Vulnerabilities > CVE-2016-5584

047910
CVSS 4.4 - MEDIUM
Attack vector
NETWORK
Attack complexity
HIGH
Privileges required
HIGH
Confidentiality impact
HIGH
Integrity impact
NONE
Availability impact
NONE
network
high complexity
oracle
mariadb
debian
nessus

Summary

Unspecified vulnerability in Oracle MySQL 5.5.52 and earlier, 5.6.33 and earlier, and 5.7.15 and earlier allows remote administrators to affect confidentiality via vectors related to Server: Security: Encryption.

Vulnerable Configurations

Part Description Count
Application
Oracle
108
Application
Mariadb
69
OS
Debian
1

Nessus

  • NASL familyDatabases
    NASL idMARIADB_10_0_28.NASL
    descriptionThe version of MariaDB running on the remote host is 10.0.x prior to 10.0.28. It is, therefore, affected by multiple vulnerabilities : - An unspecified flaw exists in the Optimizer subcomponent that allows an authenticated, remote attacker to cause a denial of service condition. (CVE-2016-3492) - An unspecified flaw exists in the Security: Encryption subcomponent that allows an authenticated, remote attacker to disclose sensitive information. (CVE-2016-5584) - An unspecified flaw exists in the MyISAM subcomponent that allows a local attacker to gain elevated privileges. (CVE-2016-5616) - An unspecified flaw exists in the DML subcomponent that allows an authenticated, remote attacker to cause a denial of service condition. (CVE-2016-5624) - An unspecified flaw exists in the GIS subcomponent that allows an authenticated, remote attacker to cause a denial of service condition. (CVE-2016-5626) - An unspecified flaw exists in the Federated subcomponent that allows an authenticated, remote attacker to cause a denial of service condition. (CVE-2016-5629) - An unspecified flaw exists that allows an authenticated, remote attacker to bypass restrictions and create the /var/lib/mysql/my.cnf file with custom contents without the FILE privilege requirement. (CVE-2016-6663) - A flaw exists in wolfSSL, specifically within the C software version of AES Encryption and Decryption, due to table lookups not properly considering cache-bank access times. A local attacker can exploit this, via a specially crafted application, to disclose AES keys. Note that this vulnerability does not affect MariaDB packages included in Red Hat products since they
    last seen2020-06-01
    modified2020-06-02
    plugin id95540
    published2016-12-05
    reporterThis script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/95540
    titleMariaDB 10.0.x < 10.0.28 Multiple Vulnerabilities
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(95540);
      script_version("1.7");
      script_cvs_date("Date: 2019/11/13");
    
      script_cve_id(
        "CVE-2016-3492",
        "CVE-2016-5584",
        "CVE-2016-5616",
        "CVE-2016-5624",
        "CVE-2016-5626",
        "CVE-2016-5629",
        "CVE-2016-6663",
        "CVE-2016-7440",
        "CVE-2016-8283"
      );
      script_bugtraq_id(
        92911,
        93614,
        93635,
        93638,
        93650,
        93659,
        93668,
        93735,
        93737
      );
      script_xref(name:"EDB-ID", value:"40678");
    
      script_name(english:"MariaDB 10.0.x < 10.0.28 Multiple Vulnerabilities");
      script_summary(english:"Checks the MariaDB version.");
    
      script_set_attribute(attribute:"synopsis", value:
    "The remote database server is affected by multiple vulnerabilities.");
      script_set_attribute(attribute:"description", value:
    "The version of MariaDB running on the remote host is 10.0.x prior to
    10.0.28. It is, therefore, affected by multiple vulnerabilities :
    
      - An unspecified flaw exists in the Optimizer subcomponent
        that allows an authenticated, remote attacker to cause a
        denial of service condition. (CVE-2016-3492)
    
      - An unspecified flaw exists in the Security: Encryption
        subcomponent that allows an authenticated, remote
        attacker to disclose sensitive information.
        (CVE-2016-5584)
    
      - An unspecified flaw exists in the MyISAM subcomponent
        that allows a local attacker to gain elevated
        privileges. (CVE-2016-5616)
    
      - An unspecified flaw exists in the DML subcomponent that
        allows an authenticated, remote attacker to cause a
        denial of service condition. (CVE-2016-5624)
    
      - An unspecified flaw exists in the GIS subcomponent that
        allows an authenticated, remote attacker to cause a
        denial of service condition. (CVE-2016-5626)
    
      - An unspecified flaw exists in the Federated subcomponent
        that allows an authenticated, remote attacker to cause a
        denial of service condition. (CVE-2016-5629)
    
      - An unspecified flaw exists that allows an authenticated,
        remote attacker to bypass restrictions and create the
        /var/lib/mysql/my.cnf file with custom contents without
        the FILE privilege requirement. (CVE-2016-6663)
    
      - A flaw exists in wolfSSL, specifically within the C
        software version of AES Encryption and Decryption, due
        to table lookups not properly considering cache-bank
        access times. A local attacker can exploit this, via a
        specially crafted application, to disclose AES keys.
        Note that this vulnerability does not affect MariaDB
        packages included in Red Hat products since they're
        built against system OpenSSL packages. (CVE-2016-7440)
    
      - An unspecified flaw exists in the Types subcomponent
        that allows an authenticated, remote attacker to cause
        a denial of service condition. (CVE-2016-8283)
    
      - A flaw exists in the fix_after_pullout() function in
        item.cc that is triggered when handling a prepared
        statement with a conversion to semi-join. An
        authenticated, remote attacker can exploit this to crash
        the database, resulting in a denial of service
        condition.
    
      - A flaw exists in the mysql_admin_table() function in
        sql_admin.cc that is triggered when handling
        re-execution of certain ANALYZE TABLE prepared
        statements. An authenticated, remote attacker can
        exploit this to crash the database, resulting in a
        denial of service condition.
    
      - A flaw exists in the fill_alter_inplace_info() function
        in sql_table.cc that is triggered when altering 
        persistent virtual columns. An authenticated, remote
        attacker can exploit this to crash the database,
        resulting in a denial of service condition.
    
      - A flaw exists in the mysql_rm_table_no_locks() function
        in sql_table.cc that is triggered during the handling of
        CREATE OR REPLACE TABLE queries. An authenticated,
        remote attacker can exploit this to crash the database,
        resulting in a denial of service condition.");
      script_set_attribute(attribute:"see_also", value:"https://mariadb.com/kb/en/library/mariadb-10028-changelog/");
      script_set_attribute(attribute:"see_also", value:"https://mariadb.com/kb/en/mariadb/mariadb-10028-release-notes/");
      script_set_attribute(attribute:"solution", value:
    "Upgrade to MariaDB version 10.0.28 or later.");
      script_set_cvss_base_vector("CVSS2#AV:L/AC:M/Au:N/C:P/I:P/A:P");
      script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
      script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H");
      script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:O/RC:C");
      script_set_attribute(attribute:"cvss_score_source", value:"CVE-2016-6663");
    
      script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"true");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2015/09/23");
      script_set_attribute(attribute:"patch_publication_date", value:"2016/10/28");
      script_set_attribute(attribute:"plugin_publication_date", value:"2016/12/05");
    
      script_set_attribute(attribute:"potential_vulnerability", value:"true");
      script_set_attribute(attribute:"plugin_type", value:"remote");
      script_set_attribute(attribute:"cpe", value:"cpe:/a:mariadb:mariadb");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_family(english:"Databases");
    
      script_copyright(english:"This script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
    
      script_dependencies("mysql_version.nasl", "mysql_login.nasl");
      script_require_keys("Settings/ParanoidReport");
      script_require_ports("Services/mysql", 3306);
    
      exit(0);
    }
    
    include("mysql_version.inc");
    
    mysql_check_version(variant:'MariaDB', fixed:'10.0.28-MariaDB', min:'10.0', severity:SECURITY_WARNING);
    
  • NASL familyDatabases
    NASL idMARIADB_10_1_19.NASL
    descriptionThe version of MariaDB running on the remote host is 10.1.x prior to 10.1.19. It is, therefore, affected by multiple vulnerabilities : - An unspecified flaw exists in the Security: Encryption subcomponent that allows an authenticated, remote attacker to disclose sensitive information. (CVE-2016-5584) - A flaw exists in wolfSSL, specifically within the C software version of AES Encryption and Decryption, due to table lookups not properly considering cache-bank access times. A local attacker can exploit this, via a specially crafted application, to disclose AES keys. Note that this vulnerability does not affect MariaDB packages included in Red Hat products since they
    last seen2020-06-01
    modified2020-06-02
    plugin id95541
    published2016-12-05
    reporterThis script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/95541
    titleMariaDB 10.1.x < 10.1.19 Multiple Vulnerabilities
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(95541);
      script_version("1.7");
      script_cvs_date("Date: 2019/11/13");
    
      script_cve_id("CVE-2016-5584", "CVE-2016-7440");
      script_bugtraq_id(93659, 93735);
    
      script_name(english:"MariaDB 10.1.x < 10.1.19 Multiple Vulnerabilities");
      script_summary(english:"Checks the MariaDB version.");
    
      script_set_attribute(attribute:"synopsis", value:
    "The remote database server is affected by multiple vulnerabilities.");
      script_set_attribute(attribute:"description", value:
    "The version of MariaDB running on the remote host is 10.1.x prior to
    10.1.19. It is, therefore, affected by multiple vulnerabilities :
    
      - An unspecified flaw exists in the Security: Encryption
        subcomponent that allows an authenticated, remote
        attacker to disclose sensitive information.
        (CVE-2016-5584)
    
      - A flaw exists in wolfSSL, specifically within the C
        software version of AES Encryption and Decryption, due
        to table lookups not properly considering cache-bank
        access times. A local attacker can exploit this, via a
        specially crafted application, to disclose AES keys.
        Note that this vulnerability does not affect MariaDB
        packages included in Red Hat products since they're
        built against system OpenSSL packages. (CVE-2016-7440)
    
      - A flaw exists in the fill_alter_inplace_info() function
        in sql_table.cc that is triggered when altering 
        persistent virtual columns. An authenticated, remote
        attacker can exploit this to crash the database,
        resulting in a denial of service condition.
    
      - A flaw exists in the mysql_rm_table_no_locks() function
        in sql_table.cc that is triggered during the handling of
        CREATE OR REPLACE TABLE queries. An authenticated,
        remote attacker can exploit this to crash the database,
        resulting in a denial of service condition.
    
      - A flaw exists in the buf_page_is_checksum_valid*
        functions in buf0buf.cc that is triggered during the
        handling of encrypted information. An authenticated,
        remote attacker can exploit this to crash the database,
        resulting in a denial of service condition.
    
      - A flaw exists in the wsrep_replicate_myisam
        functionality that is triggered when dropping MyISAM
        tables. An authenticated, remote attacker can exploit
        this to crash the database, resulting in a denial of
        service condition.");
      script_set_attribute(attribute:"see_also", value:"https://mariadb.com/kb/en/library/mariadb-10119-changelog/");
      script_set_attribute(attribute:"see_also", value:"https://mariadb.com/kb/en/library/mariadb-10119-release-notes/");
      script_set_attribute(attribute:"solution", value:
    "Upgrade to MariaDB version 10.1.19 or later.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:S/C:P/I:N/A:N");
      script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
      script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N");
      script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
      script_set_attribute(attribute:"cvss_score_source", value:"CVE-2016-5584");
    
      script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"false");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2016/09/17");
      script_set_attribute(attribute:"patch_publication_date", value:"2016/11/07");
      script_set_attribute(attribute:"plugin_publication_date", value:"2016/12/05");
    
      script_set_attribute(attribute:"potential_vulnerability", value:"true");
      script_set_attribute(attribute:"plugin_type", value:"remote");
      script_set_attribute(attribute:"cpe", value:"cpe:/a:mariadb:mariadb");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_family(english:"Databases");
    
      script_copyright(english:"This script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
    
      script_dependencies("mysql_version.nasl", "mysql_login.nasl");
      script_require_keys("Settings/ParanoidReport");
      script_require_ports("Services/mysql", 3306);
    
      exit(0);
    }
    
    include("mysql_version.inc");
    
    mysql_check_version(variant:'MariaDB', fixed:'10.1.19-MariaDB', min:'10.1', severity:SECURITY_NOTE);
    
  • NASL familyUbuntu Local Security Checks
    NASL idUBUNTU_USN-3109-1.NASL
    descriptionMultiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to 5.5.53 in Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. Ubuntu 16.04 LTS and Ubuntu 16.10 have been updated to MySQL 5.7.16. In addition to security fixes, the updated packages contain bug fixes, new features, and possibly incompatible changes. Please see the following for more information: http://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-53.html http://dev.mysql.com/doc/relnotes/mysql/5.7/en/news-5-7-16.html http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722 .html. Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id94287
    published2016-10-26
    reporterUbuntu Security Notice (C) 2016-2019 Canonical, Inc. / NASL script (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/94287
    titleUbuntu 12.04 LTS / 14.04 LTS / 16.04 LTS / 16.10 : mysql-5.5, mysql-5.7 vulnerabilities (USN-3109-1)
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were
    # extracted from Ubuntu Security Notice USN-3109-1. The text 
    # itself is copyright (C) Canonical, Inc. See 
    # <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered 
    # trademark of Canonical, Inc.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(94287);
      script_version("1.8");
      script_cvs_date("Date: 2019/09/18 12:31:46");
    
      script_cve_id("CVE-2016-5584", "CVE-2016-7440");
      script_xref(name:"USN", value:"3109-1");
    
      script_name(english:"Ubuntu 12.04 LTS / 14.04 LTS / 16.04 LTS / 16.10 : mysql-5.5, mysql-5.7 vulnerabilities (USN-3109-1)");
      script_summary(english:"Checks dpkg output for updated packages.");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:
    "The remote Ubuntu host is missing one or more security-related
    patches."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "Multiple security issues were discovered in MySQL and this update
    includes new upstream MySQL versions to fix these issues.
    
    MySQL has been updated to 5.5.53 in Ubuntu 12.04 LTS and Ubuntu 14.04
    LTS. Ubuntu 16.04 LTS and Ubuntu 16.10 have been updated to MySQL
    5.7.16.
    
    In addition to security fixes, the updated packages contain bug fixes,
    new features, and possibly incompatible changes.
    
    Please see the following for more information:
    http://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-53.html
    http://dev.mysql.com/doc/relnotes/mysql/5.7/en/news-5-7-16.html
    http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722
    .html.
    
    Note that Tenable Network Security has extracted the preceding
    description block directly from the Ubuntu security advisory. Tenable
    has attempted to automatically clean and format it as much as possible
    without introducing additional issues."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://usn.ubuntu.com/3109-1/"
      );
      script_set_attribute(
        attribute:"solution", 
        value:
    "Update the affected mysql-server-5.5 and / or mysql-server-5.7
    packages."
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:S/C:P/I:N/A:N");
      script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
      script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N");
      script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"false");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:mysql-server-5.5");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:mysql-server-5.7");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:12.04:-:lts");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:14.04");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:16.04");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:16.10");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2016/10/25");
      script_set_attribute(attribute:"patch_publication_date", value:"2016/10/25");
      script_set_attribute(attribute:"plugin_publication_date", value:"2016/10/26");
      script_set_attribute(attribute:"generated_plugin", value:"current");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"Ubuntu Security Notice (C) 2016-2019 Canonical, Inc. / NASL script (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"Ubuntu Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/cpu", "Host/Ubuntu", "Host/Ubuntu/release", "Host/Debian/dpkg-l");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("ubuntu.inc");
    include("misc_func.inc");
    
    if ( ! get_kb_item("Host/local_checks_enabled") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/Ubuntu/release");
    if ( isnull(release) ) audit(AUDIT_OS_NOT, "Ubuntu");
    release = chomp(release);
    if (! preg(pattern:"^(12\.04|14\.04|16\.04|16\.10)$", string:release)) audit(AUDIT_OS_NOT, "Ubuntu 12.04 / 14.04 / 16.04 / 16.10", "Ubuntu " + release);
    if ( ! get_kb_item("Host/Debian/dpkg-l") ) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Ubuntu", cpu);
    
    flag = 0;
    
    if (ubuntu_check(osver:"12.04", pkgname:"mysql-server-5.5", pkgver:"5.5.53-0ubuntu0.12.04.1")) flag++;
    if (ubuntu_check(osver:"14.04", pkgname:"mysql-server-5.5", pkgver:"5.5.53-0ubuntu0.14.04.1")) flag++;
    if (ubuntu_check(osver:"16.04", pkgname:"mysql-server-5.7", pkgver:"5.7.16-0ubuntu0.16.04.1")) flag++;
    if (ubuntu_check(osver:"16.10", pkgname:"mysql-server-5.7", pkgver:"5.7.16-0ubuntu0.16.10.1")) flag++;
    
    if (flag)
    {
      security_report_v4(
        port       : 0,
        severity   : SECURITY_NOTE,
        extra      : ubuntu_report_get()
      );
      exit(0);
    }
    else
    {
      tested = ubuntu_pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "mysql-server-5.5 / mysql-server-5.7");
    }
    
  • NASL familyFreeBSD Local Security Checks
    NASL idFREEBSD_PKG_9BC14850A07011E6A881B499BAEBFEAF.NASL
    descriptionThe MariaDB project reports : Fixes for the following security vulnerabilities : - CVE-2016-7440 - CVE-2016-5584
    last seen2020-06-01
    modified2020-06-02
    plugin id94458
    published2016-11-02
    reporterThis script is Copyright (C) 2016-2018 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/94458
    titleFreeBSD : MySQL -- multiple vulnerabilities (9bc14850-a070-11e6-a881-b499baebfeaf)
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were  
    # extracted from the FreeBSD VuXML database :
    #
    # Copyright 2003-2018 Jacques Vidrine and contributors
    #
    # Redistribution and use in source (VuXML) and 'compiled' forms (SGML,
    # HTML, PDF, PostScript, RTF and so forth) with or without modification,
    # are permitted provided that the following conditions are met:
    # 1. Redistributions of source code (VuXML) must retain the above
    #    copyright notice, this list of conditions and the following
    #    disclaimer as the first lines of this file unmodified.
    # 2. Redistributions in compiled form (transformed to other DTDs,
    #    published online in any format, converted to PDF, PostScript,
    #    RTF and other formats) must reproduce the above copyright
    #    notice, this list of conditions and the following disclaimer
    #    in the documentation and/or other materials provided with the
    #    distribution.
    # 
    # THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS "AS IS"
    # AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,
    # THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
    # PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS
    # BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
    # OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT
    # OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR
    # BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
    # WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE
    # OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,
    # EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(94458);
      script_version("2.4");
      script_cvs_date("Date: 2018/11/21 10:46:31");
    
      script_cve_id("CVE-2016-5584", "CVE-2016-7440");
    
      script_name(english:"FreeBSD : MySQL -- multiple vulnerabilities (9bc14850-a070-11e6-a881-b499baebfeaf)");
      script_summary(english:"Checks for updated packages in pkg_info output");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:
    "The remote FreeBSD host is missing one or more security-related
    updates."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "The MariaDB project reports :
    
    Fixes for the following security vulnerabilities :
    
    - CVE-2016-7440
    
    - CVE-2016-5584"
      );
      # https://mariadb.com/kb/en/mariadb/mariadb-5553-release-notes/
      script_set_attribute(
        attribute:"see_also",
        value:"https://mariadb.com/kb/en/library/mariadb-5553-release-notes/"
      );
      # https://vuxml.freebsd.org/freebsd/9bc14850-a070-11e6-a881-b499baebfeaf.html
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.nessus.org/u?f7995e5a"
      );
      script_set_attribute(attribute:"solution", value:"Update the affected packages.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:S/C:P/I:N/A:N");
      script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:freebsd:freebsd:mariadb55-server");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:freebsd:freebsd:mysql55-server");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:freebsd:freebsd:mysql56-server");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:freebsd:freebsd:mysql57-server");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:freebsd:freebsd");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2016/10/17");
      script_set_attribute(attribute:"patch_publication_date", value:"2016/11/01");
      script_set_attribute(attribute:"plugin_publication_date", value:"2016/11/02");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2016-2018 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"FreeBSD Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/FreeBSD/release", "Host/FreeBSD/pkg_info");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("freebsd_package.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    if (!get_kb_item("Host/FreeBSD/release")) audit(AUDIT_OS_NOT, "FreeBSD");
    if (!get_kb_item("Host/FreeBSD/pkg_info")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    
    flag = 0;
    
    if (pkg_test(save_report:TRUE, pkg:"mariadb55-server<5.5.53")) flag++;
    if (pkg_test(save_report:TRUE, pkg:"mysql55-server<5.5.53")) flag++;
    if (pkg_test(save_report:TRUE, pkg:"mysql56-server<5.6.34")) flag++;
    if (pkg_test(save_report:TRUE, pkg:"mysql57-server<5.7.15")) flag++;
    
    if (flag)
    {
      if (report_verbosity > 0) security_note(port:0, extra:pkg_report_get());
      else security_note(0);
      exit(0);
    }
    else audit(AUDIT_HOST_NOT, "affected");
    
  • NASL familySuSE Local Security Checks
    NASL idOPENSUSE-2016-1289.NASL
    descriptionmysql-community-server was updated to 5.6.34 to fix the following issues : - Changes http://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6- 34.html http://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6- 33.html http://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6- 32.html http://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6- 31.html - fixed CVEs: CVE-2016-6304, CVE-2016-6662, CVE-2016-7440, CVE-2016-5584, CVE-2016-5617, CVE-2016-5616, CVE-2016-5626, CVE-2016-3492, CVE-2016-5629, CVE-2016-5507, CVE-2016-8283, CVE-2016-5609, CVE-2016-5612, CVE-2016-5627, CVE-2016-5630, CVE-2016-8284, CVE-2016-8288, CVE-2016-3477, CVE-2016-2105, CVE-2016-3486, CVE-2016-3501, CVE-2016-3521, CVE-2016-3615, CVE-2016-3614, CVE-2016-3459, CVE-2016-5439, CVE-2016-5440 - fixes SUSE Bugs: [boo#999666], [boo#998309], [boo#1005581], [boo#1005558], [boo#1005563], [boo#1005562], [boo#1005566], [boo#1005555], [boo#1005569], [boo#1005557], [boo#1005582], [boo#1005560], [boo#1005561], [boo#1005567], [boo#1005570], [boo#1005583], [boo#1005586], [boo#989913], [boo#977614], [boo#989914], [boo#989915], [boo#989919], [boo#989922], [boo#989921], [boo#989911], [boo#989925], [boo#989926] - append
    last seen2020-06-05
    modified2016-11-14
    plugin id94756
    published2016-11-14
    reporterThis script is Copyright (C) 2016-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/94756
    titleopenSUSE Security Update : mysql-community-server (openSUSE-2016-1289)
    code
    #%NASL_MIN_LEVEL 80502
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were
    # extracted from openSUSE Security Update openSUSE-2016-1289.
    #
    # The text description of this plugin is (C) SUSE LLC.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(94756);
      script_version("2.6");
      script_set_attribute(attribute:"plugin_modification_date", value:"2020/06/04");
    
      script_cve_id("CVE-2016-2105", "CVE-2016-3459", "CVE-2016-3477", "CVE-2016-3486", "CVE-2016-3492", "CVE-2016-3501", "CVE-2016-3521", "CVE-2016-3614", "CVE-2016-3615", "CVE-2016-5439", "CVE-2016-5440", "CVE-2016-5507", "CVE-2016-5584", "CVE-2016-5609", "CVE-2016-5612", "CVE-2016-5616", "CVE-2016-5617", "CVE-2016-5626", "CVE-2016-5627", "CVE-2016-5629", "CVE-2016-5630", "CVE-2016-6304", "CVE-2016-6662", "CVE-2016-7440", "CVE-2016-8283", "CVE-2016-8284", "CVE-2016-8288");
    
      script_name(english:"openSUSE Security Update : mysql-community-server (openSUSE-2016-1289)");
      script_summary(english:"Check for the openSUSE-2016-1289 patch");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote openSUSE host is missing a security update."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "mysql-community-server was updated to 5.6.34 to fix the following
    issues :
    
      - Changes
        http://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-
        34.html
        http://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-
        33.html
        http://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-
        32.html
        http://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-
        31.html
    
      - fixed CVEs: CVE-2016-6304, CVE-2016-6662, CVE-2016-7440,
        CVE-2016-5584, CVE-2016-5617, CVE-2016-5616,
        CVE-2016-5626, CVE-2016-3492, CVE-2016-5629,
        CVE-2016-5507, CVE-2016-8283, CVE-2016-5609,
        CVE-2016-5612, CVE-2016-5627, CVE-2016-5630,
        CVE-2016-8284, CVE-2016-8288, CVE-2016-3477,
        CVE-2016-2105, CVE-2016-3486, CVE-2016-3501,
        CVE-2016-3521, CVE-2016-3615, CVE-2016-3614,
        CVE-2016-3459, CVE-2016-5439, CVE-2016-5440
    
      - fixes SUSE Bugs: [boo#999666], [boo#998309],
        [boo#1005581], [boo#1005558], [boo#1005563],
        [boo#1005562], [boo#1005566], [boo#1005555],
        [boo#1005569], [boo#1005557], [boo#1005582],
        [boo#1005560], [boo#1005561], [boo#1005567],
        [boo#1005570], [boo#1005583], [boo#1005586],
        [boo#989913], [boo#977614], [boo#989914], [boo#989915],
        [boo#989919], [boo#989922], [boo#989921], [boo#989911],
        [boo#989925], [boo#989926]
    
      - append '--ignore-db-dir=lost+found' to the mysqld
        options in 'mysql-systemd-helper' script if 'lost+found'
        directory is found in $datadir [boo#986251] 
    
      - remove syslog.target from *.service files [boo#983938]
    
      - add systemd to deps to build on leap and friends 
    
      - replace '%(_libexecdir)/systemd/system' with %(_unitdir)
        macro
    
      - remove useless [email protected] [boo#971456]
    
      - replace all occurrences of the string '@sysconfdir@'
        with '/etc' in
        mysql-community-server-5.6.3-logrotate.patch as it
        wasn't expanded properly [boo#990890]
    
      - remove '%define _rundir' as 13.1 is out of support scope
    
      - run 'usermod -g mysql mysql' only if mysql user is not
        in mysql group. Run 'usermod -s /bin/false/ mysql' only
        if mysql user doesn't have '/bin/false' shell set.
    
      - re-enable mysql profiling"
      );
      # http://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-31.html
      script_set_attribute(
        attribute:"see_also",
        value:"https://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-31.html"
      );
      # http://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-32.html
      script_set_attribute(
        attribute:"see_also",
        value:"https://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-32.html"
      );
      # http://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-33.html
      script_set_attribute(
        attribute:"see_also",
        value:"https://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-33.html"
      );
      # http://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-34.html
      script_set_attribute(
        attribute:"see_also",
        value:"https://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-34.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1005555"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1005557"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1005558"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1005560"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1005561"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1005562"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1005563"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1005566"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1005567"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1005569"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1005570"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1005581"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1005582"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1005583"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1005586"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=971456"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=977614"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=983938"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=986251"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=989911"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=989913"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=989914"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=989915"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=989919"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=989921"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=989922"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=989925"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=989926"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=990890"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=998309"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=999666"
      );
      script_set_attribute(
        attribute:"solution", 
        value:"Update the affected mysql-community-server packages."
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
      script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
      script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H");
      script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:O/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"true");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libmysql56client18");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libmysql56client18-32bit");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libmysql56client18-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libmysql56client18-debuginfo-32bit");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libmysql56client_r18");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libmysql56client_r18-32bit");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mysql-community-server");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mysql-community-server-bench");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mysql-community-server-bench-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mysql-community-server-client");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mysql-community-server-client-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mysql-community-server-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mysql-community-server-debugsource");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mysql-community-server-errormessages");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mysql-community-server-test");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mysql-community-server-test-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mysql-community-server-tools");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mysql-community-server-tools-debuginfo");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:42.2");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2016/05/05");
      script_set_attribute(attribute:"patch_publication_date", value:"2016/11/12");
      script_set_attribute(attribute:"plugin_publication_date", value:"2016/11/14");
      script_set_attribute(attribute:"generated_plugin", value:"current");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2016-2020 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"SuSE Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/SuSE/release");
    if (isnull(release) || release =~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "openSUSE");
    if (release !~ "^(SUSE42\.2)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "42.2", release);
    if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    ourarch = get_kb_item("Host/cpu");
    if (!ourarch) audit(AUDIT_UNKNOWN_ARCH);
    if (ourarch !~ "^(i586|i686|x86_64)$") audit(AUDIT_ARCH_NOT, "i586 / i686 / x86_64", ourarch);
    
    flag = 0;
    
    if ( rpm_check(release:"SUSE42.2", reference:"libmysql56client18-5.6.34-19.2") ) flag++;
    if ( rpm_check(release:"SUSE42.2", reference:"libmysql56client18-debuginfo-5.6.34-19.2") ) flag++;
    if ( rpm_check(release:"SUSE42.2", reference:"libmysql56client_r18-5.6.34-19.2") ) flag++;
    if ( rpm_check(release:"SUSE42.2", reference:"mysql-community-server-5.6.34-19.2") ) flag++;
    if ( rpm_check(release:"SUSE42.2", reference:"mysql-community-server-bench-5.6.34-19.2") ) flag++;
    if ( rpm_check(release:"SUSE42.2", reference:"mysql-community-server-bench-debuginfo-5.6.34-19.2") ) flag++;
    if ( rpm_check(release:"SUSE42.2", reference:"mysql-community-server-client-5.6.34-19.2") ) flag++;
    if ( rpm_check(release:"SUSE42.2", reference:"mysql-community-server-client-debuginfo-5.6.34-19.2") ) flag++;
    if ( rpm_check(release:"SUSE42.2", reference:"mysql-community-server-debuginfo-5.6.34-19.2") ) flag++;
    if ( rpm_check(release:"SUSE42.2", reference:"mysql-community-server-debugsource-5.6.34-19.2") ) flag++;
    if ( rpm_check(release:"SUSE42.2", reference:"mysql-community-server-errormessages-5.6.34-19.2") ) flag++;
    if ( rpm_check(release:"SUSE42.2", reference:"mysql-community-server-test-5.6.34-19.2") ) flag++;
    if ( rpm_check(release:"SUSE42.2", reference:"mysql-community-server-test-debuginfo-5.6.34-19.2") ) flag++;
    if ( rpm_check(release:"SUSE42.2", reference:"mysql-community-server-tools-5.6.34-19.2") ) flag++;
    if ( rpm_check(release:"SUSE42.2", reference:"mysql-community-server-tools-debuginfo-5.6.34-19.2") ) flag++;
    if ( rpm_check(release:"SUSE42.2", cpu:"x86_64", reference:"libmysql56client18-32bit-5.6.34-19.2") ) flag++;
    if ( rpm_check(release:"SUSE42.2", cpu:"x86_64", reference:"libmysql56client18-debuginfo-32bit-5.6.34-19.2") ) flag++;
    if ( rpm_check(release:"SUSE42.2", cpu:"x86_64", reference:"libmysql56client_r18-32bit-5.6.34-19.2") ) flag++;
    
    if (flag)
    {
      if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
      else security_hole(0);
      exit(0);
    }
    else
    {
      tested = pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "libmysql56client18-32bit / libmysql56client18 / etc");
    }
    
  • NASL familySuSE Local Security Checks
    NASL idSUSE_SU-2016-2932-1.NASL
    descriptionThis mariadb update to version 10.0.28 fixes the following issues (bsc#1008318): Security fixes : - CVE-2016-8283: Unspecified vulnerability in subcomponent Types (bsc#1005582) - CVE-2016-7440: Unspecified vulnerability in subcomponent Encryption (bsc#1005581) - CVE-2016-5629: Unspecified vulnerability in subcomponent Federated (bsc#1005569) - CVE-2016-5626: Unspecified vulnerability in subcomponent GIS (bsc#1005566) - CVE-2016-5624: Unspecified vulnerability in subcomponent DML (bsc#1005564) - CVE-2016-5616: Unspecified vulnerability in subcomponent MyISAM (bsc#1005562) - CVE-2016-5584: Unspecified vulnerability in subcomponent Encryption (bsc#1005558) - CVE-2016-3492: Unspecified vulnerability in subcomponent Optimizer (bsc#1005555) - CVE-2016-6663: Privilege Escalation / Race Condition (bsc#1001367) Bugfixes : - mysql_install_db can
    last seen2020-06-01
    modified2020-06-02
    plugin id95383
    published2016-11-29
    reporterThis script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/95383
    titleSUSE SLES12 Security Update : mariadb (SUSE-SU-2016:2932-1)
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were
    # extracted from SUSE update advisory SUSE-SU-2016:2932-1.
    # The text itself is copyright (C) SUSE.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(95383);
      script_version("3.6");
      script_cvs_date("Date: 2019/09/11 11:22:14");
    
      script_cve_id("CVE-2016-3492", "CVE-2016-5584", "CVE-2016-5616", "CVE-2016-5624", "CVE-2016-5626", "CVE-2016-5629", "CVE-2016-6663", "CVE-2016-7440", "CVE-2016-8283");
    
      script_name(english:"SUSE SLES12 Security Update : mariadb (SUSE-SU-2016:2932-1)");
      script_summary(english:"Checks rpm output for the updated packages.");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote SUSE host is missing one or more security updates."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "This mariadb update to version 10.0.28 fixes the following issues
    (bsc#1008318): Security fixes :
    
      - CVE-2016-8283: Unspecified vulnerability in subcomponent
        Types (bsc#1005582)
    
      - CVE-2016-7440: Unspecified vulnerability in subcomponent
        Encryption (bsc#1005581)
    
      - CVE-2016-5629: Unspecified vulnerability in subcomponent
        Federated (bsc#1005569)
    
      - CVE-2016-5626: Unspecified vulnerability in subcomponent
        GIS (bsc#1005566)
    
      - CVE-2016-5624: Unspecified vulnerability in subcomponent
        DML (bsc#1005564)
    
      - CVE-2016-5616: Unspecified vulnerability in subcomponent
        MyISAM (bsc#1005562)
    
      - CVE-2016-5584: Unspecified vulnerability in subcomponent
        Encryption (bsc#1005558)
    
      - CVE-2016-3492: Unspecified vulnerability in subcomponent
        Optimizer (bsc#1005555)
    
      - CVE-2016-6663: Privilege Escalation / Race Condition
        (bsc#1001367) Bugfixes :
    
      - mysql_install_db can't find data files (bsc#1006539)
    
      - mariadb failing test sys_vars.optimizer_switch_basic
        (bsc#1003800)
    
      - Notable changes :
    
      - XtraDB updated to 5.6.33-79.0
    
      - TokuDB updated to 5.6.33-79.0
    
      - Innodb updated to 5.6.33
    
      - Performance Schema updated to 5.6.33
    
      - Release notes and upstream changelog :
    
      - https://kb.askmonty.org/en/mariadb-10028-release-notes
    
      - https://kb.askmonty.org/en/mariadb-10028-changelog
    
    Note that Tenable Network Security has extracted the preceding
    description block directly from the SUSE security advisory. Tenable
    has attempted to automatically clean and format it as much as possible
    without introducing additional issues."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=1001367"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=1003800"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=1005555"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=1005558"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=1005562"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=1005564"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=1005566"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=1005569"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=1005581"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=1005582"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=1006539"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=1008318"
      );
      # https://kb.askmonty.org/en/mariadb-10028-changelog
      script_set_attribute(
        attribute:"see_also",
        value:"https://mariadb.com/kb/en/library/mariadb-10028-changelog/"
      );
      # https://kb.askmonty.org/en/mariadb-10028-release-notes
      script_set_attribute(
        attribute:"see_also",
        value:"https://mariadb.com/kb/en/library/mariadb-10028-release-notes/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2016-3492/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2016-5584/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2016-5616/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2016-5624/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2016-5626/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2016-5629/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2016-6663/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2016-7440/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2016-8283/"
      );
      # https://www.suse.com/support/update/announcement/2016/suse-su-20162932-1/
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.nessus.org/u?44e8bca1"
      );
      script_set_attribute(
        attribute:"solution", 
        value:
    "To install this SUSE Security Update use YaST online_update.
    Alternatively you can run the command listed for your product :
    
    SUSE Linux Enterprise Server for SAP 12:zypper in -t patch
    SUSE-SLE-SAP-12-2016-1718=1
    
    SUSE Linux Enterprise Server 12-LTSS:zypper in -t patch
    SUSE-SLE-SERVER-12-2016-1718=1
    
    To bring your system up-to-date, use 'zypper patch'."
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:S/C:N/I:N/A:C");
      script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
      script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H");
      script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:O/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"true");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libmysqlclient-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libmysqlclient18");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libmysqlclient18-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libmysqlclient_r18");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libmysqld-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libmysqld18");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libmysqld18-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:mariadb");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:mariadb-client");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:mariadb-client-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:mariadb-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:mariadb-debugsource");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:mariadb-errormessages");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:mariadb-tools");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:mariadb-tools-debuginfo");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:suse_linux:12");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2016/10/25");
      script_set_attribute(attribute:"patch_publication_date", value:"2016/11/28");
      script_set_attribute(attribute:"plugin_publication_date", value:"2016/11/29");
      script_set_attribute(attribute:"generated_plugin", value:"current");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"SuSE Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/SuSE/release");
    if (isnull(release) || release !~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "SUSE");
    os_ver = pregmatch(pattern: "^(SLE(S|D)\d+)", string:release);
    if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "SUSE");
    os_ver = os_ver[1];
    if (! preg(pattern:"^(SLES12)$", string:os_ver)) audit(AUDIT_OS_NOT, "SUSE SLES12", "SUSE " + os_ver);
    
    if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if (cpu !~ "^i[3-6]86$" && "x86_64" >!< cpu && "s390x" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "SUSE " + os_ver, cpu);
    
    sp = get_kb_item("Host/SuSE/patchlevel");
    if (isnull(sp)) sp = "0";
    if (os_ver == "SLES12" && (! preg(pattern:"^(0)$", string:sp))) audit(AUDIT_OS_NOT, "SLES12 SP0", os_ver + " SP" + sp);
    
    
    flag = 0;
    if (rpm_check(release:"SLES12", sp:"0", reference:"libmysqlclient-devel-10.0.28-20.16.2")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"libmysqlclient18-10.0.28-20.16.2")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"libmysqlclient18-debuginfo-10.0.28-20.16.2")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"libmysqlclient_r18-10.0.28-20.16.2")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"libmysqld-devel-10.0.28-20.16.2")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"libmysqld18-10.0.28-20.16.2")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"libmysqld18-debuginfo-10.0.28-20.16.2")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"mariadb-10.0.28-20.16.2")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"mariadb-client-10.0.28-20.16.2")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"mariadb-client-debuginfo-10.0.28-20.16.2")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"mariadb-debuginfo-10.0.28-20.16.2")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"mariadb-debugsource-10.0.28-20.16.2")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"mariadb-errormessages-10.0.28-20.16.2")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"mariadb-tools-10.0.28-20.16.2")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"mariadb-tools-debuginfo-10.0.28-20.16.2")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"libmysqlclient18-32bit-10.0.28-20.16.2")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"libmysqlclient18-debuginfo-32bit-10.0.28-20.16.2")) flag++;
    
    
    if (flag)
    {
      if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());
      else security_warning(0);
      exit(0);
    }
    else
    {
      tested = pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "mariadb");
    }
    
  • NASL familySlackware Local Security Checks
    NASL idSLACKWARE_SSA_2016-305-03.NASL
    descriptionNew mariadb packages are available for Slackware 14.1, 14.2, and -current to fix security issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id94440
    published2016-11-01
    reporterThis script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/94440
    titleSlackware 14.1 / 14.2 / current : mariadb (SSA:2016-305-03)
  • NASL familyGentoo Local Security Checks
    NASL idGENTOO_GLSA-201701-01.NASL
    descriptionThe remote host is affected by the vulnerability described in GLSA-201701-01 (MariaDB and MySQL: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in MariaDB and MySQL. Please review the CVE identifiers referenced below for details. Impact : Attackers could execute arbitrary code, escalate privileges, and impact availability via unspecified vectors. Workaround : There is no known workaround at this time.
    last seen2020-06-01
    modified2020-06-02
    plugin id96232
    published2017-01-03
    reporterThis script is Copyright (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/96232
    titleGLSA-201701-01 : MariaDB and MySQL: Multiple vulnerabilities
  • NASL familyDatabases
    NASL idMYSQL_5_5_53.NASL
    descriptionThe version of MySQL running on the remote host is 5.5.x prior to 5.5.53. It is, therefore, affected by multiple vulnerabilities : - An unspecified flaw exists in the Optimizer subcomponent that allows an authenticated, remote attacker to cause a denial of service condition. (CVE-2016-3492) - An unspecified flaw exists in the Security: Encryption subcomponent that allows an authenticated, remote attacker to disclose sensitive information. (CVE-2016-5584) - An unspecified flaw exists in the MyISAM subcomponent that allows a local attacker to gain elevated privileges. (CVE-2016-5616) - An unspecified flaw exists in the Error Handling subcomponent that allows a local attacker to gain elevated privileges. (CVE-2016-5617) - An unspecified flaw exists in the GIS subcomponent that allows an authenticated, remote attacker to cause a denial of service condition. (CVE-2016-5626) - An unspecified flaw exists in the Federated subcomponent that allows an authenticated, remote attacker to cause a denial of service condition. (CVE-2016-5629) - A flaw exists in the check_log_path() function within file sql/sys_vars.cc due to inadequate restrictions on the ability to write to the my.cnf configuration file and allowing the loading of configuration files from path locations not used by current versions. An authenticated, remote attacker can exploit this issue by using specially crafted queries that utilize logging functionality to create new files or append custom content to existing files. This allows the attacker to gain root privileges by inserting a custom .cnf file with a
    last seen2020-06-01
    modified2020-06-02
    plugin id94165
    published2016-10-20
    reporterThis script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/94165
    titleMySQL 5.5.x < 5.5.53 Multiple Vulnerabilities (October 2016 CPU)
  • NASL familyDatabases
    NASL idMYSQL_5_7_16_RPM.NASL
    descriptionThe version of MySQL running on the remote host is 5.7.x prior to 5.7.16. It is, therefore, affected by multiple vulnerabilities : - Multiple integer overflow conditions exist in s3_srvr.c, ssl_sess.c, and t1_lib.c due to improper use of pointer arithmetic for heap-buffer boundary checks. An unauthenticated, remote attacker can exploit this to cause a denial of service. (CVE-2016-2177) - An information disclosure vulnerability exists in the dsa_sign_setup() function in dsa_ossl.c due to a failure to properly ensure the use of constant-time operations. An unauthenticated, remote attacker can exploit this, via a timing side-channel attack, to disclose DSA key information. (CVE-2016-2178) - A denial of service vulnerability exists in the DTLS implementation due to a failure to properly restrict the lifetime of queue entries associated with unused out-of-order messages. An unauthenticated, remote attacker can exploit this, by maintaining multiple crafted DTLS sessions simultaneously, to exhaust memory. (CVE-2016-2179) - An out-of-bounds read error exists in the X.509 Public Key Infrastructure Time-Stamp Protocol (TSP) implementation. An unauthenticated, remote attacker can exploit this, via a crafted time-stamp file that is mishandled by the
    last seen2020-06-04
    modified2016-10-21
    plugin id94198
    published2016-10-21
    reporterThis script is Copyright (C) 2016-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/94198
    titleMySQL 5.7.x < 5.7.16 Multiple Vulnerabilities (October 2016 CPU) (SWEET32)
  • NASL familyDebian Local Security Checks
    NASL idDEBIAN_DSA-3711.NASL
    descriptionSeveral issues have been discovered in the MariaDB database server. The vulnerabilities are addressed by upgrading MariaDB to the new upstream version 10.0.28. Please see the MariaDB 10.0 Release Notes for further details : - https://mariadb.com/kb/en/mariadb/mariadb-10028-release- notes/
    last seen2020-06-01
    modified2020-06-02
    plugin id94743
    published2016-11-14
    reporterThis script is Copyright (C) 2016-2018 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/94743
    titleDebian DSA-3711-1 : mariadb-10.0 - security update
  • NASL familyDebian Local Security Checks
    NASL idDEBIAN_DLA-708.NASL
    descriptionSeveral issues have been discovered in the MySQL database server. The vulnerabilities are addressed by upgrading MySQL to the new upstream version 5.5.53, which includes additional changes, such as performance improvements, bug fixes, new features, and possibly incompatible changes. Please see the MySQL 5.5 Release Notes and Oracle
    last seen2020-03-17
    modified2016-11-16
    plugin id94916
    published2016-11-16
    reporterThis script is Copyright (C) 2016-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/94916
    titleDebian DLA-708-1 : mysql-5.5 security update
  • NASL familyDebian Local Security Checks
    NASL idDEBIAN_DSA-3706.NASL
    descriptionSeveral issues have been discovered in the MySQL database server. The vulnerabilities are addressed by upgrading MySQL to the new upstream version 5.5.53, which includes additional changes, such as performance improvements, bug fixes, new features, and possibly incompatible changes. Please see the MySQL 5.5 Release Notes and Oracle
    last seen2020-06-01
    modified2020-06-02
    plugin id94589
    published2016-11-07
    reporterThis script is Copyright (C) 2016-2018 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/94589
    titleDebian DSA-3706-1 : mysql-5.5 - security update
  • NASL familyDatabases
    NASL idMYSQL_5_5_53_RPM.NASL
    descriptionThe version of MySQL running on the remote host is 5.5.x prior to 5.5.53. It is, therefore, affected by multiple vulnerabilities : - An unspecified flaw exists in the Optimizer subcomponent that allows an authenticated, remote attacker to cause a denial of service condition. (CVE-2016-3492) - An unspecified flaw exists in the Security: Encryption subcomponent that allows an authenticated, remote attacker to disclose sensitive information. (CVE-2016-5584) - An unspecified flaw exists in the MyISAM subcomponent that allows a local attacker to gain elevated privileges. (CVE-2016-5616) - An unspecified flaw exists in the Error Handling subcomponent that allows a local attacker to gain elevated privileges. (CVE-2016-5617) - An unspecified flaw exists in the GIS subcomponent that allows an authenticated, remote attacker to cause a denial of service condition. (CVE-2016-5626) - An unspecified flaw exists in the Federated subcomponent that allows an authenticated, remote attacker to cause a denial of service condition. (CVE-2016-5629) - A flaw exists in the check_log_path() function within file sql/sys_vars.cc due to inadequate restrictions on the ability to write to the my.cnf configuration file and allowing the loading of configuration files from path locations not used by current versions. An authenticated, remote attacker can exploit this issue by using specially crafted queries that utilize logging functionality to create new files or append custom content to existing files. This allows the attacker to gain root privileges by inserting a custom .cnf file with a
    last seen2020-06-04
    modified2016-10-21
    plugin id94196
    published2016-10-21
    reporterThis script is Copyright (C) 2016-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/94196
    titleMySQL 5.5.x < 5.5.53 Multiple Vulnerabilities (October 2016 CPU)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_SU-2016-2933-1.NASL
    descriptionThis mariadb update to version 10.0.28 fixes the following issues (bsc#1008318): Security fixes : - CVE-2016-8283: Unspecified vulnerability in subcomponent Types (bsc#1005582) - CVE-2016-7440: Unspecified vulnerability in subcomponent Encryption (bsc#1005581) - CVE-2016-5629: Unspecified vulnerability in subcomponent Federated (bsc#1005569) - CVE-2016-5626: Unspecified vulnerability in subcomponent GIS (bsc#1005566) - CVE-2016-5624: Unspecified vulnerability in subcomponent DML (bsc#1005564) - CVE-2016-5616: Unspecified vulnerability in subcomponent MyISAM (bsc#1005562) - CVE-2016-5584: Unspecified vulnerability in subcomponent Encryption (bsc#1005558) - CVE-2016-3492: Unspecified vulnerability in subcomponent Optimizer (bsc#1005555) - CVE-2016-6663: Privilege Escalation / Race Condition (bsc#1001367) Bugfixes : - mysql_install_db can
    last seen2020-06-01
    modified2020-06-02
    plugin id95384
    published2016-11-29
    reporterThis script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/95384
    titleSUSE SLED12 / SLES12 Security Update : Recommended update for mariadb (SUSE-SU-2016:2933-1)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_SU-2016-2780-1.NASL
    descriptionThis mysql version update to 5.5.53 fixes the following issues : - CVE-2016-6662: Unspecified vulnerability in subcomponent Logging (bsc#1005580) - CVE-2016-7440: Unspecified vulnerability in subcomponent Encryption (bsc#1005581) - CVE-2016-5584: Unspecified vulnerability in subcomponent Encryption (bsc#1005558) Release Notes: http://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5- 53.html Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id94757
    published2016-11-14
    reporterThis script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/94757
    titleSUSE SLES11 Security Update : mysql (SUSE-SU-2016:2780-1)
  • NASL familyDatabases
    NASL idMYSQL_5_6_34_RPM.NASL
    descriptionThe version of MySQL running on the remote host is 5.6.x prior to 5.6.34. It is, therefore, affected by multiple vulnerabilities : - Multiple integer overflow conditions exist in s3_srvr.c, ssl_sess.c, and t1_lib.c due to improper use of pointer arithmetic for heap-buffer boundary checks. An unauthenticated, remote attacker can exploit this to cause a denial of service. (CVE-2016-2177) - An information disclosure vulnerability exists in the dsa_sign_setup() function in dsa_ossl.c due to a failure to properly ensure the use of constant-time operations. An unauthenticated, remote attacker can exploit this, via a timing side-channel attack, to disclose DSA key information. (CVE-2016-2178) - A denial of service vulnerability exists in the DTLS implementation due to a failure to properly restrict the lifetime of queue entries associated with unused out-of-order messages. An unauthenticated, remote attacker can exploit this, by maintaining multiple crafted DTLS sessions simultaneously, to exhaust memory. (CVE-2016-2179) - An out-of-bounds read error exists in the X.509 Public Key Infrastructure Time-Stamp Protocol (TSP) implementation. An unauthenticated, remote attacker can exploit this, via a crafted time-stamp file that is mishandled by the
    last seen2020-06-04
    modified2016-10-21
    plugin id94197
    published2016-10-21
    reporterThis script is Copyright (C) 2016-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/94197
    titleMySQL 5.6.x < 5.6.34 Multiple Vulnerabilities (October 2016 CPU) (SWEET32)
  • NASL familyDatabases
    NASL idMYSQL_5_7_16.NASL
    descriptionThe version of MySQL running on the remote host is 5.7.x prior to 5.7.16. It is, therefore, affected by multiple vulnerabilities : - Multiple integer overflow conditions exist in s3_srvr.c, ssl_sess.c, and t1_lib.c due to improper use of pointer arithmetic for heap-buffer boundary checks. An unauthenticated, remote attacker can exploit this to cause a denial of service. (CVE-2016-2177) - An information disclosure vulnerability exists in the dsa_sign_setup() function in dsa_ossl.c due to a failure to properly ensure the use of constant-time operations. An unauthenticated, remote attacker can exploit this, via a timing side-channel attack, to disclose DSA key information. (CVE-2016-2178) - A denial of service vulnerability exists in the DTLS implementation due to a failure to properly restrict the lifetime of queue entries associated with unused out-of-order messages. An unauthenticated, remote attacker can exploit this, by maintaining multiple crafted DTLS sessions simultaneously, to exhaust memory. (CVE-2016-2179) - An out-of-bounds read error exists in the X.509 Public Key Infrastructure Time-Stamp Protocol (TSP) implementation. An unauthenticated, remote attacker can exploit this, via a crafted time-stamp file that is mishandled by the
    last seen2020-06-01
    modified2020-06-02
    plugin id94167
    published2016-10-20
    reporterThis script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/94167
    titleMySQL 5.7.x < 5.7.16 Multiple Vulnerabilities (October 2016 CPU) (SWEET32)
  • NASL familySuSE Local Security Checks
    NASL idOPENSUSE-2016-1417.NASL
    descriptionThis mariadb update to version 10.0.28 fixes the following issues (bsc#1008318) : Security fixes : - CVE-2016-8283: Unspecified vulnerability in subcomponent Types (bsc#1005582) - CVE-2016-7440: Unspecified vulnerability in subcomponent Encryption (bsc#1005581) - CVE-2016-5629: Unspecified vulnerability in subcomponent Federated (bsc#1005569) - CVE-2016-5626: Unspecified vulnerability in subcomponent GIS (bsc#1005566) - CVE-2016-5624: Unspecified vulnerability in subcomponent DML (bsc#1005564) - CVE-2016-5616: Unspecified vulnerability in subcomponent MyISAM (bsc#1005562) - CVE-2016-5584: Unspecified vulnerability in subcomponent Encryption (bsc#1005558) - CVE-2016-3492: Unspecified vulnerability in subcomponent Optimizer (bsc#1005555) - CVE-2016-6663: Privilege Escalation / Race Condition (bsc#1001367) Bugfixes : - mysql_install_db can
    last seen2020-06-05
    modified2016-12-07
    plugin id95597
    published2016-12-07
    reporterThis script is Copyright (C) 2016-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/95597
    titleopenSUSE Security Update : mariadb (openSUSE-2016-1417)
  • NASL familySuSE Local Security Checks
    NASL idOPENSUSE-2016-1283.NASL
    descriptionmysql-community-server was updated to 5.6.34 to fix the following issues : - Changes http://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6- 34.html http://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6- 33.html http://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6- 32.html http://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6- 31.html - fixed CVEs: CVE-2016-6304, CVE-2016-6662, CVE-2016-7440, CVE-2016-5584, CVE-2016-5617, CVE-2016-5616, CVE-2016-5626, CVE-2016-3492, CVE-2016-5629, CVE-2016-5507, CVE-2016-8283, CVE-2016-5609, CVE-2016-5612, CVE-2016-5627, CVE-2016-5630, CVE-2016-8284, CVE-2016-8288, CVE-2016-3477, CVE-2016-2105, CVE-2016-3486, CVE-2016-3501, CVE-2016-3521, CVE-2016-3615, CVE-2016-3614, CVE-2016-3459, CVE-2016-5439, CVE-2016-5440 - fixes SUSE Bugs: [boo#999666], [boo#998309], [boo#1005581], [boo#1005558], [boo#1005563], [boo#1005562], [boo#1005566], [boo#1005555], [boo#1005569], [boo#1005557], [boo#1005582], [boo#1005560], [boo#1005561], [boo#1005567], [boo#1005570], [boo#1005583], [boo#1005586], [boo#989913], [boo#977614], [boo#989914], [boo#989915], [boo#989919], [boo#989922], [boo#989921], [boo#989911], [boo#989925], [boo#989926] - append
    last seen2020-06-05
    modified2016-11-11
    plugin id94694
    published2016-11-11
    reporterThis script is Copyright (C) 2016-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/94694
    titleopenSUSE Security Update : mysql-community-server (openSUSE-2016-1283)
  • NASL familySuSE Local Security Checks
    NASL idOPENSUSE-2016-1416.NASL
    descriptionThis mariadb update to version 10.0.28 fixes the following issues (bsc#1008318) : Security fixes : - CVE-2016-8283: Unspecified vulnerability in subcomponent Types (bsc#1005582) - CVE-2016-7440: Unspecified vulnerability in subcomponent Encryption (bsc#1005581) - CVE-2016-5629: Unspecified vulnerability in subcomponent Federated (bsc#1005569) - CVE-2016-5626: Unspecified vulnerability in subcomponent GIS (bsc#1005566) - CVE-2016-5624: Unspecified vulnerability in subcomponent DML (bsc#1005564) - CVE-2016-5616: Unspecified vulnerability in subcomponent MyISAM (bsc#1005562) - CVE-2016-5584: Unspecified vulnerability in subcomponent Encryption (bsc#1005558) - CVE-2016-3492: Unspecified vulnerability in subcomponent Optimizer (bsc#1005555) - CVE-2016-6663: Privilege Escalation / Race Condition (bsc#1001367) Bugfixes : - mariadb failing test sys_vars.optimizer_switch_basic (bsc#1003800) - Remove useless [email protected] (bsc#1004477) - Replace all occurrences of the string
    last seen2020-06-05
    modified2016-12-07
    plugin id95596
    published2016-12-07
    reporterThis script is Copyright (C) 2016-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/95596
    titleopenSUSE Security Update : mariadb (openSUSE-2016-1416)
  • NASL familyDatabases
    NASL idMYSQL_5_6_34.NASL
    descriptionThe version of MySQL running on the remote host is 5.6.x prior to 5.6.34. It is, therefore, affected by multiple vulnerabilities : - Multiple integer overflow conditions exist in s3_srvr.c, ssl_sess.c, and t1_lib.c due to improper use of pointer arithmetic for heap-buffer boundary checks. An unauthenticated, remote attacker can exploit this to cause a denial of service. (CVE-2016-2177) - An information disclosure vulnerability exists in the dsa_sign_setup() function in dsa_ossl.c due to a failure to properly ensure the use of constant-time operations. An unauthenticated, remote attacker can exploit this, via a timing side-channel attack, to disclose DSA key information. (CVE-2016-2178) - A denial of service vulnerability exists in the DTLS implementation due to a failure to properly restrict the lifetime of queue entries associated with unused out-of-order messages. An unauthenticated, remote attacker can exploit this, by maintaining multiple crafted DTLS sessions simultaneously, to exhaust memory. (CVE-2016-2179) - An out-of-bounds read error exists in the X.509 Public Key Infrastructure Time-Stamp Protocol (TSP) implementation. An unauthenticated, remote attacker can exploit this, via a crafted time-stamp file that is mishandled by the
    last seen2020-06-01
    modified2020-06-02
    plugin id94166
    published2016-10-20
    reporterThis script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/94166
    titleMySQL 5.6.x < 5.6.34 Multiple Vulnerabilities (October 2016 CPU) (SWEET32)