Family: Databases --> Category: infos
PostgreSQL Character Conversion and Tsearch2 Module Vulnerabilities Vulnerability Scan
Vulnerability Scan Summary
Checks for character conversion and tsearch2 module vulnerabilities in PostgreSQL
Detailed Explanation for this Vulnerability Test
The remote database server is affected by multiple vulnerabilities.
According to its banner, the version of PostgreSQL installed on the
remote host may suffer from the following vulnerabilities :
- Character Conversion Vulnerability
Unprivileged users can call functions supporting client-
server character set conversion from SQL commands even
though those functions do not validate their arguments.
- tsearch2 Vulnerability
If installed, the 'contrib/tsearch2' module permits users
to at a minimum crash the backend because it misdeclares
several functions as returning type 'internal' when in
fact they do not have any 'internal' argument.
Implement the changes described in the PostgreSQL advisory.
Medium / CVSS Base Score : 4
Click HERE for more information and discussions on this network vulnerability scan.