What is the severity of CVE-2014-0067?

CVE-2014-0067 has a severity level that allows local users to gain higher privileges on the affected systems.

How do I fix CVE-2014-0067?

To mitigate CVE-2014-0067, ensure you upgrade PostgreSQL to a version later than 9.3.3.

Which systems are affected by CVE-2014-0067?

CVE-2014-0067 affects PostgreSQL versions 9.3.3 and earlier, along with various OS versions like macOS Yosemite and Apple Mac OS X Server.

What type of vulnerability is CVE-2014-0067?

CVE-2014-0067 is a local privilege escalation vulnerability due to improper configuration during test suite setups.

Can I be attacked through CVE-2014-0067 if my PostgreSQL version is up to date?

If you are using a version of PostgreSQL later than 9.3.3, you are not vulnerable to CVE-2014-0067.

Vulnerability/
CVE-2014-0067

medium

4.6

CWE

264

28/3/2014

12/4/2025

CVE-2014-0067

First published: Fri Mar 28 2014(Updated: )

The "make check" command for the test suites in PostgreSQL 9.3.3 and earlier does not properly invoke initdb to specify the authentication requirements for a database cluster to be used for the tests, which allows local users to gain privileges by leveraging access to this cluster.

Credit: secalert@redhat.com

Affected Software	Affected Version	How to fix
Apple iOS and macOS	=10.10.4
Apple iOS and macOS	=5.0.3
PostgreSQL	<=8.4.19
PostgreSQL	=8.4.1
PostgreSQL	=8.4.2
PostgreSQL	=8.4.3
PostgreSQL	=8.4.4
PostgreSQL	=8.4.5
PostgreSQL	=8.4.6
PostgreSQL	=8.4.7
PostgreSQL	=8.4.8
PostgreSQL	=8.4.9
PostgreSQL	=8.4.10
PostgreSQL	=8.4.11
PostgreSQL	=8.4.12
PostgreSQL	=8.4.13
PostgreSQL	=8.4.14
PostgreSQL	=8.4.15
PostgreSQL	=8.4.16
PostgreSQL	=8.4.17
PostgreSQL	=8.4.18
PostgreSQL	=9.0
PostgreSQL	=9.0.1
PostgreSQL	=9.0.2
PostgreSQL	=9.0.3
PostgreSQL	=9.0.4
PostgreSQL	=9.0.5
PostgreSQL	=9.0.6
PostgreSQL	=9.0.7
PostgreSQL	=9.0.8
PostgreSQL	=9.0.9
PostgreSQL	=9.0.10
PostgreSQL	=9.0.11
PostgreSQL	=9.0.12
PostgreSQL	=9.0.13
PostgreSQL	=9.0.14
PostgreSQL	=9.0.15
PostgreSQL	=9.1
PostgreSQL	=9.1.1
PostgreSQL	=9.1.2
PostgreSQL	=9.1.3
PostgreSQL	=9.1.4
PostgreSQL	=9.1.5
PostgreSQL	=9.1.6
PostgreSQL	=9.1.7
PostgreSQL	=9.1.8
PostgreSQL	=9.1.9
PostgreSQL	=9.1.10
PostgreSQL	=9.1.11
PostgreSQL	=9.2
PostgreSQL	=9.2.1
PostgreSQL	=9.2.2
PostgreSQL	=9.2.3
PostgreSQL	=9.2.4
PostgreSQL	=9.2.5
PostgreSQL	=9.2.6
PostgreSQL	=9.3
PostgreSQL	=9.3.1
PostgreSQL	=9.3.2
	=10.10.4
	=5.0.3
	<=8.4.19
	=8.4.1
	=8.4.2
	=8.4.3
	=8.4.4
	=8.4.5
	=8.4.6
	=8.4.7
	=8.4.8
	=8.4.9
	=8.4.10
	=8.4.11
	=8.4.12
	=8.4.13
	=8.4.14
	=8.4.15
	=8.4.16
	=8.4.17
	=8.4.18
	=9.0
	=9.0.1
	=9.0.2
	=9.0.3
	=9.0.4
	=9.0.5
	=9.0.6
	=9.0.7
	=9.0.8
	=9.0.9
	=9.0.10
	=9.0.11
	=9.0.12
	=9.0.13
	=9.0.14
	=9.0.15
	=9.1
	=9.1.1
	=9.1.2
	=9.1.3
	=9.1.4
	=9.1.5
	=9.1.6
	=9.1.7
	=9.1.8
	=9.1.9
	=9.1.10
	=9.1.11
	=9.2
	=9.2.1
	=9.2.2
	=9.2.3
	=9.2.4
	=9.2.5
	=9.2.6
	=9.3
	=9.3.1
	=9.3.2

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2014-0067?
CVE-2014-0067 has a severity level that allows local users to gain higher privileges on the affected systems.
How do I fix CVE-2014-0067?
To mitigate CVE-2014-0067, ensure you upgrade PostgreSQL to a version later than 9.3.3.
Which systems are affected by CVE-2014-0067?
CVE-2014-0067 affects PostgreSQL versions 9.3.3 and earlier, along with various OS versions like macOS Yosemite and Apple Mac OS X Server.
What type of vulnerability is CVE-2014-0067?
CVE-2014-0067 is a local privilege escalation vulnerability due to improper configuration during test suite setups.
Can I be attacked through CVE-2014-0067 if my PostgreSQL version is up to date?
If you are using a version of PostgreSQL later than 9.3.3, you are not vulnerable to CVE-2014-0067.

agent/type
agent/references
agent/severity
agent/author
agent/weakness
agent/description
collector/mitre-cve
source/MITRE
agent/first-publish-date
collector/nvd-index
agent/software-canonical-lookup-request
collector/nvd-api
source/NVD
agent/software-canonical-lookup
agent/last-modified-date
agent/source
agent/softwarecombine
agent/tags
agent/event
vendor/apple
canonical/apple ios and macos
version/apple ios and macos/10.10.4
version/apple ios and macos/5.0.3
vendor/postgresql
canonical/postgresql
version/postgresql/8.4.19
version/postgresql/8.4.1
version/postgresql/8.4.2
version/postgresql/8.4.3
version/postgresql/8.4.4
version/postgresql/8.4.5
version/postgresql/8.4.6
version/postgresql/8.4.7
version/postgresql/8.4.8
version/postgresql/8.4.9
version/postgresql/8.4.10
version/postgresql/8.4.11
version/postgresql/8.4.12
version/postgresql/8.4.13
version/postgresql/8.4.14
version/postgresql/8.4.15
version/postgresql/8.4.16
version/postgresql/8.4.17
version/postgresql/8.4.18
version/postgresql/9.0
version/postgresql/9.0.1
version/postgresql/9.0.2
version/postgresql/9.0.3
version/postgresql/9.0.4
version/postgresql/9.0.5
version/postgresql/9.0.6
version/postgresql/9.0.7
version/postgresql/9.0.8
version/postgresql/9.0.9
version/postgresql/9.0.10
version/postgresql/9.0.11
version/postgresql/9.0.12
version/postgresql/9.0.13
version/postgresql/9.0.14
version/postgresql/9.0.15
version/postgresql/9.1
version/postgresql/9.1.1
version/postgresql/9.1.2
version/postgresql/9.1.3
version/postgresql/9.1.4
version/postgresql/9.1.5
version/postgresql/9.1.6
version/postgresql/9.1.7
version/postgresql/9.1.8
version/postgresql/9.1.9
version/postgresql/9.1.10
version/postgresql/9.1.11
version/postgresql/9.2
version/postgresql/9.2.1
version/postgresql/9.2.2
version/postgresql/9.2.3
version/postgresql/9.2.4
version/postgresql/9.2.5
version/postgresql/9.2.6
version/postgresql/9.3
version/postgresql/9.3.1
version/postgresql/9.3.2