Skip to content

An investigation into PostgreSQL for fictional organisation

Notifications You must be signed in to change notification settings

Aholynomic/software-sec-report

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

3 Commits
 
 
 
 
 
 

Repository files navigation

software-sec-report

An investigation into PostgreSQL for a fictitious organisation. Completed for an assessment in CMP417.

Within their organisation, their modifications to their database version allowed a security fault to be introduced into the software, specifically CWE-787 which is an out-of-bounds write. This would cause the vulnerability CVE-2019-10164, which could be devastating if an attacker were able to exploit this.

To remediate this, static analysis tools and manual code review were recommended to fix these type of issues in the future, and therefore fix the vulnerability affecting the database.

Grade: A+

About

An investigation into PostgreSQL for fictional organisation

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published