Strike ID:
E19-7mvo1
CVSS:
9.0 (AV:N/AC:L/Au:S/C:C/I:C/A:C)
False Positive:
t
Variants:
2
Year:
2019

Description

This strike replicates a stack-based buffer overflow attack on a PostgreSQL database server. The flaw is a consequence of no string size checking when base64-decoding a stored hashed password. Successful exploitation by a remote authenticated attacker may result in arbitrary code execution or crashing the server.

CVE

References

MSB

BID

ExploitDB

Secunia

Security Tracker

Metasploit

ZDI

Google

OSVDB

{}