製品・ソフトウェアに関する情報

JVN脆弱性詳細

PostgreSQL におけるスーパーユーザ権限を取得される脆弱性

Title	PostgreSQL におけるスーパーユーザ権限を取得される脆弱性
Summary	PostgreSQL には、スーパーユーザ権限を取得される脆弱性が存在します。
Possible impacts	CREATEDB または CREATEROLE ロールを持つリモート認証されたユーザにより、管理者の操作の際に誤って処理される (a) データベースまたは (b) ロール名内の以下の文字を介して、スーパーユーザ権限を取得される可能性があります。 (1) "" (二重引用符) (2) \ (バックスラッシュ) (3) キャリッジリターン (4) 改行文字
Solution	ベンダより正式な対策が公開されています。ベンダ情報を参照して適切な対策を実施してください。
Publication Date	Aug. 11, 2016, midnight
Registration Date	Dec. 16, 2016, 4:04 p.m.
Last Update	Dec. 16, 2016, 4:04 p.m.

CVSS3.0 : 重要
Score	7.1
Vector	CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H

CVSS2.0 : 警告
Score	4.6
Vector	AV:N/AC:H/Au:S/C:P/I:P/A:P

Affected System

PostgreSQL.org

PostgreSQL 9.1.23 未満

PostgreSQL 9.2.18 未満の 9.2.x

PostgreSQL 9.3.14 未満の 9.3.x

PostgreSQL 9.4.9 未満の 9.4.x

PostgreSQL 9.5.4 未満の 9.5.x

Debian

Debian GNU/Linux 8.0

CVE (情報セキュリティ共通脆弱性識別子)

No	Name	URL
Common Vulnerabilities and Exposures (CVE)
1	CVE-2016-5424	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5424
National Vulnerability Database (NVD)
2	CVE-2016-5424	http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5424

CWE (共通脆弱性タイプ一覧)

No	Name	URL
JVNDB
1	CWE-94	https://jvndb.jvn.jp/ja/cwe/CWE-94.html

ベンダー情報

No	Name	URL
Debian Security Advisory
1	DSA-3646	https://www.debian.org/security/2016/dsa-3646
PostgreSQL NEWS
2	2016-08-11 Security Update Release	https://www.postgresql.org/about/news/1688/
PostgreSQL Release Notes
3	Release 9.1.23	https://www.postgresql.org/docs/current/static/release-9-1-23.html
4	Release 9.2.18	https://www.postgresql.org/docs/current/static/release-9-2-18.html
5	Release 9.3.14	https://www.postgresql.org/docs/current/static/release-9-3-14.html
6	Release 9.4.9	https://www.postgresql.org/docs/current/static/release-9-4-9.html
7	Release 9.5.4	https://www.postgresql.org/docs/current/static/release-9-5-4.html

Change Log

No	Changed Details	Date of change
0	[2016年12月16日] 掲載	Feb. 17, 2018, 10:37 a.m.

NVD Vulnerability Information

CVE-2016-5424

Summary	PostgreSQL before 9.1.23, 9.2.x before 9.2.18, 9.3.x before 9.3.14, 9.4.x before 9.4.9, and 9.5.x before 9.5.4 might allow remote authenticated users with the CREATEDB or CREATEROLE role to gain superuser privileges via a (1) " (double quote), (2) \ (backslash), (3) carriage return, or (4) newline character in a (a) database or (b) role name that is mishandled during an administrative operation.
Publication Date	Dec. 10, 2016, 8:59 a.m.
Registration Date	Jan. 26, 2021, 2:13 p.m.
Last Update	Nov. 21, 2024, 11:54 a.m.

Affected software configurations

Configuration1		or higher	or less	more than	less than
cpe:2.3:o:debian:debian_linux:8.0:::::::*

Configuration2	or higher	or less	more than	less than
cpe:2.3:a:postgresql:postgresql:9.3.8:::::::*
cpe:2.3:a:postgresql:postgresql:9.2.1:::::::*
cpe:2.3:a:postgresql:postgresql:9.5.1:::::::*
cpe:2.3:a:postgresql:postgresql:9.4.5:::::::*
cpe:2.3:a:postgresql:postgresql:9.3:::::::*
cpe:2.3:a:postgresql:postgresql:9.2.13:::::::*
cpe:2.3:a:postgresql:postgresql:9.2.9:::::::*
cpe:2.3:a:postgresql:postgresql:9.2.12:::::::*
cpe:2.3:a:postgresql:postgresql:9.3.11:::::::*
cpe:2.3:a:postgresql:postgresql:9.3.5:::::::*
cpe:2.3:a:postgresql:postgresql:9.3.2:::::::*
cpe:2.3:a:postgresql:postgresql:9.2.15:::::::*
cpe:2.3:a:postgresql:postgresql:9.2.6:::::::*
cpe:2.3:a:postgresql:postgresql:9.2.11:::::::*
cpe:2.3:a:postgresql:postgresql:9.2.3:::::::*
cpe:2.3:a:postgresql:postgresql:9.4.2:::::::*
cpe:2.3:a:postgresql:postgresql:9.4.8:::::::*
cpe:2.3:a:postgresql:postgresql:9.3.7:::::::*
cpe:2.3:a:postgresql:postgresql:9.4.4:::::::*
cpe:2.3:a:postgresql:postgresql:9.3.6:::::::*
cpe:2.3:a:postgresql:postgresql:9.2:::::::*
cpe:2.3:a:postgresql:postgresql:9.4.3:::::::*
cpe:2.3:a:postgresql:postgresql:9.2.4:::::::*
cpe:2.3:a:postgresql:postgresql:9.2.10:::::::*
cpe:2.3:a:postgresql:postgresql:9.3.10:::::::*
cpe:2.3:a:postgresql:postgresql:9.5.3:::::::*
cpe:2.3:a:postgresql:postgresql:9.3.3:::::::*
cpe:2.3:a:postgresql:postgresql:9.4.1:::::::*
cpe:2.3:a:postgresql:postgresql:9.3.13:::::::*
cpe:2.3:a:postgresql:postgresql:9.4.6:::::::*
cpe:2.3:a:postgresql:postgresql:9.2.7:::::::*
cpe:2.3:a:postgresql:postgresql:9.4:::::::*
cpe:2.3:a:postgresql:postgresql:9.4.7:::::::*
cpe:2.3:a:postgresql:postgresql:9.2.16:::::::*
cpe:2.3:a:postgresql:postgresql:9.5.2:::::::*
cpe:2.3:a:postgresql:postgresql:9.3.1:::::::*
cpe:2.3:a:postgresql:postgresql:9.2.8:::::::*
cpe:2.3:a:postgresql:postgresql:9.3.9:::::::*
cpe:2.3:a:postgresql:postgresql:9.2.17:::::::*
cpe:2.3:a:postgresql:postgresql:9.3.4:::::::*
cpe:2.3:a:postgresql:postgresql:9.3.12:::::::*
cpe:2.3:a:postgresql:postgresql::::::::		9.1.22
cpe:2.3:a:postgresql:postgresql:9.2.5:::::::*
cpe:2.3:a:postgresql:postgresql:9.5:::::::*
cpe:2.3:a:postgresql:postgresql:9.2.14:::::::*
cpe:2.3:a:postgresql:postgresql:9.2.2:::::::*

Related information, measures and tools

No	URL	タグ
1	http://rhn.redhat.com/errata/RHSA-2016-1781.html
2	http://rhn.redhat.com/errata/RHSA-2016-1781.html
3	http://rhn.redhat.com/errata/RHSA-2016-1820.html
4	http://rhn.redhat.com/errata/RHSA-2016-1820.html
5	http://rhn.redhat.com/errata/RHSA-2016-1821.html
6	http://rhn.redhat.com/errata/RHSA-2016-1821.html
7	http://rhn.redhat.com/errata/RHSA-2016-2606.html
8	http://rhn.redhat.com/errata/RHSA-2016-2606.html
9	http://www.debian.org/security/2016/dsa-3646	Third Party Advisory
10	http://www.debian.org/security/2016/dsa-3646	Third Party Advisory
11	http://www.securityfocus.com/bid/92435	Third Party Advisory VDB Entry
12	http://www.securityfocus.com/bid/92435	Third Party Advisory VDB Entry
13	http://www.securitytracker.com/id/1036617	Third Party Advisory VDB Entry
14	http://www.securitytracker.com/id/1036617	Third Party Advisory VDB Entry
15	https://access.redhat.com/errata/RHSA-2017:2425
16	https://access.redhat.com/errata/RHSA-2017:2425
17	https://security.gentoo.org/glsa/201701-33
18	https://security.gentoo.org/glsa/201701-33
19	https://www.postgresql.org/about/news/1688/	Patch Third Party Advisory VDB Entry
20	https://www.postgresql.org/about/news/1688/	Patch Third Party Advisory VDB Entry
21	https://www.postgresql.org/docs/current/static/release-9-1-23.html	Release Notes Vendor Advisory
22	https://www.postgresql.org/docs/current/static/release-9-1-23.html	Release Notes Vendor Advisory
23	https://www.postgresql.org/docs/current/static/release-9-2-18.html	Release Notes Vendor Advisory
24	https://www.postgresql.org/docs/current/static/release-9-2-18.html	Release Notes Vendor Advisory
25	https://www.postgresql.org/docs/current/static/release-9-3-14.html	Release Notes Vendor Advisory
26	https://www.postgresql.org/docs/current/static/release-9-3-14.html	Release Notes Vendor Advisory
27	https://www.postgresql.org/docs/current/static/release-9-4-9.html	Release Notes Vendor Advisory
28	https://www.postgresql.org/docs/current/static/release-9-4-9.html	Release Notes Vendor Advisory
29	https://www.postgresql.org/docs/current/static/release-9-5-4.html	Release Notes Vendor Advisory
30	https://www.postgresql.org/docs/current/static/release-9-5-4.html	Release Notes Vendor Advisory

Common Vulnerabilities List

No	CWE	Name	URL
1	CWE-94	コード・インジェクション	https://cwe.mitre.org/data/definitions/94.html

Configuration2	or higher	or less	more than	less than
cpe:2.3:a:postgresql:postgresql:9.3.8:::::::*
cpe:2.3:a:postgresql:postgresql:9.2.1:::::::*
cpe:2.3:a:postgresql:postgresql:9.5.1:::::::*
cpe:2.3:a:postgresql:postgresql:9.4.5:::::::*
cpe:2.3:a:postgresql:postgresql:9.3:::::::*
cpe:2.3:a:postgresql:postgresql:9.2.13:::::::*
cpe:2.3:a:postgresql:postgresql:9.2.9:::::::*
cpe:2.3:a:postgresql:postgresql:9.2.12:::::::*
cpe:2.3:a:postgresql:postgresql:9.3.11:::::::*
cpe:2.3:a:postgresql:postgresql:9.3.5:::::::*
cpe:2.3:a:postgresql:postgresql:9.3.2:::::::*
cpe:2.3:a:postgresql:postgresql:9.2.15:::::::*
cpe:2.3:a:postgresql:postgresql:9.2.6:::::::*
cpe:2.3:a:postgresql:postgresql:9.2.11:::::::*
cpe:2.3:a:postgresql:postgresql:9.2.3:::::::*
cpe:2.3:a:postgresql:postgresql:9.4.2:::::::*
cpe:2.3:a:postgresql:postgresql:9.4.8:::::::*
cpe:2.3:a:postgresql:postgresql:9.3.7:::::::*
cpe:2.3:a:postgresql:postgresql:9.4.4:::::::*
cpe:2.3:a:postgresql:postgresql:9.3.6:::::::*
cpe:2.3:a:postgresql:postgresql:9.2:::::::*
cpe:2.3:a:postgresql:postgresql:9.4.3:::::::*
cpe:2.3:a:postgresql:postgresql:9.2.4:::::::*
cpe:2.3:a:postgresql:postgresql:9.2.10:::::::*
cpe:2.3:a:postgresql:postgresql:9.3.10:::::::*
cpe:2.3:a:postgresql:postgresql:9.5.3:::::::*
cpe:2.3:a:postgresql:postgresql:9.3.3:::::::*
cpe:2.3:a:postgresql:postgresql:9.4.1:::::::*
cpe:2.3:a:postgresql:postgresql:9.3.13:::::::*
cpe:2.3:a:postgresql:postgresql:9.4.6:::::::*
cpe:2.3:a:postgresql:postgresql:9.2.7:::::::*
cpe:2.3:a:postgresql:postgresql:9.4:::::::*
cpe:2.3:a:postgresql:postgresql:9.4.7:::::::*
cpe:2.3:a:postgresql:postgresql:9.2.16:::::::*
cpe:2.3:a:postgresql:postgresql:9.5.2:::::::*
cpe:2.3:a:postgresql:postgresql:9.3.1:::::::*
cpe:2.3:a:postgresql:postgresql:9.2.8:::::::*
cpe:2.3:a:postgresql:postgresql:9.3.9:::::::*
cpe:2.3:a:postgresql:postgresql:9.2.17:::::::*
cpe:2.3:a:postgresql:postgresql:9.3.4:::::::*
cpe:2.3:a:postgresql:postgresql:9.3.12:::::::*
cpe:2.3:a:postgresql:postgresql::::::::		9.1.22
cpe:2.3:a:postgresql:postgresql:9.2.5:::::::*
cpe:2.3:a:postgresql:postgresql:9.5:::::::*
cpe:2.3:a:postgresql:postgresql:9.2.14:::::::*
cpe:2.3:a:postgresql:postgresql:9.2.2:::::::*