Oval Definition:oval:com.ubuntu.trusty:def:20140060000
Revision Date:2014-03-31Version:1
Title:CVE-2014-0060 on Ubuntu 14.04 LTS (trusty) - medium.
Description:PostgreSQL before 8.4.20, 9.0.x before 9.0.16, 9.1.x before 9.1.12, 9.2.x before 9.2.7, and 9.3.x before 9.3.3 does not properly enforce the ADMIN OPTION restriction, which allows remote authenticated members of a role to add or remove arbitrary users to that role by calling the SET ROLE command before the associated GRANT command.
Family:unixClass:vulnerability
Status:Reference(s):CVE-2014-0060
Platform(s):Ubuntu 14.04 LTS
Product(s):
Definition Synopsis
  • Ubuntu 14.04 LTS (trusty) is installed.
  • AND Package Information
  • The 'postgresql-9.1' package in trusty was vulnerable but has been fixed (note: '9.1.12-1').
  • OR The 'postgresql-9.3' package in trusty was vulnerable but has been fixed (note: '9.3.3-1').
    • BACK