CVE-2014-0067

Name of the Vulnerable Software and Affected Versions PostgreSQL versions 9.3.3 and earlier

Description The issue allows local users to gain privileges by leveraging access to a database cluster used for test suites. This is due to the "make check" command not properly invoking initdb to specify authentication requirements for the cluster. Unauthenticated users may gain access to the database server during the "make check" process.

Recommendations For PostgreSQL versions 9.3.3 and earlier, consider restricting access to the database cluster used for test suites until a proper fix is applied. As a temporary workaround, ensure that only authorized users have access to the "make check" command to minimize the risk of exploitation.