Vulnerabilities > CVE-2016-5626

047910
CVSS 4.0 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
SINGLE
Confidentiality impact
NONE
Integrity impact
NONE
Availability impact
PARTIAL
network
low complexity
oracle
mariadb
redhat
nessus

Summary

Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier, 5.6.32 and earlier, and 5.7.14 and earlier allows remote authenticated users to affect availability via vectors related to GIS.

Vulnerable Configurations

Part Description Count
Application
Oracle
105
Application
Mariadb
68
OS
Redhat
13

Nessus

  • NASL familyDatabases
    NASL idMYSQL_5_7_15_RPM.NASL
    descriptionThe version of MySQL running on the remote host is 5.7.x prior to 5.7.15. It is, therefore, affected by multiple vulnerabilities : - Multiple unspecified flaws exist in the Optimizer subcomponent that allow an authenticated, remote attacker to cause a denial of service condition. (CVE-2016-3492, CVE-2016-5632) - An unspecified flaw exists in the InnoDB subcomponent that allows an authenticated, remote attacker to cause a denial of service condition. (CVE-2016-5507) - An unspecified flaw exists in the MyISAM subcomponent that allows a local attacker to gain elevated privileges. (CVE-2016-5616) - An unspecified flaw exists in the Error Handling subcomponent that allows a local attacker to gain elevated privileges. (CVE-2016-5617) - An unspecified flaw exists in the Packaging subcomponent that allows a local attacker to gain elevated privileges. (CVE-2016-5625) - An unspecified flaw exists in the GIS subcomponent that allows an authenticated, remote attacker to cause a denial of service condition. (CVE-2016-5626) - An unspecified flaw exists in the Federated subcomponent that allows an authenticated, remote attacker to cause a denial of service condition. (CVE-2016-5629) - A flaw exists in the check_log_path() function within file sql/sys_vars.cc due to inadequate restrictions on the ability to write to the my.cnf configuration file and allowing the loading of configuration files from path locations not used by current versions. An authenticated, remote attacker can exploit this issue by using specially crafted queries that utilize logging functionality to create new files or append custom content to existing files. This allows the attacker to gain root privileges by inserting a custom .cnf file with a
    last seen2020-06-04
    modified2016-09-08
    plugin id93380
    published2016-09-08
    reporterThis script is Copyright (C) 2016-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/93380
    titleMySQL 5.7.x < 5.7.15 Multiple Vulnerabilities
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(93380);
      script_version("1.12");
      script_set_attribute(attribute:"plugin_modification_date", value:"2020/06/03");
    
      script_cve_id(
        "CVE-2016-3492",
        "CVE-2016-5507",
        "CVE-2016-5616",
        "CVE-2016-5617",
        "CVE-2016-5625",
        "CVE-2016-5626",
        "CVE-2016-5629",
        "CVE-2016-5632",
        "CVE-2016-6662",
        "CVE-2016-6663",
        "CVE-2016-8283",
        "CVE-2016-8286"
      );
      script_bugtraq_id(
        92911,
        92912,
        93612,
        93614,
        93617,
        93638,
        93650,
        93668,
        93678,
        93693,
        93737,
        93745
      );
      script_xref(name:"EDB-ID", value:"40360");
    
      script_name(english:"MySQL 5.7.x < 5.7.15 Multiple Vulnerabilities");
      script_summary(english:"Checks the version of MySQL server.");
    
      script_set_attribute(attribute:"synopsis", value:
    "The remote database server is affected by multiple vulnerabilities.");
      script_set_attribute(attribute:"description", value:
    "The version of MySQL running on the remote host is 5.7.x prior to
    5.7.15. It is, therefore, affected by multiple vulnerabilities :
    
      - Multiple unspecified flaws exist in the Optimizer
        subcomponent that allow an authenticated, remote
        attacker to cause a denial of service condition.
        (CVE-2016-3492, CVE-2016-5632)
    
      - An unspecified flaw exists in the InnoDB subcomponent
        that allows an authenticated, remote attacker to cause a
        denial of service condition. (CVE-2016-5507)
    
      - An unspecified flaw exists in the MyISAM subcomponent
        that allows a local attacker to gain elevated
        privileges. (CVE-2016-5616)
    
      - An unspecified flaw exists in the Error Handling
        subcomponent that allows a local attacker to gain
        elevated privileges. (CVE-2016-5617)
    
      - An unspecified flaw exists in the Packaging subcomponent
        that allows a local attacker to gain elevated
        privileges. (CVE-2016-5625)
    
      - An unspecified flaw exists in the GIS subcomponent that
        allows an authenticated, remote attacker to cause a
        denial of service condition. (CVE-2016-5626)
    
      - An unspecified flaw exists in the Federated subcomponent
        that allows an authenticated, remote attacker to cause a
        denial of service condition. (CVE-2016-5629)
    
      - A flaw exists in the check_log_path() function within
        file sql/sys_vars.cc due to inadequate restrictions on
        the ability to write to the my.cnf configuration file
        and allowing the loading of configuration files from
        path locations not used by current versions. An
        authenticated, remote attacker can exploit this issue
        by using specially crafted queries that utilize logging
        functionality to create new files or append custom
        content to existing files. This allows the attacker to
        gain root privileges by inserting a custom .cnf file
        with a 'malloc_lib=' directive pointing to specially
        crafted mysql_hookandroot_lib.so file and thereby cause
        MySQL to load a malicious library the next time it is
        started. (CVE-2016-6662)
    
      - An unspecified flaw exists that allows an authenticated,
        remote attacker to bypass restrictions and create the
        /var/lib/mysql/my.cnf file with custom contents without
        the FILE privilege requirement. (CVE-2016-6663)
        
      - An unspecified flaw exists in the Types subcomponent
        that allows an authenticated, remote attacker to cause
        a denial of service condition.(CVE-2016-8283)
    
      - An unspecified flaw exists in the Security: Privileges
        subcomponent that allows an authenticated, remote
        attacker to disclose sensitive information.
        (CVE-2016-8286)
    
      - A flaw exists that is related to the use of temporary
        files by REPAIR TABLE. An authenticated, remote attacker
        can exploit this to gain elevated privileges.
    
      - A flaw exists in InnoDB when handling an operation that
        dropped and created a full-text search table. An
        authenticated, remote attacker can exploit this to
        trigger an assertion, resulting in a denial of service
        condition.
    
      - A flaw exists in InnoDB when accessing full-text
        auxiliary tables while dropping the indexed table. An
        authenticated, remote attacker can exploit this to
        trigger an assertion, resulting in a denial of service
        condition.
    
      - A buffer overflow condition exists when handling long
        integer values in MEDIUMINT columns due to the improper
        validation of certain input. An authenticated, remote
        attacker can exploit this to cause a denial of service
        condition or the execution of arbitrary code.
    
      - An information disclosure vulnerability exists in the
        validate_password plugin due to passwords that have been
        rejected being written as plaintext to the error log. A
        local attacker can exploit this to more easily guess
        what passwords might have been chosen and accepted.
    
      - A flaw exists in InnoDB when handling an ALTER TABLE ...
        ENCRYPTION='Y', ALGORITHM=COPY operation that is applied
        to a table in the system tablespace. An authenticated,
        remote attacker can exploit this to trigger an
        assertion, resulting in a denial of service condition.
    
    Note that Nessus has not tested for these issues but has instead
    relied only on the application's self-reported version number.");
      # http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html
      script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?bac902d5");
      script_set_attribute(attribute:"see_also", value:"https://dev.mysql.com/doc/relnotes/mysql/5.7/en/news-5-7-15.html");
      # http://legalhackers.com/advisories/MySQL-Exploit-Remote-Root-Code-Execution-Privesc-CVE-2016-6662.html
      script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?fbd97f45");
      # https://www.oracle.com/ocom/groups/public/@otn/documents/webcontent/3235388.xml
      script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?453a538d");
      script_set_attribute(attribute:"solution", value:
    "Upgrade to MySQL version 5.7.15 or later.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
      script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
      script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H");
      script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:O/RC:C");
      script_set_attribute(attribute:"cvss_score_source", value:"CVE-2016-6662");
    
      script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"true");
      script_set_attribute(attribute:"in_the_news", value:"true");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2016/09/06");
      script_set_attribute(attribute:"patch_publication_date", value:"2016/09/06");
      script_set_attribute(attribute:"plugin_publication_date", value:"2016/09/08");
    
      script_set_attribute(attribute:"agent", value:"unix");
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"cpe:/a:oracle:mysql");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:mysql");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:mysql");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:mysql");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:mysql");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mysql");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:mysql");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:mysql");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:mysql");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_family(english:"Databases");
    
      script_copyright(english:"This script is Copyright (C) 2016-2020 and is owned by Tenable, Inc. or an Affiliate thereof.");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled");
      script_require_ports("Host/RedHat/release", "Host/AmazonLinux/release", "Host/SuSE/release", "Host/CentOS/release");
    
      exit(0);
    }
    
    include("mysql_version.inc");
    
    fix_version = "5.7.15";
    exists_version = "5.7";
    
    mysql_check_rpms(mysql_packages:default_mysql_rpm_list_server_only, fix_ver:fix_version, exists_ver:exists_version, rhel_os_list:default_mysql_rhel_os_list, centos_os_list:default_mysql_centos_os_list, suse_os_list:default_mysql_suse_os_list, ala_os_list:default_mysql_ala_os_list, severity:SECURITY_HOLE);
    
  • NASL familyDatabases
    NASL idMARIADB_10_0_28.NASL
    descriptionThe version of MariaDB running on the remote host is 10.0.x prior to 10.0.28. It is, therefore, affected by multiple vulnerabilities : - An unspecified flaw exists in the Optimizer subcomponent that allows an authenticated, remote attacker to cause a denial of service condition. (CVE-2016-3492) - An unspecified flaw exists in the Security: Encryption subcomponent that allows an authenticated, remote attacker to disclose sensitive information. (CVE-2016-5584) - An unspecified flaw exists in the MyISAM subcomponent that allows a local attacker to gain elevated privileges. (CVE-2016-5616) - An unspecified flaw exists in the DML subcomponent that allows an authenticated, remote attacker to cause a denial of service condition. (CVE-2016-5624) - An unspecified flaw exists in the GIS subcomponent that allows an authenticated, remote attacker to cause a denial of service condition. (CVE-2016-5626) - An unspecified flaw exists in the Federated subcomponent that allows an authenticated, remote attacker to cause a denial of service condition. (CVE-2016-5629) - An unspecified flaw exists that allows an authenticated, remote attacker to bypass restrictions and create the /var/lib/mysql/my.cnf file with custom contents without the FILE privilege requirement. (CVE-2016-6663) - A flaw exists in wolfSSL, specifically within the C software version of AES Encryption and Decryption, due to table lookups not properly considering cache-bank access times. A local attacker can exploit this, via a specially crafted application, to disclose AES keys. Note that this vulnerability does not affect MariaDB packages included in Red Hat products since they
    last seen2020-06-01
    modified2020-06-02
    plugin id95540
    published2016-12-05
    reporterThis script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/95540
    titleMariaDB 10.0.x < 10.0.28 Multiple Vulnerabilities
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(95540);
      script_version("1.7");
      script_cvs_date("Date: 2019/11/13");
    
      script_cve_id(
        "CVE-2016-3492",
        "CVE-2016-5584",
        "CVE-2016-5616",
        "CVE-2016-5624",
        "CVE-2016-5626",
        "CVE-2016-5629",
        "CVE-2016-6663",
        "CVE-2016-7440",
        "CVE-2016-8283"
      );
      script_bugtraq_id(
        92911,
        93614,
        93635,
        93638,
        93650,
        93659,
        93668,
        93735,
        93737
      );
      script_xref(name:"EDB-ID", value:"40678");
    
      script_name(english:"MariaDB 10.0.x < 10.0.28 Multiple Vulnerabilities");
      script_summary(english:"Checks the MariaDB version.");
    
      script_set_attribute(attribute:"synopsis", value:
    "The remote database server is affected by multiple vulnerabilities.");
      script_set_attribute(attribute:"description", value:
    "The version of MariaDB running on the remote host is 10.0.x prior to
    10.0.28. It is, therefore, affected by multiple vulnerabilities :
    
      - An unspecified flaw exists in the Optimizer subcomponent
        that allows an authenticated, remote attacker to cause a
        denial of service condition. (CVE-2016-3492)
    
      - An unspecified flaw exists in the Security: Encryption
        subcomponent that allows an authenticated, remote
        attacker to disclose sensitive information.
        (CVE-2016-5584)
    
      - An unspecified flaw exists in the MyISAM subcomponent
        that allows a local attacker to gain elevated
        privileges. (CVE-2016-5616)
    
      - An unspecified flaw exists in the DML subcomponent that
        allows an authenticated, remote attacker to cause a
        denial of service condition. (CVE-2016-5624)
    
      - An unspecified flaw exists in the GIS subcomponent that
        allows an authenticated, remote attacker to cause a
        denial of service condition. (CVE-2016-5626)
    
      - An unspecified flaw exists in the Federated subcomponent
        that allows an authenticated, remote attacker to cause a
        denial of service condition. (CVE-2016-5629)
    
      - An unspecified flaw exists that allows an authenticated,
        remote attacker to bypass restrictions and create the
        /var/lib/mysql/my.cnf file with custom contents without
        the FILE privilege requirement. (CVE-2016-6663)
    
      - A flaw exists in wolfSSL, specifically within the C
        software version of AES Encryption and Decryption, due
        to table lookups not properly considering cache-bank
        access times. A local attacker can exploit this, via a
        specially crafted application, to disclose AES keys.
        Note that this vulnerability does not affect MariaDB
        packages included in Red Hat products since they're
        built against system OpenSSL packages. (CVE-2016-7440)
    
      - An unspecified flaw exists in the Types subcomponent
        that allows an authenticated, remote attacker to cause
        a denial of service condition. (CVE-2016-8283)
    
      - A flaw exists in the fix_after_pullout() function in
        item.cc that is triggered when handling a prepared
        statement with a conversion to semi-join. An
        authenticated, remote attacker can exploit this to crash
        the database, resulting in a denial of service
        condition.
    
      - A flaw exists in the mysql_admin_table() function in
        sql_admin.cc that is triggered when handling
        re-execution of certain ANALYZE TABLE prepared
        statements. An authenticated, remote attacker can
        exploit this to crash the database, resulting in a
        denial of service condition.
    
      - A flaw exists in the fill_alter_inplace_info() function
        in sql_table.cc that is triggered when altering 
        persistent virtual columns. An authenticated, remote
        attacker can exploit this to crash the database,
        resulting in a denial of service condition.
    
      - A flaw exists in the mysql_rm_table_no_locks() function
        in sql_table.cc that is triggered during the handling of
        CREATE OR REPLACE TABLE queries. An authenticated,
        remote attacker can exploit this to crash the database,
        resulting in a denial of service condition.");
      script_set_attribute(attribute:"see_also", value:"https://mariadb.com/kb/en/library/mariadb-10028-changelog/");
      script_set_attribute(attribute:"see_also", value:"https://mariadb.com/kb/en/mariadb/mariadb-10028-release-notes/");
      script_set_attribute(attribute:"solution", value:
    "Upgrade to MariaDB version 10.0.28 or later.");
      script_set_cvss_base_vector("CVSS2#AV:L/AC:M/Au:N/C:P/I:P/A:P");
      script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
      script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H");
      script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:O/RC:C");
      script_set_attribute(attribute:"cvss_score_source", value:"CVE-2016-6663");
    
      script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"true");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2015/09/23");
      script_set_attribute(attribute:"patch_publication_date", value:"2016/10/28");
      script_set_attribute(attribute:"plugin_publication_date", value:"2016/12/05");
    
      script_set_attribute(attribute:"potential_vulnerability", value:"true");
      script_set_attribute(attribute:"plugin_type", value:"remote");
      script_set_attribute(attribute:"cpe", value:"cpe:/a:mariadb:mariadb");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_family(english:"Databases");
    
      script_copyright(english:"This script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
    
      script_dependencies("mysql_version.nasl", "mysql_login.nasl");
      script_require_keys("Settings/ParanoidReport");
      script_require_ports("Services/mysql", 3306);
    
      exit(0);
    }
    
    include("mysql_version.inc");
    
    mysql_check_version(variant:'MariaDB', fixed:'10.0.28-MariaDB', min:'10.0', severity:SECURITY_WARNING);
    
  • NASL familyCentOS Local Security Checks
    NASL idCENTOS_RHSA-2016-2595.NASL
    descriptionAn update for mariadb is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. MariaDB is a multi-user, multi-threaded SQL database server that is binary compatible with MySQL. The following packages have been upgraded to a newer upstream version: mariadb (5.5.52). (BZ#1304516, BZ#1377974) Security Fix(es) : * It was discovered that the MariaDB logging functionality allowed writing to MariaDB configuration files. An administrative database user, or a database user with FILE privileges, could possibly use this flaw to run arbitrary commands with root privileges on the system running the database server. (CVE-2016-6662) * A race condition was found in the way MariaDB performed MyISAM engine table repair. A database user with shell access to the server running mysqld could use this flaw to change permissions of arbitrary files writable by the mysql system user. (CVE-2016-6663) * This update fixes several vulnerabilities in the MariaDB database server. Information about these flaws can be found on the Oracle Critical Patch Update Advisory page, listed in the References section. (CVE-2016-3492, CVE-2016-5612, CVE-2016-5616, CVE-2016-5624, CVE-2016-5626, CVE-2016-5629, CVE-2016-8283) Additional Changes : For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.3 Release Notes linked from the References section.
    last seen2020-06-01
    modified2020-06-02
    plugin id95341
    published2016-11-28
    reporterThis script is Copyright (C) 2016-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/95341
    titleCentOS 7 : mariadb (CESA-2016:2595)
  • NASL familySuSE Local Security Checks
    NASL idOPENSUSE-2016-1289.NASL
    descriptionmysql-community-server was updated to 5.6.34 to fix the following issues : - Changes http://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6- 34.html http://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6- 33.html http://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6- 32.html http://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6- 31.html - fixed CVEs: CVE-2016-6304, CVE-2016-6662, CVE-2016-7440, CVE-2016-5584, CVE-2016-5617, CVE-2016-5616, CVE-2016-5626, CVE-2016-3492, CVE-2016-5629, CVE-2016-5507, CVE-2016-8283, CVE-2016-5609, CVE-2016-5612, CVE-2016-5627, CVE-2016-5630, CVE-2016-8284, CVE-2016-8288, CVE-2016-3477, CVE-2016-2105, CVE-2016-3486, CVE-2016-3501, CVE-2016-3521, CVE-2016-3615, CVE-2016-3614, CVE-2016-3459, CVE-2016-5439, CVE-2016-5440 - fixes SUSE Bugs: [boo#999666], [boo#998309], [boo#1005581], [boo#1005558], [boo#1005563], [boo#1005562], [boo#1005566], [boo#1005555], [boo#1005569], [boo#1005557], [boo#1005582], [boo#1005560], [boo#1005561], [boo#1005567], [boo#1005570], [boo#1005583], [boo#1005586], [boo#989913], [boo#977614], [boo#989914], [boo#989915], [boo#989919], [boo#989922], [boo#989921], [boo#989911], [boo#989925], [boo#989926] - append
    last seen2020-06-05
    modified2016-11-14
    plugin id94756
    published2016-11-14
    reporterThis script is Copyright (C) 2016-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/94756
    titleopenSUSE Security Update : mysql-community-server (openSUSE-2016-1289)
  • NASL familyScientific Linux Local Security Checks
    NASL idSL_20161103_MARIADB_ON_SL7_X.NASL
    descriptionThe following packages have been upgraded to a newer upstream version: mariadb (5.5.52). Security Fix(es) : - It was discovered that the MariaDB logging functionality allowed writing to MariaDB configuration files. An administrative database user, or a database user with FILE privileges, could possibly use this flaw to run arbitrary commands with root privileges on the system running the database server. (CVE-2016-6662) - A race condition was found in the way MariaDB performed MyISAM engine table repair. A database user with shell access to the server running mysqld could use this flaw to change permissions of arbitrary files writable by the mysql system user. (CVE-2016-6663) (CVE-2016-3492, CVE-2016-5612, CVE-2016-5616, CVE-2016-5624, CVE-2016-5626, CVE-2016-5629, CVE-2016-8283) Additional Changes :
    last seen2020-03-18
    modified2016-12-15
    plugin id95847
    published2016-12-15
    reporterThis script is Copyright (C) 2016-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/95847
    titleScientific Linux Security Update : mariadb on SL7.x x86_64 (20161103)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_SU-2016-2932-1.NASL
    descriptionThis mariadb update to version 10.0.28 fixes the following issues (bsc#1008318): Security fixes : - CVE-2016-8283: Unspecified vulnerability in subcomponent Types (bsc#1005582) - CVE-2016-7440: Unspecified vulnerability in subcomponent Encryption (bsc#1005581) - CVE-2016-5629: Unspecified vulnerability in subcomponent Federated (bsc#1005569) - CVE-2016-5626: Unspecified vulnerability in subcomponent GIS (bsc#1005566) - CVE-2016-5624: Unspecified vulnerability in subcomponent DML (bsc#1005564) - CVE-2016-5616: Unspecified vulnerability in subcomponent MyISAM (bsc#1005562) - CVE-2016-5584: Unspecified vulnerability in subcomponent Encryption (bsc#1005558) - CVE-2016-3492: Unspecified vulnerability in subcomponent Optimizer (bsc#1005555) - CVE-2016-6663: Privilege Escalation / Race Condition (bsc#1001367) Bugfixes : - mysql_install_db can
    last seen2020-06-01
    modified2020-06-02
    plugin id95383
    published2016-11-29
    reporterThis script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/95383
    titleSUSE SLES12 Security Update : mariadb (SUSE-SU-2016:2932-1)
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2016-2595.NASL
    descriptionAn update for mariadb is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. MariaDB is a multi-user, multi-threaded SQL database server that is binary compatible with MySQL. The following packages have been upgraded to a newer upstream version: mariadb (5.5.52). (BZ#1304516, BZ#1377974) Security Fix(es) : * It was discovered that the MariaDB logging functionality allowed writing to MariaDB configuration files. An administrative database user, or a database user with FILE privileges, could possibly use this flaw to run arbitrary commands with root privileges on the system running the database server. (CVE-2016-6662) * A race condition was found in the way MariaDB performed MyISAM engine table repair. A database user with shell access to the server running mysqld could use this flaw to change permissions of arbitrary files writable by the mysql system user. (CVE-2016-6663) * This update fixes several vulnerabilities in the MariaDB database server. Information about these flaws can be found on the Oracle Critical Patch Update Advisory page, listed in the References section. (CVE-2016-3492, CVE-2016-5612, CVE-2016-5616, CVE-2016-5624, CVE-2016-5626, CVE-2016-5629, CVE-2016-8283) Additional Changes : For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.3 Release Notes linked from the References section.
    last seen2020-06-01
    modified2020-06-02
    plugin id94558
    published2016-11-04
    reporterThis script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/94558
    titleRHEL 7 : mariadb (RHSA-2016:2595)
  • NASL familyHuawei Local Security Checks
    NASL idEULEROS_SA-2019-1554.NASL
    descriptionAccording to the versions of the mariadb packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier, 5.6.29 and earlier, and 5.7.11 and earlier and MariaDB before 5.5.49, 10.0.x before 10.0.25, and 10.1.x before 10.1.14 allows local users to affect confidentiality via vectors related to DML.(CVE-2016-0643) - Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier, 5.6.27 and earlier, and 5.7.9 and MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10 allows remote authenticated users to affect availability via vectors related to UDF.(CVE-2016-0608) - Unspecified vulnerability in Oracle MySQL 5.5.47 and earlier, 5.6.28 and earlier, and 5.7.10 and earlier and MariaDB before 5.5.48, 10.0.x before 10.0.24, and 10.1.x before 10.1.12 allows local users to affect availability via vectors related to DDL.(CVE-2016-0644) - Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier, and 5.6.20 and earlier, allows remote authenticated users to affect confidentiality, integrity, and availability via vectors related to SERVER:DML.(CVE-2014-6507) - Unspecified vulnerability in Oracle MySQL 5.5.47 and earlier, 5.6.28 and earlier, and 5.7.10 and earlier and MariaDB before 5.5.48, 10.0.x before 10.0.24, and 10.1.x before 10.1.12 allows local users to affect availability via vectors related to DML.(CVE-2016-0646) - Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier, 5.6.27 and earlier, and 5.7.9 and MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10 allows remote authenticated users to affect availability via unknown vectors related to InnoDB.(CVE-2016-0600) - Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier, 5.6.27 and earlier, and 5.7.9 and MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10 allows remote authenticated users to affect availability via unknown vectors related to Optimizer.(CVE-2016-0597) - Buffer overflow in client/mysql.cc in Oracle MySQL and MariaDB before 5.5.35 allows remote database servers to cause a denial of service (crash) and possibly execute arbitrary code via a long server version string.(CVE-2014-0001) - Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier, 5.6.29 and earlier, and 5.7.11 and earlier and MariaDB before 5.5.49, 10.0.x before 10.0.25, and 10.1.x before 10.1.14 allows local users to affect availability via vectors related to PS.(CVE-2016-0648) - Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier and 5.6.27 and earlier and MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10 allows remote authenticated users to affect availability via vectors related to DML.(CVE-2016-0596) - Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier and MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10 allows remote authenticated users to affect availability via unknown vectors related to Optimizer.(CVE-2016-0616) - Unspecified vulnerability in Oracle MySQL 5.5.47 and earlier, 5.6.28 and earlier, and 5.7.10 and earlier and MariaDB before 5.5.48, 10.0.x before 10.0.24, and 10.1.x before 10.1.12 allows local users to affect availability via vectors related to PS.(CVE-2016-0649) - It was found that the MySQL client library permitted but did not require a client to use SSL/TLS when establishing a secure connection to a MySQL server using the
    last seen2020-06-01
    modified2020-06-02
    plugin id125007
    published2019-05-14
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/125007
    titleEulerOS Virtualization 3.0.1.0 : mariadb (EulerOS-SA-2019-1554)
  • NASL familyDatabases
    NASL idMYSQL_5_7_15.NASL
    descriptionThe version of MySQL running on the remote host is 5.7.x prior to 5.7.15. It is, therefore, affected by multiple vulnerabilities : - Multiple unspecified flaws exist in the Optimizer subcomponent that allow an authenticated, remote attacker to cause a denial of service condition. (CVE-2016-3492, CVE-2016-5632) - An unspecified flaw exists in the InnoDB subcomponent that allows an authenticated, remote attacker to cause a denial of service condition. (CVE-2016-5507) - An unspecified flaw exists in the MyISAM subcomponent that allows a local attacker to gain elevated privileges. (CVE-2016-5616) - An unspecified flaw exists in the Error Handling subcomponent that allows a local attacker to gain elevated privileges. (CVE-2016-5617) - An unspecified flaw exists in the Packaging subcomponent that allows a local attacker to gain elevated privileges. (CVE-2016-5625) - An unspecified flaw exists in the GIS subcomponent that allows an authenticated, remote attacker to cause a denial of service condition. (CVE-2016-5626) - An unspecified flaw exists in the Federated subcomponent that allows an authenticated, remote attacker to cause a denial of service condition. (CVE-2016-5629) - A flaw exists in the check_log_path() function within file sql/sys_vars.cc due to inadequate restrictions on the ability to write to the my.cnf configuration file and allowing the loading of configuration files from path locations not used by current versions. An authenticated, remote attacker can exploit this issue by using specially crafted queries that utilize logging functionality to create new files or append custom content to existing files. This allows the attacker to gain root privileges by inserting a custom .cnf file with a
    last seen2020-06-01
    modified2020-06-02
    plugin id93379
    published2016-09-08
    reporterThis script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/93379
    titleMySQL 5.7.x < 5.7.15 Multiple Vulnerabilities
  • NASL familySlackware Local Security Checks
    NASL idSLACKWARE_SSA_2016-305-03.NASL
    descriptionNew mariadb packages are available for Slackware 14.1, 14.2, and -current to fix security issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id94440
    published2016-11-01
    reporterThis script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/94440
    titleSlackware 14.1 / 14.2 / current : mariadb (SSA:2016-305-03)
  • NASL familyGentoo Local Security Checks
    NASL idGENTOO_GLSA-201701-01.NASL
    descriptionThe remote host is affected by the vulnerability described in GLSA-201701-01 (MariaDB and MySQL: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in MariaDB and MySQL. Please review the CVE identifiers referenced below for details. Impact : Attackers could execute arbitrary code, escalate privileges, and impact availability via unspecified vectors. Workaround : There is no known workaround at this time.
    last seen2020-06-01
    modified2020-06-02
    plugin id96232
    published2017-01-03
    reporterThis script is Copyright (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/96232
    titleGLSA-201701-01 : MariaDB and MySQL: Multiple vulnerabilities
  • NASL familyDatabases
    NASL idMYSQL_5_5_53.NASL
    descriptionThe version of MySQL running on the remote host is 5.5.x prior to 5.5.53. It is, therefore, affected by multiple vulnerabilities : - An unspecified flaw exists in the Optimizer subcomponent that allows an authenticated, remote attacker to cause a denial of service condition. (CVE-2016-3492) - An unspecified flaw exists in the Security: Encryption subcomponent that allows an authenticated, remote attacker to disclose sensitive information. (CVE-2016-5584) - An unspecified flaw exists in the MyISAM subcomponent that allows a local attacker to gain elevated privileges. (CVE-2016-5616) - An unspecified flaw exists in the Error Handling subcomponent that allows a local attacker to gain elevated privileges. (CVE-2016-5617) - An unspecified flaw exists in the GIS subcomponent that allows an authenticated, remote attacker to cause a denial of service condition. (CVE-2016-5626) - An unspecified flaw exists in the Federated subcomponent that allows an authenticated, remote attacker to cause a denial of service condition. (CVE-2016-5629) - A flaw exists in the check_log_path() function within file sql/sys_vars.cc due to inadequate restrictions on the ability to write to the my.cnf configuration file and allowing the loading of configuration files from path locations not used by current versions. An authenticated, remote attacker can exploit this issue by using specially crafted queries that utilize logging functionality to create new files or append custom content to existing files. This allows the attacker to gain root privileges by inserting a custom .cnf file with a
    last seen2020-06-01
    modified2020-06-02
    plugin id94165
    published2016-10-20
    reporterThis script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/94165
    titleMySQL 5.5.x < 5.5.53 Multiple Vulnerabilities (October 2016 CPU)
  • NASL familyDebian Local Security Checks
    NASL idDEBIAN_DSA-3711.NASL
    descriptionSeveral issues have been discovered in the MariaDB database server. The vulnerabilities are addressed by upgrading MariaDB to the new upstream version 10.0.28. Please see the MariaDB 10.0 Release Notes for further details : - https://mariadb.com/kb/en/mariadb/mariadb-10028-release- notes/
    last seen2020-06-01
    modified2020-06-02
    plugin id94743
    published2016-11-14
    reporterThis script is Copyright (C) 2016-2018 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/94743
    titleDebian DSA-3711-1 : mariadb-10.0 - security update
  • NASL familyHuawei Local Security Checks
    NASL idEULEROS_SA-2016-1062.NASL
    descriptionAccording to the versions of the mariadb packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier, 5.6.32 and earlier, and 5.7.14 and earlier allows remote authenticated users to affect availability via vectors related to Server: Optimizer.(CVE-2016-3492) - Unspecified vulnerability in Oracle MySQL 5.5.50 and earlier, 5.6.31 and earlier, and 5.7.13 and earlier allows remote authenticated users to affect availability via vectors related to DML.(CVE-2016-5612) - Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier, 5.6.32 and earlier, and 5.7.14 and earlier allows local users to affect confidentiality, integrity, and availability via vectors related to Server: MyISAM.(CVE-2016-5616i1/4%0 - Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier allows remote authenticated users to affect availability via vectors related to DML.i1/4^CVE-2016-5624i1/4%0 - Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier, 5.6.32 and earlier, and 5.7.14 and earlier allows remote authenticated users to affect availability via vectors related to GIS.i1/4^CVE-2016-5626i1/4%0 - Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier, 5.6.32 and earlier, and 5.7.14 and earlier allows remote administrators to affect availability via vectors related to Server: Federated.i1/4^CVE-2016-5629i1/4%0 - Oracle MySQL through 5.5.52, 5.6.x through 5.6.33, and 5.7.x through 5.7.15 MariaDB before 5.5.51, 10.0.x before 10.0.27, and 10.1.x before 10.1.17 and Percona Server before 5.5.51-38.1, 5.6.x before 5.6.32-78.0, and 5.7.x before 5.7.14-7 allow local users to create arbitrary configurations and bypass certain protection mechanisms by setting general_log_file to a my.cnf configuration. NOTE: this can be leveraged to execute arbitrary code with root privileges by setting malloc_lib.i1/4^CVE-2016-6662i1/4%0 - A race condition was found in the way MySQL performed MyISAM engine table repair. A database user with shell access to the server running mysqld could use this flaw to change permissions of arbitrary files writable by the mysql system user.i1/4^CVE-2016-6663i1/4%0 - Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier, 5.6.32 and earlier, and 5.7.14 and earlier allows remote authenticated users to affect availability via vectors related to Server: Types.i1/4^CVE-2016-8283i1/4%0 Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-05-06
    modified2017-05-01
    plugin id99824
    published2017-05-01
    reporterThis script is Copyright (C) 2017-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/99824
    titleEulerOS 2.0 SP1 : mariadb (EulerOS-SA-2016-1062)
  • NASL familyDatabases
    NASL idMARIADB_5_5_52.NASL
    descriptionThe version of MariaDB running on the remote host is 5.5.x prior to 5.5.52. It is, therefore, affected by multiple vulnerabilities : - An unspecified flaw exists in the Optimizer subcomponent that allows an authenticated, remote attacker to cause a denial of service condition. (CVE-2016-3492) - An unspecified flaw exists in the MyISAM subcomponent that allows a local attacker to gain elevated privileges. (CVE-2016-5616) - An unspecified flaw exists in the DML subcomponent that allows an authenticated, remote attacker to cause a denial of service condition. (CVE-2016-5624) - An unspecified flaw exists in the GIS subcomponent that allows an authenticated, remote attacker to cause a denial of service condition. (CVE-2016-5626) - An unspecified flaw exists in the Federated subcomponent that allows an authenticated remote attacker to cause a denial of service condition. (CVE-2016-5629) - A security bypass vulnerability exists that allows an authenticated, remote attacker to bypass file access restrictions and create the /var/lib/mysql/my.cnf file with arbitrary contents without the FILE privilege requirement. (CVE-2016-6663) - An unspecified flaw exists in the Types subcomponent that allows an authenticated, remote attacker to cause a denial of service condition. (CVE-2016-8283) - A flaw exists in the Item_field::fix_after_pullout() function within file sql/item.cc when handling a prepared statement with conversion to semi-join. An authenticated, remote attacker can exploit this to cause a denial of service condition. - An assertion flaw exists in the mysql_admin_table() function within file sql/sql_admin.cc when handling the re-execution of certain ANALYZE TABLE prepared statements. An authenticated, remote attacker can exploit this to cause a denial of service condition.
    last seen2020-06-01
    modified2020-06-02
    plugin id95633
    published2016-12-08
    reporterThis script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/95633
    titleMariaDB 5.5.x < 5.5.52 Multiple Vulnerabilities
  • NASL familyOracle Linux Local Security Checks
    NASL idORACLELINUX_ELSA-2016-2595.NASL
    descriptionFrom Red Hat Security Advisory 2016:2595 : An update for mariadb is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. MariaDB is a multi-user, multi-threaded SQL database server that is binary compatible with MySQL. The following packages have been upgraded to a newer upstream version: mariadb (5.5.52). (BZ#1304516, BZ#1377974) Security Fix(es) : * It was discovered that the MariaDB logging functionality allowed writing to MariaDB configuration files. An administrative database user, or a database user with FILE privileges, could possibly use this flaw to run arbitrary commands with root privileges on the system running the database server. (CVE-2016-6662) * A race condition was found in the way MariaDB performed MyISAM engine table repair. A database user with shell access to the server running mysqld could use this flaw to change permissions of arbitrary files writable by the mysql system user. (CVE-2016-6663) * This update fixes several vulnerabilities in the MariaDB database server. Information about these flaws can be found on the Oracle Critical Patch Update Advisory page, listed in the References section. (CVE-2016-3492, CVE-2016-5612, CVE-2016-5616, CVE-2016-5624, CVE-2016-5626, CVE-2016-5629, CVE-2016-8283) Additional Changes : For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.3 Release Notes linked from the References section.
    last seen2020-06-01
    modified2020-06-02
    plugin id94715
    published2016-11-11
    reporterThis script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/94715
    titleOracle Linux 7 : mariadb (ELSA-2016-2595)
  • NASL familyDatabases
    NASL idMARIADB_10_1_18.NASL
    descriptionThe version of MariaDB running on the remote host is 10.1.x prior to 10.1.18. It is, therefore, affected by multiple vulnerabilities : - An unspecified flaw exists in the Optimizer subcomponent that allows an authenticated, remote attacker to cause a denial of service condition. (CVE-2016-3492) - An unspecified flaw exists in the MyISAM subcomponent that allows a local attacker to gain elevated privileges. (CVE-2016-5616) - An unspecified flaw exists in the DML subcomponent that allows an authenticated, remote attacker to cause a denial of service condition. (CVE-2016-5624) - An unspecified flaw exists in the GIS subcomponent that allows an authenticated, remote attacker to cause a denial of service condition. (CVE-2016-5626) - An unspecified flaw exists in the Federated subcomponent that allows an authenticated remote attacker to cause a denial of service condition. (CVE-2016-5629) - A security bypass vulnerability exists that allows an authenticated, remote attacker to bypass file access restrictions and create the /var/lib/mysql/my.cnf file with arbitrary contents without the FILE privilege requirement. (CVE-2016-6663) - An unspecified flaw exists in the Types subcomponent that allows an authenticated, remote attacker to cause a denial of service condition. (CVE-2016-8283) - A flaw exists in the Item_field::fix_after_pullout() function within file sql/item.cc when handling a prepared statement with conversion to semi-join. An authenticated, remote attacker can exploit this to cause a denial of service condition. - An assertion flaw exists in the mysql_admin_table() function within file sql/sql_admin.cc when handling the re-execution of certain ANALYZE TABLE prepared statements. An authenticated, remote attacker can exploit this to cause a denial of service condition.
    last seen2020-06-01
    modified2020-06-02
    plugin id95632
    published2016-12-08
    reporterThis script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/95632
    titleMariaDB 10.1.x < 10.1.18 Multiple Vulnerabilities
  • NASL familyFreeBSD Local Security Checks
    NASL idFREEBSD_PKG_22373C43D72811E6A9A5B499BAEBFEAF.NASL
    descriptionThe MySQL project reports : - CVE-2016-3492: Remote security vulnerability in
    last seen2020-06-01
    modified2020-06-02
    plugin id96510
    published2017-01-16
    reporterThis script is Copyright (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/96510
    titleFreeBSD : MySQL -- multiple vulnerabilities (22373c43-d728-11e6-a9a5-b499baebfeaf)
  • NASL familyDatabases
    NASL idMYSQL_5_5_53_RPM.NASL
    descriptionThe version of MySQL running on the remote host is 5.5.x prior to 5.5.53. It is, therefore, affected by multiple vulnerabilities : - An unspecified flaw exists in the Optimizer subcomponent that allows an authenticated, remote attacker to cause a denial of service condition. (CVE-2016-3492) - An unspecified flaw exists in the Security: Encryption subcomponent that allows an authenticated, remote attacker to disclose sensitive information. (CVE-2016-5584) - An unspecified flaw exists in the MyISAM subcomponent that allows a local attacker to gain elevated privileges. (CVE-2016-5616) - An unspecified flaw exists in the Error Handling subcomponent that allows a local attacker to gain elevated privileges. (CVE-2016-5617) - An unspecified flaw exists in the GIS subcomponent that allows an authenticated, remote attacker to cause a denial of service condition. (CVE-2016-5626) - An unspecified flaw exists in the Federated subcomponent that allows an authenticated, remote attacker to cause a denial of service condition. (CVE-2016-5629) - A flaw exists in the check_log_path() function within file sql/sys_vars.cc due to inadequate restrictions on the ability to write to the my.cnf configuration file and allowing the loading of configuration files from path locations not used by current versions. An authenticated, remote attacker can exploit this issue by using specially crafted queries that utilize logging functionality to create new files or append custom content to existing files. This allows the attacker to gain root privileges by inserting a custom .cnf file with a
    last seen2020-06-04
    modified2016-10-21
    plugin id94196
    published2016-10-21
    reporterThis script is Copyright (C) 2016-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/94196
    titleMySQL 5.5.x < 5.5.53 Multiple Vulnerabilities (October 2016 CPU)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_SU-2016-2933-1.NASL
    descriptionThis mariadb update to version 10.0.28 fixes the following issues (bsc#1008318): Security fixes : - CVE-2016-8283: Unspecified vulnerability in subcomponent Types (bsc#1005582) - CVE-2016-7440: Unspecified vulnerability in subcomponent Encryption (bsc#1005581) - CVE-2016-5629: Unspecified vulnerability in subcomponent Federated (bsc#1005569) - CVE-2016-5626: Unspecified vulnerability in subcomponent GIS (bsc#1005566) - CVE-2016-5624: Unspecified vulnerability in subcomponent DML (bsc#1005564) - CVE-2016-5616: Unspecified vulnerability in subcomponent MyISAM (bsc#1005562) - CVE-2016-5584: Unspecified vulnerability in subcomponent Encryption (bsc#1005558) - CVE-2016-3492: Unspecified vulnerability in subcomponent Optimizer (bsc#1005555) - CVE-2016-6663: Privilege Escalation / Race Condition (bsc#1001367) Bugfixes : - mysql_install_db can
    last seen2020-06-01
    modified2020-06-02
    plugin id95384
    published2016-11-29
    reporterThis script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/95384
    titleSUSE SLED12 / SLES12 Security Update : Recommended update for mariadb (SUSE-SU-2016:2933-1)
  • NASL familyDatabases
    NASL idMYSQL_5_6_34_RPM.NASL
    descriptionThe version of MySQL running on the remote host is 5.6.x prior to 5.6.34. It is, therefore, affected by multiple vulnerabilities : - Multiple integer overflow conditions exist in s3_srvr.c, ssl_sess.c, and t1_lib.c due to improper use of pointer arithmetic for heap-buffer boundary checks. An unauthenticated, remote attacker can exploit this to cause a denial of service. (CVE-2016-2177) - An information disclosure vulnerability exists in the dsa_sign_setup() function in dsa_ossl.c due to a failure to properly ensure the use of constant-time operations. An unauthenticated, remote attacker can exploit this, via a timing side-channel attack, to disclose DSA key information. (CVE-2016-2178) - A denial of service vulnerability exists in the DTLS implementation due to a failure to properly restrict the lifetime of queue entries associated with unused out-of-order messages. An unauthenticated, remote attacker can exploit this, by maintaining multiple crafted DTLS sessions simultaneously, to exhaust memory. (CVE-2016-2179) - An out-of-bounds read error exists in the X.509 Public Key Infrastructure Time-Stamp Protocol (TSP) implementation. An unauthenticated, remote attacker can exploit this, via a crafted time-stamp file that is mishandled by the
    last seen2020-06-04
    modified2016-10-21
    plugin id94197
    published2016-10-21
    reporterThis script is Copyright (C) 2016-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/94197
    titleMySQL 5.6.x < 5.6.34 Multiple Vulnerabilities (October 2016 CPU) (SWEET32)
  • NASL familySuSE Local Security Checks
    NASL idOPENSUSE-2016-1417.NASL
    descriptionThis mariadb update to version 10.0.28 fixes the following issues (bsc#1008318) : Security fixes : - CVE-2016-8283: Unspecified vulnerability in subcomponent Types (bsc#1005582) - CVE-2016-7440: Unspecified vulnerability in subcomponent Encryption (bsc#1005581) - CVE-2016-5629: Unspecified vulnerability in subcomponent Federated (bsc#1005569) - CVE-2016-5626: Unspecified vulnerability in subcomponent GIS (bsc#1005566) - CVE-2016-5624: Unspecified vulnerability in subcomponent DML (bsc#1005564) - CVE-2016-5616: Unspecified vulnerability in subcomponent MyISAM (bsc#1005562) - CVE-2016-5584: Unspecified vulnerability in subcomponent Encryption (bsc#1005558) - CVE-2016-3492: Unspecified vulnerability in subcomponent Optimizer (bsc#1005555) - CVE-2016-6663: Privilege Escalation / Race Condition (bsc#1001367) Bugfixes : - mysql_install_db can
    last seen2020-06-05
    modified2016-12-07
    plugin id95597
    published2016-12-07
    reporterThis script is Copyright (C) 2016-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/95597
    titleopenSUSE Security Update : mariadb (openSUSE-2016-1417)
  • NASL familySuSE Local Security Checks
    NASL idOPENSUSE-2016-1283.NASL
    descriptionmysql-community-server was updated to 5.6.34 to fix the following issues : - Changes http://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6- 34.html http://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6- 33.html http://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6- 32.html http://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6- 31.html - fixed CVEs: CVE-2016-6304, CVE-2016-6662, CVE-2016-7440, CVE-2016-5584, CVE-2016-5617, CVE-2016-5616, CVE-2016-5626, CVE-2016-3492, CVE-2016-5629, CVE-2016-5507, CVE-2016-8283, CVE-2016-5609, CVE-2016-5612, CVE-2016-5627, CVE-2016-5630, CVE-2016-8284, CVE-2016-8288, CVE-2016-3477, CVE-2016-2105, CVE-2016-3486, CVE-2016-3501, CVE-2016-3521, CVE-2016-3615, CVE-2016-3614, CVE-2016-3459, CVE-2016-5439, CVE-2016-5440 - fixes SUSE Bugs: [boo#999666], [boo#998309], [boo#1005581], [boo#1005558], [boo#1005563], [boo#1005562], [boo#1005566], [boo#1005555], [boo#1005569], [boo#1005557], [boo#1005582], [boo#1005560], [boo#1005561], [boo#1005567], [boo#1005570], [boo#1005583], [boo#1005586], [boo#989913], [boo#977614], [boo#989914], [boo#989915], [boo#989919], [boo#989922], [boo#989921], [boo#989911], [boo#989925], [boo#989926] - append
    last seen2020-06-05
    modified2016-11-11
    plugin id94694
    published2016-11-11
    reporterThis script is Copyright (C) 2016-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/94694
    titleopenSUSE Security Update : mysql-community-server (openSUSE-2016-1283)
  • NASL familySuSE Local Security Checks
    NASL idOPENSUSE-2016-1416.NASL
    descriptionThis mariadb update to version 10.0.28 fixes the following issues (bsc#1008318) : Security fixes : - CVE-2016-8283: Unspecified vulnerability in subcomponent Types (bsc#1005582) - CVE-2016-7440: Unspecified vulnerability in subcomponent Encryption (bsc#1005581) - CVE-2016-5629: Unspecified vulnerability in subcomponent Federated (bsc#1005569) - CVE-2016-5626: Unspecified vulnerability in subcomponent GIS (bsc#1005566) - CVE-2016-5624: Unspecified vulnerability in subcomponent DML (bsc#1005564) - CVE-2016-5616: Unspecified vulnerability in subcomponent MyISAM (bsc#1005562) - CVE-2016-5584: Unspecified vulnerability in subcomponent Encryption (bsc#1005558) - CVE-2016-3492: Unspecified vulnerability in subcomponent Optimizer (bsc#1005555) - CVE-2016-6663: Privilege Escalation / Race Condition (bsc#1001367) Bugfixes : - mariadb failing test sys_vars.optimizer_switch_basic (bsc#1003800) - Remove useless [email protected] (bsc#1004477) - Replace all occurrences of the string
    last seen2020-06-05
    modified2016-12-07
    plugin id95596
    published2016-12-07
    reporterThis script is Copyright (C) 2016-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/95596
    titleopenSUSE Security Update : mariadb (openSUSE-2016-1416)
  • NASL familyDatabases
    NASL idMYSQL_5_6_34.NASL
    descriptionThe version of MySQL running on the remote host is 5.6.x prior to 5.6.34. It is, therefore, affected by multiple vulnerabilities : - Multiple integer overflow conditions exist in s3_srvr.c, ssl_sess.c, and t1_lib.c due to improper use of pointer arithmetic for heap-buffer boundary checks. An unauthenticated, remote attacker can exploit this to cause a denial of service. (CVE-2016-2177) - An information disclosure vulnerability exists in the dsa_sign_setup() function in dsa_ossl.c due to a failure to properly ensure the use of constant-time operations. An unauthenticated, remote attacker can exploit this, via a timing side-channel attack, to disclose DSA key information. (CVE-2016-2178) - A denial of service vulnerability exists in the DTLS implementation due to a failure to properly restrict the lifetime of queue entries associated with unused out-of-order messages. An unauthenticated, remote attacker can exploit this, by maintaining multiple crafted DTLS sessions simultaneously, to exhaust memory. (CVE-2016-2179) - An out-of-bounds read error exists in the X.509 Public Key Infrastructure Time-Stamp Protocol (TSP) implementation. An unauthenticated, remote attacker can exploit this, via a crafted time-stamp file that is mishandled by the
    last seen2020-06-01
    modified2020-06-02
    plugin id94166
    published2016-10-20
    reporterThis script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/94166
    titleMySQL 5.6.x < 5.6.34 Multiple Vulnerabilities (October 2016 CPU) (SWEET32)

Redhat

advisories
  • rhsa
    idRHSA-2016:2130
  • rhsa
    idRHSA-2016:2131
  • rhsa
    idRHSA-2016:2595
  • rhsa
    idRHSA-2016:2749
  • rhsa
    idRHSA-2016:2927
  • rhsa
    idRHSA-2016:2928
rpms
  • mysql55-mysql-0:5.5.52-1.el6
  • mysql55-mysql-0:5.5.52-1.el7
  • mysql55-mysql-bench-0:5.5.52-1.el6
  • mysql55-mysql-bench-0:5.5.52-1.el7
  • mysql55-mysql-debuginfo-0:5.5.52-1.el6
  • mysql55-mysql-debuginfo-0:5.5.52-1.el7
  • mysql55-mysql-devel-0:5.5.52-1.el6
  • mysql55-mysql-devel-0:5.5.52-1.el7
  • mysql55-mysql-libs-0:5.5.52-1.el6
  • mysql55-mysql-libs-0:5.5.52-1.el7
  • mysql55-mysql-server-0:5.5.52-1.el6
  • mysql55-mysql-server-0:5.5.52-1.el7
  • mysql55-mysql-test-0:5.5.52-1.el6
  • mysql55-mysql-test-0:5.5.52-1.el7
  • mariadb55-mariadb-0:5.5.53-1.el6
  • mariadb55-mariadb-0:5.5.53-1.el7
  • mariadb55-mariadb-bench-0:5.5.53-1.el6
  • mariadb55-mariadb-bench-0:5.5.53-1.el7
  • mariadb55-mariadb-debuginfo-0:5.5.53-1.el6
  • mariadb55-mariadb-debuginfo-0:5.5.53-1.el7
  • mariadb55-mariadb-devel-0:5.5.53-1.el6
  • mariadb55-mariadb-devel-0:5.5.53-1.el7
  • mariadb55-mariadb-libs-0:5.5.53-1.el6
  • mariadb55-mariadb-libs-0:5.5.53-1.el7
  • mariadb55-mariadb-server-0:5.5.53-1.el6
  • mariadb55-mariadb-server-0:5.5.53-1.el7
  • mariadb55-mariadb-test-0:5.5.53-1.el6
  • mariadb55-mariadb-test-0:5.5.53-1.el7
  • mariadb-1:5.5.52-1.el7
  • mariadb-bench-1:5.5.52-1.el7
  • mariadb-debuginfo-1:5.5.52-1.el7
  • mariadb-devel-1:5.5.52-1.el7
  • mariadb-embedded-1:5.5.52-1.el7
  • mariadb-embedded-devel-1:5.5.52-1.el7
  • mariadb-libs-1:5.5.52-1.el7
  • mariadb-server-1:5.5.52-1.el7
  • mariadb-test-1:5.5.52-1.el7
  • rh-mysql56-mysql-0:5.6.34-2.el6
  • rh-mysql56-mysql-0:5.6.34-2.el7
  • rh-mysql56-mysql-bench-0:5.6.34-2.el6
  • rh-mysql56-mysql-bench-0:5.6.34-2.el7
  • rh-mysql56-mysql-common-0:5.6.34-2.el6
  • rh-mysql56-mysql-common-0:5.6.34-2.el7
  • rh-mysql56-mysql-config-0:5.6.34-2.el6
  • rh-mysql56-mysql-config-0:5.6.34-2.el7
  • rh-mysql56-mysql-debuginfo-0:5.6.34-2.el6
  • rh-mysql56-mysql-debuginfo-0:5.6.34-2.el7
  • rh-mysql56-mysql-devel-0:5.6.34-2.el6
  • rh-mysql56-mysql-devel-0:5.6.34-2.el7
  • rh-mysql56-mysql-errmsg-0:5.6.34-2.el6
  • rh-mysql56-mysql-errmsg-0:5.6.34-2.el7
  • rh-mysql56-mysql-server-0:5.6.34-2.el6
  • rh-mysql56-mysql-server-0:5.6.34-2.el7
  • rh-mysql56-mysql-test-0:5.6.34-2.el6
  • rh-mysql56-mysql-test-0:5.6.34-2.el7
  • rh-mariadb100-mariadb-1:10.0.28-5.el6
  • rh-mariadb100-mariadb-1:10.0.28-5.el7
  • rh-mariadb100-mariadb-bench-1:10.0.28-5.el6
  • rh-mariadb100-mariadb-bench-1:10.0.28-5.el7
  • rh-mariadb100-mariadb-common-1:10.0.28-5.el6
  • rh-mariadb100-mariadb-common-1:10.0.28-5.el7
  • rh-mariadb100-mariadb-config-1:10.0.28-5.el6
  • rh-mariadb100-mariadb-config-1:10.0.28-5.el7
  • rh-mariadb100-mariadb-debuginfo-1:10.0.28-5.el6
  • rh-mariadb100-mariadb-debuginfo-1:10.0.28-5.el7
  • rh-mariadb100-mariadb-devel-1:10.0.28-5.el6
  • rh-mariadb100-mariadb-devel-1:10.0.28-5.el7
  • rh-mariadb100-mariadb-errmsg-1:10.0.28-5.el6
  • rh-mariadb100-mariadb-errmsg-1:10.0.28-5.el7
  • rh-mariadb100-mariadb-oqgraph-engine-1:10.0.28-5.el6
  • rh-mariadb100-mariadb-oqgraph-engine-1:10.0.28-5.el7
  • rh-mariadb100-mariadb-server-1:10.0.28-5.el6
  • rh-mariadb100-mariadb-server-1:10.0.28-5.el7
  • rh-mariadb100-mariadb-test-1:10.0.28-5.el6
  • rh-mariadb100-mariadb-test-1:10.0.28-5.el7
  • rh-mariadb101-mariadb-1:10.1.19-6.el6
  • rh-mariadb101-mariadb-1:10.1.19-6.el7
  • rh-mariadb101-mariadb-bench-1:10.1.19-6.el6
  • rh-mariadb101-mariadb-bench-1:10.1.19-6.el7
  • rh-mariadb101-mariadb-common-1:10.1.19-6.el6
  • rh-mariadb101-mariadb-common-1:10.1.19-6.el7
  • rh-mariadb101-mariadb-config-1:10.1.19-6.el6
  • rh-mariadb101-mariadb-config-1:10.1.19-6.el7
  • rh-mariadb101-mariadb-debuginfo-1:10.1.19-6.el6
  • rh-mariadb101-mariadb-debuginfo-1:10.1.19-6.el7
  • rh-mariadb101-mariadb-devel-1:10.1.19-6.el6
  • rh-mariadb101-mariadb-devel-1:10.1.19-6.el7
  • rh-mariadb101-mariadb-errmsg-1:10.1.19-6.el6
  • rh-mariadb101-mariadb-errmsg-1:10.1.19-6.el7
  • rh-mariadb101-mariadb-oqgraph-engine-1:10.1.19-6.el6
  • rh-mariadb101-mariadb-oqgraph-engine-1:10.1.19-6.el7
  • rh-mariadb101-mariadb-server-1:10.1.19-6.el6
  • rh-mariadb101-mariadb-server-1:10.1.19-6.el7
  • rh-mariadb101-mariadb-server-galera-1:10.1.19-6.el6
  • rh-mariadb101-mariadb-server-galera-1:10.1.19-6.el7
  • rh-mariadb101-mariadb-test-1:10.1.19-6.el6
  • rh-mariadb101-mariadb-test-1:10.1.19-6.el7