Wind River Support Network

HomeDefectsLIN5-15218
Fixed

LIN5-15218 : Security Advisory - postgresql - CVE-2013-1901

Created: Apr 18, 2013    Updated: Dec 19, 2017
Resolved Date: Jul 28, 2013
Previous ID: LIN3-10899
Found In Version: 5.0
Fix Version: 5.0.1.6
Severity: Standard
Applicable for: Wind River Linux 5
Component/s: Userspace

Description

PostgreSQL 9.2.x before 9.2.4 and 9.1.x before 9.1.9 does not properly check REPLICATION privileges, which allows remote authenticated users to bypass intended backup restrictions by calling the (1) pg_start_backup or (2) pg_stop_backup functions.

http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-1901

Workaround

Unknown

Steps to Reproduce

Unknown

Other Downloads


Live chat
Online