Rapid7 Vulnerability & Exploit Database

ELSA-2013-1475 Moderate: Oracle Linux postgresql and postgresql84 security update

Free InsightVM Trial No credit card necessary

Watch Demo See how it all works

Back to Search

ELSA-2013-1475 Moderate: Oracle Linux postgresql and postgresql84 security update

Severity

CVSS

(AV:N/AC:M/Au:S/C:C/I:C/A:C)

Published

04/04/2013

Created

07/25/2018

Added

10/30/2013

Modified

04/11/2019

Description

PostgreSQL 9.2.x before 9.2.4, 9.1.x before 9.1.9, 9.0.x before 9.0.13, and 8.4.x before 8.4.17, when using OpenSSL, generates insufficiently random numbers, which might allow remote authenticated users to have an unspecified impact via vectors related to the "contrib/pgcrypto functions."

Solution(s)

oracle-linux-upgrade-postgresql
oracle-linux-upgrade-postgresql-contrib
oracle-linux-upgrade-postgresql-devel
oracle-linux-upgrade-postgresql-docs
oracle-linux-upgrade-postgresql-libs
oracle-linux-upgrade-postgresql-plperl
oracle-linux-upgrade-postgresql-plpython
oracle-linux-upgrade-postgresql-pltcl
oracle-linux-upgrade-postgresql-server
oracle-linux-upgrade-postgresql-test
oracle-linux-upgrade-postgresql84
oracle-linux-upgrade-postgresql84-contrib
oracle-linux-upgrade-postgresql84-devel
oracle-linux-upgrade-postgresql84-docs
oracle-linux-upgrade-postgresql84-libs
oracle-linux-upgrade-postgresql84-plperl
oracle-linux-upgrade-postgresql84-plpython
oracle-linux-upgrade-postgresql84-pltcl
oracle-linux-upgrade-postgresql84-python
oracle-linux-upgrade-postgresql84-server
oracle-linux-upgrade-postgresql84-tcl
oracle-linux-upgrade-postgresql84-test

References

https://attackerkb.com/topics/cve-2013-0255
APPLE-SA-2013-09-12-1
APPLE-SA-2013-09-17-1
57844
CVE - 2013-0255
CVE - 2013-1900
DSA-2630
DSA-2657
DSA-2658
RHSA-2013:1475
http://oss.oracle.com/pipermail/el-errata/2013-October/003772.html
http://oss.oracle.com/pipermail/el-errata/2013-October/003775.html
81917

Advanced vulnerability management analytics and reporting.

Key Features

Free InsightVM Trial View All Features

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;

Rapid7 Vulnerability & Exploit Database

ELSA-2013-1475 Moderate: Oracle Linux postgresql and postgresql84 security update

ELSA-2013-1475 Moderate: Oracle Linux postgresql and postgresql84 security update

Description

Solution(s)

References

Success! Thank you for submission. We will be in touch shortly.

Oops! There was a problem in submission. Please try again.

Submit your information and we will get in touch with you.