#VU9168 Data handling in PostgreSQL


Published: 2017-11-10

Vulnerability identifier: #VU9168

Vulnerability risk: Low

CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L/E:U/RL:O/RC:C]

CVE-ID: CVE-2017-15098

CWE-ID: CWE-19

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
PostgreSQL
Server applications / Database software

Vendor: PostgreSQL Global Development Group

Description
The vulnerability allows a remote authenticated attacker to cause DoS condition or obtain potentially sensitive information on a targeted system.

The weakness exists due to improper data handling. A remote attacker can send specially crafted data to trigger a rowtype mismatch in json{b}_populate_recordset(), cause the application to crash or read arbitrary data.

Mitigation
Update to version 9.6.6.

Vulnerable software versions

PostgreSQL: 9.6.0 - 9.6.5, 9.5.0 - 9.5.8, 9.4.0 - 9.4.13

External links
http://www.postgresql.org/docs/current/static/release-9-6-6.html

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.


Latest bulletins with this vulnerability


Red Hat update for PostgreSQL
Red Hat update for PostgreSQL
openSUSE update for postgresql95
Amazon Linux AMI update for postgresql95, postgresql96
Amazon Linux AMI update for postgresql92, postgresql93, postgresql94
Data handling in postgresql (Alpine package)
Ubuntu update for PostgreSQL
Arch Linux update for postgresql
Arch Linux update for postgresql-old-upgrade
Multiple vulnerabilities in PostgreSQL