Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
7.2
CVSSv2

CVE-2016-1255

Published: 05/12/2017 Updated: 21/12/2017
CVSS v2 Base Score: 7.2 | Impact Score: 10 | Exploitability Score: 3.9
CVSS v3 Base Score: 7.8 | Impact Score: 5.9 | Exploitability Score: 1.8
VMScore: 641
Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C
Subscribe to Postgresql-common

Vulnerability Summary

The pg_ctlcluster script in postgresql-common package in Debian wheezy prior to 134wheezy5, in Debian jessie prior to 165+deb8u2, in Debian unstable prior to 178, in Ubuntu 12.04 LTS prior to 129ubuntu1.2, in Ubuntu 14.04 LTS prior to 154ubuntu1.1, in Ubuntu 16.04 LTS prior to 173ubuntu0.1, in Ubuntu 17.04 prior to 179ubuntu0.1, and in Ubuntu 17.10 prior to 184ubuntu1.1 allows local users to gain root privileges via a symlink attack on a logfile in /var/log/postgresql.

Vulnerable Product Search on Vulmon Subscribe to Product

debian postgresql-common 11

debian postgresql-common 12

debian postgresql-common 13

debian postgresql-common 14

debian postgresql-common 28

debian postgresql-common 29

debian postgresql-common 30

debian postgresql-common 31

debian postgresql-common 44

debian postgresql-common 7

debian postgresql-common 9

debian postgresql-common 16

debian postgresql-common 18

debian postgresql-common 23

debian postgresql-common 45

debian postgresql-common 46

debian postgresql-common 47

debian postgresql-common 61

debian postgresql-common 62

debian postgresql-common 63

debian postgresql-common 64

debian postgresql-common 78

debian postgresql-common 79

debian postgresql-common 80

debian postgresql-common 81

debian postgresql-common 94

debian postgresql-common 95

debian postgresql-common 96

debian postgresql-common 97

debian postgresql-common 98

debian postgresql-common 111

debian postgresql-common 112

debian postgresql-common 113

debian postgresql-common 114

debian postgresql-common 128

debian postgresql-common 129

debian postgresql-common 130

debian postgresql-common 131

debian postgresql-common 25

debian postgresql-common 27

debian postgresql-common 32

debian postgresql-common 34

debian postgresql-common 41

debian postgresql-common 43

debian postgresql-common 48

debian postgresql-common 50

debian postgresql-common 52

debian postgresql-common 57

debian postgresql-common 59

debian postgresql-common 66

debian postgresql-common 68

debian postgresql-common 75

debian postgresql-common 77

debian postgresql-common 82

debian postgresql-common 84

debian postgresql-common 91

debian postgresql-common 93

debian postgresql-common 100

debian postgresql-common 102

debian postgresql-common 107

debian postgresql-common 109

debian postgresql-common 116

debian postgresql-common 118

debian postgresql-common 125

debian postgresql-common 127

debian postgresql-common 132

debian postgresql-common 2

debian postgresql-common 3

debian postgresql-common 4

debian postgresql-common 5

debian postgresql-common 6

debian postgresql-common 19

debian postgresql-common 20

debian postgresql-common 21

debian postgresql-common 22

debian postgresql-common 36

debian postgresql-common 37

debian postgresql-common 38

debian postgresql-common 39

debian postgresql-common 53

debian postgresql-common 54

debian postgresql-common 55

debian postgresql-common 56

debian postgresql-common 69

debian postgresql-common 70

debian postgresql-common 71

debian postgresql-common 72

debian postgresql-common 73

debian postgresql-common 86

debian postgresql-common 87

debian postgresql-common 88

debian postgresql-common 89

debian postgresql-common 103

debian postgresql-common 104

debian postgresql-common 105

debian postgresql-common 106

debian postgresql-common 119

debian postgresql-common 120

debian postgresql-common 121

debian postgresql-common 122

debian postgresql-common 123

debian postgresql-common 1

debian postgresql-common 8

debian postgresql-common 10

debian postgresql-common 15

debian postgresql-common 17

debian postgresql-common 24

debian postgresql-common 26

debian postgresql-common 33

debian postgresql-common 35

debian postgresql-common 40

debian postgresql-common 42

debian postgresql-common 49

debian postgresql-common 51

debian postgresql-common 58

debian postgresql-common 60

debian postgresql-common 65

debian postgresql-common 67

debian postgresql-common 74

debian postgresql-common 76

debian postgresql-common 83

debian postgresql-common 85

debian postgresql-common 90

debian postgresql-common 92

debian postgresql-common 99

debian postgresql-common 101

debian postgresql-common 108

debian postgresql-common 110

debian postgresql-common 115

debian postgresql-common 117

debian postgresql-common 124

debian postgresql-common 126

debian postgresql-common 133

debian postgresql-common 141

debian postgresql-common 142

debian postgresql-common 143

debian postgresql-common 144

debian postgresql-common 158

debian postgresql-common 159

debian postgresql-common 160

debian postgresql-common 161

debian postgresql-common 138

debian postgresql-common 140

debian postgresql-common 145

debian postgresql-common 147

debian postgresql-common 149

debian postgresql-common 154

debian postgresql-common 156

debian postgresql-common 163

debian postgresql-common 134

debian postgresql-common 135

debian postgresql-common 136

debian postgresql-common 150

debian postgresql-common 151

debian postgresql-common 152

debian postgresql-common 153

debian postgresql-common 137

debian postgresql-common 139

debian postgresql-common 146

debian postgresql-common 148

debian postgresql-common 155

debian postgresql-common 157

debian postgresql-common 162

debian postgresql-common 164

debian postgresql-common 129ubuntu1

debian postgresql-common 122ubuntu1

debian postgresql-common 153bzr1

debian postgresql-common 154ubuntu1

debian postgresql-common 169git1

debian postgresql-common 171

debian postgresql-common 172ubuntu1

debian postgresql-common 173

debian postgresql-common 170

debian postgresql-common 172

debian postgresql-common 178

debian postgresql-common 179

debian postgresql-common 177git1

debian postgresql-common 176\\+git1

debian postgresql-common 177ubuntu1

debian postgresql-common 181

debian postgresql-common 181ubuntu1

debian postgresql-common 183

debian postgresql-common 184

debian postgresql-common 184ubuntu1

Vendor Advisories

Ubuntu Security Notice: postgresql-common vulnerabilities
postgresql-common could be made to overwrite files as the administrator ...
Ubuntu Security Notice: postgresql-common vulnerabilities
postgresql-common could be made to overwrite files as the administrator ...

References

CWE-59https://lists.debian.org/debian-lts-announce/2017/01/msg00002.htmlhttps://anonscm.debian.org/cgit/pkg-postgresql/postgresql-common.git/commit/?id=c8989206ec360f199400c74f129f7b4cb878c1eehttp://www.ubuntu.com/usn/USN-3476-2http://www.ubuntu.com/usn/USN-3476-1https://nvd.nist.govhttps://usn.ubuntu.com/3476-2/
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-21987buffer overflowCVE-2024-28890CVE-2024-27574CVE-2024-27347CVE-2024-31450privilegeSSTICVE-2024-31666
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook