1707102 – (CVE-2019-10128) CVE-2019-10128 postgresql: EnterpriseDB installer does not clear permissive ACL entries

Bug 1707102 (CVE-2019-10128) - CVE-2019-10128 postgresql: EnterpriseDB installer does not clear permissive ACL entries

Summary: CVE-2019-10128 postgresql: EnterpriseDB installer does not clear permissive A...

Keywords:
Status:	CLOSED NOTABUG
Alias:	CVE-2019-10128
Product:	Security Response
Classification:	Other
Component:	vulnerability
Sub Component:
Version:	unspecified
Hardware:	All
OS:	Linux
Priority:	medium
Severity:	medium
Target Milestone:	---
Assignee:	Red Hat Product Security
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:	1707112 1940788
TreeView+	depends on / blocked

Reported:	2019-05-06 19:53 UTC by Pedro Sampaio
Modified:	2021-03-19 07:28 UTC (History)
CC List:	47 users (show)
Fixed In Version:
Doc Type:	If docs needed, set a value
Doc Text:	The Windows installer for EnterpriseDB-supplied PostgreSQL does not lock down the ACL of the binary installation directory or the ACL of the data directory; it keeps the inherited ACL. In the default configuration, this allows a local attacker to read arbitrary data directory files, essentially bypassing database-imposed read access limitations. In plausible non-default configurations, an attacker having both an unprivileged Windows account and an unprivileged PostgreSQL account can cause the PostgreSQL service account to execute arbitrary code.
Clone Of:
Environment:
Last Closed:	2019-05-13 07:14:45 UTC
Embargoed:

Attachments	(Terms of Use)

Description Pedro Sampaio 2019-05-06 19:53:19 UTC

The Windows installer for EnterpriseDB-supplied PostgreSQL does not lock down
the ACL of the binary installation directory or the ACL of the data directory;
it keeps the inherited ACL. In the default configuration, this allows a local
attacker to read arbitrary data directory files, essentially bypassing
database-imposed read access limitations. In plausible non-default
configurations, an attacker having both an unprivileged Windows account and an
unprivileged PostgreSQL account can cause the PostgreSQL service account to
execute arbitrary code.

Comment 2 Pedro Sampaio 2019-05-06 19:55:27 UTC

Acknowledgments:

Name: Noah Misch, the PostgreSQL Project

Comment 4 Doran Moppert 2019-05-15 05:15:09 UTC

External References:

https://www.postgresql.org/about/news/1939/

Note You need to log in before you can comment on or make changes to this bug.

anon.amish
bbuckingham
bcourt
bkearney
bmcclain
btotty
dajohnso
databases-maint
dblechte
devrim
dfediuck
dmetzger
eedri
gacton
gblomqui
gmainwar
gmccullo
gtanzill
hhorak
hhudgeon
jfrey
jhardy
jlaska
jmlich83
jorton
jprause
jstanek
kdixon
mgoldboi
michal.skrivanek
mike
mmccune
mperina
obarenbo
panovotn
pkajaba
pkubat
praiskup
rchan
rjerrido
roliveri
sbonazzo
security-response-team
sherold
simaishi
tgl
tlestach