Oval Definition:	oval:com.ubuntu.precise:def:20140060000
Revision Date: 2014-03-31 Version: 1 Title: CVE-2014-0060 on Ubuntu 12.04 LTS (precise) - medium. Description: PostgreSQL before 8.4.20, 9.0.x before 9.0.16, 9.1.x before 9.1.12, 9.2.x before 9.2.7, and 9.3.x before 9.3.3 does not properly enforce the ADMIN OPTION restriction, which allows remote authenticated members of a role to add or remove arbitrary users to that role by calling the SET ROLE command before the associated GRANT command. Family: unix Class: vulnerability Status: Reference(s): CVE-2014-0060 Platform(s): Ubuntu 12.04 LTS Product(s): Definition Synopsis Ubuntu 12.04 LTS (precise) is installed. AND Package Information The 'postgresql-8.4' package in precise was vulnerable but has been fixed (note: '8.4.22-0ubuntu0.12.04'). OR The 'postgresql-9.1' package in precise was vulnerable but has been fixed (note: '9.1.12-0ubuntu0.12.04').
BACK