CVE-2014-0067

Currently unrated

Key Information:

Vendor: Apple
Status: Mac Os X; Mac Os X Server
Vendor: CVE Published:; 31 March 2014

Summary

The "make check" command for the test suites in PostgreSQL 9.3.3 and earlier does not properly invoke initdb to specify the authentication requirements for a database cluster to be used for the tests, which allows local users to gain privileges by leveraging access to this cluster.

References

http://wiki.postgresql.org/wiki/20140220securityrelease

x_refsource_CONFIRM

http://www.debian.org/security/2014/dsa-2864

vendor-advisoryx_refsource_DEBIAN

http://www.postgresql.org/about/news/1506/

x_refsource_CONFIRM

Timeline

Vulnerability published
Mar 31, 2014
Vulnerability Reserved
Dec 3, 2013