Short Name |
DB:POSTGRESQL:DBA-AUTH-BYPASS |
---|---|
Severity |
Major |
Recommended |
No |
Category |
DB |
Keywords |
Postgres Plus Advanced Server DBA Management Server Component Authentication Bypass |
Release Date |
2011/04/14 |
Update Number |
1902 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+ |
This signature detects attempts to exploit a known vulnerability against the DBA Management Server component of Postgres Plus Advanced Server. This issue occurs because the component fails to properly handle client authentication allowing access to the 'jmx-console' or web-console' directly. Attackers can exploit this vulnerability to execute arbitrary code within the context of the vulnerable server.
The DBA Management Server component of Postgres Plus Advanced Server is prone to an authentication-bypass vulnerability. Attackers can exploit this vulnerability to execute arbitrary code within the context of the vulnerable server. Postgres Plus Advanced Server 8.4 is vulnerable.