what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 16 of 16 RSS Feed

CVE-2020-1720

Status Candidate

Overview

A flaw was found in PostgreSQL's "ALTER ... DEPENDS ON EXTENSION", where sub-commands did not perform authorization checks. An authenticated attacker could use this flaw in certain configurations to perform drop objects such as function, triggers, et al., leading to database corruption. This issue affects PostgreSQL versions before 12.2, before 11.7, before 10.12 and before 9.6.17.

Related Files

Red Hat Security Advisory 2021-0167-01
Posted Jan 19, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0167-01 - PostgreSQL is an advanced object-relational database management system. Issues addressed include bypass and improper authorization vulnerabilities.

tags | advisory, vulnerability
systems | linux, redhat
advisories | CVE-2019-10130, CVE-2019-10208, CVE-2020-14350, CVE-2020-1720, CVE-2020-25694, CVE-2020-25695, CVE-2020-25696
SHA-256 | 8df82e4e6b8addca2c70bdad085e1caf364b8833d11e9c0f3c3e4708b7088adb
Red Hat Security Advisory 2021-0166-01
Posted Jan 19, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0166-01 - PostgreSQL is an advanced object-relational database management system. Issues addressed include buffer overflow, bypass, and improper authorization vulnerabilities.

tags | advisory, overflow, vulnerability
systems | linux, redhat
advisories | CVE-2019-10130, CVE-2019-10164, CVE-2019-10208, CVE-2020-14349, CVE-2020-14350, CVE-2020-1720, CVE-2020-25694, CVE-2020-25695, CVE-2020-25696
SHA-256 | 52c19bde7840031c2019cb1de41803584e772d04bd2f5048954768a1d2e97a05
Red Hat Security Advisory 2021-0164-01
Posted Jan 18, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0164-01 - PostgreSQL is an advanced object-relational database management system. Issues addressed include bypass and improper authorization vulnerabilities.

tags | advisory, vulnerability
systems | linux, redhat
advisories | CVE-2019-10130, CVE-2019-10208, CVE-2020-14350, CVE-2020-1720, CVE-2020-25694, CVE-2020-25695, CVE-2020-25696
SHA-256 | eb8e1e6365635553d7141e57d96f70695631b1f37610081bbae039f06b0b9a33
Red Hat Security Advisory 2021-0163-01.tct
Posted Jan 18, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0163-01.tct - PostgreSQL is an advanced object-relational database management system. Issues addressed include an improper authorization vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2020-14349, CVE-2020-14350, CVE-2020-1720, CVE-2020-25694, CVE-2020-25695, CVE-2020-25696
SHA-256 | 575df684c9edc18a6d05418493114b9a6583c3da5ebc93cf9854d5145aa0c61c
Red Hat Security Advisory 2020-5664-01
Posted Dec 22, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-5664-01 - PostgreSQL is an advanced object-relational database management system. Issues addressed include buffer overflow, bypass, and improper authorization vulnerabilities.

tags | advisory, overflow, vulnerability
systems | linux, redhat
advisories | CVE-2019-10130, CVE-2019-10164, CVE-2019-10208, CVE-2020-14349, CVE-2020-14350, CVE-2020-1720, CVE-2020-25694, CVE-2020-25695, CVE-2020-25696
SHA-256 | 88e26286d5c7b5279e3f33ac70b31ae4e9035b2a9d2caf94e35f8a922f8de32a
Red Hat Security Advisory 2020-5661-01
Posted Dec 22, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-5661-01 - PostgreSQL is an advanced object-relational database management system. Issues addressed include bypass and improper authorization vulnerabilities.

tags | advisory, vulnerability
systems | linux, redhat
advisories | CVE-2019-10130, CVE-2019-10208, CVE-2020-14350, CVE-2020-1720, CVE-2020-25694, CVE-2020-25695, CVE-2020-25696
SHA-256 | 7910e4e45eba1b0185918baeb0404b9488fedca13ff6e2cb70ec5fc3ef2a97de
Red Hat Security Advisory 2020-5620-01
Posted Dec 17, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-5620-01 - PostgreSQL is an advanced object-relational database management system. Issues addressed include an improper authorization vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2020-14349, CVE-2020-14350, CVE-2020-1720, CVE-2020-25694, CVE-2020-25695, CVE-2020-25696
SHA-256 | f937ce328298951a6865cc37e46d7b9becd3aac39745a2ad01d58ea343d5d19e
Red Hat Security Advisory 2020-5619-01
Posted Dec 17, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-5619-01 - PostgreSQL is an advanced object-relational database management system. Issues addressed include bypass and improper authorization vulnerabilities.

tags | advisory, vulnerability
systems | linux, redhat
advisories | CVE-2019-10130, CVE-2019-10208, CVE-2020-14350, CVE-2020-1720, CVE-2020-25694, CVE-2020-25695, CVE-2020-25696
SHA-256 | 407d4f3563df87f09a41769971ffefd0517847258ae8f27bbcbad2bea937ab63
Red Hat Security Advisory 2020-5112-01
Posted Nov 16, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-5112-01 - PostgreSQL is an advanced object-relational database management system. Issues addressed include an improper authorization vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2020-14349, CVE-2020-14350, CVE-2020-1720
SHA-256 | bb11a4092664279ec8b7bada321d7439800225dcfd6117bedff41204c18861e6
Red Hat Security Advisory 2020-4295-01
Posted Oct 21, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-4295-01 - PostgreSQL is an advanced object-relational database management system. Issues addressed include bypass and improper authorization vulnerabilities.

tags | advisory, vulnerability
systems | linux, redhat
advisories | CVE-2019-10130, CVE-2019-10208, CVE-2020-14350, CVE-2020-1720
SHA-256 | 941f7c5e5b5f41c94aa5d9cb3177c72753229956c9ef97758409a2ce95e87220
Red Hat Security Advisory 2020-3669-01
Posted Sep 8, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-3669-01 - PostgreSQL is an advanced object-relational database management system. Issues addressed include buffer overflow, bypass, and improper authorization vulnerabilities.

tags | advisory, overflow, vulnerability
systems | linux, redhat
advisories | CVE-2019-10130, CVE-2019-10164, CVE-2019-10208, CVE-2020-14349, CVE-2020-14350, CVE-2020-1720
SHA-256 | 37abfe12007f0123015ff6acb45976e8a68274f270431c5da4edcf0cd23793ca
Red Hat Security Advisory 2020-0980-01
Posted Mar 26, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-0980-01 - PostgreSQL is an advanced object-relational database management system. Issues addressed include a buffer overflow vulnerability.

tags | advisory, overflow
systems | linux, redhat
advisories | CVE-2019-10164, CVE-2020-1720
SHA-256 | 3273a3aa9f488f9a6122b127bd2f71fa694f8305da572bdc3bf4752bfcb5a7c3
Gentoo Linux Security Advisory 202003-03
Posted Mar 13, 2020
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202003-3 - Multiple vulnerabilities have been found in PostgreSQL, the worst of which could result in the execution of arbitrary code. Versions less than 9.4.26:9.4 are affected.

tags | advisory, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2019-10129, CVE-2019-10130, CVE-2019-10164, CVE-2020-1720
SHA-256 | 29255819af7ca0a99142d5369ef9f3833545fa7bb59fd5f681cc32c2d066eefa
Ubuntu Security Notice USN-4282-1
Posted Feb 18, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4282-1 - It was discovered that PostgreSQL incorrectly performed authorization checks when handling the "ALTER ... DEPENDS ON EXTENSION" sub-commands. A remote attacker could possibly use this issue to drop any function, procedure, materialized view, index, or trigger under certain conditions.

tags | advisory, remote
systems | linux, ubuntu
advisories | CVE-2020-1720
SHA-256 | b1f67c6f75b1c9cef8525f2d03601895acffa27cc699defa89fb67aff394cf53
Debian Security Advisory 4623-1
Posted Feb 14, 2020
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4623-1 - Tom Lane discovered that "ALTER ... DEPENDS ON EXTENSION" sub commands in the PostgreSQL database did not perform authorisation checks.

tags | advisory
systems | linux, debian
advisories | CVE-2020-1720
SHA-256 | 07b281b93bc3e551c542129111e82e593bafba8ae7fa8f3fa45f1cd3c949e937
Debian Security Advisory 4622-1
Posted Feb 14, 2020
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4622-1 - Tom Lane discovered that "ALTER ... DEPENDS ON EXTENSION" sub commands in the PostgreSQL database did not perform authorisation checks.

tags | advisory
systems | linux, debian
advisories | CVE-2020-1720
SHA-256 | d999adcd4a26533ad6b97e43e89785ffaeab03376921934028ff9754878be2cb
Page 1 of 1
Back1Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    0 Files
  • 6
    Mar 6th
    0 Files
  • 7
    Mar 7th
    0 Files
  • 8
    Mar 8th
    0 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    0 Files
  • 12
    Mar 12th
    0 Files
  • 13
    Mar 13th
    0 Files
  • 14
    Mar 14th
    0 Files
  • 15
    Mar 15th
    0 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    0 Files
  • 19
    Mar 19th
    0 Files
  • 20
    Mar 20th
    0 Files
  • 21
    Mar 21st
    0 Files
  • 22
    Mar 22nd
    0 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    0 Files
  • 26
    Mar 26th
    0 Files
  • 27
    Mar 27th
    0 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close