Back to search
CVE-2015-5288
Published: Oct 26, 2015
Modified: Aug 6, 2024
PUBLISHED
Description
The crypt function in contrib/pgcrypto in PostgreSQL before 9.0.23, 9.1.x before 9.1.19, 9.2.x before 9.2.14, 9.3.x before 9.3.10, and 9.4.x before 9.4.5 allows attackers to cause a denial of service (server crash) or read arbitrary server memory via a "too-short" salt.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
77049
vdb-entry
x_refsource_BID
http://www.postgresql.org/docs/9.3/static/release-9-3-10.html
x_refsource_CONFIRM
SUSE-SU-2016:0677
vendor-advisory
x_refsource_SUSE
http://www.postgresql.org/docs/9.4/static/release-9-4-5.html
x_refsource_CONFIRM
http://www.postgresql.org/docs/9.0/static/release-9-0-23.html
x_refsource_CONFIRM
USN-2772-1
vendor-advisory
x_refsource_UBUNTU
GLSA-201701-33
vendor-advisory
x_refsource_GENTOO
http://www.postgresql.org/docs/9.2/static/release-9-2-14.html
x_refsource_CONFIRM
FEDORA-2015-6d2a957a87
vendor-advisory
x_refsource_FEDORA
openSUSE-SU-2015:1919
vendor-advisory
x_refsource_SUSE
openSUSE-SU-2015:1907
vendor-advisory
x_refsource_SUSE
http://www.postgresql.org/docs/9.1/static/release-9-1-19.html
x_refsource_CONFIRM
FEDORA-2015-7fac92f49c
vendor-advisory
x_refsource_FEDORA
http://www.postgresql.org/about/news/1615/
x_refsource_CONFIRM
DSA-3475
vendor-advisory
x_refsource_DEBIAN
DSA-3374
vendor-advisory
x_refsource_DEBIAN
1033775
vdb-entry
x_refsource_SECTRACK
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now