CVE-2019-3466

Related Files

Ubuntu Security Notice USN-4194-2

Posted Dec 4, 2019

Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4194-2 - USN-4194-1 fixed a vulnerability in postgresql-common. This update provides the corresponding update for Ubuntu 14.04 ESM. Rich Mirch discovered that the postgresql-common pg_ctlcluster script incorrectly handled directory creation. A local attacker could possibly use this issue to escalate privileges. Various other issues were also addressed.

tags | advisory, local

systems | linux, ubuntu

advisories | CVE-2019-3466

SHA-256 | ac5e1cc73bc4af9f7be486a13b218331311753c1ebd481c5bf5f2f384f810a43

Download | Favorite | View

Debian Security Advisory 4568-1

Posted Nov 18, 2019

Authored by Debian | Site debian.org

Debian Linux Security Advisory 4568-1 - Rich Mirch discovered that the pg_ctlcluster script didn't drop privileges when creating socket/statistics temporary directories, which could result in local privilege escalation.

tags | advisory, local

systems | linux, debian

advisories | CVE-2019-3466

SHA-256 | b5b2dcccd4ee0a6aa05a18c307bcd6c98076fddc1eebb2a9e5e79f772a3b36fc

Download | Favorite | View

Ubuntu Security Notice USN-4194-1

Posted Nov 15, 2019

Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4194-1 - Rich Mirch discovered that the postgresql-common pg_ctlcluster script incorrectly handled directory creation. A local attacker could possibly use this issue to escalate privileges.

tags | advisory, local

systems | linux, ubuntu

advisories | CVE-2019-3466

SHA-256 | 49e9162083c95fde49d6cabf5e1324a20ce51e5f237f4ac4b89994beb11fc306

Download | Favorite | View