CVE-2017-8806 - OpenCVE

The Debian pg_ctlcluster, pg_createcluster, and pg_upgradecluster scripts, as distributed in the Debian postgresql-common package before 181+deb9u1 for PostgreSQL (and other packages related to Debian and Ubuntu), handled symbolic links insecurely, which could result in local denial of service by overwriting arbitrary files.

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact High

Availability Impact None

User Interaction None

No CVSS v3.0

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact Partial

Availability Impact Partial

AV:L/AC:L/Au:N/C:N/I:P/A:P

Vendors & Products
CPE Configurations

Vendors	Products
Canonical	Ubuntu Linux
Debian	Debian Linux
Postgresql	Postgresql

Configuration 1 [-]

AND

cpe:2.3:a:postgresql:postgresql:-:*:*:*:*:*:*:*

OR	cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
	cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
	cpe:2.3:o:canonical:ubuntu_linux:17.04:::::::*
	cpe:2.3:o:canonical:ubuntu_linux:17.10:::::::*
	cpe:2.3:o:debian:debian_linux:8.0:::::::*
	cpe:2.3:o:debian:debian_linux:9.0:::::::*

References

Link	Resource
http://metadata.ftp-master.debian.org/changelogs/main/p/postgresql-common/postgresql-common_181+deb9u1_changelog	Broken Link Issue Tracking Third Party Advisory
http://www.securityfocus.com/bid/101810	Broken Link Third Party Advisory VDB Entry
https://usn.ubuntu.com/usn/usn-3476-1/	Issue Tracking Third Party Advisory
https://www.debian.org/security/2017/dsa-4029	Issue Tracking Third Party Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: debian

Published: 2017-11-13T09:00:00

Updated: 2017-11-16T10:57:01

Reserved: 2017-05-07T00:00:00

Link: CVE-2017-8806

JSON object: View

NVD Information

Status : Analyzed

Published: 2017-11-13T09:29:00.403

Modified: 2024-04-01T15:50:53.473

Link: CVE-2017-8806

JSON object: View

Redhat Information

No data.

CWE

CWE-59

{"containers": {"cna": {"affected": [{"product": "PostgreSQL-related scripts that are specific to Debian and Ubuntu", "vendor": "n/a", "versions": [{"status": "affected", "version": "PostgreSQL-related scripts that are specific to Debian and Ubuntu"}]}], "datePublic": "2017-11-13T00:00:00", "descriptions": [{"lang": "en", "value": "The Debian pg_ctlcluster, pg_createcluster, and pg_upgradecluster scripts, as distributed in the Debian postgresql-common package before 181+deb9u1 for PostgreSQL (and other packages related to Debian and Ubuntu), handled symbolic links insecurely, which could result in local denial of service by overwriting arbitrary files."}], "problemTypes": [{"descriptions": [{"description": "handled symbolic links insecurely", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-11-16T10:57:01", "orgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5", "shortName": "debian"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "http://metadata.ftp-master.debian.org/changelogs/main/p/postgresql-common/postgresql-common_181+deb9u1_changelog"}, {"name": "101810", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/101810"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://usn.ubuntu.com/usn/usn-3476-1/"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://www.debian.org/security/2017/dsa-4029"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "security@debian.org", "ID": "CVE-2017-8806", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "PostgreSQL-related scripts that are specific to Debian and Ubuntu", "version": {"version_data": [{"version_value": "PostgreSQL-related scripts that are specific to Debian and Ubuntu"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The Debian pg_ctlcluster, pg_createcluster, and pg_upgradecluster scripts, as distributed in the Debian postgresql-common package before 181+deb9u1 for PostgreSQL (and other packages related to Debian and Ubuntu), handled symbolic links insecurely, which could result in local denial of service by overwriting arbitrary files."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "handled symbolic links insecurely"}]}]}, "references": {"reference_data": [{"name": "http://metadata.ftp-master.debian.org/changelogs/main/p/postgresql-common/postgresql-common_181+deb9u1_changelog", "refsource": "CONFIRM", "url": "http://metadata.ftp-master.debian.org/changelogs/main/p/postgresql-common/postgresql-common_181+deb9u1_changelog"}, {"name": "101810", "refsource": "BID", "url": "http://www.securityfocus.com/bid/101810"}, {"name": "https://usn.ubuntu.com/usn/usn-3476-1/", "refsource": "CONFIRM", "url": "https://usn.ubuntu.com/usn/usn-3476-1/"}, {"name": "https://www.debian.org/security/2017/dsa-4029", "refsource": "CONFIRM", "url": "https://www.debian.org/security/2017/dsa-4029"}]}}}}, "cveMetadata": {"assignerOrgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5", "assignerShortName": "debian", "cveId": "CVE-2017-8806", "datePublished": "2017-11-13T09:00:00", "dateReserved": "2017-05-07T00:00:00", "dateUpdated": "2017-11-16T10:57:01", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:postgresql:postgresql:-:*:*:*:*:*:*:*", "matchCriteriaId": "ECC070DF-4131-43BA-B975-907023E0D39F", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "matchCriteriaId": "B5A6F2F3-4894-4392-8296-3B8DD2679084", "vulnerable": false}, {"criteria": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "matchCriteriaId": "F7016A2A-8365-4F1A-89A2-7A19F2BCAE5B", "vulnerable": false}, {"criteria": "cpe:2.3:o:canonical:ubuntu_linux:17.04:*:*:*:*:*:*:*", "matchCriteriaId": "588D4F37-0A56-47A4-B710-4D5F3D214FB9", "vulnerable": false}, {"criteria": "cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*", "matchCriteriaId": "9070C9D8-A14A-467F-8253-33B966C16886", "vulnerable": false}, {"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43", "vulnerable": false}, {"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "The Debian pg_ctlcluster, pg_createcluster, and pg_upgradecluster scripts, as distributed in the Debian postgresql-common package before 181+deb9u1 for PostgreSQL (and other packages related to Debian and Ubuntu), handled symbolic links insecurely, which could result in local denial of service by overwriting arbitrary files."}, {"lang": "es", "value": "Los scripts de Debian pg_ctlcluster, pg_createcluster y pg_upgradecluster, tal y como se distribuyen en el paquete de Debian postgresql-common anterior a 181+deb9u1 para PostgreSQL (y otros paquetes relacionados con Debian y Ubuntu), manipularon v\u00ednculos simb\u00f3licos de forma no segura, lo que podr\u00eda desembocar en una denegaci\u00f3n de servicio local sobrescribiendo archivos arbitrarios."}], "id": "CVE-2017-8806", "lastModified": "2024-04-01T15:50:53.473", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "LOW", "cvssData": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 3.6, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 4.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2017-11-13T09:29:00.403", "references": [{"source": "security@debian.org", "tags": ["Broken Link", "Issue Tracking", "Third Party Advisory"], "url": "http://metadata.ftp-master.debian.org/changelogs/main/p/postgresql-common/postgresql-common_181+deb9u1_changelog"}, {"source": "security@debian.org", "tags": ["Broken Link", "Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/101810"}, {"source": "security@debian.org", "tags": ["Issue Tracking", "Third Party Advisory"], "url": "https://usn.ubuntu.com/usn/usn-3476-1/"}, {"source": "security@debian.org", "tags": ["Issue Tracking", "Third Party Advisory"], "url": "https://www.debian.org/security/2017/dsa-4029"}], "sourceIdentifier": "security@debian.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-59"}], "source": "nvd@nist.gov", "type": "Primary"}]}