Vulnerabilities > CVE-2016-5541 - Unspecified vulnerability in Oracle Mysql Cluster

047910
CVSS 4.8 - MEDIUM
Attack vector
NETWORK
Attack complexity
HIGH
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
LOW
Availability impact
LOW
network
high complexity
oracle
nessus

Summary

Vulnerability in the MySQL Cluster component of Oracle MySQL (subcomponent: Cluster: NDBAPI). Supported versions that are affected are 7.2.26 and earlier, 7.3.14 and earlier and 7.4.12 and earlier. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Cluster. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of MySQL Cluster accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of MySQL Cluster. CVSS v3.0 Base Score 4.8 (Integrity and Availability impacts).

Vulnerable Configurations

Part Description Count
Application
Oracle
57

Nessus

  • NASL familyDatabases
    NASL idMYSQL_CLUSTER_7_2_27.NASL
    descriptionThe version of MySQL Cluster running on the remote host is 7.2.x prior to 7.2.27. It is, therefore, affected by an overflow condition in the NDBAPI subcomponent that allows an unauthenticated, remote attacker to update, insert, or delete arbitrary data.
    last seen2020-06-01
    modified2020-06-02
    plugin id96725
    published2017-01-24
    reporterThis script is Copyright (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/96725
    titleMySQL Cluster 7.2.x < 7.2.27 NDBAPI Subcomponent Buffer Overflow (January 2017 CPU)
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(96725);
      script_version("1.6");
      script_cvs_date("Date: 2019/11/13");
    
      script_cve_id("CVE-2016-5541");
      script_bugtraq_id(95592);
    
      script_name(english:"MySQL Cluster 7.2.x < 7.2.27 NDBAPI Subcomponent Buffer Overflow (January 2017 CPU)");
      script_summary(english:"Checks the MySQL Cluster version.");
    
      script_set_attribute(attribute:"synopsis", value:
    "The remote database server is affected by a buffer overflow
    vulnerability.");
      script_set_attribute(attribute:"description", value:
    "The version of MySQL Cluster running on the remote host is 7.2.x prior
    to 7.2.27. It is, therefore, affected by an overflow condition in the
    NDBAPI subcomponent that allows an unauthenticated, remote attacker to
    update, insert, or delete arbitrary data.");
      # https://dev.mysql.com/doc/relnotes/mysql-cluster/7.2/en/mysql-cluster-news-7-2-27.html
      script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?2c948f94");
      # http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html#AppendixMSQL
      script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?a1c38e52");
      script_set_attribute(attribute:"solution", value:
    "Upgrade to MySQL Cluster version 7.2.27 or later as referenced in the
    January 2017 Oracle Critical Patch Update advisory.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:P");
      script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
      script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L");
      script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
      script_set_attribute(attribute:"cvss_score_source", value:"CVE-2016-5541");
    
      script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"false");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2017/01/17");
      script_set_attribute(attribute:"patch_publication_date", value:"2017/01/17");
      script_set_attribute(attribute:"plugin_publication_date", value:"2017/01/24");
    
      script_set_attribute(attribute:"potential_vulnerability", value:"true");
      script_set_attribute(attribute:"plugin_type", value:"remote");
      script_set_attribute(attribute:"cpe", value:"cpe:/a:oracle:mysql_cluster");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_family(english:"Databases");
    
      script_copyright(english:"This script is Copyright (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
    
      script_dependencies("mysql_version.nasl", "mysql_login.nasl");
      script_require_keys("Settings/ParanoidReport");
      script_require_ports("Services/mysql", 3306);
    
      exit(0);
    }
    
    include("mysql_version.inc");
    
    mysql_check_version(variant:'Cluster', fixed:'7.2.27', min:'7.2', severity:SECURITY_WARNING);
    
  • NASL familyDatabases
    NASL idMYSQL_CLUSTER_7_3_15.NASL
    descriptionThe version of MySQL Cluster running on the remote host is 7.3.x prior to 7.3.15. It is, therefore, affected by multiple vulnerabilities : - An overflow condition exists in the NDBAPI subcomponent that allows an unauthenticated, remote attacker to update, insert, or delete arbitrary data. (CVE-2016-5541) - An overflow condition exists in the NDBAPI subcomponent that allows an unauthenticated, remote attacker to cause a denial of service condition. (CVE-2017-3322) - An unspecified flaw exists in the General subcomponent that allows an unauthenticated, remote attacker to cause a denial of service condition. (CVE-2017-3323)
    last seen2020-06-01
    modified2020-06-02
    plugin id96726
    published2017-01-24
    reporterThis script is Copyright (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/96726
    titleMySQL Cluster 7.3.x < 7.3.15 Multiple Vulnerabilities (January 2017 CPU)
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(96726);
      script_version("1.6");
      script_cvs_date("Date: 2019/11/13");
    
      script_cve_id("CVE-2016-5541", "CVE-2017-3322", "CVE-2017-3323");
      script_bugtraq_id(95574, 95575, 95592);
    
      script_name(english:"MySQL Cluster 7.3.x < 7.3.15 Multiple Vulnerabilities (January 2017 CPU)");
      script_summary(english:"Checks the MySQL Cluster version.");
    
      script_set_attribute(attribute:"synopsis", value:
    "The remote database server is affected by multiple vulnerabilities.");
      script_set_attribute(attribute:"description", value:
    "The version of MySQL Cluster running on the remote host is 7.3.x prior
    to 7.3.15. It is, therefore, affected by multiple vulnerabilities :
    
      - An overflow condition exists in the NDBAPI subcomponent
        that allows an unauthenticated, remote attacker to
        update, insert, or delete arbitrary data.
        (CVE-2016-5541)
    
      - An overflow condition exists in the NDBAPI subcomponent
        that allows an unauthenticated, remote attacker to cause
        a denial of service condition. (CVE-2017-3322)
    
      - An unspecified flaw exists in the General subcomponent
        that allows an unauthenticated, remote attacker to cause
        a denial of service condition. (CVE-2017-3323)");
      # https://dev.mysql.com/doc/relnotes/mysql-cluster/7.3/en/mysql-cluster-news-7-3-15.html
      script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?27ecedfe");
      # http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html#AppendixMSQL
      script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?a1c38e52");
      script_set_attribute(attribute:"solution", value:
    "Upgrade to MySQL Cluster version 7.3.15 or later as referenced in the
    January 2017 Oracle Critical Patch Update advisory.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:P");
      script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
      script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L");
      script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
      script_set_attribute(attribute:"cvss_score_source", value:"CVE-2016-5541");
    
      script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"false");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2017/01/17");
      script_set_attribute(attribute:"patch_publication_date", value:"2016/10/18");
      script_set_attribute(attribute:"plugin_publication_date", value:"2017/01/24");
    
      script_set_attribute(attribute:"potential_vulnerability", value:"true");
      script_set_attribute(attribute:"plugin_type", value:"remote");
      script_set_attribute(attribute:"cpe", value:"cpe:/a:oracle:mysql_cluster");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_family(english:"Databases");
    
      script_copyright(english:"This script is Copyright (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
    
      script_dependencies("mysql_version.nasl", "mysql_login.nasl");
      script_require_keys("Settings/ParanoidReport");
      script_require_ports("Services/mysql", 3306);
    
      exit(0);
    }
    
    include("mysql_version.inc");
    
    mysql_check_version(variant:'Cluster', fixed:'7.3.15', min:'7.3', severity:SECURITY_WARNING);
    
  • NASL familyDatabases
    NASL idMYSQL_CLUSTER_7_4_13.NASL
    descriptionThe version of MySQL Cluster running on the remote host is 7.4.x prior to 7.4.13. It is, therefore, affected by multiple vulnerabilities : - An overflow condition exists in the NDBAPI subcomponent that allows an unauthenticated, remote attacker to update, insert, or delete arbitrary data. (CVE-2016-5541) - An overflow condition exists in the NDBAPI subcomponent that allows an unauthenticated, remote attacker to cause a denial of service condition. (CVE-2017-3322) - An unspecified flaw exists in the General subcomponent that allows an unauthenticated, remote attacker to cause a denial of service condition. (CVE-2017-3323)
    last seen2020-06-01
    modified2020-06-02
    plugin id96728
    published2017-01-24
    reporterThis script is Copyright (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/96728
    titleMySQL Cluster 7.4.x < 7.4.13 Multiple Vulnerabilities (January 2017 CPU)
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(96728);
      script_version("1.6");
      script_cvs_date("Date: 2019/11/13");
    
      script_cve_id("CVE-2016-5541", "CVE-2017-3322", "CVE-2017-3323");
      script_bugtraq_id(95574, 95575, 95592);
    
      script_name(english:"MySQL Cluster 7.4.x < 7.4.13 Multiple Vulnerabilities (January 2017 CPU)");
      script_summary(english:"Checks the MySQL Cluster version.");
    
      script_set_attribute(attribute:"synopsis", value:
    "The remote database server is affected by multiple vulnerabilities.");
      script_set_attribute(attribute:"description", value:
    "The version of MySQL Cluster running on the remote host is 7.4.x prior
    to 7.4.13. It is, therefore, affected by multiple vulnerabilities :
    
      - An overflow condition exists in the NDBAPI subcomponent
        that allows an unauthenticated, remote attacker to
        update, insert, or delete arbitrary data.
        (CVE-2016-5541)
    
      - An overflow condition exists in the NDBAPI subcomponent
        that allows an unauthenticated, remote attacker to cause
        a denial of service condition. (CVE-2017-3322)
    
      - An unspecified flaw exists in the General subcomponent
        that allows an unauthenticated, remote attacker to cause
        a denial of service condition. (CVE-2017-3323)");
      # https://dev.mysql.com/doc/relnotes/mysql-cluster/7.4/en/mysql-cluster-news-7-4-13.html
      script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?b0fbd72e");
      # http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html#AppendixMSQL
      script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?a1c38e52");
      script_set_attribute(attribute:"solution", value:
    "Upgrade to MySQL Cluster version 7.4.13 or later as referenced in the
    January 2017 Oracle Critical Patch Update advisory.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:P");
      script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
      script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L");
      script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
      script_set_attribute(attribute:"cvss_score_source", value:"CVE-2016-5541");
    
      script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"false");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2017/01/17");
      script_set_attribute(attribute:"patch_publication_date", value:"2016/10/18");
      script_set_attribute(attribute:"plugin_publication_date", value:"2017/01/24");
    
      script_set_attribute(attribute:"potential_vulnerability", value:"true");
      script_set_attribute(attribute:"plugin_type", value:"remote");
      script_set_attribute(attribute:"cpe", value:"cpe:/a:oracle:mysql_cluster");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_family(english:"Databases");
    
      script_copyright(english:"This script is Copyright (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
    
      script_dependencies("mysql_version.nasl", "mysql_login.nasl");
      script_require_keys("Settings/ParanoidReport");
      script_require_ports("Services/mysql", 3306);
    
      exit(0);
    }
    
    include("mysql_version.inc");
    
    mysql_check_version(variant:'Cluster', fixed:'7.4.13', min:'7.4', severity:SECURITY_WARNING);