CVE-2017-8806

CVE-2017-8806

The Debian pg_ctlcluster, pg_createcluster, and pg_upgradecluster scripts, as distributed in the Debian postgresql-common package before 181+deb9u1 for PostgreSQL (and other packages related to Debian and Ubuntu), handled symbolic links insecurely, which could result in local denial of service by overwriting arbitrary files.

Source: CVE-2017-8806

답글 남기기

이메일 주소는 공개되지 않습니다. 필수 필드는 *로 표시됩니다