SonicALERT
Search

Sonicwall Signatures

 

Go to All Categories list.


  PostgreSQL Password Change Buffer Overflow 2

Category: DB-ATTACKS      

PostgreSQL versions 10.x before 10.9 and versions 11.x before 11.4 are vulnerable to a stack-based buffer overflow. Any authenticated user can overflow a stack-based buffer by changing the user's own password to a purpose-crafted value. This often suffices to execute arbitrary code as the PostgreSQL operating system account.

References
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10164


Relevant Information