Vulnerabilities > CVE-2017-3238
Summary
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.5.53 and earlier, 5.6.34 and earlier and 5.7.16 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS v3.0 Base Score 6.5 (Availability impacts).
Vulnerable Configurations
Nessus
NASL family Amazon Linux Local Security Checks NASL id ALA_ALAS-2017-790.NASL description The following security-related issues were fixed : CVE-2016-8318 Server: Security: Encryption unspecified vulnerability CVE-2016-8327 Server: Replication unspecified vulnerability CVE-2017-3238 Server: Optimizer unspecified vulnerability CVE-2017-3244 Server: DML unspecified vulnerability CVE-2017-3257 Server: InnoDB unspecified vulnerability CVE-2017-3258 Server: DDL unspecified vulnerability CVE-2017-3273 Server: DDL unspecified vulnerability CVE-2017-3313 Server: MyISAM unspecified vulnerability CVE-2017-3317 Logging unspecified vulnerability CVE-2017-3318 Server: Error Handling unspecified vulnerability last seen 2020-06-01 modified 2020-06-02 plugin id 96808 published 2017-01-27 reporter This script is Copyright (C) 2017-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/96808 title Amazon Linux AMI : mysql56 (ALAS-2017-790) NASL family Debian Local Security Checks NASL id DEBIAN_DSA-3767.NASL description Several issues have been discovered in the MySQL database server. The vulnerabilities are addressed by upgrading MySQL to the new upstream version 5.5.54, which includes additional changes, such as performance improvements, bug fixes, new features, and possibly incompatible changes. Please see the MySQL 5.5 Release Notes and Oracle last seen 2020-06-01 modified 2020-06-02 plugin id 96638 published 2017-01-20 reporter This script is Copyright (C) 2017-2018 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/96638 title Debian DSA-3767-1 : mysql-5.5 - security update NASL family Slackware Local Security Checks NASL id SLACKWARE_SSA_2017-018-01.NASL description New mariadb packages are available for Slackware 14.1, 14.2, and -current to fix security issues. last seen 2020-06-01 modified 2020-06-02 plugin id 96612 published 2017-01-19 reporter This script is Copyright (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/96612 title Slackware 14.1 / 14.2 / current : mariadb (SSA:2017-018-01) NASL family Oracle Linux Local Security Checks NASL id ORACLELINUX_ELSA-2017-2192.NASL description From Red Hat Security Advisory 2017:2192 : An update for mariadb is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. MariaDB is a multi-user, multi-threaded SQL database server that is binary compatible with MySQL. The following packages have been upgraded to a later upstream version: mariadb (5.5.56). (BZ#1458933) Security Fix(es) : * It was discovered that the mysql and mysqldump tools did not correctly handle database and table names containing newline characters. A database user with privileges to create databases or tables could cause the mysql command to execute arbitrary shell or SQL commands while restoring database backup created using the mysqldump tool. (CVE-2016-5483, CVE-2017-3600) * A flaw was found in the way the mysqld_safe script handled creation of error log file. The mysql operating system user could use this flaw to escalate their privileges to root. (CVE-2016-5617, CVE-2016-6664) * Multiple flaws were found in the way the MySQL init script handled initialization of the database data directory and permission setting on the error log file. The mysql operating system user could use these flaws to escalate their privileges to root. (CVE-2017-3265) * It was discovered that the mysqld_safe script honored the ledir option value set in a MySQL configuration file. A user able to modify one of the MySQL configuration files could use this flaw to escalate their privileges to root. (CVE-2017-3291) * Multiple flaws were found in the way the mysqld_safe script handled creation of error log file. The mysql operating system user could use these flaws to escalate their privileges to root. (CVE-2017-3312) * A flaw was found in the way MySQL client library (libmysqlclient) handled prepared statements when server connection was lost. A malicious server or a man-in-the-middle attacker could possibly use this flaw to crash an application using libmysqlclient. (CVE-2017-3302) * This update fixes several vulnerabilities in the MariaDB database server. Information about these flaws can be found on the Oracle Critical Patch Update Advisory page, listed in the References section. (CVE-2017-3238, CVE-2017-3243, CVE-2017-3244, CVE-2017-3258, CVE-2017-3308, CVE-2017-3309, CVE-2017-3313, CVE-2017-3317, CVE-2017-3318, CVE-2017-3453, CVE-2017-3456, CVE-2017-3464) Additional Changes : For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.4 Release Notes linked from the References section. last seen 2020-06-01 modified 2020-06-02 plugin id 102299 published 2017-08-09 reporter This script is Copyright (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/102299 title Oracle Linux 7 : mariadb (ELSA-2017-2192) NASL family SuSE Local Security Checks NASL id OPENSUSE-2017-258.NASL description mysql-community-server was updated to version 5.6.35 to fix bugs and security issues : - Changes http://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6- 35.html - Fixed CVEs: CVE-2016-8318 [boo#1020872], CVE-2017-3312 [boo#1020873], CVE-2017-3258 [boo#1020875], CVE-2017-3273 [boo#1020876], CVE-2017-3244 [boo#1020877], CVE-2017-3257 [boo#1020878], CVE-2017-3238 [boo#1020882], CVE-2017-3291 [boo#1020884], CVE-2017-3265 [boo#1020885], CVE-2017-3313 [boo#1020890], CVE-2016-8327 [boo#1020893], CVE-2017-3317 [boo#1020894], CVE-2017-3318 [boo#1020896] last seen 2020-06-05 modified 2017-02-21 plugin id 97278 published 2017-02-21 reporter This script is Copyright (C) 2017-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/97278 title openSUSE Security Update : mysql-community-server (openSUSE-2017-258) NASL family Fedora Local Security Checks NASL id FEDORA_2017-8425F676F2.NASL description **Rebase to 10.1.24** Plugin oqgraph enabled Plugin jemalloc enabled Sphinx engine enabled Build dependecies Bison and Libarchive added, others corrected Disabling Mroonga engine for i686 architecture, as it is not supported by MariaDB **Removed patches: (fixed by upstream)** Patch5: %{pkgnamepatch}-file-contents.patch Patch14: %{pkgnamepatch}-example-config-files.patch Patch31: %{pkgnamepatch}-string-overflow.patch Patch32: %{pkgnamepatch}-basedir.patch Patch41: %{pkgnamepatch}-galera-new-cluster-help.patch **CVEs fix** CVE-2017-3313 CVE-2017-3308 CVE-2017-3309 CVE-2017-3453 CVE-2017-3456 CVE-2017-3464 **Testsuite** Enabled last seen 2020-06-05 modified 2017-06-22 plugin id 100972 published 2017-06-22 reporter This script is Copyright (C) 2017-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/100972 title Fedora 24 : 3:mariadb (2017-8425f676f2) NASL family FreeBSD Local Security Checks NASL id FREEBSD_PKG_4D2F9D09DDB711E6A9A5B499BAEBFEAF.NASL description Oracle reports : No further details have been provided in the Critical Patch Update last seen 2020-06-01 modified 2020-06-02 plugin id 96618 published 2017-01-19 reporter This script is Copyright (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/96618 title FreeBSD : mysql -- multiple vulnerabilities (4d2f9d09-ddb7-11e6-a9a5-b499baebfeaf) NASL family Fedora Local Security Checks NASL id FEDORA_2017-801E01D1ED.NASL description Important change : - Most of the utilities were move to the new sub-package last seen 2020-06-05 modified 2017-02-09 plugin id 97069 published 2017-02-09 reporter This script is Copyright (C) 2017-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/97069 title Fedora 25 : 3:mariadb (2017-801e01d1ed) NASL family Debian Local Security Checks NASL id DEBIAN_DLA-797.NASL description Several issues have been discovered in the MySQL database server. The vulnerabilities are addressed by upgrading MySQL to the new upstream version 5.5.54, which includes additional changes, such as performance improvements, bug fixes, new features, and possibly incompatible changes. Please see the MySQL 5.5 Release Notes and Oracle last seen 2020-03-17 modified 2017-01-25 plugin id 96732 published 2017-01-25 reporter This script is Copyright (C) 2017-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/96732 title Debian DLA-797-1 : mysql-5.5 security update NASL family SuSE Local Security Checks NASL id SUSE_SU-2017-0412-1.NASL description This mariadb version update to 10.0.29 fixes the following issues : - CVE-2017-3318: unspecified vulnerability affecting Error Handling (bsc#1020896) - CVE-2017-3317: unspecified vulnerability affecting Logging (bsc#1020894) - CVE-2017-3312: insecure error log file handling in mysqld_safe, incomplete CVE-2016-6664 (bsc#1020873) - CVE-2017-3291: unrestricted mysqld_safe last seen 2020-06-01 modified 2020-06-02 plugin id 97064 published 2017-02-08 reporter This script is Copyright (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/97064 title SUSE SLED12 / SLES12 Security Update : mariadb (SUSE-SU-2017:0412-1) NASL family Gentoo Local Security Checks NASL id GENTOO_GLSA-201702-18.NASL description The remote host is affected by the vulnerability described in GLSA-201702-18 (MariaDB: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in MariaDB. Please review the CVE identifiers referenced below for details. Impact : An attacker could possibly escalate privileges, gain access to critical data or complete access to all MariaDB Server accessible data, or cause a Denial of Service condition via unspecified vectors. Workaround : There is no known workaround at this time. last seen 2020-06-01 modified 2020-06-02 plugin id 97261 published 2017-02-21 reporter This script is Copyright (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/97261 title GLSA-201702-18 : MariaDB: Multiple vulnerabilities NASL family SuSE Local Security Checks NASL id SUSE_SU-2017-0411-1.NASL description This mariadb version update to 10.0.29 fixes the following issues : - CVE-2017-3318: unspecified vulnerability affecting Error Handling (bsc#1020896) - CVE-2017-3317: unspecified vulnerability affecting Logging (bsc#1020894) - CVE-2017-3312: insecure error log file handling in mysqld_safe, incomplete CVE-2016-6664 (bsc#1020873) - CVE-2017-3291: unrestricted mysqld_safe last seen 2020-06-01 modified 2020-06-02 plugin id 97063 published 2017-02-08 reporter This script is Copyright (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/97063 title SUSE SLES12 Security Update : mariadb (SUSE-SU-2017:0411-1) NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2017-2192.NASL description An update for mariadb is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. MariaDB is a multi-user, multi-threaded SQL database server that is binary compatible with MySQL. The following packages have been upgraded to a later upstream version: mariadb (5.5.56). (BZ#1458933) Security Fix(es) : * It was discovered that the mysql and mysqldump tools did not correctly handle database and table names containing newline characters. A database user with privileges to create databases or tables could cause the mysql command to execute arbitrary shell or SQL commands while restoring database backup created using the mysqldump tool. (CVE-2016-5483, CVE-2017-3600) * A flaw was found in the way the mysqld_safe script handled creation of error log file. The mysql operating system user could use this flaw to escalate their privileges to root. (CVE-2016-5617, CVE-2016-6664) * Multiple flaws were found in the way the MySQL init script handled initialization of the database data directory and permission setting on the error log file. The mysql operating system user could use these flaws to escalate their privileges to root. (CVE-2017-3265) * It was discovered that the mysqld_safe script honored the ledir option value set in a MySQL configuration file. A user able to modify one of the MySQL configuration files could use this flaw to escalate their privileges to root. (CVE-2017-3291) * Multiple flaws were found in the way the mysqld_safe script handled creation of error log file. The mysql operating system user could use these flaws to escalate their privileges to root. (CVE-2017-3312) * A flaw was found in the way MySQL client library (libmysqlclient) handled prepared statements when server connection was lost. A malicious server or a man-in-the-middle attacker could possibly use this flaw to crash an application using libmysqlclient. (CVE-2017-3302) * This update fixes several vulnerabilities in the MariaDB database server. Information about these flaws can be found on the Oracle Critical Patch Update Advisory page, listed in the References section. (CVE-2017-3238, CVE-2017-3243, CVE-2017-3244, CVE-2017-3258, CVE-2017-3308, CVE-2017-3309, CVE-2017-3313, CVE-2017-3317, CVE-2017-3318, CVE-2017-3453, CVE-2017-3456, CVE-2017-3464) Additional Changes : For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.4 Release Notes linked from the References section. last seen 2020-06-01 modified 2020-06-02 plugin id 102152 published 2017-08-03 reporter This script is Copyright (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/102152 title RHEL 7 : mariadb (RHSA-2017:2192) NASL family Ubuntu Local Security Checks NASL id UBUNTU_USN-3174-1.NASL description Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to 5.5.54 in Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. Ubuntu 16.04 LTS and Ubuntu 16.10 have been updated to MySQL 5.7.17. In addition to security fixes, the updated packages contain bug fixes, new features, and possibly incompatible changes. Please see the following for more information: http://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-54.html http://dev.mysql.com/doc/relnotes/mysql/5.7/en/news-5-7-17.html http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727 .html. Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 96656 published 2017-01-20 reporter Ubuntu Security Notice (C) 2017-2019 Canonical, Inc. / NASL script (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/96656 title Ubuntu 12.04 LTS / 14.04 LTS / 16.04 LTS / 16.10 : mysql-5.5, mysql-5.7 vulnerabilities (USN-3174-1) NASL family Debian Local Security Checks NASL id DEBIAN_DSA-3770.NASL description Several issues have been discovered in the MariaDB database server. The vulnerabilities are addressed by upgrading MariaDB to the new upstream version 10.0.29. Please see the MariaDB 10.0 Release Notes for further details : - https://mariadb.com/kb/en/mariadb/mariadb-10029-release- notes/ last seen 2020-06-01 modified 2020-06-02 plugin id 96669 published 2017-01-23 reporter This script is Copyright (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/96669 title Debian DSA-3770-1 : mariadb-10.0 - security update NASL family Huawei Local Security Checks NASL id EULEROS_SA-2017-1169.NASL description According to the versions of the mariadb packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - It was discovered that the mysql and mysqldump tools did not correctly handle database and table names containing newline characters. A database user with privileges to create databases or tables could cause the mysql command to execute arbitrary shell or SQL commands while restoring database backup created using the mysqldump tool. (CVE-2016-5483, CVE-2017-3600) - A flaw was found in the way the mysqld_safe script handled creation of error log file. The mysql operating system user could use this flaw to escalate their privileges to root. (CVE-2016-5617, CVE-2016-6664) - Multiple flaws were found in the way the MySQL init script handled initialization of the database data directory and permission setting on the error log file. The mysql operating system user could use these flaws to escalate their privileges to root. (CVE-2017-3265) - It was discovered that the mysqld_safe script honored the ledir option value set in a MySQL configuration file. A user able to modify one of the MySQL configuration files could use this flaw to escalate their privileges to root. (CVE-2017-3291) - Multiple flaws were found in the way the mysqld_safe script handled creation of error log file. The mysql operating system user could use these flaws to escalate their privileges to root. (CVE-2017-3312) - A flaw was found in the way MySQL client library (libmysqlclient) handled prepared statements when server connection was lost. A malicious server or a man-in-the-middle attacker could possibly use this flaw to crash an application using libmysqlclient. (CVE-2017-3302) - This update fixes several vulnerabilities in the MariaDB database server. Information about these flaws can be found on the Oracle Critical Patch Update Advisory page, listed in the References section. (CVE-2017-3238, CVE-2017-3243, CVE-2017-3244, CVE-2017-3258, CVE-2017-3308, CVE-2017-3309, CVE-2017-3313, CVE-2017-3317, CVE-2017-3318, CVE-2017-3453, CVE-2017-3456, CVE-2017-3464) Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-05-06 modified 2017-09-08 plugin id 103007 published 2017-09-08 reporter This script is Copyright (C) 2017-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/103007 title EulerOS 2.0 SP1 : mariadb (EulerOS-SA-2017-1169) NASL family Databases NASL id MYSQL_5_5_54.NASL description The version of MySQL running on the remote host is 5.5.x prior to 5.5.54. It is, therefore, affected by multiple vulnerabilities : - An unspecified flaw exists in the Optimizer subcomponent that allows an authenticated, remote attacker to cause a denial of service condition. (CVE-2017-3238) - An unspecified flaw exists in the Charsets subcomponent that allows an authenticated, remote attacker to cause a denial of service condition. (CVE-2017-3243) - An unspecified flaw exists in the DML subcomponent that allows an authenticated, remote attacker to cause a denial of service condition. (CVE-2017-3244) - An unspecified flaw exists in the DDL subcomponent that allows an authenticated, remote attacker to cause a denial of service condition. (CVE-2017-3258) - An unspecified flaw exists in the Packaging subcomponent that allows a local attacker to impact confidentiality and availability. (CVE-2017-3265) - Multiple unspecified flaws exist in the Packaging subcomponent that allow a local attacker to gain elevated privileges. (CVE-2017-3291, CVE-2017-3312) - An unspecified flaw exists in the MyISAM subcomponent that allows a local attacker to disclose sensitive information. (CVE-2017-3313) - An unspecified flaw exists in the Logging subcomponent that allows a local attacker to cause a denial of service condition. (CVE-2017-3317) - An unspecified flaw exists in the Error Handling subcomponent that allows a local attacker to disclose sensitive information. (CVE-2017-3318) - A local privilege escalation vulnerability exists in the mysqld_safe component due to unsafe use of the last seen 2020-06-01 modified 2020-06-02 plugin id 95876 published 2016-12-15 reporter This script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/95876 title MySQL 5.5.x < 5.5.54 Multiple Vulnerabilities (January 2017 CPU) NASL family SuSE Local Security Checks NASL id SUSE_SU-2017-0408-1.NASL description This mysql version update to 5.5.54 fixes the following issues : - CVE-2017-3318: Unspecified vulnerability affecting Error Handling (bsc#1020896) - CVE-2017-3317: Unspecified vulnerability affecting Logging (bsc#1020894) - CVE-2017-3313: Unspecified vulnerability affecting the MyISAM component (bsc#1020890) - CVE-2017-3312: Insecure error log file handling in mysqld_safe, incomplete CVE-2016-6664 (bsc#1020873) - CVE-2017-3291: Unrestricted mysqld_safe last seen 2020-06-01 modified 2020-06-02 plugin id 97046 published 2017-02-07 reporter This script is Copyright (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/97046 title SUSE SLES11 Security Update : mysql (SUSE-SU-2017:0408-1) NASL family Databases NASL id MYSQL_5_7_17_RPM.NASL description The version of MySQL running on the remote host is 5.7.x prior to 5.7.17. It is, therefore, affected by multiple vulnerabilities : - An unspecified flaw exists in the Security: Encryption subcomponent that allows an authenticated, remote attacker to cause a denial of service condition. (CVE-2016-8318) - An unspecified flaw exists in the Replication subcomponent that allows an authenticated, remote attacker to cause a denial of service condition. (CVE-2016-8327) - Multiple unspecified flaws exist in the Optimizer subcomponent that allow an authenticated, remote attacker to cause a denial of service condition. (CVE-2017-3238, CVE-2017-3251) - An unspecified flaw exists in the DML subcomponent that allows an authenticated, remote attacker to cause a denial of service condition. (CVE-2017-3244) - An unspecified flaw exists in the Replication subcomponent that allows an authenticated, remote attacker to cause a denial of service condition. (CVE-2017-3256) - An unspecified flaw exists in the InnoDB subcomponent that allows an authenticated, remote attacker to cause a denial of service condition. (CVE-2017-3257) - An unspecified flaw exists in the DDL subcomponent that allows an authenticated, remote attacker to cause a denial of service condition. (CVE-2017-3258) - An unspecified flaw exists in the Packaging subcomponent that allows a local attacker to impact confidentiality and availability. (CVE-2017-3265) - An unspecified flaw exists in the DDL subcomponent that allows an authenticated, remote attacker to cause a denial of service condition. (CVE-2017-3273) - Multiple unspecified flaws exist in the Packaging subcomponent that allow a local attacker to gain elevated privileges. (CVE-2017-3291, CVE-2017-3312) - An unspecified flaw exists in the MyISAM subcomponent that allows a local attacker to disclose sensitive information. (CVE-2017-3313) - An unspecified flaw exists in the Logging subcomponent that allows a local attacker to cause a denial of service condition. (CVE-2017-3317) - An unspecified flaw exists in the Error Handling subcomponent that allows a local attacker to disclose sensitive information. (CVE-2017-3318) - An unspecified flaw exists in the X Plugin subcomponent that allows an authenticated, remote attacker to disclose sensitive information. (CVE-2017-3319) - An unspecified flaw exists in the Security: Encryption subcomponent that allows an authenticated, remote attacker to disclose sensitive information. (CVE-2017-3320) - An unspecified flaw exists in the X Plugin subcomponent that allows an authenticated, remote attacker to cause a denial of service condition. (CVE-2017-3646) - A local privilege escalation vulnerability exists in the mysqld_safe component due to unsafe use of the last seen 2020-06-04 modified 2016-12-15 plugin id 95881 published 2016-12-15 reporter This script is Copyright (C) 2016-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/95881 title MySQL 5.7.x < 5.7.17 Multiple Vulnerabilities (January 2017 CPU) (July 2017 CPU) NASL family Databases NASL id MYSQL_5_6_35_RPM.NASL description The version of MySQL running on the remote host is 5.6.x prior to 5.6.35. It is, therefore, affected by multiple vulnerabilities : - An unspecified flaw exists in the Security: Encryption subcomponent that allows an authenticated, remote attacker to cause a denial of service condition. (CVE-2016-8318) - An unspecified flaw exists in the Replication subcomponent that allows an authenticated, remote attacker to cause a denial of service condition. (CVE-2016-8327) - An unspecified flaw exists in the Optimizer subcomponent that allows an authenticated, remote attacker to cause a denial of service condition. (CVE-2017-3238) - An unspecified flaw exists in the DML subcomponent that allows an authenticated, remote attacker to cause a denial of service condition. (CVE-2017-3244) - An unspecified flaw exists in the InnoDB subcomponent that allows an authenticated, remote attacker to cause a denial of service condition. (CVE-2017-3257) - An unspecified flaw exists in the DDL subcomponent that allows an authenticated, remote attacker to cause a denial of service condition. (CVE-2017-3258) - An unspecified flaw exists in the Packaging subcomponent that allows a local attacker to impact confidentiality and availability. (CVE-2017-3265) - An unspecified flaw exists in the DDL subcomponent that allows an authenticated, remote attacker to cause a denial of service condition. (CVE-2017-3273) - Multiple unspecified flaws exist in the Packaging subcomponent that allow a local attacker to gain elevated privileges. (CVE-2017-3291, CVE-2017-3312) - An unspecified flaw exists in the MyISAM subcomponent that allows a local attacker to disclose sensitive information. (CVE-2017-3313) - An unspecified flaw exists in the Logging subcomponent that allows a local attacker to cause a denial of service condition. (CVE-2017-3317) - An unspecified flaw exists in the Error Handling subcomponent that allows a local attacker to disclose sensitive information. (CVE-2017-3318) - A local privilege escalation vulnerability exists in the mysqld_safe component due to unsafe use of the last seen 2020-06-04 modified 2016-12-15 plugin id 95879 published 2016-12-15 reporter This script is Copyright (C) 2016-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/95879 title MySQL 5.6.x < 5.6.35 Multiple Vulnerabilities (January 2017 CPU) NASL family Fedora Local Security Checks NASL id FEDORA_2017-09DD8907DA.NASL description **Rebase to 10.1.24** Plugin oqgraph enabled Plugin jemalloc enabled Sphinx engine enabled Build dependecies Bison and Libarchive added, others corrected Disabling Mroonga engine for i686 architecture, as it is not supported by MariaDB **Removed patches: (fixed by upstream)** Patch5: %{pkgnamepatch}-file-contents.patch Patch14: %{pkgnamepatch}-example-config-files.patch Patch31: %{pkgnamepatch}-string-overflow.patch Patch32: %{pkgnamepatch}-basedir.patch Patch41: %{pkgnamepatch}-galera-new-cluster-help.patch **CVEs fix** CVE-2017-3313 CVE-2017-3308 CVE-2017-3309 CVE-2017-3453 CVE-2017-3456 CVE-2017-3464 **Testsuite** Enabled last seen 2020-06-05 modified 2017-07-17 plugin id 101568 published 2017-07-17 reporter This script is Copyright (C) 2017-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/101568 title Fedora 26 : 3:mariadb (2017-09dd8907da) NASL family SuSE Local Security Checks NASL id OPENSUSE-2017-315.NASL description mysql-community-server was updated to version 5.6.35 to fix bugs and security issues : - Changes http://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6- 35.html - Fixed CVEs: CVE-2016-8318 [boo#1020872], CVE-2017-3312 [boo#1020873], CVE-2017-3258 [boo#1020875], CVE-2017-3273 [boo#1020876], CVE-2017-3244 [boo#1020877], CVE-2017-3257 [boo#1020878], CVE-2017-3238 [boo#1020882], CVE-2017-3291 [boo#1020884], CVE-2017-3265 [boo#1020885], CVE-2017-3313 [boo#1020890], CVE-2016-8327 [boo#1020893], CVE-2017-3317 [boo#1020894], CVE-2017-3318 [boo#1020896] last seen 2020-06-05 modified 2017-03-07 plugin id 97569 published 2017-03-07 reporter This script is Copyright (C) 2017-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/97569 title openSUSE Security Update : mysql-community-server (openSUSE-2017-315) NASL family Fedora Local Security Checks NASL id FEDORA_2017-2C0609B92A.NASL description **Rebase to 10.1.24** Plugin oqgraph enabled Plugin jemalloc enabled Sphinx engine enabled Build dependecies Bison and Libarchive added, others corrected Disabling Mroonga engine for i686 architecture, as it is not supported by MariaDB **Removed patches: (fixed by upstream)** Patch5: %{pkgnamepatch}-file-contents.patch Patch14: %{pkgnamepatch}-example-config-files.patch Patch31: %{pkgnamepatch}-string-overflow.patch Patch32: %{pkgnamepatch}-basedir.patch Patch41: %{pkgnamepatch}-galera-new-cluster-help.patch **CVEs fix** CVE-2017-3313 CVE-2017-3308 CVE-2017-3309 CVE-2017-3453 CVE-2017-3456 CVE-2017-3464 **Testsuite** Enabled last seen 2020-06-05 modified 2017-06-19 plugin id 100857 published 2017-06-19 reporter This script is Copyright (C) 2017-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/100857 title Fedora 25 : 3:mariadb (2017-2c0609b92a) NASL family SuSE Local Security Checks NASL id OPENSUSE-2017-257.NASL description This mariadb version update to 10.0.29 fixes the following issues : - CVE-2017-3318: unspecified vulnerability affecting Error Handling (bsc#1020896) - CVE-2017-3317: unspecified vulnerability affecting Logging (bsc#1020894) - CVE-2017-3312: insecure error log file handling in mysqld_safe, incomplete CVE-2016-6664 (bsc#1020873) - CVE-2017-3291: unrestricted mysqld_safe last seen 2020-06-05 modified 2017-02-21 plugin id 97277 published 2017-02-21 reporter This script is Copyright (C) 2017-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/97277 title openSUSE Security Update : mariadb (openSUSE-2017-257) NASL family Amazon Linux Local Security Checks NASL id ALA_ALAS-2017-789.NASL description The following security-related issues were fixed : CVE-2017-3238 Server: Optimizer unspecified vulnerability CVE-2017-3243 Server: Charsets unspecified vulnerability CVE-2017-3244 Server: DML unspecified vulnerability CVE-2017-3258 Server: DDL unspecified vulnerability CVE-2017-3313 Server: MyISAM unspecified vulnerability CVE-2017-3317 Logging unspecified vulnerability CVE-2017-3318 Server: Error Handling unspecified vulnerability last seen 2020-06-01 modified 2020-06-02 plugin id 96807 published 2017-01-27 reporter This script is Copyright (C) 2017-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/96807 title Amazon Linux AMI : mysql55 (ALAS-2017-789) NASL family CentOS Local Security Checks NASL id CENTOS_RHSA-2017-2192.NASL description An update for mariadb is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. MariaDB is a multi-user, multi-threaded SQL database server that is binary compatible with MySQL. The following packages have been upgraded to a later upstream version: mariadb (5.5.56). (BZ#1458933) Security Fix(es) : * It was discovered that the mysql and mysqldump tools did not correctly handle database and table names containing newline characters. A database user with privileges to create databases or tables could cause the mysql command to execute arbitrary shell or SQL commands while restoring database backup created using the mysqldump tool. (CVE-2016-5483, CVE-2017-3600) * A flaw was found in the way the mysqld_safe script handled creation of error log file. The mysql operating system user could use this flaw to escalate their privileges to root. (CVE-2016-5617, CVE-2016-6664) * Multiple flaws were found in the way the MySQL init script handled initialization of the database data directory and permission setting on the error log file. The mysql operating system user could use these flaws to escalate their privileges to root. (CVE-2017-3265) * It was discovered that the mysqld_safe script honored the ledir option value set in a MySQL configuration file. A user able to modify one of the MySQL configuration files could use this flaw to escalate their privileges to root. (CVE-2017-3291) * Multiple flaws were found in the way the mysqld_safe script handled creation of error log file. The mysql operating system user could use these flaws to escalate their privileges to root. (CVE-2017-3312) * A flaw was found in the way MySQL client library (libmysqlclient) handled prepared statements when server connection was lost. A malicious server or a man-in-the-middle attacker could possibly use this flaw to crash an application using libmysqlclient. (CVE-2017-3302) * This update fixes several vulnerabilities in the MariaDB database server. Information about these flaws can be found on the Oracle Critical Patch Update Advisory page, listed in the References section. (CVE-2017-3238, CVE-2017-3243, CVE-2017-3244, CVE-2017-3258, CVE-2017-3308, CVE-2017-3309, CVE-2017-3313, CVE-2017-3317, CVE-2017-3318, CVE-2017-3453, CVE-2017-3456, CVE-2017-3464) Additional Changes : For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.4 Release Notes linked from the References section. last seen 2020-06-01 modified 2020-06-02 plugin id 102755 published 2017-08-25 reporter This script is Copyright (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/102755 title CentOS 7 : mariadb (CESA-2017:2192) NASL family Gentoo Local Security Checks NASL id GENTOO_GLSA-201702-17.NASL description The remote host is affected by the vulnerability described in GLSA-201702-17 (MySQL: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in MySQL. Please review the CVE identifiers referenced below for details. Impact : An attacker could possibly escalate privileges, gain access to critical data or complete access to all MySQL server accessible data, or cause a Denial of Service condition via unspecified vectors. Workaround : There is no known workaround at this time. last seen 2020-06-01 modified 2020-06-02 plugin id 97260 published 2017-02-21 reporter This script is Copyright (C) 2017 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/97260 title GLSA-201702-17 : MySQL: Multiple vulnerabilities NASL family Databases NASL id MYSQL_5_7_17.NASL description The version of MySQL running on the remote host is 5.7.x prior to 5.7.17. It is, therefore, affected by multiple vulnerabilities : - An unspecified flaw exists in the Security: Encryption subcomponent that allows an authenticated, remote attacker to cause a denial of service condition. (CVE-2016-8318) - An unspecified flaw exists in the Replication subcomponent that allows an authenticated, remote attacker to cause a denial of service condition. (CVE-2016-8327) - Multiple unspecified flaws exist in the Optimizer subcomponent that allow an authenticated, remote attacker to cause a denial of service condition. (CVE-2017-3238, CVE-2017-3251) - An unspecified flaw exists in the DML subcomponent that allows an authenticated, remote attacker to cause a denial of service condition. (CVE-2017-3244) - An unspecified flaw exists in the Replication subcomponent that allows an authenticated, remote attacker to cause a denial of service condition. (CVE-2017-3256) - An unspecified flaw exists in the InnoDB subcomponent that allows an authenticated, remote attacker to cause a denial of service condition. (CVE-2017-3257) - An unspecified flaw exists in the DDL subcomponent that allows an authenticated, remote attacker to cause a denial of service condition. (CVE-2017-3258) - An unspecified flaw exists in the Packaging subcomponent that allows a local attacker to impact confidentiality and availability. (CVE-2017-3265) - An unspecified flaw exists in the DDL subcomponent that allows an authenticated, remote attacker to cause a denial of service condition. (CVE-2017-3273) - Multiple unspecified flaws exist in the Packaging subcomponent that allow a local attacker to gain elevated privileges. (CVE-2017-3291, CVE-2017-3312) - An unspecified flaw exists in the MyISAM subcomponent that allows a local attacker to disclose sensitive information. (CVE-2017-3313) - An unspecified flaw exists in the Logging subcomponent that allows a local attacker to cause a denial of service condition. (CVE-2017-3317) - An unspecified flaw exists in the Error Handling subcomponent that allows a local attacker to disclose sensitive information. (CVE-2017-3318) - An unspecified flaw exists in the X Plugin subcomponent that allows an authenticated, remote attacker to disclose sensitive information. (CVE-2017-3319) - An unspecified flaw exists in the Security: Encryption subcomponent that allows an authenticated, remote attacker to disclose sensitive information. (CVE-2017-3320) - An unspecified flaw exists in the X Plugin subcomponent that allows an authenticated, remote attacker to cause a denial of service condition. (CVE-2017-3646) - A local privilege escalation vulnerability exists in the mysqld_safe component due to unsafe use of the last seen 2020-06-01 modified 2020-06-02 plugin id 95880 published 2016-12-15 reporter This script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/95880 title MySQL 5.7.x < 5.7.17 Multiple Vulnerabilities (January 2017 CPU) (July 2017 CPU) NASL family Databases NASL id MYSQL_5_6_35.NASL description The version of MySQL running on the remote host is 5.6.x prior to 5.6.35. It is, therefore, affected by multiple vulnerabilities : - An unspecified flaw exists in the Security: Encryption subcomponent that allows an authenticated, remote attacker to cause a denial of service condition. (CVE-2016-8318) - An unspecified flaw exists in the Replication subcomponent that allows an authenticated, remote attacker to cause a denial of service condition. (CVE-2016-8327) - An unspecified flaw exists in the Optimizer subcomponent that allows an authenticated, remote attacker to cause a denial of service condition. (CVE-2017-3238) - An unspecified flaw exists in the DML subcomponent that allows an authenticated, remote attacker to cause a denial of service condition. (CVE-2017-3244) - An unspecified flaw exists in the InnoDB subcomponent that allows an authenticated, remote attacker to cause a denial of service condition. (CVE-2017-3257) - An unspecified flaw exists in the DDL subcomponent that allows an authenticated, remote attacker to cause a denial of service condition. (CVE-2017-3258) - An unspecified flaw exists in the Packaging subcomponent that allows a local attacker to impact confidentiality and availability. (CVE-2017-3265) - An unspecified flaw exists in the DDL subcomponent that allows an authenticated, remote attacker to cause a denial of service condition. (CVE-2017-3273) - Multiple unspecified flaws exist in the Packaging subcomponent that allow a local attacker to gain elevated privileges. (CVE-2017-3291, CVE-2017-3312) - An unspecified flaw exists in the MyISAM subcomponent that allows a local attacker to disclose sensitive information. (CVE-2017-3313) - An unspecified flaw exists in the Logging subcomponent that allows a local attacker to cause a denial of service condition. (CVE-2017-3317) - An unspecified flaw exists in the Error Handling subcomponent that allows a local attacker to disclose sensitive information. (CVE-2017-3318) - A local privilege escalation vulnerability exists in the mysqld_safe component due to unsafe use of the last seen 2020-06-01 modified 2020-06-02 plugin id 95878 published 2016-12-15 reporter This script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/95878 title MySQL 5.6.x < 5.6.35 Multiple Vulnerabilities (January 2017 CPU) NASL family Fedora Local Security Checks NASL id FEDORA_2017-0F44F2B8C8.NASL description Important change : - most of the utilities were move to the new sub-package last seen 2020-06-05 modified 2017-02-15 plugin id 97160 published 2017-02-15 reporter This script is Copyright (C) 2017-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/97160 title Fedora 24 : 3:mariadb (2017-0f44f2b8c8) NASL family Databases NASL id MYSQL_5_5_54_RPM.NASL description The version of MySQL running on the remote host is 5.5.x prior to 5.5.54. It is, therefore, affected by multiple vulnerabilities : - An unspecified flaw exists in the Optimizer subcomponent that allows an authenticated, remote attacker to cause a denial of service condition. (CVE-2017-3238) - An unspecified flaw exists in the Charsets subcomponent that allows an authenticated, remote attacker to cause a denial of service condition. (CVE-2017-3243) - An unspecified flaw exists in the DML subcomponent that allows an authenticated, remote attacker to cause a denial of service condition. (CVE-2017-3244) - An unspecified flaw exists in the DDL subcomponent that allows an authenticated, remote attacker to cause a denial of service condition. (CVE-2017-3258) - An unspecified flaw exists in the Packaging subcomponent that allows a local attacker to impact confidentiality and availability. (CVE-2017-3265) - Multiple unspecified flaws exist in the Packaging subcomponent that allow a local attacker to gain elevated privileges. (CVE-2017-3291, CVE-2017-3312) - An unspecified flaw exists in the MyISAM subcomponent that allows a local attacker to disclose sensitive information. (CVE-2017-3313) - An unspecified flaw exists in the Logging subcomponent that allows a local attacker to cause a denial of service condition. (CVE-2017-3317) - An unspecified flaw exists in the Error Handling subcomponent that allows a local attacker to disclose sensitive information. (CVE-2017-3318) - A local privilege escalation vulnerability exists in the mysqld_safe component due to unsafe use of the last seen 2020-06-04 modified 2016-12-15 plugin id 95877 published 2016-12-15 reporter This script is Copyright (C) 2016-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/95877 title MySQL 5.5.x < 5.5.54 Multiple Vulnerabilities (January 2017 CPU) NASL family Huawei Local Security Checks NASL id EULEROS_SA-2017-1170.NASL description According to the versions of the mariadb packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - It was discovered that the mysql and mysqldump tools did not correctly handle database and table names containing newline characters. A database user with privileges to create databases or tables could cause the mysql command to execute arbitrary shell or SQL commands while restoring database backup created using the mysqldump tool. (CVE-2016-5483, CVE-2017-3600) - A flaw was found in the way the mysqld_safe script handled creation of error log file. The mysql operating system user could use this flaw to escalate their privileges to root. (CVE-2016-5617, CVE-2016-6664) - Multiple flaws were found in the way the MySQL init script handled initialization of the database data directory and permission setting on the error log file. The mysql operating system user could use these flaws to escalate their privileges to root. (CVE-2017-3265) - It was discovered that the mysqld_safe script honored the ledir option value set in a MySQL configuration file. A user able to modify one of the MySQL configuration files could use this flaw to escalate their privileges to root. (CVE-2017-3291) - Multiple flaws were found in the way the mysqld_safe script handled creation of error log file. The mysql operating system user could use these flaws to escalate their privileges to root. (CVE-2017-3312) - A flaw was found in the way MySQL client library (libmysqlclient) handled prepared statements when server connection was lost. A malicious server or a man-in-the-middle attacker could possibly use this flaw to crash an application using libmysqlclient. (CVE-2017-3302) - This update fixes several vulnerabilities in the MariaDB database server. Information about these flaws can be found on the Oracle Critical Patch Update Advisory page, listed in the References section. (CVE-2017-3238, CVE-2017-3243, CVE-2017-3244, CVE-2017-3258, CVE-2017-3308, CVE-2017-3309, CVE-2017-3313, CVE-2017-3317, CVE-2017-3318, CVE-2017-3453, CVE-2017-3456, CVE-2017-3464) Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-05-06 modified 2017-09-08 plugin id 103008 published 2017-09-08 reporter This script is Copyright (C) 2017-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/103008 title EulerOS 2.0 SP2 : mariadb (EulerOS-SA-2017-1170) NASL family Scientific Linux Local Security Checks NASL id SL_20170801_MARIADB_ON_SL7_X.NASL description The following packages have been upgraded to a later upstream version: mariadb (5.5.56). Security Fix(es) : - It was discovered that the mysql and mysqldump tools did not correctly handle database and table names containing newline characters. A database user with privileges to create databases or tables could cause the mysql command to execute arbitrary shell or SQL commands while restoring database backup created using the mysqldump tool. (CVE-2016-5483, CVE-2017-3600) - A flaw was found in the way the mysqld_safe script handled creation of error log file. The mysql operating system user could use this flaw to escalate their privileges to root. (CVE-2016-5617, CVE-2016-6664) - Multiple flaws were found in the way the MySQL init script handled initialization of the database data directory and permission setting on the error log file. The mysql operating system user could use these flaws to escalate their privileges to root. (CVE-2017-3265) - It was discovered that the mysqld_safe script honored the ledir option value set in a MySQL configuration file. A user able to modify one of the MySQL configuration files could use this flaw to escalate their privileges to root. (CVE-2017-3291) - Multiple flaws were found in the way the mysqld_safe script handled creation of error log file. The mysql operating system user could use these flaws to escalate their privileges to root. (CVE-2017-3312) - A flaw was found in the way MySQL client library (libmysqlclient) handled prepared statements when server connection was lost. A malicious server or a man-in-the-middle attacker could possibly use this flaw to crash an application using libmysqlclient. (CVE-2017-3302) (CVE-2017-3238, CVE-2017-3243, CVE-2017-3244, CVE-2017-3258, CVE-2017-3308, CVE-2017-3309, CVE-2017-3313, CVE-2017-3317, CVE-2017-3318, CVE-2017-3453, CVE-2017-3456, CVE-2017-3464) last seen 2020-03-18 modified 2017-08-22 plugin id 102648 published 2017-08-22 reporter This script is Copyright (C) 2017-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/102648 title Scientific Linux Security Update : mariadb on SL7.x x86_64 (20170801)
Redhat
advisories |
| ||||||||||||||||||||
rpms |
|
References
- http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html
- http://www.securityfocus.com/bid/95571
- https://security.gentoo.org/glsa/201702-18
- https://security.gentoo.org/glsa/201702-17
- http://www.securitytracker.com/id/1037640
- http://www.debian.org/security/2017/dsa-3770
- http://www.debian.org/security/2017/dsa-3767
- https://access.redhat.com/errata/RHSA-2017:2886
- https://access.redhat.com/errata/RHSA-2017:2787
- https://access.redhat.com/errata/RHSA-2017:2192
- https://access.redhat.com/errata/RHSA-2018:0279
- https://access.redhat.com/errata/RHSA-2018:0574