Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
PostgreSQL Exposure of Sensitive Information to an Unauthorized Actor Vulnerability - CVE-2015-5288 - Vulnerability Database
PostgreSQL

PostgreSQL Exposure of Sensitive Information to an Unauthorized Actor Vulnerability - CVE-2015-5288

Medium
Reference: CVE-2015-5288
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2015-5288
Title: PostgreSQL Exposure of Sensitive Information to an Unauthorized Actor Vulnerability
Overview:

The crypt function in contrib/pgcrypto in PostgreSQL before 9.0.23 9.1.x before 9.1.19 9.2.x before 9.2.14 9.3.x before 9.3.10 and 9.4.x before 9.4.5 allows attackers to cause a denial of service (server crash) or read arbitrary server memory via a quottoo-shortquot salt.