New Search

Vulnerability in PostgreSQL 10.x before 10.1 9.6.x before 9.6.6 9.5.x before 9.5.10 9.4.x before 9.4.15 9.3.x before 9.3.20 and 9.2.x before 9.2.24 (CVE-2017-12172)

oval:org.cisecurity:def:8223

PostgreSQL 10.x before 10.1 9.6.x before 9.6.6 9.5.x before 9.5.10 9.4.x before 9.4.15 9.3.x before 9.3.20 and 9.2.x before 9.2.24 runs under a non-root operating system account and database superusers have effective ability to run arbitrary code under that system account. PostgreSQL provides a script for starting the database server during system boot. Packages of PostgreSQL for many operating systems provide their own packager-authored startup implementations. Several implementations use a log file name that the database superuser can replace with a symbolic link. As root they open() chmod() and/or chown() this log file name. This often suffices for the database superuser to escalate to root privileges when root starts the server.

Family:
windows
Status:
ACCEPTED
Platform(s):
  • Microsoft Windows Server 2003
  • Microsoft Windows Server 2008 R2
  • Microsoft Windows 8
  • Microsoft Windows 10
  • Microsoft Windows Vista
  • Microsoft Windows 7
  • Microsoft Windows Server 2008
  • Microsoft Windows Server 2016
  • Microsoft Windows 8.1
  • Microsoft Windows Server 2012 R2
  • Microsoft Windows XP
  • Microsoft Windows Server 2012
Class:
vulnerability
Reference(s):
  • CVE-2017-12172
Product(s):
  • PostgreSQL