Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The pg_ctlcluster script in postgresql-common package in Debian wheezy before 134wheezy5, in Debian jessie before 165+deb8u2, in Debian unstable before 178, in Ubuntu 12.04 LTS before 129ubuntu1.2, in Ubuntu 14.04 LTS before 154ubuntu1.1, in Ubuntu 16.04 LTS before 173ubuntu0.1, in Ubuntu 17.04 before 179ubuntu0.1, and in Ubuntu 17.10 before 184ubuntu1.1 allows local users to gain root privileges via a symlink attack on a logfile in /var/log/postgresql.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
多款产品postgresql-common包安全漏洞
Vulnerability Description
Debian是Debian Project合作组织创建的以Linux或FreeBSD为内核的自由操作系统。wheezy、jessie和unstable都是Debian的分支版本。Ubuntu是英国科能(Canonical)公司和Ubuntu基金会共同开发的一套以桌面应用为主的GNU/Linux操作系统。postgresql-common package是一个使用在Linux中的PostgresSQL数据库集群管理器。 多款产品中的postgresql-common包的pg_ctlcluster脚本存在安全
CVSS Information
N/A
Vulnerability Type
N/A