CVE-2015-3165

Double free vulnerability in PostgreSQL before 9.0.20, 9.1.x before 9.1.16, 9.2.x before 9.2.11, 9.3.x before 9.3.7, and 9.4.x before 9.4.2 allows remote attackers to cause a denial of service (crash) by closing an SSL session at a time when the authentication timeout will expire during the session shutdown sequence.

CVSS v2.0 4.3 MEDIUM

4.3^/10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:N/AC:M/Au:N/C:N/I:N/A:P

Exploitability : 8.6 / Impact : 2.9

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact PARTIAL

References

Link	Resource
http://lists.apple.com/archives/security-announce/2015/Sep/msg00004.html	Mailing List Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2015-1194.html
http://rhn.redhat.com/errata/RHSA-2015-1195.html
http://rhn.redhat.com/errata/RHSA-2015-1196.html
http://www.debian.org/security/2015/dsa-3269	Third Party Advisory
http://www.debian.org/security/2015/dsa-3270	Third Party Advisory
http://www.postgresql.org/about/news/1587/	Vendor Advisory
http://www.postgresql.org/docs/9.0/static/release-9-0-20.html	Release Notes
http://www.postgresql.org/docs/9.1/static/release-9-1-16.html	Release Notes
http://www.postgresql.org/docs/9.2/static/release-9-2-11.html	Release Notes
http://www.postgresql.org/docs/9.3/static/release-9-3-7.html	Release Notes
http://www.postgresql.org/docs/9.4/static/release-9-4-2.html	Release Notes
http://www.securityfocus.com/bid/74787	Third Party Advisory VDB Entry
http://www.ubuntu.com/usn/USN-2621-1	Vendor Advisory
https://security.gentoo.org/glsa/201507-20
https://support.apple.com/HT205219	Third Party Advisory

Configurations

Configuration 1 (hide)

OR	cpe:2.3:o:canonical:ubuntu_linux:12.04::::lts:::
	cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
	cpe:2.3:o:canonical:ubuntu_linux:14.10:::::::*
	cpe:2.3:o:canonical:ubuntu_linux:15.04:::::::*
	cpe:2.3:o:debian:debian_linux:7.0:::::::*
	cpe:2.3:o:debian:debian_linux:8.0:::::::*

Configuration 2 (hide)

cpe:2.3:o:apple:mac_os_x_server:5.0.2:*:*:*:*:*:*:*

Configuration 3 (hide)

OR	cpe:2.3:a:postgresql:postgresql::::::::
	cpe:2.3:a:postgresql:postgresql:9.1:::::::*
	cpe:2.3:a:postgresql:postgresql:9.1.1:::::::*
	cpe:2.3:a:postgresql:postgresql:9.1.2:::::::*
	cpe:2.3:a:postgresql:postgresql:9.1.3:::::::*
	cpe:2.3:a:postgresql:postgresql:9.1.4:::::::*
	cpe:2.3:a:postgresql:postgresql:9.1.5:::::::*
	cpe:2.3:a:postgresql:postgresql:9.1.6:::::::*
	cpe:2.3:a:postgresql:postgresql:9.1.7:::::::*
	cpe:2.3:a:postgresql:postgresql:9.1.8:::::::*
	cpe:2.3:a:postgresql:postgresql:9.1.9:::::::*
	cpe:2.3:a:postgresql:postgresql:9.1.10:::::::*
	cpe:2.3:a:postgresql:postgresql:9.1.11:::::::*
	cpe:2.3:a:postgresql:postgresql:9.1.12:::::::*
	cpe:2.3:a:postgresql:postgresql:9.1.13:::::::*
	cpe:2.3:a:postgresql:postgresql:9.1.14:::::::*
	cpe:2.3:a:postgresql:postgresql:9.1.15:::::::*
	cpe:2.3:a:postgresql:postgresql:9.2:::::::*
	cpe:2.3:a:postgresql:postgresql:9.2.1:::::::*
	cpe:2.3:a:postgresql:postgresql:9.2.2:::::::*
	cpe:2.3:a:postgresql:postgresql:9.2.3:::::::*
	cpe:2.3:a:postgresql:postgresql:9.2.4:::::::*
	cpe:2.3:a:postgresql:postgresql:9.2.5:::::::*
	cpe:2.3:a:postgresql:postgresql:9.2.6:::::::*
	cpe:2.3:a:postgresql:postgresql:9.2.7:::::::*
	cpe:2.3:a:postgresql:postgresql:9.2.8:::::::*
	cpe:2.3:a:postgresql:postgresql:9.2.9:::::::*
	cpe:2.3:a:postgresql:postgresql:9.2.10:::::::*
	cpe:2.3:a:postgresql:postgresql:9.3:::::::*
	cpe:2.3:a:postgresql:postgresql:9.3.1:::::::*
	cpe:2.3:a:postgresql:postgresql:9.3.2:::::::*
	cpe:2.3:a:postgresql:postgresql:9.3.3:::::::*
	cpe:2.3:a:postgresql:postgresql:9.3.4:::::::*
	cpe:2.3:a:postgresql:postgresql:9.3.5:::::::*
	cpe:2.3:a:postgresql:postgresql:9.3.6:::::::*
	cpe:2.3:a:postgresql:postgresql:9.4.0:::::::*
	cpe:2.3:a:postgresql:postgresql:9.4.1:::::::*

History

No history.

Information

Published : 2015-05-28 14:59

Updated : 2018-01-05 02:30

NVD link : CVE-2015-3165

Mitre link : CVE-2015-3165

CVE.ORG link : CVE-2015-3165

JSON object : View

Products Affected

postgresql

postgresql

debian

debian_linux

canonical

ubuntu_linux

apple

mac_os_x_server

CWE

NVD-CWE-Other

{"id": "CVE-2015-3165", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 4.3, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "MEDIUM", "availabilityImpact": "PARTIAL", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2015-05-28T14:59:06.283", "references": [{"url": "http://lists.apple.com/archives/security-announce/2015/Sep/msg00004.html", "tags": ["Mailing List", "Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://rhn.redhat.com/errata/RHSA-2015-1194.html", "source": "secalert@redhat.com"}, {"url": "http://rhn.redhat.com/errata/RHSA-2015-1195.html", "source": "secalert@redhat.com"}, {"url": "http://rhn.redhat.com/errata/RHSA-2015-1196.html", "source": "secalert@redhat.com"}, {"url": "http://www.debian.org/security/2015/dsa-3269", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.debian.org/security/2015/dsa-3270", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.postgresql.org/about/news/1587/", "tags": ["Vendor Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.postgresql.org/docs/9.0/static/release-9-0-20.html", "tags": ["Release Notes"], "source": "secalert@redhat.com"}, {"url": "http://www.postgresql.org/docs/9.1/static/release-9-1-16.html", "tags": ["Release Notes"], "source": "secalert@redhat.com"}, {"url": "http://www.postgresql.org/docs/9.2/static/release-9-2-11.html", "tags": ["Release Notes"], "source": "secalert@redhat.com"}, {"url": "http://www.postgresql.org/docs/9.3/static/release-9-3-7.html", "tags": ["Release Notes"], "source": "secalert@redhat.com"}, {"url": "http://www.postgresql.org/docs/9.4/static/release-9-4-2.html", "tags": ["Release Notes"], "source": "secalert@redhat.com"}, {"url": "http://www.securityfocus.com/bid/74787", "tags": ["Third Party Advisory", "VDB Entry"], "source": "secalert@redhat.com"}, {"url": "http://www.ubuntu.com/usn/USN-2621-1", "tags": ["Vendor Advisory"], "source": "secalert@redhat.com"}, {"url": "https://security.gentoo.org/glsa/201507-20", "source": "secalert@redhat.com"}, {"url": "https://support.apple.com/HT205219", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-Other"}]}], "descriptions": [{"lang": "en", "value": "Double free vulnerability in PostgreSQL before 9.0.20, 9.1.x before 9.1.16, 9.2.x before 9.2.11, 9.3.x before 9.3.7, and 9.4.x before 9.4.2 allows remote attackers to cause a denial of service (crash) by closing an SSL session at a time when the authentication timeout will expire during the session shutdown sequence."}, {"lang": "es", "value": "Vulnerabilidad de doble liberaci\u00f3n en PostgreSQL anterior a 9.0.20, 9.1.x anterior a 9.1.16, 9.2.x anterior a 9.2.11, 9.3.x anterior a 9.3.7, y 9.4.x anterior a 9.4.2 permite a atacantes remotos causar una denegaci\u00f3n de servicio (ca\u00edda) mediante el cierre de una sesi\u00f3n SSL en un momento cuando el fin de sesi\u00f3n de la autenticaci\u00f3n caducar\u00e1 durante la secuencia del cierre de sesi\u00f3n."}], "lastModified": "2018-01-05T02:30:05.167", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*", "vulnerable": true, "matchCriteriaId": "B6B7CAD7-9D4E-4FDB-88E3-1E583210A01F"}, {"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "vulnerable": true, "matchCriteriaId": "B5A6F2F3-4894-4392-8296-3B8DD2679084"}, {"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.10:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "49A63F39-30BE-443F-AF10-6245587D3359"}, {"criteria": "cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F38D3B7E-8429-473F-BB31-FC3583EE5A5B"}, {"criteria": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "16F59A04-14CF-49E2-9973-645477EA09DA"}, {"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:apple:mac_os_x_server:5.0.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8294E6EF-5FA4-47F1-BAB4-2F1E55731206"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:postgresql:postgresql:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3D5A2803-BDCB-4AE4-AA05-5ADA3854DEE9", "versionEndIncluding": "9.0.19"}, {"criteria": "cpe:2.3:a:postgresql:postgresql:9.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4796DBEC-FF4F-4749-90D5-AD83D8B5E086"}, {"criteria": "cpe:2.3:a:postgresql:postgresql:9.1.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "79108278-D644-4506-BD9C-F464C6E817B7"}, {"criteria": "cpe:2.3:a:postgresql:postgresql:9.1.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "10CF0AA0-41CD-4D50-BA7A-BF8846115C95"}, {"criteria": "cpe:2.3:a:postgresql:postgresql:9.1.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "965E1A9D-BB23-4C0B-A9CA-54A1855055B1"}, {"criteria": "cpe:2.3:a:postgresql:postgresql:9.1.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A1F37C66-0AFE-4D59-8867-BDBCE656774E"}, {"criteria": "cpe:2.3:a:postgresql:postgresql:9.1.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5CE53AE6-232C-4068-98D1-7749007C3CFD"}, {"criteria": "cpe:2.3:a:postgresql:postgresql:9.1.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FFD38139-FD17-41E7-8D10-7731D8203CFC"}, {"criteria": "cpe:2.3:a:postgresql:postgresql:9.1.7:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CCC0B41F-38FF-4D41-9E31-D666A84BB2FC"}, {"criteria": "cpe:2.3:a:postgresql:postgresql:9.1.8:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A591CB08-5CEB-45EB-876F-417DCD60AF53"}, {"criteria": "cpe:2.3:a:postgresql:postgresql:9.1.9:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E0B79735-4CF5-4038-9FC4-12A58790B15A"}, {"criteria": "cpe:2.3:a:postgresql:postgresql:9.1.10:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0A74DAF9-516D-44BC-B09A-73395EF72873"}, {"criteria": "cpe:2.3:a:postgresql:postgresql:9.1.11:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B58318BE-FB71-4183-A1F4-5FD207885A89"}, {"criteria": "cpe:2.3:a:postgresql:postgresql:9.1.12:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1D931436-34EB-4C42-8F2B-713662DF6627"}, {"criteria": "cpe:2.3:a:postgresql:postgresql:9.1.13:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3F2289C7-7E77-41E7-94A6-44B1F9F17CB8"}, {"criteria": "cpe:2.3:a:postgresql:postgresql:9.1.14:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A9DDEEEC-492D-4F45-B009-3642887843BE"}, {"criteria": "cpe:2.3:a:postgresql:postgresql:9.1.15:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7F676407-46E1-4737-9162-0E6AB1D3E8AD"}, {"criteria": "cpe:2.3:a:postgresql:postgresql:9.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AD27648F-E2FF-4779-97F9-2632DCC6B16D"}, {"criteria": "cpe:2.3:a:postgresql:postgresql:9.2.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CEFB4916-8B59-4534-804C-CF9DA1B18508"}, {"criteria": "cpe:2.3:a:postgresql:postgresql:9.2.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3413A3AB-45A3-48E1-9B30-1194C4E7D49D"}, {"criteria": "cpe:2.3:a:postgresql:postgresql:9.2.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5760CE83-4802-42A0-9338-E1E634882450"}, {"criteria": "cpe:2.3:a:postgresql:postgresql:9.2.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6B41009E-4028-4D82-B8D0-8B949EDC0A68"}, {"criteria": "cpe:2.3:a:postgresql:postgresql:9.2.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "832F3EBE-A92C-4FB3-BF3C-0E7B750F966B"}, {"criteria": "cpe:2.3:a:postgresql:postgresql:9.2.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1571EE80-55A6-4F91-909B-C46BA19EC76F"}, {"criteria": "cpe:2.3:a:postgresql:postgresql:9.2.7:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2848E3BC-293A-4A75-BEB7-C2F1637AD3E0"}, {"criteria": "cpe:2.3:a:postgresql:postgresql:9.2.8:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "ADC9133E-94FC-4199-BD69-BBB46CF3799F"}, {"criteria": "cpe:2.3:a:postgresql:postgresql:9.2.9:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "200172CE-40AB-49E3-93D1-9947E3CBFFF8"}, {"criteria": "cpe:2.3:a:postgresql:postgresql:9.2.10:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E90B21A9-19A7-4DCB-A2FE-C558CCB6BBB1"}, {"criteria": "cpe:2.3:a:postgresql:postgresql:9.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5B890251-95EB-44F3-A6A7-F718F3C807B0"}, {"criteria": "cpe:2.3:a:postgresql:postgresql:9.3.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D2E5BD02-8C3D-4687-88DE-1C00366270E7"}, {"criteria": "cpe:2.3:a:postgresql:postgresql:9.3.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "709F5DF9-9F3A-42C3-890B-521B13118C0E"}, {"criteria": "cpe:2.3:a:postgresql:postgresql:9.3.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "14D85A34-C897-4E52-8F97-18CA51C5461A"}, {"criteria": "cpe:2.3:a:postgresql:postgresql:9.3.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A40DAD2B-A6D4-43D8-B282-A3C672356D6A"}, {"criteria": "cpe:2.3:a:postgresql:postgresql:9.3.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FC2FE391-9414-480E-A9B1-CF70280E315E"}, {"criteria": "cpe:2.3:a:postgresql:postgresql:9.3.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "55B6A4ED-FA3B-4251-BF82-755F95277CF9"}, {"criteria": "cpe:2.3:a:postgresql:postgresql:9.4.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F56BE7CE-E2B6-4089-88CC-5F28FAC602AB"}, {"criteria": "cpe:2.3:a:postgresql:postgresql:9.4.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8A587AF3-5E70-4455-8621-DFD048207DE2"}], "operator": "OR"}]}], "evaluatorComment": "<a href=\"http://cwe.mitre.org/data/definitions/415.html\">CWE-415: Double Free</a>", "sourceIdentifier": "secalert@redhat.com"}

4.3 /10