| Revision Date: | 2018-05-10 | Version: | 1 | | Title: | CVE-2018-1115 on Ubuntu 16.04 LTS (xenial) - low. | | Description: | postgresql before versions 10.4, 9.6.9 is vulnerable in the adminpack extension, the pg_catalog.pg_logfile_rotate() function doesn't follow the same ACLs than pg_rorate_logfile. If the adminpack is added to a database, an attacker able to connect to it could exploit this to force log rotation.
| | Family: | unix | Class: | vulnerability | | Status: | | Reference(s): | CVE-2018-1115
| | Platform(s): | Ubuntu 16.04 LTS
| Product(s): | | | Definition Synopsis | | Ubuntu 16.04 LTS (xenial) is installed. AND Package Information
NOT libecpg-compat3 package in xenial, while related to the CVE in some way, is not affected (note: 'code not present').
OR NOT libecpg6 package in xenial, while related to the CVE in some way, is not affected (note: 'code not present').
OR NOT libpgtypes3 package in xenial, while related to the CVE in some way, is not affected (note: 'code not present').
OR NOT libpq5 package in xenial, while related to the CVE in some way, is not affected (note: 'code not present').
OR NOT postgresql-9.5 package in xenial, while related to the CVE in some way, is not affected (note: 'code not present').
OR NOT postgresql-client-9.5 package in xenial, while related to the CVE in some way, is not affected (note: 'code not present').
OR NOT postgresql-contrib-9.5 package in xenial, while related to the CVE in some way, is not affected (note: 'code not present').
OR NOT postgresql-plperl-9.5 package in xenial, while related to the CVE in some way, is not affected (note: 'code not present').
OR NOT postgresql-plpython-9.5 package in xenial, while related to the CVE in some way, is not affected (note: 'code not present').
OR NOT postgresql-plpython3-9.5 package in xenial, while related to the CVE in some way, is not affected (note: 'code not present').
OR NOT postgresql-pltcl-9.5 package in xenial, while related to the CVE in some way, is not affected (note: 'code not present').
|
|