2023-08-15 01:48:23
Those who work with databases on a regular basis will know that PostgreSQL is more than just a name. It has an impressive history spanning over 30 years, and now serves as an effective object-relational database system that is open source. Due to its ability to store and grow even the most complex data workloads, it has become the database of choice for a wide variety of applications, ranging from websites to mobile and analytics systems. The widely used open source object-relational database system PostgreSQL has been found to have a major security flaw. The vulnerability, identified as CVE-2023-39417, has a significant CVSS score of 7.5 and grants the attacker the ability to execute arbitrary code as a boot superuser if the attacker also has the ability to create databases at the base level. of data. The vulnerability can be exploited in the PostgreSQL extension script if an administrator has installed files of a vulnerable, trusted, and unbundled extension. The vulnerability is present in the PostgreSQL extension script. When using the @extowner@, @extschema@, or @extschema:…@ functions, there is a security flaw because user input is not sanitized properly. This flaw is the root source of the vulnerability.
An adversary can exploit this flaw by sending malicious data to a PostgreSQL database running an exploitable version of the program. The malicious input may be in the form of an SQL query, or it may be a parameter to a function. As soon as the attacker sends the malicious input, he can execute arbitrary code in the context of the boot root.
The boot superuser is a single user account that has full authority over a PostgreSQL database. This account can only be accessed through the startup script. This indicates that an adversary who can run arbitrary code as the boot superuser has the ability to do whatever he wants with the database. This includes data theft, data deletion, or data alteration.
All PostgreSQL versions 11, 12, 13, 14, and 15 are susceptible to the CVE-2023-39417 issue. The fixed versions are 11.21, 12.16, 13.12, 14.9 and 15.4. PostgreSQL has made a patch available that prevents this attack from occurring at the fundamental server level. The remediation process is made easier by the fact that users do not have to edit individual extensions. It is imperative that you install this necessary update as soon as possible as the security of your data depends on it.
He is a well-known expert in mobile security and malware analysis. He studied Computer Science at NYU and started working as a cyber security analyst in 2003. He is actively working as an anti-malware expert. He has also worked for security companies such as Kaspersky Lab. His daily work includes investigating new malware and cybersecurity incidents. He also has a deep level of knowledge in mobile security and mobile vulnerabilities.
Send news tips to [email protected] or www.instagram.com/iicsorg/
You can also find us on Telegram www.t.me/noticiasciberseguridad
#Hacking #PostgreSQL #applications #SQL #injection #vulnerability