CVE-2013-0255
The MITRE CVE dictionary describes this issue as:
Find out more about CVE-2013-0255 from the MITRE CVE dictionary dictionary and NIST NVD.
Statement
This issue did not affect the version of postgresql, as shipped with Red Hat Enterprise Linux 5. This issue affects the version of postgresql84, as shipped with Red Hat Enterprise Linux 5 and the version of postgresql, as shipped with Red Hat Enterprise Linux 6. Red Hat Security Response Team has rated this issue as having moderate security impact. A future update might address this flaw. For additional information, refer to the Issue Severity Classification: https://access.redhat.com/security/updates/classification/.
CVSS v2 metrics
| Base Score | 5.5 |
|---|---|
| Base Metrics | AV:N/AC:L/Au:S/C:P/I:N/A:P |
| Access Vector | Network |
| Access Complexity | Low |
| Authentication | Single |
| Confidentiality Impact | Partial |
| Integrity Impact | None |
| Availability Impact | Partial |
Find out more about Red Hat support for the Common Vulnerability Scoring System (CVSS).
Red Hat Security Errata
| Platform | Errata | Release Date |
|---|---|---|
| Red Hat Enterprise Linux 6 (postgresql) | RHSA-2013:1475 | 2013-10-29 |
| Red Hat Enterprise Linux 5 (postgresql84) | RHSA-2013:1475 | 2013-10-29 |
Affected Packages State
| Platform | Package | State |
|---|---|---|
| Red Hat Enterprise Linux 5 | postgresql | Not affected |
Acknowledgements
Red Hat would like to thank the PostgreSQL project for reporting this issue. Upstream acknowledges Sumit Soni via Secunia SVCRP as the original issue reporter.CVE description copyright © 2017, The MITRE Corporation