CVE-2013-1901
CVE-2013-1901
PostgreSQL 9.2.x before 9.2.4 and 9.1.x before 9.1.9 does not properly check REPLICATION privileges, which allows remote authenticated users to bypass intended backup restrictions by calling the (1) pg_start_backup or (2) pg_stop_backup functions.
Produtos afetados
n/a · n/aQuer saber se a sua infraestrutura está exposta a isto?
Falar com a TrueHacking →Referências
http://lists.apple.com/archives/security-announce/2013/Sep/msg00002.htmlhttp://lists.apple.com/archives/security-announce/2013/Sep/msg00004.htmlhttp://lists.fedoraproject.org/pipermail/package-announce/2013-April/101519.htmlhttp://lists.fedoraproject.org/pipermail/package-announce/2013-April/102806.htmlhttp://lists.opensuse.org/opensuse-security-announce/2013-04/msg00007.htmlhttp://lists.opensuse.org/opensuse-security-announce/2013-04/msg00008.htmlhttp://lists.opensuse.org/opensuse-security-announce/2013-04/msg00011.htmlhttp://lists.opensuse.org/opensuse-security-announce/2013-04/msg00012.htmlhttp://support.apple.com/kb/HT5880http://support.apple.com/kb/HT5892http://www.debian.org/security/2013/dsa-2658http://www.mandriva.com/security/advisories?name=MDVSA-2013:142