4.3

CVE-2015-3165

Double free vulnerability in PostgreSQL before 9.0.20, 9.1.x before 9.1.16, 9.2.x before 9.2.11, 9.3.x before 9.3.7, and 9.4.x before 9.4.2 allows remote attackers to cause a denial of service (crash) by closing an SSL session at a time when the authentication timeout will expire during the session shutdown sequence.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
CanonicalUbuntu Linux Version12.04 SwEditionlts
CanonicalUbuntu Linux Version14.04 SwEditionlts
CanonicalUbuntu Linux Version14.10
CanonicalUbuntu Linux Version15.04
DebianDebian Linux Version7.0
DebianDebian Linux Version8.0
ApplemacOS X Server Version5.0.2
PostgresqlPostgresql Version <= 9.0.19
PostgresqlPostgresql Version9.1
PostgresqlPostgresql Version9.1.1
PostgresqlPostgresql Version9.1.2
PostgresqlPostgresql Version9.1.3
PostgresqlPostgresql Version9.1.4
PostgresqlPostgresql Version9.1.5
PostgresqlPostgresql Version9.1.6
PostgresqlPostgresql Version9.1.7
PostgresqlPostgresql Version9.1.8
PostgresqlPostgresql Version9.1.9
PostgresqlPostgresql Version9.1.10
PostgresqlPostgresql Version9.1.11
PostgresqlPostgresql Version9.1.12
PostgresqlPostgresql Version9.1.13
PostgresqlPostgresql Version9.1.14
PostgresqlPostgresql Version9.1.15
PostgresqlPostgresql Version9.2
PostgresqlPostgresql Version9.2.1
PostgresqlPostgresql Version9.2.2
PostgresqlPostgresql Version9.2.3
PostgresqlPostgresql Version9.2.4
PostgresqlPostgresql Version9.2.5
PostgresqlPostgresql Version9.2.6
PostgresqlPostgresql Version9.2.7
PostgresqlPostgresql Version9.2.8
PostgresqlPostgresql Version9.2.9
PostgresqlPostgresql Version9.2.10
PostgresqlPostgresql Version9.3
PostgresqlPostgresql Version9.3.1
PostgresqlPostgresql Version9.3.2
PostgresqlPostgresql Version9.3.3
PostgresqlPostgresql Version9.3.4
PostgresqlPostgresql Version9.3.5
PostgresqlPostgresql Version9.3.6
PostgresqlPostgresql Version9.4.0
PostgresqlPostgresql Version9.4.1
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 8.57% 0.944
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 4.3 8.6 2.9
AV:N/AC:M/Au:N/C:N/I:N/A:P
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://lists.apple.com/archives/security-announce/2015/Sep/msg00004.html
Third Party Advisory
Mailing List
https://support.apple.com/HT205219
Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2015-1194.html
http://rhn.redhat.com/errata/RHSA-2015-1195.html
http://rhn.redhat.com/errata/RHSA-2015-1196.html
http://www.debian.org/security/2015/dsa-3269
Third Party Advisory
http://www.debian.org/security/2015/dsa-3270
Third Party Advisory
http://www.postgresql.org/about/news/1587/
Vendor Advisory
http://www.postgresql.org/docs/9.0/static/release-9-0-20.html
Release Notes
http://www.postgresql.org/docs/9.1/static/release-9-1-16.html
Release Notes
http://www.postgresql.org/docs/9.2/static/release-9-2-11.html
Release Notes
http://www.postgresql.org/docs/9.3/static/release-9-3-7.html
Release Notes
http://www.postgresql.org/docs/9.4/static/release-9-4-2.html
Release Notes
http://www.securityfocus.com/bid/74787
Third Party Advisory
VDB Entry
http://www.ubuntu.com/usn/USN-2621-1
Vendor Advisory
https://security.gentoo.org/glsa/201507-20