Home

CVE-2014-0067

Description

The make check command for the test suites in PostgreSQL 9.3.3 and earlier does not properly invoke initdb to specify the authentication requirements for a database cluster to be used for the tests, which allows local users to gain privileges by leveraging access to this cluster.

Risk Information

Base Score
9.1
MODERATE
Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
EPSS Score
Exploitation Probability
0.096

Associated Vulnerability

VulnerabilityOS Platform
Update Tomcat to 9.3.6Windows
Update PostgressSQL to 9.0.19Windows
Update PostgressSQL to 9.3.6Windows
Multiple vulnerabilities are fixed in PostgreSQL 9.4.1Windows
Multiple vulnerabilities are fixed in PostgreSQL 9.3.6Windows
Multiple vulnerabilities are fixed in PostgreSQL 9.2.10Windows
Multiple vulnerabilities are fixed in PostgreSQL 9.1.15Windows
Multiple vulnerabilities are fixed in PostgreSQL 9.0.19Windows
Multiple vulnerabilities are fixed in OS X Yosemite 10.10.5 UpdateMac
Multiple vulnerabilities are fixed in OS X Yosemite 10.10.5 Combo UpdateMac
Update Tomcat to 9.3.6 (For Linux)Linux
Update PostgressSQL to 9.0.19 (For Linux)Linux
Update PostgressSQL to 9.3.6 (For Linux)Linux
Multiple vulnerabilities are fixed in PostgreSQL 9.4.1 (For Linux)Linux
Multiple vulnerabilities are fixed in PostgreSQL 9.3.6 (For Linux)Linux
Multiple vulnerabilities are fixed in PostgreSQL 9.2.10 (For Linux)Linux
Multiple vulnerabilities are fixed in PostgreSQL 9.1.15 (For Linux)Linux
Multiple vulnerabilities are fixed in PostgreSQL 9.0.19 (For Linux)Linux
CVE-2014-0067NCM

Patch Details

Click to see the patches provided by ManageEngine for this CVE
Patch IDPatch Description
PATCH-600354OS X Yosemite 10.10.5 Update
PATCH-600458OS X Yosemite 10.10.5 Combo Update

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234