{"$ref":"https://www.cert.ssi.gouv.fr/openapi.json","affected_systems":[{"description":"PostgreSQL 7.x et versions ant\u00e9rieures ;","product":{"name":"PostgreSQL","vendor":{"name":"PostgreSQL","scada":false}}},{"description":"PostgreSQL 8.x et versions ant\u00e9rieures.","product":{"name":"PostgreSQL","vendor":{"name":"PostgreSQL","scada":false}}}],"affected_systems_content":"","content":"## Description\n\nPostgreSQL est un outil de base de donn\u00e9es Open Source.\n\nDeux vuln\u00e9rabilit\u00e9s d\u00e9couvertes dans PostgreSQL permettent \u00e0 un\nutilisateur mal intentionn\u00e9 ayant acc\u00e8s au r\u00e9seau local d'\u00e9lever ses\nprivil\u00e8ges ou d'effectuer un d\u00e9ni de service.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l'\u00e9diteur pour l'obtention des\ncorrectifs (cf. section Documentation).\n\nLa mise \u00e0 jour pour PostgreSQL est accessible \u00e0 l'adresse suivante :\n\n    http://www.postgresql.org/download/\n","cves":[{"name":"CVE-2005-1410","url":"https://www.cve.org/CVERecord?id=CVE-2005-1410"},{"name":"CVE-2005-1409","url":"https://www.cve.org/CVERecord?id=CVE-2005-1409"}],"links":[{"title":"Mise \u00e0 jour de s\u00e9curit\u00e9 Fedora Core 3 pour PostgreSQL :","url":"http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/"},{"title":"Site Internet de PostgreSQL :","url":"http://www.postgresql.org"},{"title":"Bulletin de s\u00e9curit\u00e9 Gentoo GLSA 200505-12 du 15 mai 2005 :","url":"http://www.gentoo.org/security/en/glsa/glsa-200505-12.xml"},{"title":"Bulletin de s\u00e9curit\u00e9 Mandriva MDKSA-2005:093 du 26 mai 2005    :","url":"http://www.mandriva.com/security/advisories?name=MDKSA-2005-:093"},{"title":"Mise \u00e0 jour de s\u00e9curit\u00e9 Fedora Core 2 pour PostgreSQL :","url":"http://download.fedora.redhat.com/pub/fedora/linux/core/updates/2/"},{"title":"Annonces des vuln\u00e9rabilit\u00e9s :","url":"http://www.postgresql.org/about/news.322"},{"title":"Bulletin de s\u00e9curit\u00e9 RedHat RHSA-2005:433-17 du 01 juin    2005 :","url":"https://rhn.redhat.com/errata/RHSA-2005-433.html"},{"title":"Annonces des vuln\u00e9rabilit\u00e9s :","url":"http://www.postgresql.org/about/news.315"}],"reference":"CERTA-2005-AVI-166","revisions":[{"description":"version initiale.","revision_date":"2005-05-17T00:00:00.000000"},{"description":"ajout des r\u00e9f\u00e9rences aux bulletins de s\u00e9curit\u00e9 Mandriva et RedHat.","revision_date":"2005-06-03T00:00:00.000000"},{"description":"ajout de la r\u00e9f\u00e9rence au bulletin de s\u00e9curit\u00e9 FreeBSD.","revision_date":"2006-02-20T00:00:00.000000"}],"risks":[{"description":"D\u00e9ni de service"},{"description":"\u00c9l\u00e9vation de privil\u00e8ges"}],"summary":"","title":"Multiples vuln\u00e9rabilit\u00e9s dans PostgreSQL","vendor_advisories":[{"published_at":"2005-05-15","title":"Bulletin de s\u00e9curit\u00e9 Gentoo GLSA-200505-12","url":"http://www.gentoo.org/security/en/glsa/glsa-200505-12.xml"}]}