CVE-2018-1053 — Vulnetix

Try Vulnetix Request Demo

CVE-2018-1053 PUBLISHED

In postgresql 9.3.x before 9.3.21, 9.4.x before 9.4.16, 9.5.x before 9.5.11, 9.6.x before 9.6.7 and 10.x before 10.2, pg_upgrade creates file in current working directory containing the output of `pg_dumpall -g` under umask which was in effect when the user invoked pg_upgrade, and not under 0077 which is normally used for other temporary files. This can allow an authenticated attacker to read or modify the one file, which may contain encrypted or unencrypted database passwords. The attack is infeasible if a directory mode blocks the attacker searching the current working directory or if the prevailing umask blocks the attacker opening the file.

EPSS 0.07% · 21.9th percentile

Risk Scores

EPSS Score

0.07%

21.9th percentile

Affected Products

Vendor	Product	Versions
Ubuntu:16.04:LTS	postgresql-9.5	0, 9.5.0-1, 9.5.0-2
Ubuntu:14.04:LTS	postgresql-9.3	9.3.10-0ubuntu0.14.04, 9.3.11-0ubuntu0.14.04, 9.3.12-0ubuntu0.14.04

Timeline

Feb 7, 2018 CVE Published
Apr 14, 2021 EPSS Score
Jun 22, 2021 EPSS Score
Aug 23, 2021 EPSS Score
Oct 24, 2021 EPSS Score
Dec 25, 2021 EPSS Score
Feb 4, 2022 EPSS Score
Feb 25, 2022 EPSS Score
Apr 28, 2022 EPSS Score
Aug 31, 2022 EPSS Score
Nov 1, 2022 EPSS Score
Jan 2, 2023 EPSS Score

References

https://ubuntu.com/security/CVE-2018-1053 third-party-advisory
https://ubuntu.com/security/notices/USN-3564-1 vendor-advisory
https://www.cve.org/CVERecord?id=CVE-2018-1053 third-party-advisory

Open in Interactive Console →