Attacker Value
Unknown
CVE-2016-1255
CVE-2016-1255
(Last updated October 05, 2023) ▾
MITRE ATT&CK
Log in to add MITRE ATT&CK tag
Add MITRE ATT&CK tactics and techniques that apply to this CVE.
Description
The pg_ctlcluster script in postgresql-common package in Debian wheezy before 134wheezy5, in Debian jessie before 165+deb8u2, in Debian unstable before 178, in Ubuntu 12.04 LTS before 129ubuntu1.2, in Ubuntu 14.04 LTS before 154ubuntu1.1, in Ubuntu 16.04 LTS before 173ubuntu0.1, in Ubuntu 17.04 before 179ubuntu0.1, and in Ubuntu 17.10 before 184ubuntu1.1 allows local users to gain root privileges via a symlink attack on a logfile in /var/log/postgresql.
Add Assessment
No one has assessed this topic. Be the first to add your voice to the community.
CVSS V3 Severity and Metrics
Data provided by the National Vulnerability Database (NVD)
Base Score:
7.8 High
Impact Score:
5.9
Exploitability Score:
1.8
Attack Vector (AV):
Local
Attack Complexity (AC):
Low
Privileges Required (PR):
Low
User Interaction (UI):
None
Scope (S):
Unchanged
Confidentiality (C):
High
Integrity (I):
High
Availability (A):
High
General Information
Vendors
- debian
Products
- postgresql-common 1,
- postgresql-common 10,
- postgresql-common 100,
- postgresql-common 101,
- postgresql-common 102,
- postgresql-common 103,
- postgresql-common 104,
- postgresql-common 105,
- postgresql-common 106,
- postgresql-common 107,
- postgresql-common 108,
- postgresql-common 109,
- postgresql-common 11,
- postgresql-common 110,
- postgresql-common 111,
- postgresql-common 112,
- postgresql-common 113,
- postgresql-common 114,
- postgresql-common 115,
- postgresql-common 116,
- postgresql-common 117,
- postgresql-common 118,
- postgresql-common 119,
- postgresql-common 12,
- postgresql-common 120,
- postgresql-common 121,
- postgresql-common 122,
- postgresql-common 122ubuntu1,
- postgresql-common 123,
- postgresql-common 124,
- postgresql-common 125,
- postgresql-common 126,
- postgresql-common 127,
- postgresql-common 128,
- postgresql-common 129,
- postgresql-common 129ubuntu1,
- postgresql-common 13,
- postgresql-common 130,
- postgresql-common 131,
- postgresql-common 132,
- postgresql-common 133,
- postgresql-common 134,
- postgresql-common 135,
- postgresql-common 136,
- postgresql-common 137,
- postgresql-common 138,
- postgresql-common 139,
- postgresql-common 14,
- postgresql-common 140,
- postgresql-common 141,
- postgresql-common 142,
- postgresql-common 143,
- postgresql-common 144,
- postgresql-common 145,
- postgresql-common 146,
- postgresql-common 147,
- postgresql-common 148,
- postgresql-common 149,
- postgresql-common 15,
- postgresql-common 150,
- postgresql-common 151,
- postgresql-common 152,
- postgresql-common 153,
- postgresql-common 153bzr1,
- postgresql-common 154,
- postgresql-common 154ubuntu1,
- postgresql-common 155,
- postgresql-common 156,
- postgresql-common 157,
- postgresql-common 158,
- postgresql-common 159,
- postgresql-common 16,
- postgresql-common 160,
- postgresql-common 161,
- postgresql-common 162,
- postgresql-common 163,
- postgresql-common 164,
- postgresql-common 169git1,
- postgresql-common 17,
- postgresql-common 170,
- postgresql-common 171,
- postgresql-common 172,
- postgresql-common 172ubuntu1,
- postgresql-common 173,
- postgresql-common 176+git1,
- postgresql-common 177git1,
- postgresql-common 177ubuntu1,
- postgresql-common 178,
- postgresql-common 179,
- postgresql-common 18,
- postgresql-common 181,
- postgresql-common 181ubuntu1,
- postgresql-common 183,
- postgresql-common 184,
- postgresql-common 184ubuntu1,
- postgresql-common 19,
- postgresql-common 2,
- postgresql-common 20,
- postgresql-common 21,
- postgresql-common 22,
- postgresql-common 23,
- postgresql-common 24,
- postgresql-common 25,
- postgresql-common 26,
- postgresql-common 27,
- postgresql-common 28,
- postgresql-common 29,
- postgresql-common 3,
- postgresql-common 30,
- postgresql-common 31,
- postgresql-common 32,
- postgresql-common 33,
- postgresql-common 34,
- postgresql-common 35,
- postgresql-common 36,
- postgresql-common 37,
- postgresql-common 38,
- postgresql-common 39,
- postgresql-common 4,
- postgresql-common 40,
- postgresql-common 41,
- postgresql-common 42,
- postgresql-common 43,
- postgresql-common 44,
- postgresql-common 45,
- postgresql-common 46,
- postgresql-common 47,
- postgresql-common 48,
- postgresql-common 49,
- postgresql-common 5,
- postgresql-common 50,
- postgresql-common 51,
- postgresql-common 52,
- postgresql-common 53,
- postgresql-common 54,
- postgresql-common 55,
- postgresql-common 56,
- postgresql-common 57,
- postgresql-common 58,
- postgresql-common 59,
- postgresql-common 6,
- postgresql-common 60,
- postgresql-common 61,
- postgresql-common 62,
- postgresql-common 63,
- postgresql-common 64,
- postgresql-common 65,
- postgresql-common 66,
- postgresql-common 67,
- postgresql-common 68,
- postgresql-common 69,
- postgresql-common 7,
- postgresql-common 70,
- postgresql-common 71,
- postgresql-common 72,
- postgresql-common 73,
- postgresql-common 74,
- postgresql-common 75,
- postgresql-common 76,
- postgresql-common 77,
- postgresql-common 78,
- postgresql-common 79,
- postgresql-common 8,
- postgresql-common 80,
- postgresql-common 81,
- postgresql-common 82,
- postgresql-common 83,
- postgresql-common 84,
- postgresql-common 85,
- postgresql-common 86,
- postgresql-common 87,
- postgresql-common 88,
- postgresql-common 89,
- postgresql-common 9,
- postgresql-common 90,
- postgresql-common 91,
- postgresql-common 92,
- postgresql-common 93,
- postgresql-common 94,
- postgresql-common 95,
- postgresql-common 96,
- postgresql-common 97,
- postgresql-common 98,
- postgresql-common 99
References
Advisory
