SSL Certificate Verification Vulnerability in PostgreSQL by PostgreSQL Global Development Group
CVE-2012-0867

Currently unrated

Key Information:

Vendor

Opensuse Project

Status
Opensuse
Vendor
CVE Published:
18 July 2012

What is CVE-2012-0867?

The vulnerability arises from a flaw in the SSL certificate verification process within specific versions of PostgreSQL, where the common name is truncated to 32 characters. This flaw could allow remote attackers to spoof SSL connections to the database server if the hostname matches the limited length, posing a risk to the integrity of secure communications on affected systems.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://www.postgresql.org/about/news/1377/
x_refsource_CONFIRM
http://secunia.com/advisories/49273
third-party-advisoryx_refsource_SECUNIA
http://rhn.redhat.com/errata/RHSA-2012-0678.html
vendor-advisoryx_refsource_REDHAT

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.