Vulnerabilities > CVE-2012-0101 - Remote Security vulnerability in Oracle MySQL Server
Attack vector
NETWORK Attack complexity
LOW Privileges required
SINGLE Confidentiality impact
NONE Integrity impact
NONE Availability impact
PARTIAL Summary
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.0.x and 5.1.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CVE-2012-0087 and CVE-2012-0102.
Vulnerable Configurations
Nessus
NASL family CentOS Local Security Checks NASL id CENTOS_RHSA-2012-0127.NASL description Updated mysql packages that fix several security issues are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon (mysqld) and many client programs and libraries. This update fixes several vulnerabilities in the MySQL database server. Information about these flaws can be found on the Oracle Critical Patch Update Advisory page, listed in the References section. (CVE-2012-0075, CVE-2012-0087, CVE-2012-0101, CVE-2012-0102, CVE-2012-0114, CVE-2012-0484, CVE-2012-0490) These updated packages upgrade MySQL to version 5.0.95. Refer to the MySQL release notes for a full list of changes : http://dev.mysql.com/doc/refman/5.0/en/news-5-0-x.html All MySQL users should upgrade to these updated packages, which correct these issues. After installing this update, the MySQL server daemon (mysqld) will be restarted automatically. last seen 2020-06-01 modified 2020-06-02 plugin id 57951 published 2012-02-15 reporter This script is Copyright (C) 2012-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/57951 title CentOS 5 : mysql (CESA-2012:0127) code # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Red Hat Security Advisory RHSA-2012:0127 and # CentOS Errata and Security Advisory 2012:0127 respectively. # include("compat.inc"); if (description) { script_id(57951); script_version("1.8"); script_cvs_date("Date: 2020/01/07"); script_cve_id("CVE-2010-1849", "CVE-2012-0075", "CVE-2012-0087", "CVE-2012-0101", "CVE-2012-0102", "CVE-2012-0114", "CVE-2012-0484", "CVE-2012-0490"); script_bugtraq_id(51502, 51505, 51509, 51515, 51520, 51524, 51526); script_xref(name:"RHSA", value:"2012:0127"); script_name(english:"CentOS 5 : mysql (CESA-2012:0127)"); script_summary(english:"Checks rpm output for the updated packages"); script_set_attribute( attribute:"synopsis", value:"The remote CentOS host is missing one or more security updates." ); script_set_attribute( attribute:"description", value: "Updated mysql packages that fix several security issues are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon (mysqld) and many client programs and libraries. This update fixes several vulnerabilities in the MySQL database server. Information about these flaws can be found on the Oracle Critical Patch Update Advisory page, listed in the References section. (CVE-2012-0075, CVE-2012-0087, CVE-2012-0101, CVE-2012-0102, CVE-2012-0114, CVE-2012-0484, CVE-2012-0490) These updated packages upgrade MySQL to version 5.0.95. Refer to the MySQL release notes for a full list of changes : http://dev.mysql.com/doc/refman/5.0/en/news-5-0-x.html All MySQL users should upgrade to these updated packages, which correct these issues. After installing this update, the MySQL server daemon (mysqld) will be restarted automatically." ); # https://lists.centos.org/pipermail/centos-announce/2012-February/018429.html script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?a361de5d" ); script_set_attribute( attribute:"solution", value:"Update the affected mysql packages." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_attribute(attribute:"cvss_score_source", value:"CVE-2010-1849"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"exploit_available", value:"false"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:mysql"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:mysql-bench"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:mysql-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:mysql-server"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:mysql-test"); script_set_attribute(attribute:"cpe", value:"cpe:/o:centos:centos:5"); script_set_attribute(attribute:"vuln_publication_date", value:"2010/06/08"); script_set_attribute(attribute:"patch_publication_date", value:"2012/02/13"); script_set_attribute(attribute:"plugin_publication_date", value:"2012/02/15"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2012-2020 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"CentOS Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/CentOS/release", "Host/CentOS/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/CentOS/release"); if (isnull(release) || "CentOS" >!< release) audit(AUDIT_OS_NOT, "CentOS"); os_ver = pregmatch(pattern: "CentOS(?: Linux)? release ([0-9]+)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "CentOS"); os_ver = os_ver[1]; if (! preg(pattern:"^5([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "CentOS 5.x", "CentOS " + os_ver); if (!get_kb_item("Host/CentOS/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "CentOS", cpu); flag = 0; if (rpm_check(release:"CentOS-5", reference:"mysql-5.0.95-1.el5_7.1")) flag++; if (rpm_check(release:"CentOS-5", reference:"mysql-bench-5.0.95-1.el5_7.1")) flag++; if (rpm_check(release:"CentOS-5", reference:"mysql-devel-5.0.95-1.el5_7.1")) flag++; if (rpm_check(release:"CentOS-5", reference:"mysql-server-5.0.95-1.el5_7.1")) flag++; if (rpm_check(release:"CentOS-5", reference:"mysql-test-5.0.95-1.el5_7.1")) flag++; if (flag) { security_report_v4( port : 0, severity : SECURITY_WARNING, extra : rpm_report_get() ); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "mysql / mysql-bench / mysql-devel / mysql-server / mysql-test"); }
NASL family Scientific Linux Local Security Checks NASL id SL_20120213_MYSQL_ON_SL5_X.NASL description MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon (mysqld) and many client programs and libraries. This update fixes several vulnerabilities in the MySQL database server. Information about these flaws can be found on the Oracle Critical Patch Update Advisory page. (CVE-2012-0075, CVE-2012-0087, CVE-2012-0101, CVE-2012-0102, CVE-2012-0114, CVE-2012-0484, CVE-2012-0490) These updated packages upgrade MySQL to version 5.0.95. Refer to the MySQL release notes for a full list of changes : http://dev.mysql.com/doc/refman/5.0/en/news-5-0-x.html All MySQL users should upgrade to these updated packages, which correct these issues. After installing this update, the MySQL server daemon (mysqld) will be restarted automatically. last seen 2020-03-18 modified 2012-08-01 plugin id 61246 published 2012-08-01 reporter This script is Copyright (C) 2012-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/61246 title Scientific Linux Security Update : mysql on SL5.x i386/x86_64 (20120213) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text is (C) Scientific Linux. # include("compat.inc"); if (description) { script_id(61246); script_version("1.5"); script_set_attribute(attribute:"plugin_modification_date", value:"2020/03/12"); script_cve_id("CVE-2012-0075", "CVE-2012-0087", "CVE-2012-0101", "CVE-2012-0102", "CVE-2012-0114", "CVE-2012-0484", "CVE-2012-0490"); script_name(english:"Scientific Linux Security Update : mysql on SL5.x i386/x86_64 (20120213)"); script_summary(english:"Checks rpm output for the updated packages"); script_set_attribute( attribute:"synopsis", value: "The remote Scientific Linux host is missing one or more security updates." ); script_set_attribute( attribute:"description", value: "MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon (mysqld) and many client programs and libraries. This update fixes several vulnerabilities in the MySQL database server. Information about these flaws can be found on the Oracle Critical Patch Update Advisory page. (CVE-2012-0075, CVE-2012-0087, CVE-2012-0101, CVE-2012-0102, CVE-2012-0114, CVE-2012-0484, CVE-2012-0490) These updated packages upgrade MySQL to version 5.0.95. Refer to the MySQL release notes for a full list of changes : http://dev.mysql.com/doc/refman/5.0/en/news-5-0-x.html All MySQL users should upgrade to these updated packages, which correct these issues. After installing this update, the MySQL server daemon (mysqld) will be restarted automatically." ); # http://dev.mysql.com/doc/refman/5.0/en/news-5-0-x.html script_set_attribute( attribute:"see_also", value:"https://dev.mysql.com/doc/refman/5.0/en/news-5-0-x.html" ); # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1202&L=scientific-linux-errata&T=0&P=2333 script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?ce807d2b" ); script_set_attribute(attribute:"solution", value:"Update the affected packages."); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:S/C:N/I:N/A:P"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:mysql"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:mysql-bench"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:mysql-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:mysql-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:mysql-server"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:mysql-test"); script_set_attribute(attribute:"cpe", value:"x-cpe:/o:fermilab:scientific_linux"); script_set_attribute(attribute:"vuln_publication_date", value:"2012/01/18"); script_set_attribute(attribute:"patch_publication_date", value:"2012/02/13"); script_set_attribute(attribute:"plugin_publication_date", value:"2012/08/01"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2012-2020 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Scientific Linux Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/RedHat/release", "Host/RedHat/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("misc_func.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/RedHat/release"); if (isnull(release) || "Scientific Linux " >!< release) audit(AUDIT_HOST_NOT, "running Scientific Linux"); os_ver = pregmatch(pattern: "Scientific Linux.*release ([0-9]+(\.[0-9]+)?)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Scientific Linux"); os_ver = os_ver[1]; if (! preg(pattern:"^5([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Scientific Linux 5.x", "Scientific Linux " + os_ver); if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if (cpu >!< "x86_64" && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Scientific Linux", cpu); flag = 0; if (rpm_check(release:"SL5", reference:"mysql-5.0.95-1.el5_7.1")) flag++; if (rpm_check(release:"SL5", reference:"mysql-bench-5.0.95-1.el5_7.1")) flag++; if (rpm_check(release:"SL5", reference:"mysql-debuginfo-5.0.95-1.el5_7.1")) flag++; if (rpm_check(release:"SL5", reference:"mysql-devel-5.0.95-1.el5_7.1")) flag++; if (rpm_check(release:"SL5", reference:"mysql-server-5.0.95-1.el5_7.1")) flag++; if (rpm_check(release:"SL5", reference:"mysql-test-5.0.95-1.el5_7.1")) flag++; if (flag) { security_report_v4( port : 0, severity : SECURITY_WARNING, extra : rpm_report_get() ); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "mysql / mysql-bench / mysql-debuginfo / mysql-devel / mysql-server / etc"); }
NASL family Gentoo Local Security Checks NASL id GENTOO_GLSA-201308-06.NASL description The remote host is affected by the vulnerability described in GLSA-201308-06 (MySQL: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in MySQL. Please review the CVE identifiers referenced below for details. Impact : A remote attacker could send a specially crafted request, possibly resulting in execution of arbitrary code with the privileges of the application or a Denial of Service condition. Workaround : There is no known workaround at this time. last seen 2020-06-01 modified 2020-06-02 plugin id 69508 published 2013-08-30 reporter This script is Copyright (C) 2013-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/69508 title GLSA-201308-06 : MySQL: Multiple vulnerabilities NASL family SuSE Local Security Checks NASL id OPENSUSE-2012-274.NASL description mariadb update to version 5.2.12 fixes several security issues and bugs. Please refer to the following upstream announcements for details : http://kb.askmonty.org/v/mariadb-5212-release-notes http://kb.askmonty.org/v/mariadb-5211-release-notes http://kb.askmonty.org/v/mariadb-5210-release-notes last seen 2020-06-05 modified 2014-06-13 plugin id 74624 published 2014-06-13 reporter This script is Copyright (C) 2014-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/74624 title openSUSE Security Update : mariadb (openSUSE-2012-274) NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2012-0127.NASL description Updated mysql packages that fix several security issues are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon (mysqld) and many client programs and libraries. This update fixes several vulnerabilities in the MySQL database server. Information about these flaws can be found on the Oracle Critical Patch Update Advisory page, listed in the References section. (CVE-2012-0075, CVE-2012-0087, CVE-2012-0101, CVE-2012-0102, CVE-2012-0114, CVE-2012-0484, CVE-2012-0490) These updated packages upgrade MySQL to version 5.0.95. Refer to the MySQL release notes for a full list of changes : http://dev.mysql.com/doc/refman/5.0/en/news-5-0-x.html All MySQL users should upgrade to these updated packages, which correct these issues. After installing this update, the MySQL server daemon (mysqld) will be restarted automatically. last seen 2020-04-16 modified 2012-02-14 plugin id 57930 published 2012-02-14 reporter This script is Copyright (C) 2012-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/57930 title RHEL 5 : mysql (RHSA-2012:0127) NASL family Oracle Linux Local Security Checks NASL id ORACLELINUX_ELSA-2012-0105.NASL description From Red Hat Security Advisory 2012:0105 : Updated mysql packages that fix several security issues are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon (mysqld) and many client programs and libraries. This update fixes several vulnerabilities in the MySQL database server. Information about these flaws can be found on the Oracle Critical Patch Update Advisory page, listed in the References section. (CVE-2011-2262, CVE-2012-0075, CVE-2012-0087, CVE-2012-0101, CVE-2012-0102, CVE-2012-0112, CVE-2012-0113, CVE-2012-0114, CVE-2012-0115, CVE-2012-0116, CVE-2012-0118, CVE-2012-0119, CVE-2012-0120, CVE-2012-0484, CVE-2012-0485, CVE-2012-0490, CVE-2012-0492) These updated packages upgrade MySQL to version 5.1.61. Refer to the MySQL release notes for a full list of changes : http://dev.mysql.com/doc/refman/5.1/en/news-5-1-x.html All MySQL users should upgrade to these updated packages, which correct these issues. After installing this update, the MySQL server daemon (mysqld) will be restarted automatically. last seen 2020-06-01 modified 2020-06-02 plugin id 68453 published 2013-07-12 reporter This script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/68453 title Oracle Linux 6 : mysql (ELSA-2012-0105) NASL family Databases NASL id MYSQL_5_0_95.NASL description The version of MySQL 5.0 installed on the remote host is earlier than 5.0.95. Such versions are affected by multiple vulnerabilities. Details are not public yet. last seen 2020-06-01 modified 2020-06-02 plugin id 57604 published 2012-01-19 reporter This script is Copyright (C) 2012-2018 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/57604 title MySQL 5.0 < 5.0.95 Multiple Vulnerabilities NASL family Ubuntu Local Security Checks NASL id UBUNTU_USN-1397-1.NASL description Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to 5.1.61 in Ubuntu 10.04 LTS, Ubuntu 10.10, Ubuntu 11.04 and Ubuntu 11.10. Ubuntu 8.04 LTS has been updated to MySQL 5.0.95. In addition to security fixes, the updated packages contain bug fixes, new features, and possibly incompatible changes. Please see the following for more information : http://dev.mysql.com/doc/refman/5.1/en/news-5-1-x.html http://dev.mysql.com/doc/refman/5.0/en/news-5-0-x.html http://www.oracle.com/technetwork/topics/security/cpujan2012-366304.ht ml. Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 58325 published 2012-03-13 reporter Ubuntu Security Notice (C) 2012-2019 Canonical, Inc. / NASL script (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/58325 title Ubuntu 8.04 LTS / 10.04 LTS / 10.10 / 11.04 / 11.10 : mysql-5.1, mysql-dfsg-5.0, mysql-dfsg-5.1 vulnerabilities (USN-1397-1) NASL family SuSE Local Security Checks NASL id SUSE_11_LIBMYSQLCLIENT-DEVEL-120731.NASL description MySQL has been upgraded to version 5.0.96 to fix several vulnerabilities. last seen 2020-06-05 modified 2013-01-25 plugin id 64183 published 2013-01-25 reporter This script is Copyright (C) 2013-2020 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/64183 title SuSE 11.1 Security Update : MySQL (SAT Patch Number 6613) NASL family F5 Networks Local Security Checks NASL id F5_BIGIP_SOL14410.NASL description For BIG-IP systems using the MySQL database, the following MySQL vulnerabilities may allow local users to gain knowledge of sensitive information, manipulate certain data, or cause a Denial of Service (DoS):CVE-2011-2262 CVE-2012-0075 CVE-2012-0087 CVE-2012-0101 CVE-2012-0102 CVE-2012-0112 CVE-2012-0113 CVE-2012-0114 CVE-2012-0115 CVE-2012-0116 CVE-2012-0117 CVE-2012-0118 CVE-2012-0119 CVE-2012-0120 CVE-2012-0484 CVE-2012-0485 CVE-2012-0486 CVE-2012-0487 CVE-2012-0488 CVE-2012-0489 CVE-2012-0490 CVE-2012-0491 CVE-2012-0492 CVE-2012-0493 CVE-2012-0494 CVE-2012-0495 CVE-2012-0496 For Enterprise Manager systems, the following MySQL vulnerability may also allow remote users to gain knowledge of sensitive information, manipulate certain data, or cause a DoS : CVE-2011-2262 last seen 2020-06-01 modified 2020-06-02 plugin id 78149 published 2014-10-10 reporter This script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/78149 title F5 Networks BIG-IP : Multiple MySQL vulnerabilities (K14410) NASL family Amazon Linux Local Security Checks NASL id ALA_ALAS-2012-44.NASL description This update fixes several vulnerabilities in the MySQL database server. Information about these flaws can be found on the Oracle Critical Patch Update Advisory page, listed in the References section. (CVE-2011-2262 , CVE-2012-0075 , CVE-2012-0087 , CVE-2012-0101 , CVE-2012-0102 , CVE-2012-0112 , CVE-2012-0113 , CVE-2012-0114 , CVE-2012-0115 , CVE-2012-0116 , CVE-2012-0118 , CVE-2012-0119 , CVE-2012-0120 , CVE-2012-0484 , CVE-2012-0485 , CVE-2012-0490 , CVE-2012-0492) These updated packages upgrade MySQL to version 5.1.61. Refer to the MySQL release notes for a full list of changes : last seen 2020-06-01 modified 2020-06-02 plugin id 69651 published 2013-09-04 reporter This script is Copyright (C) 2013-2018 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/69651 title Amazon Linux AMI : mysql (ALAS-2012-44) NASL family Debian Local Security Checks NASL id DEBIAN_DSA-2429.NASL description Due to the non-disclosure of security patch information from Oracle, we are forced to ship an upstream version update of MySQL 5.1. There are several known incompatible changes, which are listed in /usr/share/doc/mysql-server/NEWS.Debian.gz. Several security vulnerabilities were discovered in MySQL, a database management system. The vulnerabilities are addressed by upgrading MySQL to a new upstream version, 5.1.61, which includes additional changes, such as performance improvements and corrections for data loss defects. These changes are described in the MySQL release notes at: . last seen 2020-03-17 modified 2012-03-08 plugin id 58277 published 2012-03-08 reporter This script is Copyright (C) 2012-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/58277 title Debian DSA-2429-1 : mysql-5.1 - several vulnerabilities NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2012-0105.NASL description Updated mysql packages that fix several security issues are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon (mysqld) and many client programs and libraries. This update fixes several vulnerabilities in the MySQL database server. Information about these flaws can be found on the Oracle Critical Patch Update Advisory page, listed in the References section. (CVE-2011-2262, CVE-2012-0075, CVE-2012-0087, CVE-2012-0101, CVE-2012-0102, CVE-2012-0112, CVE-2012-0113, CVE-2012-0114, CVE-2012-0115, CVE-2012-0116, CVE-2012-0118, CVE-2012-0119, CVE-2012-0120, CVE-2012-0484, CVE-2012-0485, CVE-2012-0490, CVE-2012-0492) These updated packages upgrade MySQL to version 5.1.61. Refer to the MySQL release notes for a full list of changes : http://dev.mysql.com/doc/refman/5.1/en/news-5-1-x.html All MySQL users should upgrade to these updated packages, which correct these issues. After installing this update, the MySQL server daemon (mysqld) will be restarted automatically. last seen 2020-04-16 modified 2012-02-09 plugin id 57871 published 2012-02-09 reporter This script is Copyright (C) 2012-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/57871 title RHEL 6 : mysql (RHSA-2012:0105) NASL family Scientific Linux Local Security Checks NASL id SL_20120208_MYSQL_ON_SL6_X.NASL description MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon (mysqld) and many client programs and libraries. This update fixes several vulnerabilities in the MySQL database server. Information about these flaws can be found on the Oracle Critical Patch Update Advisory page, listed in the References section. (CVE-2011-2262, CVE-2012-0075, CVE-2012-0087, CVE-2012-0101, CVE-2012-0102, CVE-2012-0112, CVE-2012-0113, CVE-2012-0114, CVE-2012-0115, CVE-2012-0116, CVE-2012-0118, CVE-2012-0119, CVE-2012-0120, CVE-2012-0484, CVE-2012-0485, CVE-2012-0490, CVE-2012-0492) These updated packages upgrade MySQL to version 5.1.61. Refer to the MySQL release notes for a full list of changes : http://dev.mysql.com/doc/refman/5.1/en/news-5-1-x.html All MySQL users should upgrade to these updated packages, which correct these issues. After installing this update, the MySQL server daemon (mysqld) will be restarted automatically. last seen 2020-03-18 modified 2012-08-01 plugin id 61239 published 2012-08-01 reporter This script is Copyright (C) 2012-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/61239 title Scientific Linux Security Update : mysql on SL6.x i386/x86_64 (20120208) NASL family Oracle Linux Local Security Checks NASL id ORACLELINUX_ELSA-2012-0127.NASL description From Red Hat Security Advisory 2012:0127 : Updated mysql packages that fix several security issues are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon (mysqld) and many client programs and libraries. This update fixes several vulnerabilities in the MySQL database server. Information about these flaws can be found on the Oracle Critical Patch Update Advisory page, listed in the References section. (CVE-2012-0075, CVE-2012-0087, CVE-2012-0101, CVE-2012-0102, CVE-2012-0114, CVE-2012-0484, CVE-2012-0490) These updated packages upgrade MySQL to version 5.0.95. Refer to the MySQL release notes for a full list of changes : http://dev.mysql.com/doc/refman/5.0/en/news-5-0-x.html All MySQL users should upgrade to these updated packages, which correct these issues. After installing this update, the MySQL server daemon (mysqld) will be restarted automatically. last seen 2020-06-01 modified 2020-06-02 plugin id 68457 published 2013-07-12 reporter This script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/68457 title Oracle Linux 5 : mysql (ELSA-2012-0127) NASL family CentOS Local Security Checks NASL id CENTOS_RHSA-2012-0105.NASL description Updated mysql packages that fix several security issues are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon (mysqld) and many client programs and libraries. This update fixes several vulnerabilities in the MySQL database server. Information about these flaws can be found on the Oracle Critical Patch Update Advisory page, listed in the References section. (CVE-2011-2262, CVE-2012-0075, CVE-2012-0087, CVE-2012-0101, CVE-2012-0102, CVE-2012-0112, CVE-2012-0113, CVE-2012-0114, CVE-2012-0115, CVE-2012-0116, CVE-2012-0118, CVE-2012-0119, CVE-2012-0120, CVE-2012-0484, CVE-2012-0485, CVE-2012-0490, CVE-2012-0492) These updated packages upgrade MySQL to version 5.1.61. Refer to the MySQL release notes for a full list of changes : http://dev.mysql.com/doc/refman/5.1/en/news-5-1-x.html All MySQL users should upgrade to these updated packages, which correct these issues. After installing this update, the MySQL server daemon (mysqld) will be restarted automatically. last seen 2020-06-01 modified 2020-06-02 plugin id 57878 published 2012-02-10 reporter This script is Copyright (C) 2012-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/57878 title CentOS 6 : mysql (CESA-2012:0105) NASL family Databases NASL id MYSQL_5_1_61.NASL description The version of MySQL 5.1 installed on the remote host is earlier than 5.1.61. Such versions are affected by multiple, as yet unspecified vulnerabilities. last seen 2020-06-01 modified 2020-06-02 plugin id 57605 published 2012-01-19 reporter This script is Copyright (C) 2012-2018 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/57605 title MySQL 5.1 < 5.1.61 Multiple Vulnerabilities
Redhat
rpms |
|
References
- http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=659687
- http://lists.opensuse.org/opensuse-security-announce/2012-08/msg00007.html
- http://osvdb.org/78378
- http://secunia.com/advisories/48250
- http://secunia.com/advisories/53372
- http://security.gentoo.org/glsa/glsa-201308-06.xml
- http://www.debian.org/security/2012/dsa-2429
- http://www.oracle.com/technetwork/topics/security/cpujan2012-366304.html
- http://www.ubuntu.com/usn/USN-1397-1
- https://exchange.xforce.ibmcloud.com/vulnerabilities/72520