PostgreSQL Information Leakage Vulnerability (CVE-2014-8161)
Release date:
Updated on:
Affected Systems:
PostgreSQL 9.4
PostgreSQL 9.1
PostgreSQL 8.4
Description:
Bugtraq id: 72538
CVE (CAN) ID: CVE-2014-8161
PostgreSQL is an advanced object-relational database management system that supports extended SQL standard subsets.
PostgreSQL 8.4, 9.1, and 9.4 have the information leakage vulnerability. authenticated remote attackers can exploit this vulnerability to obtain sensitive information by triggering constraints and violating errors.
<* Source: Stephen Frost
Link: http://xforce.iss.net/xforce/xfdb/100781
*>
Suggestion:
Vendor patch:
PostgreSQL
----------
The vendor has released a patch to fix this security problem. Please download it from the vendor's homepage:
Http://www.postgresql.org/about/news/1569/
------------------------------------ Lili split line ------------------------------------
Install PostgreSQL 6.3 on yum in CentOS 9.3
PostgreSQL cache details
Compiling PostgreSQL on Windows
Configuration and installation of LAPP (Linux + Apache + PostgreSQL + PHP) Environment in Ubuntu
Install and configure phppgAdmin on Ubuntu
Install PostgreSQL9.3 on CentOS
Configure a Streaming Replication cluster in PostgreSQL
How to install PostgreSQL 7/6 and phpPgAdmin in CentOS 5/6. 4
------------------------------------ Lili split line ------------------------------------
PostgreSQL details: click here
PostgreSQL: click here
This article permanently updates the link address: