1707098 – (CVE-2019-10127) CVE-2019-10127 postgresql: BigSQL installer does not clear permissive ACL entries

Bug 1707098 (CVE-2019-10127) - CVE-2019-10127 postgresql: BigSQL installer does not clear permissive ACL entries

Summary: CVE-2019-10127 postgresql: BigSQL installer does not clear permissive ACL ent...

Keywords:
Status:	CLOSED NOTABUG
Alias:	CVE-2019-10127
Product:	Security Response
Classification:	Other
Component:	vulnerability
Sub Component:
Version:	unspecified
Hardware:	All
OS:	Linux
Priority:	medium
Severity:	medium
Target Milestone:	---
Assignee:	Red Hat Product Security
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:	1707112 1940787
TreeView+	depends on / blocked

Reported:	2019-05-06 19:45 UTC by Pedro Sampaio
Modified:	2021-03-19 07:24 UTC (History)
CC List:	47 users (show)
Fixed In Version:
Doc Type:	If docs needed, set a value
Doc Text:	The Windows installer for BigSQL-supplied PostgreSQL does not lock down the ACL of the binary installation directory or the ACL of the data directory; it keeps the inherited ACL. In the default configuration, an attacker having both an unprivileged Windows account and an unprivileged PostgreSQL account can cause the PostgreSQL service account to execute arbitrary code. An attacker having only the unprivileged Windows account can read arbitrary data directory files, essentially bypassing database-imposed read access limitations. An attacker having only the unprivileged Windows account can also delete certain data directory files.
Clone Of:
Environment:
Last Closed:	2019-05-13 07:14:25 UTC
Embargoed:

Attachments	(Terms of Use)

Description Pedro Sampaio 2019-05-06 19:45:20 UTC

The Windows installer for BigSQL-supplied PostgreSQL does not lock down the
ACL of the binary installation directory or the ACL of the data directory; it
keeps the inherited ACL. In the default configuration, an attacker having
both an unprivileged Windows account and an unprivileged PostgreSQL account
can cause the PostgreSQL service account to execute arbitrary code. An
attacker having only the unprivileged Windows account can read arbitrary data
directory files, essentially bypassing database-imposed read access
limitations. An attacker having only the unprivileged Windows account can
also delete certain data directory files.

Comment 3 Pedro Sampaio 2019-05-06 19:55:03 UTC

Acknowledgments:

Name: Noah Misch, the PostgreSQL Project
Upstream: Conner Jones

Comment 5 Doran Moppert 2019-05-15 05:14:50 UTC

External References:

https://www.postgresql.org/about/news/1939/

Note You need to log in before you can comment on or make changes to this bug.

anon.amish
bbuckingham
bcourt
bkearney
bmcclain
btotty
dajohnso
databases-maint
dblechte
devrim
dfediuck
dmetzger
eedri
gacton
gblomqui
gmainwar
gmccullo
gtanzill
hhorak
hhudgeon
jfrey
jhardy
jlaska
jmlich83
jorton
jprause
jstanek
kdixon
mgoldboi
michal.skrivanek
mike
mmccune
mperina
obarenbo
panovotn
pkajaba
pkubat
praiskup
rchan
rjerrido
roliveri
sbonazzo
security-response-team
sherold
simaishi
tgl
tlestach