Endpoint Vulnerability

PostgreSQL: Unauthenticated users may gain access to the database server during 'make check'..more details

Description

The 'make check' command for the test suites in PostgreSQL 9.3.3 and earlier does not properly invoke initdb to specify the authentication requirements for a database cluster to be used for the tests, which allows local users to gain privileges by leveraging access to this cluster.

Affected Products

PostgreSQL

References

CVE-2014-0067,