Alibaba Cloud's Cloud Firewall has been able to defend against the malicious file writing vulnerability of PostgreSQL.
PostgreSQL is a powerful, open-source object-relational database that runs on multiple operating systems. The PostgreSQL function
Lo_export can be called to export large objects to a file. Once an attacker obtains PostgreSQL database privileges, the attacker can use the
Lo_export functions to import malicious library files and execute system commands.
Rule type: Command execution
Risk level: High
Scope of impact: PostgreSQL databases
Rule-based defense: Cloud Firewall has been able to defend against this vulnerability. We recommend that you enable intrusion prevention policies in the Cloud Firewall console.