Vulnerabilities > CVE-2013-5891
Attack vector
NETWORK Attack complexity
LOW Privileges required
SINGLE Confidentiality impact
NONE Integrity impact
NONE Availability impact
PARTIAL Summary
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.33 and earlier and 5.6.13 and earlier allows remote authenticated users to affect availability via unknown vectors related to Partition.
Vulnerable Configurations
Nessus
NASL family SuSE Local Security Checks NASL id SUSE_11_LIBMYSQL55CLIENT18-140527.NASL description MySQL was updated to version 5.5.37 to address various security issues. More information is available at http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.h tml#AppendixMSQL and http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.h tml#AppendixMSQL . last seen 2020-06-05 modified 2014-06-07 plugin id 74373 published 2014-06-07 reporter This script is Copyright (C) 2014-2020 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/74373 title SuSE 11.3 Security Update : MySQL (SAT Patch Number 9303) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from SuSE 11 update information. The text itself is # copyright (C) Novell, Inc. # if (NASL_LEVEL < 3000) exit(0); include("compat.inc"); if (description) { script_id(74373); script_version("1.2"); script_set_attribute(attribute:"plugin_modification_date", value:"2020/06/04"); script_cve_id("CVE-2013-4316", "CVE-2013-5860", "CVE-2013-5881", "CVE-2013-5882", "CVE-2013-5891", "CVE-2013-5894", "CVE-2013-5908", "CVE-2014-0001", "CVE-2014-0384", "CVE-2014-0386", "CVE-2014-0393", "CVE-2014-0401", "CVE-2014-0402", "CVE-2014-0412", "CVE-2014-0420", "CVE-2014-0427", "CVE-2014-0430", "CVE-2014-0431", "CVE-2014-0433", "CVE-2014-0437", "CVE-2014-2419", "CVE-2014-2430", "CVE-2014-2431", "CVE-2014-2432", "CVE-2014-2434", "CVE-2014-2435", "CVE-2014-2436", "CVE-2014-2438", "CVE-2014-2440", "CVE-2014-2442", "CVE-2014-2444", "CVE-2014-2450", "CVE-2014-2451"); script_name(english:"SuSE 11.3 Security Update : MySQL (SAT Patch Number 9303)"); script_summary(english:"Checks rpm output for the updated packages"); script_set_attribute( attribute:"synopsis", value:"The remote SuSE 11 host is missing one or more security updates." ); script_set_attribute( attribute:"description", value: "MySQL was updated to version 5.5.37 to address various security issues. More information is available at http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.h tml#AppendixMSQL and http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.h tml#AppendixMSQL ." ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=858823" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=861493" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=873896" ); script_set_attribute( attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2013-4316.html" ); script_set_attribute( attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2013-5860.html" ); script_set_attribute( attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2013-5881.html" ); script_set_attribute( attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2013-5882.html" ); script_set_attribute( attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2013-5891.html" ); script_set_attribute( attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2013-5894.html" ); script_set_attribute( attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2013-5908.html" ); script_set_attribute( attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2014-0001.html" ); script_set_attribute( attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2014-0384.html" ); script_set_attribute( attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2014-0386.html" ); script_set_attribute( attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2014-0393.html" ); script_set_attribute( attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2014-0401.html" ); script_set_attribute( attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2014-0402.html" ); script_set_attribute( attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2014-0412.html" ); script_set_attribute( attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2014-0420.html" ); script_set_attribute( attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2014-0427.html" ); script_set_attribute( attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2014-0430.html" ); script_set_attribute( attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2014-0431.html" ); script_set_attribute( attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2014-0433.html" ); script_set_attribute( attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2014-0437.html" ); script_set_attribute( attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2014-2419.html" ); script_set_attribute( attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2014-2430.html" ); script_set_attribute( attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2014-2431.html" ); script_set_attribute( attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2014-2432.html" ); script_set_attribute( attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2014-2434.html" ); script_set_attribute( attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2014-2435.html" ); script_set_attribute( attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2014-2436.html" ); script_set_attribute( attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2014-2438.html" ); script_set_attribute( attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2014-2440.html" ); script_set_attribute( attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2014-2442.html" ); script_set_attribute( attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2014-2444.html" ); script_set_attribute( attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2014-2450.html" ); script_set_attribute( attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2014-2451.html" ); script_set_attribute(attribute:"solution", value:"Apply SAT patch number 9303."); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:libmysql55client18"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:libmysql55client18-32bit"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:libmysql55client_r18"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:libmysql55client_r18-32bit"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:libmysqlclient15"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:libmysqlclient15-32bit"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:libmysqlclient_r15"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:libmysqlclient_r15-32bit"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:mysql"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:mysql-client"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:mysql-tools"); script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:suse_linux:11"); script_set_attribute(attribute:"patch_publication_date", value:"2014/05/27"); script_set_attribute(attribute:"plugin_publication_date", value:"2014/06/07"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2014-2020 Tenable Network Security, Inc."); script_family(english:"SuSE Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/SuSE/release"); if (isnull(release) || release !~ "^(SLED|SLES)11") audit(AUDIT_OS_NOT, "SuSE 11"); if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if (cpu !~ "^i[3-6]86$" && "x86_64" >!< cpu && "s390x" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "SuSE 11", cpu); pl = get_kb_item("Host/SuSE/patchlevel"); if (isnull(pl) || int(pl) != 3) audit(AUDIT_OS_NOT, "SuSE 11.3"); flag = 0; if (rpm_check(release:"SLED11", sp:3, cpu:"i586", reference:"libmysql55client18-5.5.37-0.7.1")) flag++; if (rpm_check(release:"SLED11", sp:3, cpu:"i586", reference:"libmysql55client_r18-5.5.37-0.7.1")) flag++; if (rpm_check(release:"SLED11", sp:3, cpu:"i586", reference:"libmysqlclient15-5.0.96-0.6.11")) flag++; if (rpm_check(release:"SLED11", sp:3, cpu:"i586", reference:"libmysqlclient_r15-5.0.96-0.6.11")) flag++; if (rpm_check(release:"SLED11", sp:3, cpu:"i586", reference:"mysql-5.5.37-0.7.1")) flag++; if (rpm_check(release:"SLED11", sp:3, cpu:"i586", reference:"mysql-client-5.5.37-0.7.1")) flag++; if (rpm_check(release:"SLED11", sp:3, cpu:"x86_64", reference:"libmysql55client18-5.5.37-0.7.1")) flag++; if (rpm_check(release:"SLED11", sp:3, cpu:"x86_64", reference:"libmysql55client18-32bit-5.5.37-0.7.1")) flag++; if (rpm_check(release:"SLED11", sp:3, cpu:"x86_64", reference:"libmysql55client_r18-5.5.37-0.7.1")) flag++; if (rpm_check(release:"SLED11", sp:3, cpu:"x86_64", reference:"libmysql55client_r18-32bit-5.5.37-0.7.1")) flag++; if (rpm_check(release:"SLED11", sp:3, cpu:"x86_64", reference:"libmysqlclient15-5.0.96-0.6.11")) flag++; if (rpm_check(release:"SLED11", sp:3, cpu:"x86_64", reference:"libmysqlclient15-32bit-5.0.96-0.6.11")) flag++; if (rpm_check(release:"SLED11", sp:3, cpu:"x86_64", reference:"libmysqlclient_r15-5.0.96-0.6.11")) flag++; if (rpm_check(release:"SLED11", sp:3, cpu:"x86_64", reference:"libmysqlclient_r15-32bit-5.0.96-0.6.11")) flag++; if (rpm_check(release:"SLED11", sp:3, cpu:"x86_64", reference:"mysql-5.5.37-0.7.1")) flag++; if (rpm_check(release:"SLED11", sp:3, cpu:"x86_64", reference:"mysql-client-5.5.37-0.7.1")) flag++; if (rpm_check(release:"SLES11", sp:3, reference:"libmysql55client18-5.5.37-0.7.1")) flag++; if (rpm_check(release:"SLES11", sp:3, reference:"libmysql55client_r18-5.5.37-0.7.1")) flag++; if (rpm_check(release:"SLES11", sp:3, reference:"libmysqlclient15-5.0.96-0.6.11")) flag++; if (rpm_check(release:"SLES11", sp:3, reference:"libmysqlclient_r15-5.0.96-0.6.11")) flag++; if (rpm_check(release:"SLES11", sp:3, reference:"mysql-5.5.37-0.7.1")) flag++; if (rpm_check(release:"SLES11", sp:3, reference:"mysql-client-5.5.37-0.7.1")) flag++; if (rpm_check(release:"SLES11", sp:3, reference:"mysql-tools-5.5.37-0.7.1")) flag++; if (rpm_check(release:"SLES11", sp:3, cpu:"s390x", reference:"libmysql55client18-32bit-5.5.37-0.7.1")) flag++; if (rpm_check(release:"SLES11", sp:3, cpu:"s390x", reference:"libmysqlclient15-32bit-5.0.96-0.6.11")) flag++; if (rpm_check(release:"SLES11", sp:3, cpu:"x86_64", reference:"libmysql55client18-32bit-5.5.37-0.7.1")) flag++; if (rpm_check(release:"SLES11", sp:3, cpu:"x86_64", reference:"libmysqlclient15-32bit-5.0.96-0.6.11")) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get()); else security_hole(0); exit(0); } else audit(AUDIT_HOST_NOT, "affected");NASL family Databases NASL id MYSQL_5_5_34.NASL description The version of MySQL installed on the remote host is 5.5.x prior to 5.5.34. It is, therefore, potentially affected by vulnerabilities in the following components : - InnoDB - Locking - Partition - Optimizer last seen 2020-04-30 modified 2014-01-15 plugin id 71973 published 2014-01-15 reporter This script is Copyright (C) 2014-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/71973 title MySQL 5.5 < 5.5.34 Multiple Vulnerabilities code # # (C) Tenable Network Security, Inc. # include("compat.inc"); if (description) { script_id(71973); script_version("1.9"); script_set_attribute(attribute:"plugin_modification_date", value:"2020/04/27"); script_cve_id( "CVE-2013-5891", "CVE-2014-0386", "CVE-2014-0393", "CVE-2014-0402" ); script_bugtraq_id(64877, 64891, 64904, 64908); script_name(english:"MySQL 5.5 < 5.5.34 Multiple Vulnerabilities"); script_summary(english:"Checks version of MySQL server"); script_set_attribute(attribute:"synopsis", value: "The remote database server may be affected by multiple vulnerabilities."); script_set_attribute(attribute:"description", value: "The version of MySQL installed on the remote host is 5.5.x prior to 5.5.34. It is, therefore, potentially affected by vulnerabilities in the following components : - InnoDB - Locking - Partition - Optimizer"); # https://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html#AppendixMSQL script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?1ac50e41"); script_set_attribute(attribute:"see_also", value:"http://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-34.html"); script_set_attribute(attribute:"solution", value:"Upgrade to MySQL 5.5.34 or later."); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:S/C:N/I:P/A:P"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_attribute(attribute:"cvss_score_source", value:"CVE-2014-0402"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"exploit_available", value:"false"); script_set_attribute(attribute:"vuln_publication_date", value:"2014/01/14"); script_set_attribute(attribute:"patch_publication_date", value:"2013/09/20"); script_set_attribute(attribute:"plugin_publication_date", value:"2014/01/15"); script_set_attribute(attribute:"plugin_type", value:"remote"); script_set_attribute(attribute:"cpe", value:"cpe:/a:oracle:mysql"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_family(english:"Databases"); script_copyright(english:"This script is Copyright (C) 2014-2020 and is owned by Tenable, Inc. or an Affiliate thereof."); script_dependencies("mysql_version.nasl", "mysql_login.nasl"); script_require_keys("Settings/ParanoidReport"); script_require_ports("Services/mysql", 3306); exit(0); } include("mysql_version.inc"); mysql_check_version(fixed:'5.5.34', min:'5.5', severity:SECURITY_WARNING);NASL family Scientific Linux Local Security Checks NASL id SL_20140218_MYSQL55_MYSQL_ON_SL5_X.NASL description A buffer overflow flaw was found in the way the MySQL command line client tool (mysql) processed excessively long version strings. If a user connected to a malicious MySQL server via the mysql client, the server could use this flaw to crash the mysql client or, potentially, execute arbitrary code as the user running the mysql client. (CVE-2014-0001) Upstream does not issue any more security advisories for the MySQL 5.0 packages (mysql-5.0.* and related packages). The only trusted way to upgrade from MySQL 5.0 to MySQL 5.5 is by using MySQL 5.1 as an intermediate step. This is why the mysql51* Software Collection packages are provided. Note that the MySQL 5.1 packages are not supported and are provided only for the purposes of migrating to MySQL 5.5. You should not use the mysql51* packages on any of your production systems. Specific instructions for this migration are provided by the upstream Deployment Guide. After installing this update, the MySQL server daemon (mysqld) will be restarted automatically. last seen 2020-03-18 modified 2014-02-19 plugin id 72569 published 2014-02-19 reporter This script is Copyright (C) 2014-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/72569 title Scientific Linux Security Update : mysql55-mysql on SL5.x i386/x86_64 (20140218) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text is (C) Scientific Linux. # include("compat.inc"); if (description) { script_id(72569); script_version("1.4"); script_set_attribute(attribute:"plugin_modification_date", value:"2020/03/12"); script_cve_id("CVE-2013-3839", "CVE-2013-5807", "CVE-2013-5891", "CVE-2013-5908", "CVE-2014-0001", "CVE-2014-0386", "CVE-2014-0393", "CVE-2014-0401", "CVE-2014-0402", "CVE-2014-0412", "CVE-2014-0420", "CVE-2014-0437"); script_name(english:"Scientific Linux Security Update : mysql55-mysql on SL5.x i386/x86_64 (20140218)"); script_summary(english:"Checks rpm output for the updated packages"); script_set_attribute( attribute:"synopsis", value: "The remote Scientific Linux host is missing one or more security updates." ); script_set_attribute( attribute:"description", value: "A buffer overflow flaw was found in the way the MySQL command line client tool (mysql) processed excessively long version strings. If a user connected to a malicious MySQL server via the mysql client, the server could use this flaw to crash the mysql client or, potentially, execute arbitrary code as the user running the mysql client. (CVE-2014-0001) Upstream does not issue any more security advisories for the MySQL 5.0 packages (mysql-5.0.* and related packages). The only trusted way to upgrade from MySQL 5.0 to MySQL 5.5 is by using MySQL 5.1 as an intermediate step. This is why the mysql51* Software Collection packages are provided. Note that the MySQL 5.1 packages are not supported and are provided only for the purposes of migrating to MySQL 5.5. You should not use the mysql51* packages on any of your production systems. Specific instructions for this migration are provided by the upstream Deployment Guide. After installing this update, the MySQL server daemon (mysqld) will be restarted automatically." ); # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1402&L=scientific-linux-errata&T=0&P=2317 script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?c55fe33a" ); script_set_attribute(attribute:"solution", value:"Update the affected packages."); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:mysql55-mysql"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:mysql55-mysql-bench"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:mysql55-mysql-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:mysql55-mysql-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:mysql55-mysql-libs"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:mysql55-mysql-server"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:mysql55-mysql-test"); script_set_attribute(attribute:"cpe", value:"x-cpe:/o:fermilab:scientific_linux"); script_set_attribute(attribute:"vuln_publication_date", value:"2013/10/16"); script_set_attribute(attribute:"patch_publication_date", value:"2014/02/18"); script_set_attribute(attribute:"plugin_publication_date", value:"2014/02/19"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2014-2020 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Scientific Linux Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/RedHat/release", "Host/RedHat/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("misc_func.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/RedHat/release"); if (isnull(release) || "Scientific Linux " >!< release) audit(AUDIT_HOST_NOT, "running Scientific Linux"); os_ver = pregmatch(pattern: "Scientific Linux.*release ([0-9]+(\.[0-9]+)?)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Scientific Linux"); os_ver = os_ver[1]; if (! preg(pattern:"^5([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Scientific Linux 5.x", "Scientific Linux " + os_ver); if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if (cpu >!< "x86_64" && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Scientific Linux", cpu); flag = 0; if (rpm_check(release:"SL5", reference:"mysql55-mysql-5.5.36-2.el5")) flag++; if (rpm_check(release:"SL5", reference:"mysql55-mysql-bench-5.5.36-2.el5")) flag++; if (rpm_check(release:"SL5", reference:"mysql55-mysql-debuginfo-5.5.36-2.el5")) flag++; if (rpm_check(release:"SL5", reference:"mysql55-mysql-devel-5.5.36-2.el5")) flag++; if (rpm_check(release:"SL5", reference:"mysql55-mysql-libs-5.5.36-2.el5")) flag++; if (rpm_check(release:"SL5", reference:"mysql55-mysql-server-5.5.36-2.el5")) flag++; if (rpm_check(release:"SL5", reference:"mysql55-mysql-test-5.5.36-2.el5")) flag++; if (flag) { security_report_v4( port : 0, severity : SECURITY_HOLE, extra : rpm_report_get() ); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "mysql55-mysql / mysql55-mysql-bench / mysql55-mysql-debuginfo / etc"); }NASL family Databases NASL id MARIADB_5_5_35.NASL description The version of MariaDB 5.5 running on the remote host is a version prior to 5.5.35. It is, therefore, potentially affected by the following vulnerabilities : - Errors exist related to the following subcomponents : Error Handling, FTS, GIS, InnoDB, Locking, Optimizer, Partition, Performance Schema, Privileges, Replication, and Thread Pooling. (CVE-2013-5860, CVE-2013-5881, CVE-2013-5891, CVE-2013-5894, CVE-2013-5908, CVE-2014-0386, CVE-2014-0393, CVE-2014-0401, CVE-2014-0402, CVE-2014-0412, CVE-2014-0420, CVE-2014-0427, CVE-2014-0430, CVE-2014-0431, CVE-2014-0433, CVE-2014-0437) - An unspecified error exists related to stored procedures handling that could allow denial of service attacks. (CVE-2013-5882) - An error exists in the file last seen 2020-06-01 modified 2020-06-02 plugin id 72374 published 2014-02-06 reporter This script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/72374 title MariaDB 5.5 < 5.5.35 Multiple Vulnerabilities code # # (C) Tenable Network Security, Inc. # include("compat.inc"); if (description) { script_id(72374); script_version("1.11"); script_cvs_date("Date: 2019/11/26"); script_cve_id( "CVE-2013-5860", "CVE-2013-5881", "CVE-2013-5882", "CVE-2013-5891", "CVE-2013-5894", "CVE-2013-5908", "CVE-2014-0001", "CVE-2014-0386", "CVE-2014-0393", "CVE-2014-0401", "CVE-2014-0402", "CVE-2014-0412", "CVE-2014-0420", "CVE-2014-0427", "CVE-2014-0430", "CVE-2014-0431", "CVE-2014-0433", "CVE-2014-0437" ); script_bugtraq_id( 64849, 64854, 64864, 64868, 64873, 64877, 64880, 64885, 64888, 64891, 64893, 64895, 64896, 64897, 64898, 64904, 64908, 65298, 65312 ); script_name(english:"MariaDB 5.5 < 5.5.35 Multiple Vulnerabilities"); script_summary(english:"Checks MariaDB version"); script_set_attribute(attribute:"synopsis", value: "The remote database server is affected by multiple vulnerabilities."); script_set_attribute(attribute:"description", value: "The version of MariaDB 5.5 running on the remote host is a version prior to 5.5.35. It is, therefore, potentially affected by the following vulnerabilities : - Errors exist related to the following subcomponents : Error Handling, FTS, GIS, InnoDB, Locking, Optimizer, Partition, Performance Schema, Privileges, Replication, and Thread Pooling. (CVE-2013-5860, CVE-2013-5881, CVE-2013-5891, CVE-2013-5894, CVE-2013-5908, CVE-2014-0386, CVE-2014-0393, CVE-2014-0401, CVE-2014-0402, CVE-2014-0412, CVE-2014-0420, CVE-2014-0427, CVE-2014-0430, CVE-2014-0431, CVE-2014-0433, CVE-2014-0437) - An unspecified error exists related to stored procedures handling that could allow denial of service attacks. (CVE-2013-5882) - An error exists in the file 'client/mysql.cc' that could allow a buffer overflow leading to denial of service or possibly arbitrary code execution. (CVE-2014-0001)"); script_set_attribute(attribute:"see_also", value:"https://mariadb.com/kb/en/library/mariadb-5535-changelog/"); script_set_attribute(attribute:"see_also", value:"https://mariadb.atlassian.net/browse/MDEV-4974"); script_set_attribute(attribute:"see_also", value:"https://mariadb.atlassian.net/browse/MDEV-5353"); script_set_attribute(attribute:"see_also", value:"https://mariadb.atlassian.net/browse/MDEV-5356"); script_set_attribute(attribute:"see_also", value:"https://mariadb.atlassian.net/browse/MDEV-5396"); script_set_attribute(attribute:"see_also", value:"https://mariadb.atlassian.net/browse/MDEV-5405"); script_set_attribute(attribute:"see_also", value:"https://mariadb.atlassian.net/browse/MDEV-5406"); script_set_attribute(attribute:"see_also", value:"https://mariadb.atlassian.net/browse/MDEV-5453"); script_set_attribute(attribute:"see_also", value:"https://mariadb.atlassian.net/browse/MDEV-5458"); script_set_attribute(attribute:"see_also", value:"https://mariadb.atlassian.net/browse/MDEV-5461"); script_set_attribute(attribute:"see_also", value:"https://mariadb.atlassian.net/browse/MDEV-5504"); script_set_attribute(attribute:"solution", value: "Upgrade to MariaDB 5.5.35 or later."); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_attribute(attribute:"cvss_score_source", value:"CVE-2014-0001"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"exploit_available", value:"false"); script_set_attribute(attribute:"vuln_publication_date", value:"2014/01/14"); script_set_attribute(attribute:"patch_publication_date", value:"2014/01/29"); script_set_attribute(attribute:"plugin_publication_date", value:"2014/02/06"); script_set_attribute(attribute:"potential_vulnerability", value:"true"); script_set_attribute(attribute:"plugin_type", value:"remote"); script_set_attribute(attribute:"cpe", value:"cpe:/a:mariadb:mariadb"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_family(english:"Databases"); script_copyright(english:"This script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_dependencies("mysql_version.nasl", "mysql_login.nasl"); script_require_keys("Settings/ParanoidReport"); script_require_ports("Services/mysql", 3306); exit(0); } include("mysql_version.inc"); mysql_check_version(variant:'MariaDB', fixed:'5.5.35-MariaDB', min:'5.5', severity:SECURITY_HOLE);NASL family CentOS Local Security Checks NASL id CENTOS_RHSA-2014-0173.NASL description The remote CentOS host is missing a security update which has been documented in Red Hat advisory RHSA-2014:0173. last seen 2020-06-01 modified 2020-06-02 plugin id 72863 published 2014-03-07 reporter This script is Copyright (C) 2014-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/72863 title CentOS 6 : mysql55-mysql (CESA-2014:0173) code # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Red Hat Security Advisory RHSA-2014:0173 and # CentOS Errata and Security Advisory 2014:0173 respectively. # include("compat.inc"); if (description) { script_id(72863); script_version("1.6"); script_cvs_date("Date: 2020/01/06"); script_cve_id("CVE-2013-3839", "CVE-2013-5807", "CVE-2013-5891", "CVE-2013-5908", "CVE-2014-0001", "CVE-2014-0386", "CVE-2014-0393", "CVE-2014-0401", "CVE-2014-0402", "CVE-2014-0412", "CVE-2014-0420", "CVE-2014-0437"); script_bugtraq_id(63105, 63109, 64849, 64877, 64880, 64888, 64891, 64896, 64898, 64904, 64908, 65298); script_xref(name:"RHSA", value:"2014:0173"); script_name(english:"CentOS 6 : mysql55-mysql (CESA-2014:0173)"); script_summary(english:"Checks rpm output for the updated packages"); script_set_attribute( attribute:"synopsis", value:"The remote CentOS host is missing one or more security updates." ); script_set_attribute( attribute:"description", value: "The remote CentOS host is missing a security update which has been documented in Red Hat advisory RHSA-2014:0173." ); # https://lists.centos.org/pipermail/centos-announce/2014-February/020165.html script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?e1718fd7" ); script_set_attribute( attribute:"solution", value:"Update the affected mysql55-mysql packages." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_attribute(attribute:"cvss_score_source", value:"CVE-2014-0001"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"exploit_available", value:"false"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos-scl:mysql55-mysql"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos-scl:mysql55-mysql-bench"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos-scl:mysql55-mysql-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos-scl:mysql55-mysql-libs"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos-scl:mysql55-mysql-server"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos-scl:mysql55-mysql-test"); script_set_attribute(attribute:"cpe", value:"cpe:/o:centos:centos:6"); script_set_attribute(attribute:"vuln_publication_date", value:"2013/10/16"); script_set_attribute(attribute:"patch_publication_date", value:"2014/02/19"); script_set_attribute(attribute:"plugin_publication_date", value:"2014/03/07"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2014-2020 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"CentOS Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/CentOS/release", "Host/CentOS/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/CentOS/release"); if (isnull(release) || "CentOS" >!< release) audit(AUDIT_OS_NOT, "CentOS"); os_ver = pregmatch(pattern: "CentOS(?: Linux)? release ([0-9]+)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "CentOS"); os_ver = os_ver[1]; if (! preg(pattern:"^6([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "CentOS 6.x", "CentOS " + os_ver); if (!get_kb_item("Host/CentOS/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "CentOS", cpu); flag = 0; if (rpm_check(release:"CentOS-6", cpu:"x86_64", reference:"mysql55-mysql-5.5.36-1.1.el6.centos.alt")) flag++; if (rpm_check(release:"CentOS-6", cpu:"x86_64", reference:"mysql55-mysql-bench-5.5.36-1.1.el6.centos.alt")) flag++; if (rpm_check(release:"CentOS-6", cpu:"x86_64", reference:"mysql55-mysql-devel-5.5.36-1.1.el6.centos.alt")) flag++; if (rpm_check(release:"CentOS-6", cpu:"x86_64", reference:"mysql55-mysql-libs-5.5.36-1.1.el6.centos.alt")) flag++; if (rpm_check(release:"CentOS-6", cpu:"x86_64", reference:"mysql55-mysql-server-5.5.36-1.1.el6.centos.alt")) flag++; if (rpm_check(release:"CentOS-6", cpu:"x86_64", reference:"mysql55-mysql-test-5.5.36-1.1.el6.centos.alt")) flag++; if (flag) { security_report_v4( port : 0, severity : SECURITY_HOLE, extra : rpm_report_get() ); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "mysql55-mysql / mysql55-mysql-bench / mysql55-mysql-devel / etc"); }NASL family Mandriva Local Security Checks NASL id MANDRIVA_MDVSA-2014-028.NASL description Multiple vulnerabilities has been discovered and corrected in mariadb : Buffer overflow in client/mysql.cc in Oracle MySQL and MariaDB before 5.5.35 allows remote database servers to cause a denial of service (crash) and possibly execute arbitrary code via a long server version string (CVE-2014-0001). Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.72 and earlier, 5.5.34 and earlier, and 5.6.14 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB (CVE-2014-0412). Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.72 and earlier, 5.5.34 and earlier, and 5.6.14 and earlier allows remote authenticated users to affect availability via unknown vectors related to Optimizer (CVE-2014-0437). Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.72 and earlier, 5.5.34 and earlier, and 5.6.14 and earlier allows remote attackers to affect availability via unknown vectors related to Error Handling (CVE-2013-5908). Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.34 and earlier, and 5.6.14 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Replication (CVE-2014-0420). Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.71 and earlier, 5.5.33 and earlier, and 5.6.13 and earlier allows remote authenticated users to affect integrity via unknown vectors related to InnoDB (CVE-2014-0393). Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.33 and earlier and 5.6.13 and earlier allows remote authenticated users to affect availability via unknown vectors related to Partition (CVE-2013-5891). Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.71 and earlier, 5.5.33 and earlier, and 5.6.13 and earlier allows remote authenticated users to affect availability via unknown vectors related to Optimizer (CVE-2014-0386). Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.72 and earlier, 5.5.34 and earlier, and 5.6.14 and earlier allows remote authenticated users to affect availability via unknown vectors (CVE-2014-0401). Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.71 and earlier, 5.5.33 and earlier, and 5.6.13 and earlier allows remote authenticated users to affect availability via unknown vectors related to Locking (CVE-2014-0402). The updated packages have been upgraded to the 5.5.35 version which is not vulnerable to these issues. last seen 2020-06-01 modified 2020-06-02 plugin id 72495 published 2014-02-14 reporter This script is Copyright (C) 2014-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/72495 title Mandriva Linux Security Advisory : mariadb (MDVSA-2014:028) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Mandriva Linux Security Advisory MDVSA-2014:028. # The text itself is copyright (C) Mandriva S.A. # include("compat.inc"); if (description) { script_id(72495); script_version("1.5"); script_cvs_date("Date: 2019/08/02 13:32:55"); script_cve_id("CVE-2013-5891", "CVE-2013-5908", "CVE-2014-0001", "CVE-2014-0386", "CVE-2014-0393", "CVE-2014-0401", "CVE-2014-0402", "CVE-2014-0412", "CVE-2014-0420", "CVE-2014-0437"); script_bugtraq_id(64888, 64891); script_xref(name:"MDVSA", value:"2014:028"); script_name(english:"Mandriva Linux Security Advisory : mariadb (MDVSA-2014:028)"); script_summary(english:"Checks rpm output for the updated packages"); script_set_attribute( attribute:"synopsis", value: "The remote Mandriva Linux host is missing one or more security updates." ); script_set_attribute( attribute:"description", value: "Multiple vulnerabilities has been discovered and corrected in mariadb : Buffer overflow in client/mysql.cc in Oracle MySQL and MariaDB before 5.5.35 allows remote database servers to cause a denial of service (crash) and possibly execute arbitrary code via a long server version string (CVE-2014-0001). Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.72 and earlier, 5.5.34 and earlier, and 5.6.14 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB (CVE-2014-0412). Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.72 and earlier, 5.5.34 and earlier, and 5.6.14 and earlier allows remote authenticated users to affect availability via unknown vectors related to Optimizer (CVE-2014-0437). Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.72 and earlier, 5.5.34 and earlier, and 5.6.14 and earlier allows remote attackers to affect availability via unknown vectors related to Error Handling (CVE-2013-5908). Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.34 and earlier, and 5.6.14 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Replication (CVE-2014-0420). Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.71 and earlier, 5.5.33 and earlier, and 5.6.13 and earlier allows remote authenticated users to affect integrity via unknown vectors related to InnoDB (CVE-2014-0393). Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.33 and earlier and 5.6.13 and earlier allows remote authenticated users to affect availability via unknown vectors related to Partition (CVE-2013-5891). Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.71 and earlier, 5.5.33 and earlier, and 5.6.13 and earlier allows remote authenticated users to affect availability via unknown vectors related to Optimizer (CVE-2014-0386). Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.72 and earlier, 5.5.34 and earlier, and 5.6.14 and earlier allows remote authenticated users to affect availability via unknown vectors (CVE-2014-0401). Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.71 and earlier, 5.5.33 and earlier, and 5.6.13 and earlier allows remote authenticated users to affect availability via unknown vectors related to Locking (CVE-2014-0402). The updated packages have been upgraded to the 5.5.35 version which is not vulnerable to these issues." ); # http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?17c46362" ); script_set_attribute( attribute:"see_also", value:"https://mariadb.com/kb/en/library/mariadb-5535-release-notes/" ); script_set_attribute(attribute:"solution", value:"Update the affected packages."); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P"); script_set_cvss_temporal_vector("CVSS2#E:ND/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"exploit_available", value:"false"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64mariadb-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64mariadb-embedded-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64mariadb-embedded18"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64mariadb18"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mariadb"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mariadb-bench"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mariadb-client"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mariadb-common"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mariadb-common-core"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mariadb-core"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mariadb-extra"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mariadb-feedback"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mariadb-obsolete"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mysql-MariaDB"); script_set_attribute(attribute:"cpe", value:"cpe:/o:mandriva:business_server:1"); script_set_attribute(attribute:"patch_publication_date", value:"2014/02/13"); script_set_attribute(attribute:"plugin_publication_date", value:"2014/02/14"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2014-2019 Tenable Network Security, Inc."); script_family(english:"Mandriva Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/Mandrake/release", "Host/Mandrake/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); if (!get_kb_item("Host/Mandrake/release")) audit(AUDIT_OS_NOT, "Mandriva / Mandake Linux"); if (!get_kb_item("Host/Mandrake/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if (cpu !~ "^(amd64|i[3-6]86|x86_64)$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Mandriva / Mandrake Linux", cpu); flag = 0; if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"lib64mariadb-devel-5.5.35-1.mbs1")) flag++; if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"lib64mariadb-embedded-devel-5.5.35-1.mbs1")) flag++; if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"lib64mariadb-embedded18-5.5.35-1.mbs1")) flag++; if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"lib64mariadb18-5.5.35-1.mbs1")) flag++; if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"mariadb-5.5.35-1.mbs1")) flag++; if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"mariadb-bench-5.5.35-1.mbs1")) flag++; if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"mariadb-client-5.5.35-1.mbs1")) flag++; if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"mariadb-common-5.5.35-1.mbs1")) flag++; if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"mariadb-common-core-5.5.35-1.mbs1")) flag++; if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"mariadb-core-5.5.35-1.mbs1")) flag++; if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"mariadb-extra-5.5.35-1.mbs1")) flag++; if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"mariadb-feedback-5.5.35-1.mbs1")) flag++; if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"mariadb-obsolete-5.5.35-1.mbs1")) flag++; if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"mysql-MariaDB-5.5.35-1.mbs1")) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get()); else security_hole(0); exit(0); } else audit(AUDIT_HOST_NOT, "affected");NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2014-0186.NASL description Updated mysql55-mysql packages that fix several security issues are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon (mysqld) and many client programs and libraries. This update fixes several vulnerabilities in the MySQL database server. Information about these flaws can be found on the Oracle Critical Patch Update Advisory page, listed in the References section. (CVE-2013-5807, CVE-2013-5891, CVE-2014-0386, CVE-2014-0393, CVE-2014-0401, CVE-2014-0402, CVE-2014-0412, CVE-2014-0420, CVE-2014-0437, CVE-2013-3839, CVE-2013-5908) A buffer overflow flaw was found in the way the MySQL command line client tool (mysql) processed excessively long version strings. If a user connected to a malicious MySQL server via the mysql client, the server could use this flaw to crash the mysql client or, potentially, execute arbitrary code as the user running the mysql client. (CVE-2014-0001) The CVE-2014-0001 issue was discovered by Garth Mollett of the Red Hat Security Response Team. These updated packages upgrade MySQL to version 5.5.36. Refer to the MySQL Release Notes listed in the References section for a complete list of changes. All MySQL users should upgrade to these updated packages, which correct these issues. After installing this update, the MySQL server daemon (mysqld) will be restarted automatically. last seen 2020-06-01 modified 2020-06-02 plugin id 72568 published 2014-02-19 reporter This script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/72568 title RHEL 5 : mysql55-mysql (RHSA-2014:0186) code # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Red Hat Security Advisory RHSA-2014:0186. The text # itself is copyright (C) Red Hat, Inc. # include("compat.inc"); if (description) { script_id(72568); script_version("1.13"); script_cvs_date("Date: 2019/10/24 15:35:38"); script_cve_id("CVE-2013-3839", "CVE-2013-5807", "CVE-2013-5891", "CVE-2013-5908", "CVE-2014-0001", "CVE-2014-0386", "CVE-2014-0393", "CVE-2014-0401", "CVE-2014-0402", "CVE-2014-0412", "CVE-2014-0420", "CVE-2014-0437"); script_bugtraq_id(63105, 63109, 64849, 64877, 64880, 64888, 64891, 64896, 64898, 64904, 64908, 65298); script_xref(name:"RHSA", value:"2014:0186"); script_name(english:"RHEL 5 : mysql55-mysql (RHSA-2014:0186)"); script_summary(english:"Checks the rpm output for the updated packages"); script_set_attribute( attribute:"synopsis", value:"The remote Red Hat host is missing one or more security updates." ); script_set_attribute( attribute:"description", value: "Updated mysql55-mysql packages that fix several security issues are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon (mysqld) and many client programs and libraries. This update fixes several vulnerabilities in the MySQL database server. Information about these flaws can be found on the Oracle Critical Patch Update Advisory page, listed in the References section. (CVE-2013-5807, CVE-2013-5891, CVE-2014-0386, CVE-2014-0393, CVE-2014-0401, CVE-2014-0402, CVE-2014-0412, CVE-2014-0420, CVE-2014-0437, CVE-2013-3839, CVE-2013-5908) A buffer overflow flaw was found in the way the MySQL command line client tool (mysql) processed excessively long version strings. If a user connected to a malicious MySQL server via the mysql client, the server could use this flaw to crash the mysql client or, potentially, execute arbitrary code as the user running the mysql client. (CVE-2014-0001) The CVE-2014-0001 issue was discovered by Garth Mollett of the Red Hat Security Response Team. These updated packages upgrade MySQL to version 5.5.36. Refer to the MySQL Release Notes listed in the References section for a complete list of changes. All MySQL users should upgrade to these updated packages, which correct these issues. After installing this update, the MySQL server daemon (mysqld) will be restarted automatically." ); # http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html# script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?34f26d57" ); # http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html# script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?5145c717" ); # http://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-36.html script_set_attribute( attribute:"see_also", value:"https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-36.html" ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2014:0186" ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2013-3839" ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2014-0412" ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2014-0437" ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2013-5908" ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2014-0393" ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2014-0386" ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2014-0001" ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2014-0401" ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2014-0402" ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2013-5807" ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2014-0420" ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2013-5891" ); script_set_attribute(attribute:"solution", value:"Update the affected packages."); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"exploit_available", value:"false"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:mysql55-mysql"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:mysql55-mysql-bench"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:mysql55-mysql-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:mysql55-mysql-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:mysql55-mysql-libs"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:mysql55-mysql-server"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:mysql55-mysql-test"); script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:5"); script_set_attribute(attribute:"patch_publication_date", value:"2014/02/18"); script_set_attribute(attribute:"plugin_publication_date", value:"2014/02/19"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Red Hat Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list", "Host/cpu"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("misc_func.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/RedHat/release"); if (isnull(release) || "Red Hat" >!< release) audit(AUDIT_OS_NOT, "Red Hat"); os_ver = eregmatch(pattern: "Red Hat Enterprise Linux.*release ([0-9]+(\.[0-9]+)?)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Red Hat"); os_ver = os_ver[1]; if (! ereg(pattern:"^5([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Red Hat 5.x", "Red Hat " + os_ver); if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "s390" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Red Hat", cpu); yum_updateinfo = get_kb_item("Host/RedHat/yum-updateinfo"); if (!empty_or_null(yum_updateinfo)) { rhsa = "RHSA-2014:0186"; yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa); if (!empty_or_null(yum_report)) { security_report_v4( port : 0, severity : SECURITY_HOLE, extra : yum_report ); exit(0); } else { audit_message = "affected by Red Hat security advisory " + rhsa; audit(AUDIT_OS_NOT, audit_message); } } else { flag = 0; if (rpm_check(release:"RHEL5", cpu:"i386", reference:"mysql55-mysql-5.5.36-2.el5")) flag++; if (rpm_check(release:"RHEL5", cpu:"s390x", reference:"mysql55-mysql-5.5.36-2.el5")) flag++; if (rpm_check(release:"RHEL5", cpu:"x86_64", reference:"mysql55-mysql-5.5.36-2.el5")) flag++; if (rpm_check(release:"RHEL5", cpu:"i386", reference:"mysql55-mysql-bench-5.5.36-2.el5")) flag++; if (rpm_check(release:"RHEL5", cpu:"s390x", reference:"mysql55-mysql-bench-5.5.36-2.el5")) flag++; if (rpm_check(release:"RHEL5", cpu:"x86_64", reference:"mysql55-mysql-bench-5.5.36-2.el5")) flag++; if (rpm_check(release:"RHEL5", reference:"mysql55-mysql-debuginfo-5.5.36-2.el5")) flag++; if (rpm_check(release:"RHEL5", reference:"mysql55-mysql-devel-5.5.36-2.el5")) flag++; if (rpm_check(release:"RHEL5", cpu:"i386", reference:"mysql55-mysql-libs-5.5.36-2.el5")) flag++; if (rpm_check(release:"RHEL5", cpu:"s390x", reference:"mysql55-mysql-libs-5.5.36-2.el5")) flag++; if (rpm_check(release:"RHEL5", cpu:"x86_64", reference:"mysql55-mysql-libs-5.5.36-2.el5")) flag++; if (rpm_check(release:"RHEL5", cpu:"i386", reference:"mysql55-mysql-server-5.5.36-2.el5")) flag++; if (rpm_check(release:"RHEL5", cpu:"s390x", reference:"mysql55-mysql-server-5.5.36-2.el5")) flag++; if (rpm_check(release:"RHEL5", cpu:"x86_64", reference:"mysql55-mysql-server-5.5.36-2.el5")) flag++; if (rpm_check(release:"RHEL5", cpu:"i386", reference:"mysql55-mysql-test-5.5.36-2.el5")) flag++; if (rpm_check(release:"RHEL5", cpu:"s390x", reference:"mysql55-mysql-test-5.5.36-2.el5")) flag++; if (rpm_check(release:"RHEL5", cpu:"x86_64", reference:"mysql55-mysql-test-5.5.36-2.el5")) flag++; if (flag) { security_report_v4( port : 0, severity : SECURITY_HOLE, extra : rpm_report_get() + redhat_report_package_caveat() ); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "mysql55-mysql / mysql55-mysql-bench / mysql55-mysql-debuginfo / etc"); } }NASL family Debian Local Security Checks NASL id DEBIAN_DSA-2848.NASL description Several issues have been discovered in the MySQL database server. The vulnerabilities are addressed by upgrading MySQL to the new upstream version 5.5.35. Please see the MySQL 5.5 Release Notes and Oracle last seen 2020-03-17 modified 2014-01-24 plugin id 72109 published 2014-01-24 reporter This script is Copyright (C) 2014-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/72109 title Debian DSA-2848-1 : mysql-5.5 - several vulnerabilities code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Debian Security Advisory DSA-2848. The text # itself is copyright (C) Software in the Public Interest, Inc. # include("compat.inc"); if (description) { script_id(72109); script_version("1.6"); script_set_attribute(attribute:"plugin_modification_date", value:"2020/03/12"); script_cve_id("CVE-2013-5891", "CVE-2013-5908", "CVE-2014-0386", "CVE-2014-0393", "CVE-2014-0401", "CVE-2014-0402", "CVE-2014-0412", "CVE-2014-0420", "CVE-2014-0437"); script_bugtraq_id(64849, 64877, 64880, 64888, 64891, 64896, 64898, 64904, 64908); script_xref(name:"DSA", value:"2848"); script_name(english:"Debian DSA-2848-1 : mysql-5.5 - several vulnerabilities"); script_summary(english:"Checks dpkg output for the updated package"); script_set_attribute( attribute:"synopsis", value:"The remote Debian host is missing a security-related update." ); script_set_attribute( attribute:"description", value: "Several issues have been discovered in the MySQL database server. The vulnerabilities are addressed by upgrading MySQL to the new upstream version 5.5.35. Please see the MySQL 5.5 Release Notes and Oracle's Critical Patch Update advisory for further details : - http://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5- 34.html - http://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5- 35.html - http://www.oracle.com/technetwork/topics/security/cpujan 2014-1972949.html" ); # http://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-34.html script_set_attribute( attribute:"see_also", value:"https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-34.html" ); # http://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-35.html script_set_attribute( attribute:"see_also", value:"https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-35.html" ); # https://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?cd084767" ); script_set_attribute( attribute:"see_also", value:"https://packages.debian.org/source/wheezy/mysql-5.5" ); script_set_attribute( attribute:"see_also", value:"https://www.debian.org/security/2014/dsa-2848" ); script_set_attribute( attribute:"solution", value: "Upgrade the mysql-5.5 packages. For the stable distribution (wheezy), these problems have been fixed in version 5.5.35+dfsg-0+wheezy1." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:S/C:N/I:N/A:P"); script_set_cvss_temporal_vector("CVSS2#E:ND/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"exploit_available", value:"false"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:mysql-5.5"); script_set_attribute(attribute:"cpe", value:"cpe:/o:debian:debian_linux:7.0"); script_set_attribute(attribute:"patch_publication_date", value:"2014/01/23"); script_set_attribute(attribute:"plugin_publication_date", value:"2014/01/24"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2014-2020 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Debian Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/Debian/release", "Host/Debian/dpkg-l"); exit(0); } include("audit.inc"); include("debian_package.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); if (!get_kb_item("Host/Debian/release")) audit(AUDIT_OS_NOT, "Debian"); if (!get_kb_item("Host/Debian/dpkg-l")) audit(AUDIT_PACKAGE_LIST_MISSING); flag = 0; if (deb_check(release:"7.0", prefix:"libmysqlclient-dev", reference:"5.5.35+dfsg-0+wheezy1")) flag++; if (deb_check(release:"7.0", prefix:"libmysqlclient18", reference:"5.5.35+dfsg-0+wheezy1")) flag++; if (deb_check(release:"7.0", prefix:"libmysqld-dev", reference:"5.5.35+dfsg-0+wheezy1")) flag++; if (deb_check(release:"7.0", prefix:"libmysqld-pic", reference:"5.5.35+dfsg-0+wheezy1")) flag++; if (deb_check(release:"7.0", prefix:"mysql-client", reference:"5.5.35+dfsg-0+wheezy1")) flag++; if (deb_check(release:"7.0", prefix:"mysql-client-5.5", reference:"5.5.35+dfsg-0+wheezy1")) flag++; if (deb_check(release:"7.0", prefix:"mysql-common", reference:"5.5.35+dfsg-0+wheezy1")) flag++; if (deb_check(release:"7.0", prefix:"mysql-server", reference:"5.5.35+dfsg-0+wheezy1")) flag++; if (deb_check(release:"7.0", prefix:"mysql-server-5.5", reference:"5.5.35+dfsg-0+wheezy1")) flag++; if (deb_check(release:"7.0", prefix:"mysql-server-core-5.5", reference:"5.5.35+dfsg-0+wheezy1")) flag++; if (deb_check(release:"7.0", prefix:"mysql-source-5.5", reference:"5.5.35+dfsg-0+wheezy1")) flag++; if (deb_check(release:"7.0", prefix:"mysql-testsuite-5.5", reference:"5.5.35+dfsg-0+wheezy1")) flag++; if (flag) { if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get()); else security_warning(0); exit(0); } else audit(AUDIT_HOST_NOT, "affected");NASL family Gentoo Local Security Checks NASL id GENTOO_GLSA-201409-04.NASL description The remote host is affected by the vulnerability described in GLSA-201409-04 (MySQL: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in MySQL. Please review the CVE identifiers referenced below for details. Impact : A local attacker could possibly gain escalated privileges. A remote attacker could send a specially crafted SQL query, possibly resulting in a Denial of Service condition. A remote attacker could entice a user to connect to specially crafted MySQL server, possibly resulting in execution of arbitrary code with the privileges of the process. Workaround : There is no known workaround at this time. last seen 2020-06-01 modified 2020-06-02 plugin id 77548 published 2014-09-05 reporter This script is Copyright (C) 2014-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/77548 title GLSA-201409-04 : MySQL: Multiple vulnerabilities code # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Gentoo Linux Security Advisory GLSA 201409-04. # # The advisory text is Copyright (C) 2001-2016 Gentoo Foundation, Inc. # and licensed under the Creative Commons - Attribution / Share Alike # license. See http://creativecommons.org/licenses/by-sa/3.0/ # include("compat.inc"); if (description) { script_id(77548); script_version("1.6"); script_cvs_date("Date: 2018/07/12 19:01:15"); script_cve_id("CVE-2013-1861", "CVE-2013-2134", "CVE-2013-3839", "CVE-2013-5767", "CVE-2013-5770", "CVE-2013-5786", "CVE-2013-5793", "CVE-2013-5807", "CVE-2013-5860", "CVE-2013-5881", "CVE-2013-5882", "CVE-2013-5891", "CVE-2013-5894", "CVE-2013-5908", "CVE-2014-0001", "CVE-2014-0384", "CVE-2014-0386", "CVE-2014-0393", "CVE-2014-0401", "CVE-2014-0402", "CVE-2014-0412", "CVE-2014-0420", "CVE-2014-0427", "CVE-2014-0430", "CVE-2014-0431", "CVE-2014-0433", "CVE-2014-0437", "CVE-2014-2419", "CVE-2014-2430", "CVE-2014-2431", "CVE-2014-2432", "CVE-2014-2434", "CVE-2014-2435", "CVE-2014-2436", "CVE-2014-2438", "CVE-2014-2440"); script_bugtraq_id(58511, 60346, 63105, 63107, 63109, 63113, 63116, 63119, 64849, 64854, 64864, 64868, 64873, 64877, 64880, 64885, 64888, 64891, 64893, 64895, 64896, 64897, 64898, 64904, 64908, 65298, 66835, 66846, 66850, 66853, 66858, 66872, 66875, 66880, 66890, 66896); script_xref(name:"GLSA", value:"201409-04"); script_name(english:"GLSA-201409-04 : MySQL: Multiple vulnerabilities"); script_summary(english:"Checks for updated package(s) in /var/db/pkg"); script_set_attribute( attribute:"synopsis", value: "The remote Gentoo host is missing one or more security-related patches." ); script_set_attribute( attribute:"description", value: "The remote host is affected by the vulnerability described in GLSA-201409-04 (MySQL: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in MySQL. Please review the CVE identifiers referenced below for details. Impact : A local attacker could possibly gain escalated privileges. A remote attacker could send a specially crafted SQL query, possibly resulting in a Denial of Service condition. A remote attacker could entice a user to connect to specially crafted MySQL server, possibly resulting in execution of arbitrary code with the privileges of the process. Workaround : There is no known workaround at this time." ); script_set_attribute( attribute:"see_also", value:"https://security.gentoo.org/glsa/201409-04" ); script_set_attribute( attribute:"solution", value: "All MySQL users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=dev-db/mysql-5.5.39'" ); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C"); script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available"); script_set_attribute(attribute:"exploit_available", value:"true"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:gentoo:linux:mysql"); script_set_attribute(attribute:"cpe", value:"cpe:/o:gentoo:linux"); script_set_attribute(attribute:"patch_publication_date", value:"2014/09/04"); script_set_attribute(attribute:"plugin_publication_date", value:"2014/09/05"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2014-2018 Tenable Network Security, Inc."); script_family(english:"Gentoo Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/Gentoo/release", "Host/Gentoo/qpkg-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("qpkg.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); if (!get_kb_item("Host/Gentoo/release")) audit(AUDIT_OS_NOT, "Gentoo"); if (!get_kb_item("Host/Gentoo/qpkg-list")) audit(AUDIT_PACKAGE_LIST_MISSING); flag = 0; if (qpkg_check(package:"dev-db/mysql", unaffected:make_list("ge 5.5.39"), vulnerable:make_list("lt 5.5.39"))) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get()); else security_hole(0); exit(0); } else { tested = qpkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "MySQL"); }NASL family Databases NASL id MYSQL_5_6_14.NASL description The version of MySQL installed on the remote host is 5.6.x older than 5.6.14. As such, it is reportedly affected by vulnerabilities in the following components : - FTS - InnoDB - Locking - Optimizer - Partition - Performance Schema - Stored Procedure - Thread Pooling last seen 2020-06-01 modified 2020-06-02 plugin id 71975 published 2014-01-15 reporter This script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/71975 title MySQL 5.6.x < 5.6.14 Multiple Vulnerabilities code # # (C) Tenable Network Security, Inc. # include("compat.inc"); if (description) { script_id(71975); script_version("1.8"); script_cvs_date("Date: 2019/11/26"); script_cve_id( "CVE-2013-5882", "CVE-2013-5891", "CVE-2013-5894", "CVE-2014-0386", "CVE-2014-0393", "CVE-2014-0402", "CVE-2014-0427", "CVE-2014-0430", "CVE-2014-0433" ); script_bugtraq_id( 64854, 64868, 64873, 64877, 64891, 64893, 64895, 64904, 64908 ); script_name(english:"MySQL 5.6.x < 5.6.14 Multiple Vulnerabilities"); script_summary(english:"Checks version of MySQL server"); script_set_attribute(attribute:"synopsis", value: "The remote database server may be affected by multiple vulnerabilities."); script_set_attribute(attribute:"description", value: "The version of MySQL installed on the remote host is 5.6.x older than 5.6.14. As such, it is reportedly affected by vulnerabilities in the following components : - FTS - InnoDB - Locking - Optimizer - Partition - Performance Schema - Stored Procedure - Thread Pooling"); script_set_attribute(attribute:"see_also", value:"https://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-14.html"); # https://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html#AppendixMSQL script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?1ac50e41"); script_set_attribute(attribute:"solution", value: "Upgrade to MySQL 5.6.14 or later."); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:M/C:N/I:P/A:N"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_attribute(attribute:"cvss_score_source", value:"CVE-2014-0393"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"exploit_available", value:"false"); script_set_attribute(attribute:"vuln_publication_date", value:"2014/01/14"); script_set_attribute(attribute:"patch_publication_date", value:"2013/09/20"); script_set_attribute(attribute:"plugin_publication_date", value:"2014/01/15"); script_set_attribute(attribute:"plugin_type", value:"remote"); script_set_attribute(attribute:"cpe", value:"cpe:/a:oracle:mysql"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_family(english:"Databases"); script_copyright(english:"This script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_dependencies("mysql_version.nasl", "mysql_login.nasl"); script_require_keys("Settings/ParanoidReport"); script_require_ports("Services/mysql", 3306); exit(0); } include("mysql_version.inc"); mysql_check_version(fixed:'5.6.14', min:'5.6', severity:SECURITY_NOTE);NASL family CentOS Local Security Checks NASL id CENTOS_RHSA-2014-0189.NASL description The remote CentOS host is missing a security update which has been documented in Red Hat advisory RHSA-2014:0189. last seen 2020-06-01 modified 2020-06-02 plugin id 72864 published 2014-03-07 reporter This script is Copyright (C) 2014-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/72864 title CentOS 6 : mariadb55-mariadb (CESA-2014:0189) NASL family CentOS Local Security Checks NASL id CENTOS_RHSA-2014-0186.NASL description Updated mysql55-mysql packages that fix several security issues are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon (mysqld) and many client programs and libraries. This update fixes several vulnerabilities in the MySQL database server. Information about these flaws can be found on the Oracle Critical Patch Update Advisory page, listed in the References section. (CVE-2013-5807, CVE-2013-5891, CVE-2014-0386, CVE-2014-0393, CVE-2014-0401, CVE-2014-0402, CVE-2014-0412, CVE-2014-0420, CVE-2014-0437, CVE-2013-3839, CVE-2013-5908) A buffer overflow flaw was found in the way the MySQL command line client tool (mysql) processed excessively long version strings. If a user connected to a malicious MySQL server via the mysql client, the server could use this flaw to crash the mysql client or, potentially, execute arbitrary code as the user running the mysql client. (CVE-2014-0001) The CVE-2014-0001 issue was discovered by Garth Mollett of the Red Hat Security Response Team. These updated packages upgrade MySQL to version 5.5.36. Refer to the MySQL Release Notes listed in the References section for a complete list of changes. All MySQL users should upgrade to these updated packages, which correct these issues. After installing this update, the MySQL server daemon (mysqld) will be restarted automatically. last seen 2020-06-01 modified 2020-06-02 plugin id 72592 published 2014-02-20 reporter This script is Copyright (C) 2014-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/72592 title CentOS 5 : mysql55-mysql (CESA-2014:0186) NASL family Ubuntu Local Security Checks NASL id UBUNTU_USN-2086-1.NASL description Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to 5.1.73 in Ubuntu 10.04 LTS. Ubuntu 12.04 LTS, Ubuntu 12.10, and Ubuntu 13.10 have been updated to MySQL 5.5.35. In addition to security fixes, the updated packages contain bug fixes, new features, and possibly incompatible changes. Please see the following for more information: http://dev.mysql.com/doc/relnotes/mysql/5.1/en/news-5-1-73.html http://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-35.html http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.h tml. Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-03-18 modified 2014-01-22 plugin id 72089 published 2014-01-22 reporter Ubuntu Security Notice (C) 2014-2020 Canonical, Inc. / NASL script (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/72089 title Ubuntu 10.04 LTS / 12.04 LTS / 12.10 / 13.10 : mysql-5.5, mysql-dfsg-5.1 vulnerabilities (USN-2086-1) NASL family Oracle Linux Local Security Checks NASL id ORACLELINUX_ELSA-2014-0186.NASL description From Red Hat Security Advisory 2014:0186 : Updated mysql55-mysql packages that fix several security issues are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon (mysqld) and many client programs and libraries. This update fixes several vulnerabilities in the MySQL database server. Information about these flaws can be found on the Oracle Critical Patch Update Advisory page, listed in the References section. (CVE-2013-5807, CVE-2013-5891, CVE-2014-0386, CVE-2014-0393, CVE-2014-0401, CVE-2014-0402, CVE-2014-0412, CVE-2014-0420, CVE-2014-0437, CVE-2013-3839, CVE-2013-5908) A buffer overflow flaw was found in the way the MySQL command line client tool (mysql) processed excessively long version strings. If a user connected to a malicious MySQL server via the mysql client, the server could use this flaw to crash the mysql client or, potentially, execute arbitrary code as the user running the mysql client. (CVE-2014-0001) The CVE-2014-0001 issue was discovered by Garth Mollett of the Red Hat Security Response Team. These updated packages upgrade MySQL to version 5.5.36. Refer to the MySQL Release Notes listed in the References section for a complete list of changes. All MySQL users should upgrade to these updated packages, which correct these issues. After installing this update, the MySQL server daemon (mysqld) will be restarted automatically. last seen 2020-06-01 modified 2020-06-02 plugin id 72566 published 2014-02-19 reporter This script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/72566 title Oracle Linux 5 : mysql55-mysql (ELSA-2014-0186)
Redhat
| advisories |
| ||||||||||||
| rpms |
|
References
- http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html
- http://www.securityfocus.com/bid/64758
- http://osvdb.org/102070
- http://secunia.com/advisories/56580
- http://www.securityfocus.com/bid/64891
- http://ubuntu.com/usn/usn-2086-1
- http://secunia.com/advisories/56491
- http://rhn.redhat.com/errata/RHSA-2014-0189.html
- http://www.debian.org/security/2014/dsa-2848
- http://rhn.redhat.com/errata/RHSA-2014-0186.html
- http://rhn.redhat.com/errata/RHSA-2014-0173.html
- http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html
- http://security.gentoo.org/glsa/glsa-201409-04.xml