#VU6892 Information disclosure in PostgreSQL


Published: 2017-06-02 | Updated: 2017-06-05

Vulnerability identifier: #VU6892

Vulnerability risk: Low

CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2017-7484

CWE-ID: CWE-200

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
PostgreSQL
Server applications / Database software

Vendor: PostgreSQL Global Development Group

Description
The vulnerability allows a remote authenticated attacker to obtain potentially sensitive information on the target system.

The weakness exists due to improper privilege checking before providing information from pg_statistic. A remote attacker can send a specially crafted request to bypass SELECT privilege checks, cause memory leak and steal some information from ostensibly restricted tables.

Successful exploitation of the vulnerability results in information disclosure.

Mitigation
Update to versions 9.2.21, 9.3.17, 9.4.12, 9.5.7, 9.6.3.

Vulnerable software versions

PostgreSQL: 9.2.1 - 9.2.20, 9.3.1 - 9.3.16, 9.4.0 - 9.4.11, 9.5.1 - 9.5.6, 9.6.0 - 9.6.2

External links
http://www.postgresql.org/about/news/1746/

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.


Latest bulletins with this vulnerability


Gentoo update for PostgreSQL
Red Hat update for rh-postgresql95-postgresql
Red Hat update for PostgreSQL
Amazon Linux AMI update for postgresql92
Amazon Linux AMI update for postgresql93, postgresql94, postgresql95
Information disclosure in postgresql (Alpine package)
Arch Linux update for postgresql
Arch Linux update for postgresql-libs
Debian update for postgresql-9.4