacker can send a specially crafted HTTP request to vulnerable script and execute arbitrary SQL commands in web application database.

Successful exploitation of the vulnerability may allow an attacker to gain administrative access to vulnerable web application.

Mitigation

The vulnerability has been fixed in the versions 10.5, 9.6.10, 9.5.14, 9.4.19, and 9.3.24.

Vulnerable software versions

PostgreSQL: 10.0 - 10.4, 9.3.0 - 9.3.21, 9.4.0 - 9.4.16, 9.5.0 - 9.5.11, 9.6.0 - 9.6.9

CPE2.3 External links

http://www.postgresql.org/about/news/1878/

Q & A

Can this vulnerability be exploited remotely?

How the attacker can exploit this vulnerability?

Is there known malware, which exploits this vulnerability?

2) Information disclosure

EUVDB-ID: #VU14327

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2018-10925

CWE-ID: CWE-200 - Information exposure

Exploit availability: No

Description

The vulnerability allows a remote privileged attacker to obtain potentially sensitive information.

The vulnerability exists due to improper check authorization on certain statements involved with "INSERT ... ON CONFLICT DO UPDATE". A remote attacker with "CREATE TABLE" privileges can read arbitrary bytes server memory.

Mitigation

The vulnerability has been fixed in the versions 10.5, 9.6.10, 9.5.14, 9.4.19, and 9.3.24.

Vulnerable software versions

PostgreSQL: 10.0 - 10.4, 9.3.0 - 9.3.21, 9.4.0 - 9.4.16, 9.5.0 - 9.5.11, 9.6.0 - 9.6.9

CPE2.3 External links

http://www.postgresql.org/about/news/1878/

Q & A

Can this vulnerability be exploited remotely?

How the attacker can exploit this vulnerability?

Is there known malware, which exploits this vulnerability?



###SIDEBAR###