Vulnerabilities > CVE-2018-2612

047910
CVSS 6.5 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
HIGH
Confidentiality impact
NONE
Integrity impact
HIGH
Availability impact
HIGH
network
low complexity
oracle
mariadb
netapp
canonical
debian
nessus

Summary

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.6.38 and prior and 5.7.20 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all MySQL Server accessible data and unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H).

Vulnerable Configurations

Part Description Count
Application
Oracle
60
Application
Mariadb
78
Application
Netapp
11
OS
Canonical
3
OS
Debian
2

Nessus

  • NASL familyPhotonOS Local Security Checks
    NASL idPHOTONOS_PHSA-2018-2_0-0037.NASL
    descriptionAn update of {'mercurial', 'python2', 'zsh', 'pycrypto', 'patch', 'binutils', 'paramiko', 'httpd', 'mysql', 'xerces-c', 'util-linux', 'net-snmp', 'python3', 'sqlite'} packages of Photon OS has been released.
    last seen2019-02-21
    modified2019-02-07
    plugin id111297
    published2018-07-24
    reporterTenable
    sourcehttps://www.tenable.com/plugins/index.php?view=single&id=111297
    titlePhoton OS 2.0 : Zsh / Python3 / Xerces / Mercurial / Pmd / Pycrypto / Net / Python2 / Util / Mysql / Paramiko / Binutils / Patch / Sqlite (PhotonOS-PHSA-2018-2.0-0037) (deprecated)
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    # @DEPRECATED@
    #
    # Disabled on 2/7/2019
    #
    
    # The descriptive text and package checks in this plugin were
    # extracted from VMware Security Advisory PHSA-2018-2.0-0037. The text
    # itself is copyright (C) VMware, Inc.
    
    include("compat.inc");
    
    if (description)
    {
      script_id(111297);
      script_version("1.3");
      script_cvs_date("Date: 2019/04/05 23:25:07");
    
      script_cve_id(
        "CVE-2017-12627",
        "CVE-2017-18207",
        "CVE-2018-1303",
        "CVE-2018-2573",
        "CVE-2018-2583",
        "CVE-2018-2612",
        "CVE-2018-2622",
        "CVE-2018-2640",
        "CVE-2018-2665",
        "CVE-2018-2668",
        "CVE-2018-2703",
        "CVE-2018-6594",
        "CVE-2018-6951",
        "CVE-2018-7208",
        "CVE-2018-7549",
        "CVE-2018-7643",
        "CVE-2018-7738",
        "CVE-2018-7750",
        "CVE-2018-8740",
        "CVE-2018-1000030",
        "CVE-2018-1000116",
        "CVE-2018-1000117",
        "CVE-2018-1000132"
      );
      script_bugtraq_id(
        102678,
        102681,
        102682,
        102704,
        102706,
        102708,
        102709,
        102710,
        103044,
        103077,
        103219,
        103264,
        103367,
        103466,
        103522,
        103713,
        104527
      );
    
      script_name(english:"Photon OS 2.0 : Zsh / Python3 / Xerces / Mercurial / Pmd / Pycrypto / Net / Python2 / Util / Mysql / Paramiko / Binutils / Patch / Sqlite (PhotonOS-PHSA-2018-2.0-0037) (deprecated)");
      script_summary(english:"Checks the rpm output for the updated packages.");
    
      script_set_attribute(attribute:"synopsis", value:
    "This plugin has been deprecated.");
      script_set_attribute(attribute:"description", value:
    "An update of {'mercurial', 'python2', 'zsh', 'pycrypto', 'patch',
    'binutils', 'paramiko', 'httpd', 'mysql', 'xerces-c', 'util-linux',
    'net-snmp', 'python3', 'sqlite'} packages of Photon OS has been
    released.");
      # https://github.com/vmware/photon/wiki/Security-Updates-2-37
      script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?5a24de30");
      script_set_attribute(attribute:"solution", value:"n/a.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
      script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
      script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H");
      script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:O/RC:C");
      script_set_attribute(attribute:"cvss_score_source", value:"CVE-2017-12627");
      script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"true");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2018/04/23");
      script_set_attribute(attribute:"plugin_publication_date", value:"2018/07/24");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:vmware:photonos:zsh");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:vmware:photonos:python3");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:vmware:photonos:xerces");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:vmware:photonos:mercurial");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:vmware:photonos:pmd");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:vmware:photonos:pycrypto");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:vmware:photonos:net");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:vmware:photonos:python2");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:vmware:photonos:util");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:vmware:photonos:mysql");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:vmware:photonos:paramiko");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:vmware:photonos:binutils");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:vmware:photonos:patch");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:vmware:photonos:sqlite");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:vmware:photonos:2.0");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_family(english:"PhotonOS Local Security Checks");
    
      script_copyright(english:"This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/PhotonOS/release", "Host/PhotonOS/rpm-list");
    
      exit(0);
    }
    
    exit(0, "This plugin has been deprecated.");
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    
    release = get_kb_item("Host/PhotonOS/release");
    if (isnull(release) || release !~ "^VMware Photon") audit(AUDIT_OS_NOT, "PhotonOS");
    if (release !~ "^VMware Photon (?:Linux|OS) 2\.0(\D|$)") audit(AUDIT_OS_NOT, "PhotonOS 2.0");
    
    if (!get_kb_item("Host/PhotonOS/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "PhotonOS", cpu);
    
    flag = 0;
    
    pkgs = [
      "binutils-2.30-4.ph2",
      "binutils-debuginfo-2.30-4.ph2",
      "binutils-devel-2.30-4.ph2",
      "mercurial-4.5.3-1.ph2",
      "mercurial-debuginfo-4.5.3-1.ph2",
      "mysql-5.7.21-1.ph2",
      "mysql-debuginfo-5.7.21-1.ph2",
      "mysql-devel-5.7.21-1.ph2",
      "net-snmp-5.7.3-8.ph2",
      "net-snmp-debuginfo-5.7.3-8.ph2",
      "net-snmp-devel-5.7.3-8.ph2",
      "paramiko-2.1.5-1.ph2",
      "patch-2.7.5-5.ph2",
      "patch-debuginfo-2.7.5-5.ph2",
      "pmd-python2-0.0.5-5.ph2",
      "pmd-python3-0.0.5-5.ph2",
      "pycrypto-2.6.1-4.ph2",
      "pycrypto-debuginfo-2.6.1-4.ph2",
      "python2-2.7.13-12.ph2",
      "python2-debuginfo-2.7.13-12.ph2",
      "python2-devel-2.7.13-12.ph2",
      "python2-libs-2.7.13-12.ph2",
      "python2-test-2.7.13-12.ph2",
      "python2-tools-2.7.13-12.ph2",
      "python3-3.6.5-1.ph2",
      "python3-curses-3.6.5-1.ph2",
      "python3-debuginfo-3.6.5-1.ph2",
      "python3-devel-3.6.5-1.ph2",
      "python3-libs-3.6.5-1.ph2",
      "python3-paramiko-2.1.5-1.ph2",
      "python3-paramiko-2.1.5-1.ph2",
      "python3-pip-3.6.5-1.ph2",
      "python3-pycrypto-2.6.1-4.ph2",
      "python3-pycrypto-2.6.1-4.ph2",
      "python3-setuptools-3.6.5-1.ph2",
      "python3-test-3.6.5-1.ph2",
      "python3-tools-3.6.5-1.ph2",
      "python3-xml-3.6.5-1.ph2",
      "sqlite-3.22.0-2.ph2",
      "sqlite-debuginfo-3.22.0-2.ph2",
      "sqlite-devel-3.22.0-2.ph2",
      "sqlite-libs-3.22.0-2.ph2",
      "util-linux-2.32-1.ph2",
      "util-linux-debuginfo-2.32-1.ph2",
      "util-linux-devel-2.32-1.ph2",
      "util-linux-lang-2.32-1.ph2",
      "util-linux-libs-2.32-1.ph2",
      "xerces-c-3.2.1-1.ph2",
      "xerces-c-debuginfo-3.2.1-1.ph2",
      "xerces-c-devel-3.2.1-1.ph2",
      "zsh-5.3.1-6.ph2",
      "zsh-debuginfo-5.3.1-6.ph2",
      "zsh-html-5.3.1-6.ph2"
    ];
    
    foreach (pkg in pkgs)
      if (rpm_check(release:"PhotonOS-2.0", reference:pkg)) flag++;
    
    if (flag)
    {
      security_report_v4(
        port       : 0,
        severity   : SECURITY_HOLE,
        extra      : rpm_report_get()
      );
      exit(0);
    }
    else
    {
      tested = pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "zsh / python3 / xerces / mercurial / pmd / pycrypto / net / python2 / util / mysql / paramiko / binutils / patch / sqlite");
    }
    
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2018-83BBD0C22F.NASL
    description**MariaDB 10.2.13** Release notes : https://mariadb.com/kb/en/library/mariadb-10213-release-notes/ CVEs fixed : CVE-2018-2562 CVE-2018-2612 CVE-2018-2622 CVE-2018-2640 CVE-2018-2665 CVE-2018-2668 Bugs fixed : POSTIN scriplets fix for: https://bodhi.fedoraproject.org/updates/FEDORA-2018-4a4dc47afe Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-05
    modified2019-01-03
    plugin id120576
    published2019-01-03
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/120576
    titleFedora 28 : 3:mariadb (2018-83bbd0c22f)
    code
    #%NASL_MIN_LEVEL 80502
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were  
    # extracted from Fedora Security Advisory FEDORA-2018-83bbd0c22f.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(120576);
      script_version("1.4");
      script_set_attribute(attribute:"plugin_modification_date", value:"2020/06/04");
    
      script_cve_id("CVE-2018-2562", "CVE-2018-2612", "CVE-2018-2622", "CVE-2018-2640", "CVE-2018-2665", "CVE-2018-2668");
      script_xref(name:"FEDORA", value:"2018-83bbd0c22f");
    
      script_name(english:"Fedora 28 : 3:mariadb (2018-83bbd0c22f)");
      script_summary(english:"Checks rpm output for the updated package.");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote Fedora host is missing a security update."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "**MariaDB 10.2.13**
    
    Release notes :
    
    https://mariadb.com/kb/en/library/mariadb-10213-release-notes/
    
    CVEs fixed :
    
    CVE-2018-2562 CVE-2018-2612 CVE-2018-2622 CVE-2018-2640 CVE-2018-2665
    CVE-2018-2668
    
    Bugs fixed :
    
    POSTIN scriplets fix for:
    https://bodhi.fedoraproject.org/updates/FEDORA-2018-4a4dc47afe
    
    Note that Tenable Network Security has extracted the preceding
    description block directly from the Fedora update system website.
    Tenable has attempted to automatically clean and format it as much as
    possible without introducing additional issues."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bodhi.fedoraproject.org/updates/FEDORA-2018-4a4dc47afe"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bodhi.fedoraproject.org/updates/FEDORA-2018-83bbd0c22f"
      );
      script_set_attribute(
        attribute:"solution", 
        value:"Update the affected 3:mariadb package."
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:S/C:N/I:P/A:C");
      script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
      script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H");
      script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
      script_set_attribute(attribute:"cvss_score_source", value:"CVE-2018-2612");
      script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:3:mariadb");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:fedoraproject:fedora:28");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2018/01/18");
      script_set_attribute(attribute:"patch_publication_date", value:"2018/03/30");
      script_set_attribute(attribute:"plugin_publication_date", value:"2019/01/03");
      script_set_attribute(attribute:"generated_plugin", value:"current");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"Fedora Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/RedHat/release");
    if (isnull(release) || "Fedora" >!< release) audit(AUDIT_OS_NOT, "Fedora");
    os_ver = pregmatch(pattern: "Fedora.*release ([0-9]+)", string:release);
    if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Fedora");
    os_ver = os_ver[1];
    if (! preg(pattern:"^28([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Fedora 28", "Fedora " + os_ver);
    
    if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Fedora", cpu);
    
    
    flag = 0;
    if (rpm_check(release:"FC28", reference:"mariadb-10.2.13-2.fc28", epoch:"3")) flag++;
    
    
    if (flag)
    {
      security_report_v4(
        port       : 0,
        severity   : SECURITY_HOLE,
        extra      : rpm_report_get()
      );
      exit(0);
    }
    else
    {
      tested = pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "3:mariadb");
    }
    
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2018-394BF4FB5A.NASL
    description**MySQL 5.7.21** Bugs fixed : https://dev.mysql.com/doc/relnotes/mysql/5.7/en/news-5-7-21.html CVEs fixed : http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628 .html CVE-2018-2696 CVE-2018-2703 CVE-2018-2565 CVE-2018-2573 CVE-2018-2576 CVE-2018-2583 CVE-2018-2586 CVE-2018-2590 CVE-2018-2600 CVE-2018-2612 CVE-2018-2622 CVE-2018-2640 CVE-2018-2645 CVE-2018-2646 CVE-2018-2647 CVE-2018-2665 CVE-2018-2667 CVE-2018-2668 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-05
    modified2018-03-12
    plugin id107281
    published2018-03-12
    reporterThis script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/107281
    titleFedora 26 : community-mysql (2018-394bf4fb5a)
    code
    #%NASL_MIN_LEVEL 80502
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were  
    # extracted from Fedora Security Advisory FEDORA-2018-394bf4fb5a.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(107281);
      script_version("1.4");
      script_set_attribute(attribute:"plugin_modification_date", value:"2020/06/04");
    
      script_cve_id("CVE-2018-2565", "CVE-2018-2573", "CVE-2018-2576", "CVE-2018-2583", "CVE-2018-2586", "CVE-2018-2590", "CVE-2018-2600", "CVE-2018-2612", "CVE-2018-2622", "CVE-2018-2640", "CVE-2018-2645", "CVE-2018-2646", "CVE-2018-2647", "CVE-2018-2665", "CVE-2018-2667", "CVE-2018-2668", "CVE-2018-2696", "CVE-2018-2703");
      script_xref(name:"FEDORA", value:"2018-394bf4fb5a");
    
      script_name(english:"Fedora 26 : community-mysql (2018-394bf4fb5a)");
      script_summary(english:"Checks rpm output for the updated package.");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote Fedora host is missing a security update."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "**MySQL 5.7.21**
    
    Bugs fixed :
    
    https://dev.mysql.com/doc/relnotes/mysql/5.7/en/news-5-7-21.html
    
    CVEs fixed :
    
    http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628
    .html
    
    CVE-2018-2696 CVE-2018-2703 CVE-2018-2565 CVE-2018-2573
    CVE-2018-2576 CVE-2018-2583 CVE-2018-2586 CVE-2018-2590
    CVE-2018-2600 CVE-2018-2612 CVE-2018-2622 CVE-2018-2640
    CVE-2018-2645 CVE-2018-2646 CVE-2018-2647 CVE-2018-2665
    CVE-2018-2667 CVE-2018-2668
    
    Note that Tenable Network Security has extracted the preceding
    description block directly from the Fedora update system website.
    Tenable has attempted to automatically clean and format it as much as
    possible without introducing additional issues."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bodhi.fedoraproject.org/updates/FEDORA-2018-394bf4fb5a"
      );
      script_set_attribute(
        attribute:"solution", 
        value:"Update the affected community-mysql package."
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C");
      script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:community-mysql");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:fedoraproject:fedora:26");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2018/01/18");
      script_set_attribute(attribute:"patch_publication_date", value:"2018/03/11");
      script_set_attribute(attribute:"plugin_publication_date", value:"2018/03/12");
      script_set_attribute(attribute:"generated_plugin", value:"current");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"Fedora Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/RedHat/release");
    if (isnull(release) || "Fedora" >!< release) audit(AUDIT_OS_NOT, "Fedora");
    os_ver = pregmatch(pattern: "Fedora.*release ([0-9]+)", string:release);
    if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Fedora");
    os_ver = os_ver[1];
    if (! preg(pattern:"^26([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Fedora 26", "Fedora " + os_ver);
    
    if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Fedora", cpu);
    
    
    flag = 0;
    if (rpm_check(release:"FC26", reference:"community-mysql-5.7.21-6.fc26")) flag++;
    
    
    if (flag)
    {
      security_report_v4(
        port       : 0,
        severity   : SECURITY_HOLE,
        extra      : rpm_report_get()
      );
      exit(0);
    }
    else
    {
      tested = pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "community-mysql");
    }
    
  • NASL familyDatabases
    NASL idMYSQL_5_6_39_RPM.NASL
    descriptionThe version of MySQL running on the remote host is 5.6.x prior to 5.6.39. It is, therefore, affected by multiple vulnerabilities as noted in the January 2018 Critical Patch Update advisory. Please consult the CVRF details for the applicable CVEs for additional information. Note that Nessus has not tested for these issues but has instead relied only on the application
    last seen2020-06-04
    modified2018-01-17
    plugin id106100
    published2018-01-17
    reporterThis script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/106100
    titleMySQL 5.6.x < 5.6.39 Multiple Vulnerabilities (RPM Check) (January 2018 CPU)
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(106100);
      script_version("1.9");
      script_set_attribute(attribute:"plugin_modification_date", value:"2020/06/03");
    
      script_cve_id(
        "CVE-2017-3737",
        "CVE-2018-2562",
        "CVE-2018-2573",
        "CVE-2018-2583",
        "CVE-2018-2590",
        "CVE-2018-2591",
        "CVE-2018-2612",
        "CVE-2018-2622",
        "CVE-2018-2640",
        "CVE-2018-2645",
        "CVE-2018-2647",
        "CVE-2018-2665",
        "CVE-2018-2668",
        "CVE-2018-2696",
        "CVE-2018-2703"
      );
      script_bugtraq_id(
        102103,
        102495,
        102678,
        102681,
        102682,
        102697,
        102698,
        102701,
        102704,
        102706,
        102708,
        102710,
        102711,
        102713,
        102714
      );
    
      script_name(english:"MySQL 5.6.x < 5.6.39 Multiple Vulnerabilities (RPM Check) (January 2018 CPU)");
      script_summary(english:"Checks the version of MySQL server.");
    
      script_set_attribute(attribute:"synopsis", value:
    "The remote database server is affected by multiple vulnerabilities.");
      script_set_attribute(attribute:"description", value:
    "The version of MySQL running on the remote host is 5.6.x prior to
    5.6.39. It is, therefore, affected by multiple vulnerabilities as
    noted in the January 2018 Critical Patch Update advisory. Please
    consult the CVRF details for the applicable CVEs for additional
    information.
    
    Note that Nessus has not tested for these issues but has instead
    relied only on the application's self-reported version number.");
      script_set_attribute(attribute:"see_also", value:"https://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-39.html");
      # http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html
      script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?ae82f1b1");
      # https://www.oracle.com/ocom/groups/public/@otn/documents/webcontent/4110638.xml
      script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?17a0bb67");
      script_set_attribute(attribute:"solution", value:
    "Upgrade to MySQL version 5.6.39 or later.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:S/C:N/I:P/A:C");
      script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
      script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H");
      script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
      script_set_attribute(attribute:"cvss_score_source", value:"CVE-2018-2647");
    
      script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"false");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2018/01/16");
      script_set_attribute(attribute:"patch_publication_date", value:"2018/01/16");
      script_set_attribute(attribute:"plugin_publication_date", value:"2018/01/17");
    
      script_set_attribute(attribute:"agent", value:"unix");
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"cpe:/a:oracle:mysql");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:mysql");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:mysql");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:mysql");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:mysql");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mysql");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:mysql");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:mysql");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:mysql");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_family(english:"Databases");
    
      script_copyright(english:"This script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof.");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled");
      script_require_ports("Host/RedHat/release", "Host/AmazonLinux/release", "Host/SuSE/release", "Host/CentOS/release");
    
      exit(0);
    }
    
    include("mysql_version.inc");
    
    fix_version = "5.6.39";
    exists_version = "5.6";
    
    mysql_check_rpms(mysql_packages:default_mysql_rpm_list_all, fix_ver:fix_version, exists_ver:exists_version, rhel_os_list:default_mysql_rhel_os_list, centos_os_list:default_mysql_centos_os_list, suse_os_list:default_mysql_suse_os_list, ala_os_list:default_mysql_ala_os_list, severity:SECURITY_HOLE);
    
  • NASL familyPhotonOS Local Security Checks
    NASL idPHOTONOS_PHSA-2018-1_0-0126_MYSQL.NASL
    descriptionAn update of the mysql package has been released.
    last seen2020-03-17
    modified2019-02-07
    plugin id121824
    published2019-02-07
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/121824
    titlePhoton OS 1.0: Mysql PHSA-2018-1.0-0126
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    
    
    # The descriptive text and package checks in this plugin were
    # extracted from VMware Security Advisory PHSA-2018-1.0-0126. The text
    # itself is copyright (C) VMware, Inc.
    
    
    include('compat.inc');
    
    if (description)
    {
      script_id(121824);
      script_version("1.2");
      script_set_attribute(attribute:"plugin_modification_date", value:"2019/02/07");
    
      script_cve_id(
        "CVE-2018-2573",
        "CVE-2018-2583",
        "CVE-2018-2612",
        "CVE-2018-2622",
        "CVE-2018-2640",
        "CVE-2018-2665",
        "CVE-2018-2668",
        "CVE-2018-2703"
      );
    
      script_name(english:"Photon OS 1.0: Mysql PHSA-2018-1.0-0126");
      script_summary(english:"Checks the rpm output for the updated packages.");
    
      script_set_attribute(attribute:"synopsis", value:
    "The remote PhotonOS host is missing multiple security updates.");
      script_set_attribute(attribute:"description", value:
    "An update of the mysql package has been released.");
      script_set_attribute(attribute:"see_also", value:"https://github.com/vmware/photon/wiki/Security-Updates-1.0-126.md");
      script_set_attribute(attribute:"solution", value:
    "Update the affected Linux packages.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:S/C:N/I:P/A:C");
      script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
      script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H");
      script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
      script_set_attribute(attribute:"cvss_score_source", value:"CVE-2018-2612");
    
      script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2018/04/24");
      script_set_attribute(attribute:"patch_publication_date", value:"2018/04/24");
      script_set_attribute(attribute:"plugin_publication_date", value:"2019/02/07");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:vmware:photonos:mysql");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:vmware:photonos:1.0");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_family(english:"PhotonOS Local Security Checks");
    
      script_copyright(english:"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/PhotonOS/release", "Host/PhotonOS/rpm-list");
    
      exit(0);
    }
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    
    release = get_kb_item("Host/PhotonOS/release");
    if (isnull(release) || release !~ "^VMware Photon") audit(AUDIT_OS_NOT, "PhotonOS");
    if (release !~ "^VMware Photon (?:Linux|OS) 1\.0(\D|$)") audit(AUDIT_OS_NOT, "PhotonOS 1.0");
    
    if (!get_kb_item("Host/PhotonOS/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "PhotonOS", cpu);
    
    flag = 0;
    
    if (rpm_check(release:"PhotonOS-1.0", reference:"mysql-5.7.21-1.ph1")) flag++;
    if (rpm_check(release:"PhotonOS-1.0", reference:"mysql-5.7.21-1.ph1")) flag++;
    if (rpm_check(release:"PhotonOS-1.0", reference:"mysql-5.7.21-1.ph1")) flag++;
    if (rpm_check(release:"PhotonOS-1.0", reference:"mysql-5.7.21-1.ph1")) flag++;
    if (rpm_check(release:"PhotonOS-1.0", reference:"mysql-5.7.21-1.ph1")) flag++;
    if (rpm_check(release:"PhotonOS-1.0", reference:"mysql-5.7.21-1.ph1")) flag++;
    if (rpm_check(release:"PhotonOS-1.0", reference:"mysql-5.7.21-1.ph1")) flag++;
    if (rpm_check(release:"PhotonOS-1.0", reference:"mysql-5.7.21-1.ph1")) flag++;
    if (rpm_check(release:"PhotonOS-1.0", reference:"mysql-debuginfo-5.7.21-1.ph1")) flag++;
    if (rpm_check(release:"PhotonOS-1.0", reference:"mysql-debuginfo-5.7.21-1.ph1")) flag++;
    if (rpm_check(release:"PhotonOS-1.0", reference:"mysql-debuginfo-5.7.21-1.ph1")) flag++;
    if (rpm_check(release:"PhotonOS-1.0", reference:"mysql-debuginfo-5.7.21-1.ph1")) flag++;
    if (rpm_check(release:"PhotonOS-1.0", reference:"mysql-debuginfo-5.7.21-1.ph1")) flag++;
    if (rpm_check(release:"PhotonOS-1.0", reference:"mysql-debuginfo-5.7.21-1.ph1")) flag++;
    if (rpm_check(release:"PhotonOS-1.0", reference:"mysql-debuginfo-5.7.21-1.ph1")) flag++;
    if (rpm_check(release:"PhotonOS-1.0", reference:"mysql-debuginfo-5.7.21-1.ph1")) flag++;
    if (rpm_check(release:"PhotonOS-1.0", reference:"mysql-devel-5.7.21-1.ph1")) flag++;
    if (rpm_check(release:"PhotonOS-1.0", reference:"mysql-devel-5.7.21-1.ph1")) flag++;
    if (rpm_check(release:"PhotonOS-1.0", reference:"mysql-devel-5.7.21-1.ph1")) flag++;
    if (rpm_check(release:"PhotonOS-1.0", reference:"mysql-devel-5.7.21-1.ph1")) flag++;
    if (rpm_check(release:"PhotonOS-1.0", reference:"mysql-devel-5.7.21-1.ph1")) flag++;
    if (rpm_check(release:"PhotonOS-1.0", reference:"mysql-devel-5.7.21-1.ph1")) flag++;
    if (rpm_check(release:"PhotonOS-1.0", reference:"mysql-devel-5.7.21-1.ph1")) flag++;
    if (rpm_check(release:"PhotonOS-1.0", reference:"mysql-devel-5.7.21-1.ph1")) flag++;
    
    if (flag)
    {
      security_report_v4(
        port       : 0,
        severity   : SECURITY_HOLE,
        extra      : rpm_report_get()
      );
      exit(0);
    }
    else
    {
      tested = pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "mysql");
    }
    
  • NASL familySuSE Local Security Checks
    NASL idSUSE_SU-2018-0698-1.NASL
    descriptionThis update for mariadb to 10.0.34 fixes several issues. These security issues were fixed : - CVE-2017-10378: Vulnerability in subcomponent: Server: Optimizer. Easily exploitable vulnerability allowed low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) (bsc#1064115). - CVE-2017-10268: Vulnerability in subcomponent: Server: Replication. Difficult to exploit vulnerability allowed high privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all MySQL Server accessible data (bsc#1064101). - CVE-2018-2562: Vulnerability in the MySQL Server subcomponent: Server : Partition. Easily exploitable vulnerability allowed low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well as unauthorized update, insert or delete access to some of MySQL Server accessible data. - CVE-2018-2622: Vulnerability in the MySQL Server subcomponent: Server: DDL. Easily exploitable vulnerability allowed low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. - CVE-2018-2640: Vulnerability in the MySQL Server subcomponent: Server: Optimizer. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. - CVE-2018-2665: Vulnerability in the MySQL Server subcomponent: Server: Optimizer. Easily exploitable vulnerability allowed low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. - CVE-2018-2668: Vulnerability in the MySQL Server subcomponent: Server: Optimizer. Easily exploitable vulnerability allowed low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. - CVE-2018-2612: Vulnerability in the MySQL Server subcomponent: InnoDB. Easily exploitable vulnerability allowed high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all MySQL Server accessible data and unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. The update package also includes non-security fixes. See advisory for details. Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id108402
    published2018-03-16
    reporterThis script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/108402
    titleSUSE SLES12 Security Update : mariadb (SUSE-SU-2018:0698-1)
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were
    # extracted from SUSE update advisory SUSE-SU-2018:0698-1.
    # The text itself is copyright (C) SUSE.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(108402);
      script_version("1.4");
      script_cvs_date("Date: 2019/09/10 13:51:47");
    
      script_cve_id("CVE-2017-10268", "CVE-2017-10378", "CVE-2018-2562", "CVE-2018-2612", "CVE-2018-2622", "CVE-2018-2640", "CVE-2018-2665", "CVE-2018-2668");
    
      script_name(english:"SUSE SLES12 Security Update : mariadb (SUSE-SU-2018:0698-1)");
      script_summary(english:"Checks rpm output for the updated packages.");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote SUSE host is missing one or more security updates."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "This update for mariadb to 10.0.34 fixes several issues. These
    security issues were fixed :
    
      - CVE-2017-10378: Vulnerability in subcomponent: Server:
        Optimizer. Easily exploitable vulnerability allowed low
        privileged attacker with network access via multiple
        protocols to compromise MySQL Server. Successful attacks
        of this vulnerability can result in unauthorized ability
        to cause a hang or frequently repeatable crash (complete
        DOS) (bsc#1064115).
    
      - CVE-2017-10268: Vulnerability in subcomponent: Server:
        Replication. Difficult to exploit vulnerability allowed
        high privileged attacker with logon to the
        infrastructure where MySQL Server executes to compromise
        MySQL Server. Successful attacks of this vulnerability
        can result in unauthorized access to critical data or
        complete access to all MySQL Server accessible data
        (bsc#1064101).
    
      - CVE-2018-2562: Vulnerability in the MySQL Server
        subcomponent: Server : Partition. Easily exploitable
        vulnerability allowed low privileged attacker with
        network access via multiple protocols to compromise
        MySQL Server. Successful attacks of this vulnerability
        can result in unauthorized ability to cause a hang or
        frequently repeatable crash (complete DOS) of MySQL
        Server as well as unauthorized update, insert or delete
        access to some of MySQL Server accessible data.
    
      - CVE-2018-2622: Vulnerability in the MySQL Server
        subcomponent: Server: DDL. Easily exploitable
        vulnerability allowed low privileged attacker with
        network access via multiple protocols to compromise
        MySQL Server. Successful attacks of this vulnerability
        can result in unauthorized ability to cause a hang or
        frequently repeatable crash (complete DOS) of MySQL
        Server.
    
      - CVE-2018-2640: Vulnerability in the MySQL Server
        subcomponent: Server: Optimizer. Successful attacks of
        this vulnerability can result in unauthorized ability to
        cause a hang or frequently repeatable crash (complete
        DOS) of MySQL Server.
    
      - CVE-2018-2665: Vulnerability in the MySQL Server
        subcomponent: Server: Optimizer. Easily exploitable
        vulnerability allowed low privileged attacker with
        network access via multiple protocols to compromise
        MySQL Server. Successful attacks of this vulnerability
        can result in unauthorized ability to cause a hang or
        frequently repeatable crash (complete DOS) of MySQL
        Server.
    
      - CVE-2018-2668: Vulnerability in the MySQL Server
        subcomponent: Server: Optimizer. Easily exploitable
        vulnerability allowed low privileged attacker with
        network access via multiple protocols to compromise
        MySQL Server. Successful attacks of this vulnerability
        can result in unauthorized ability to cause a hang or
        frequently repeatable crash (complete DOS) of MySQL
        Server.
    
      - CVE-2018-2612: Vulnerability in the MySQL Server
        subcomponent: InnoDB. Easily exploitable vulnerability
        allowed high privileged attacker with network access via
        multiple protocols to compromise MySQL Server.
        Successful attacks of this vulnerability can result in
        unauthorized creation, deletion or modification access
        to critical data or all MySQL Server accessible data and
        unauthorized ability to cause a hang or frequently
        repeatable crash (complete DOS) of MySQL Server.
    
    The update package also includes non-security fixes. See advisory for
    details.
    
    Note that Tenable Network Security has extracted the preceding
    description block directly from the SUSE security advisory. Tenable
    has attempted to automatically clean and format it as much as possible
    without introducing additional issues."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=1064101"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=1064115"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=1072665"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=1078431"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2017-10268/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2017-10378/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2018-2562/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2018-2612/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2018-2622/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2018-2640/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2018-2665/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2018-2668/"
      );
      # https://www.suse.com/support/update/announcement/2018/suse-su-20180698-1/
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.nessus.org/u?12e95d3a"
      );
      script_set_attribute(
        attribute:"solution", 
        value:
    "To install this SUSE Security Update use YaST online_update.
    Alternatively you can run the command listed for your product :
    
    SUSE Linux Enterprise Server 12-LTSS:zypper in -t patch
    SUSE-SLE-SERVER-12-2018-477=1
    
    To bring your system up-to-date, use 'zypper patch'."
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:S/C:N/I:P/A:C");
      script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
      script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H");
      script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"false");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libmysqlclient-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libmysqlclient18");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libmysqlclient18-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libmysqlclient_r18");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libmysqld-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libmysqld18");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libmysqld18-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:mariadb");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:mariadb-client");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:mariadb-client-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:mariadb-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:mariadb-debugsource");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:mariadb-errormessages");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:mariadb-tools");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:mariadb-tools-debuginfo");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:suse_linux:12");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2017/10/19");
      script_set_attribute(attribute:"patch_publication_date", value:"2018/03/15");
      script_set_attribute(attribute:"plugin_publication_date", value:"2018/03/16");
      script_set_attribute(attribute:"generated_plugin", value:"current");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"SuSE Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/SuSE/release");
    if (isnull(release) || release !~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "SUSE");
    os_ver = pregmatch(pattern: "^(SLE(S|D)\d+)", string:release);
    if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "SUSE");
    os_ver = os_ver[1];
    if (! preg(pattern:"^(SLES12)$", string:os_ver)) audit(AUDIT_OS_NOT, "SUSE SLES12", "SUSE " + os_ver);
    
    if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if (cpu !~ "^i[3-6]86$" && "x86_64" >!< cpu && "s390x" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "SUSE " + os_ver, cpu);
    
    sp = get_kb_item("Host/SuSE/patchlevel");
    if (isnull(sp)) sp = "0";
    if (os_ver == "SLES12" && (! preg(pattern:"^(0)$", string:sp))) audit(AUDIT_OS_NOT, "SLES12 SP0", os_ver + " SP" + sp);
    
    
    flag = 0;
    if (rpm_check(release:"SLES12", sp:"0", reference:"libmysqlclient-devel-10.0.34-20.43.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"libmysqlclient18-10.0.34-20.43.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"libmysqlclient18-debuginfo-10.0.34-20.43.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"libmysqlclient_r18-10.0.34-20.43.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"libmysqld-devel-10.0.34-20.43.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"libmysqld18-10.0.34-20.43.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"libmysqld18-debuginfo-10.0.34-20.43.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"mariadb-10.0.34-20.43.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"mariadb-client-10.0.34-20.43.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"mariadb-client-debuginfo-10.0.34-20.43.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"mariadb-debuginfo-10.0.34-20.43.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"mariadb-debugsource-10.0.34-20.43.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"mariadb-errormessages-10.0.34-20.43.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"mariadb-tools-10.0.34-20.43.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"mariadb-tools-debuginfo-10.0.34-20.43.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"libmysqlclient18-32bit-10.0.34-20.43.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"0", reference:"libmysqlclient18-debuginfo-32bit-10.0.34-20.43.1")) flag++;
    
    
    if (flag)
    {
      if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
      else security_hole(0);
      exit(0);
    }
    else
    {
      tested = pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "mariadb");
    }
    
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2018-02C0E3725E.NASL
    description**MariaDB 10.1.32** Release notes : https://mariadb.com/kb/en/library/mariadb-10131-release-notes/ https://mariadb.com/kb/en/library/mariadb-10132-release-notes/ Bugs solved : Jemalloc issue on aarch64 (solved in jemalloc package) https://bugzilla.redhat.com/show_bug.cgi?id=1545539 CVEs fixed : CVE-2018-2562, CVE-2018-2622, CVE-2018-2640, CVE-2018-2665, CVE-2018-2668, CVE-2018-2612 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-05
    modified2018-04-03
    plugin id108790
    published2018-04-03
    reporterThis script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/108790
    titleFedora 26 : 3:mariadb (2018-02c0e3725e)
    code
    #%NASL_MIN_LEVEL 80502
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were  
    # extracted from Fedora Security Advisory FEDORA-2018-02c0e3725e.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(108790);
      script_version("1.3");
      script_set_attribute(attribute:"plugin_modification_date", value:"2020/06/04");
    
      script_cve_id("CVE-2018-2562", "CVE-2018-2612", "CVE-2018-2622", "CVE-2018-2640", "CVE-2018-2665", "CVE-2018-2668");
      script_xref(name:"FEDORA", value:"2018-02c0e3725e");
    
      script_name(english:"Fedora 26 : 3:mariadb (2018-02c0e3725e)");
      script_summary(english:"Checks rpm output for the updated package.");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote Fedora host is missing a security update."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "**MariaDB 10.1.32**
    
    Release notes :
    
    https://mariadb.com/kb/en/library/mariadb-10131-release-notes/
    https://mariadb.com/kb/en/library/mariadb-10132-release-notes/
    
    Bugs solved :
    
    Jemalloc issue on aarch64 (solved in jemalloc package)
    https://bugzilla.redhat.com/show_bug.cgi?id=1545539
    
    CVEs fixed :
    
    CVE-2018-2562, CVE-2018-2622, CVE-2018-2640, CVE-2018-2665,
    CVE-2018-2668, CVE-2018-2612
    
    Note that Tenable Network Security has extracted the preceding
    description block directly from the Fedora update system website.
    Tenable has attempted to automatically clean and format it as much as
    possible without introducing additional issues."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bodhi.fedoraproject.org/updates/FEDORA-2018-02c0e3725e"
      );
      script_set_attribute(
        attribute:"solution", 
        value:"Update the affected 3:mariadb package."
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:S/C:N/I:P/A:C");
      script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:3:mariadb");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:fedoraproject:fedora:26");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2018/01/18");
      script_set_attribute(attribute:"patch_publication_date", value:"2018/04/02");
      script_set_attribute(attribute:"plugin_publication_date", value:"2018/04/03");
      script_set_attribute(attribute:"generated_plugin", value:"current");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"Fedora Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/RedHat/release");
    if (isnull(release) || "Fedora" >!< release) audit(AUDIT_OS_NOT, "Fedora");
    os_ver = pregmatch(pattern: "Fedora.*release ([0-9]+)", string:release);
    if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Fedora");
    os_ver = os_ver[1];
    if (! preg(pattern:"^26([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Fedora 26", "Fedora " + os_ver);
    
    if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Fedora", cpu);
    
    
    flag = 0;
    if (rpm_check(release:"FC26", reference:"mariadb-10.1.32-1.fc26", epoch:"3")) flag++;
    
    
    if (flag)
    {
      security_report_v4(
        port       : 0,
        severity   : SECURITY_HOLE,
        extra      : rpm_report_get()
      );
      exit(0);
    }
    else
    {
      tested = pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "3:mariadb");
    }
    
  • NASL familyUbuntu Local Security Checks
    NASL idUBUNTU_USN-3537-1.NASL
    descriptionMultiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to 5.5.59 in Ubuntu 14.04 LTS. Ubuntu 16.04 LTS, and Ubuntu 17.10 have been updated to MySQL 5.7.21. In addition to security fixes, the updated packages contain bug fixes, new features, and possibly incompatible changes. Please see the following for more information: http://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-59.html http://dev.mysql.com/doc/relnotes/mysql/5.7/en/news-5-7-21.html http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628 .html. Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id106265
    published2018-01-23
    reporterUbuntu Security Notice (C) 2018-2019 Canonical, Inc. / NASL script (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/106265
    titleUbuntu 14.04 LTS / 16.04 LTS / 17.10 : mysql-5.5, mysql-5.7 vulnerabilities (USN-3537-1)
  • NASL familyDatabases
    NASL idMYSQL_5_7_21_RPM.NASL
    descriptionThe version of MySQL running on the remote host is 5.7.x prior to 5.7.21. It is, therefore, affected by multiple vulnerabilities as noted in the January 2018 Critical Patch Update advisory. Please consult the CVRF details for the applicable CVEs for additional information. Note that Nessus has not tested for these issues but has instead relied only on the application
    last seen2020-06-04
    modified2018-01-17
    plugin id106102
    published2018-01-17
    reporterThis script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/106102
    titleMySQL 5.7.x < 5.7.21 Multiple Vulnerabilities (RPM Check) (January 2018 CPU)
  • NASL familyAmazon Linux Local Security Checks
    NASL idALA_ALAS-2018-969.NASL
    descriptionVulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.5.58 and prior, 5.6.38 and prior and 5.7.20 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. (CVE-2018-2640) Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: GIS). Supported versions that are affected are 5.6.38 and prior and 5.7.20 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. (CVE-2018-2573) Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). Supported versions that are affected are 5.6.38 and prior and 5.7.20 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well as unauthorized update, insert or delete access to some of MySQL Server accessible data. (CVE-2018-2647) Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 5.7.20 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. (CVE-2018-2576) Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.5.58 and prior, 5.6.38 and prior and 5.7.20 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. (CVE-2018-2668) Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: InnoDB). Supported versions that are affected are 5.7.20 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVE-2018-2565) Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 5.7.20 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. (CVE-2018-2586) Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.6.38 and prior and 5.7.20 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all MySQL Server accessible data and unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. (CVE-2018-2612) Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server : Security : Privileges). Supported versions that are affected are 5.6.38 and prior and 5.7.20 and prior. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. (CVE-2018-2696) Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Stored Procedure). Supported versions that are affected are 5.6.38 and prior and 5.7.20 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. While the vulnerability is in MySQL Server, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. (CVE-2018-2583) Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.5.58 and prior, 5.6.38 and prior and 5.7.20 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. (CVE-2018-2622) Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.7.20 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. (CVE-2018-2600) Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Performance Schema). Supported versions that are affected are 5.6.38 and prior and 5.7.20 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. (CVE-2018-2590) Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Performance Schema). Supported versions that are affected are 5.6.38 and prior and 5.7.20 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all MySQL Server accessible data. (CVE-2018-2645) Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server : Security : Privileges). Supported versions that are affected are 5.6.38 and prior and 5.7.20 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. (CVE-2018-2703) Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 5.7.20 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. (CVE-2018-2646) Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.5.58 and prior, 5.6.38 and prior and 5.7.20 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. (CVE-2018-2665) Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.7.20 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. (CVE-2018-2667)
    last seen2020-06-01
    modified2020-06-02
    plugin id107240
    published2018-03-09
    reporterThis script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/107240
    titleAmazon Linux AMI : mysql55 / mysql56,mysql57 (ALAS-2018-969)
  • NASL familyPhotonOS Local Security Checks
    NASL idPHOTONOS_PHSA-2018-1_0-0126.NASL
    descriptionAn update of 'paramiko', 'mysql', 'mercurial', 'binutils', 'pycrypto', 'patch', 'sqlite-autoconf', 'httpd', 'python3', 'xerces-c', 'strongswan', 'net-snmp' packages of Photon OS has been released.
    last seen2019-02-21
    modified2019-02-07
    plugin id111930
    published2018-08-17
    reporterTenable
    sourcehttps://www.tenable.com/plugins/index.php?view=single&id=111930
    titlePhoton OS 1.0: Binutils / Httpd / Mercurial / Mysql / Net / Paramiko / Patch / Pycrypto / Python3 / Sqlite / Strongswan / Xerces PHSA-2018-1.0-0126 (deprecated)
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2018-00647AE0D5.NASL
    description**MariaDB 10.2.13** Release notes : https://mariadb.com/kb/en/library/mariadb-10213-release-notes/ CVEs fixed : CVE-2018-2562 CVE-2018-2612 CVE-2018-2622 CVE-2018-2640 CVE-2018-2665 CVE-2018-2668 Bugs fixed : POSTIN scriplets fix for: https://bodhi.fedoraproject.org/updates/FEDORA-2018-4a4dc47afe Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-05
    modified2018-03-14
    plugin id108305
    published2018-03-14
    reporterThis script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/108305
    titleFedora 27 : 3:mariadb (2018-00647ae0d5)
  • NASL familyDatabases
    NASL idMYSQL_5_6_39.NASL
    descriptionThe version of MySQL running on the remote host is 5.6.x prior to 5.6.39. It is, therefore, affected by multiple vulnerabilities as noted in the January 2018 Critical Patch Update advisory. Please consult the CVRF details for the applicable CVEs for additional information. Note that Nessus has not tested for these issues but has instead relied only on the application
    last seen2020-06-01
    modified2020-06-02
    plugin id106099
    published2018-01-17
    reporterThis script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/106099
    titleMySQL 5.6.x < 5.6.39 Multiple Vulnerabilities (January 2018 CPU)
  • NASL familyGentoo Local Security Checks
    NASL idGENTOO_GLSA-201802-04.NASL
    descriptionThe remote host is affected by the vulnerability described in GLSA-201802-04 (MySQL: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in MySQL. Please review the referenced CVE identifiers for details. Impact : A remote attacker could execute arbitrary code without authentication or cause a partial denial of service condition. Workaround : There are no known workarounds at this time.
    last seen2020-06-01
    modified2020-06-02
    plugin id106885
    published2018-02-20
    reporterThis script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/106885
    titleGLSA-201802-04 : MySQL: Multiple vulnerabilities
  • NASL familySlackware Local Security Checks
    NASL idSLACKWARE_SSA_2018-032-01.NASL
    descriptionNew mariadb packages are available for Slackware 14.1 and 14.2 to fix security issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id106564
    published2018-02-02
    reporterThis script is Copyright (C) 2018 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/106564
    titleSlackware 14.1 / 14.2 : mariadb (SSA:2018-032-01)
  • NASL familyFreeBSD Local Security Checks
    NASL idFREEBSD_PKG_E3445736FD0111E7AC58B499BAEBFEAF.NASL
    descriptionOracle reports : Not all vulnerabilities are relevant for all flavors/versions of the servers and clients - Vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. GIS: CVE-2018-2573, DDL CVE-2018-2622, Optimizer: CVE-2018-2640, CVE-2018-2665, CVE-2018-2668, Security:Privileges: CVE-2018-2703, Partition: CVE-2018-2562. - Vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. InnoDB: CVE-2018-2565, CVE-2018-2612 DML: CVE-2018-2576, CVE-2018-2646, Stored Procedure: CVE-2018-2583, Performance Schema : CVE-2018-2590, Partition: CVE-2018-2591, Optimizer: CVE-2018-2600, CVE-2018-2667, Security:Privileges: CVE-2018-2696, Replication : CVE-2018-2647. - Vulnerability allows a low or high privileged attacker with network access via multiple protocols to compromise MySQL Server with unauthorized creation, deletion, modification or access to data/ critical data. InnoDB: CVE-2018-2612, Performance Schema : CVE-2018-2645, Replication: CVE-2018-2647, Partition: CVE-2018-2562.
    last seen2020-06-01
    modified2020-06-02
    plugin id106216
    published2018-01-22
    reporterThis script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/106216
    titleFreeBSD : MySQL -- multiple vulnerabilities (e3445736-fd01-11e7-ac58-b499baebfeaf)
  • NASL familyDebian Local Security Checks
    NASL idDEBIAN_DSA-4341.NASL
    descriptionSeveral issues have been discovered in the MariaDB database server. The vulnerabilities are addressed by upgrading MariaDB to the new upstream version 10.1.37. Please see the MariaDB 10.1 Release Notes for further details : - https://mariadb.com/kb/en/mariadb/mariadb-10127-release- notes/ - https://mariadb.com/kb/en/mariadb/mariadb-10128-release- notes/ - https://mariadb.com/kb/en/mariadb/mariadb-10129-release- notes/ - https://mariadb.com/kb/en/mariadb/mariadb-10130-release- notes/ - https://mariadb.com/kb/en/mariadb/mariadb-10131-release- notes/ - https://mariadb.com/kb/en/mariadb/mariadb-10132-release- notes/ - https://mariadb.com/kb/en/mariadb/mariadb-10133-release- notes/ - https://mariadb.com/kb/en/mariadb/mariadb-10134-release- notes/ - https://mariadb.com/kb/en/mariadb/mariadb-10135-release- notes/ - https://mariadb.com/kb/en/mariadb/mariadb-10136-release- notes/ - https://mariadb.com/kb/en/mariadb/mariadb-10137-release- notes/
    last seen2020-06-01
    modified2020-06-02
    plugin id119040
    published2018-11-20
    reporterThis script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/119040
    titleDebian DSA-4341-1 : mariadb-10.1 - security update
  • NASL familyDatabases
    NASL idMYSQL_5_7_21.NASL
    descriptionThe version of MySQL running on the remote host is 5.7.x prior to 5.7.21. It is, therefore, affected by multiple vulnerabilities as noted in the January 2018 Critical Patch Update advisory. Please consult the CVRF details for the applicable CVEs for additional information. Note that Nessus has not tested for these issues but has instead relied only on the application
    last seen2020-06-01
    modified2020-06-02
    plugin id106101
    published2018-01-17
    reporterThis script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/106101
    titleMySQL 5.7.x < 5.7.21 Multiple Vulnerabilities (January 2018 CPU)
  • NASL familyDebian Local Security Checks
    NASL idDEBIAN_DLA-1407.NASL
    descriptionSeveral issues have been discovered in the MariaDB database server. The vulnerabilities are addressed by upgrading MariaDB to the new upstream version 10.0.35. Please see the MariaDB 10.0 Release Notes for further details : https://mariadb.com/kb/en/mariadb/mariadb-10033-release-notes/ https://mariadb.com/kb/en/mariadb/mariadb-10034-release-notes/ https://mariadb.com/kb/en/mariadb/mariadb-10035-release-notes/ For Debian 8
    last seen2020-06-01
    modified2020-06-02
    plugin id110816
    published2018-07-02
    reporterThis script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/110816
    titleDebian DLA-1407-1 : mariadb-10.0 security update
  • NASL familyDatabases
    NASL idMARIADB_10_1_31.NASL
    descriptionThe version of MariaDB running of remote host is 10.1 prior to 10.1.31. It is, therefore, affected by multiple vulnerabilities
    last seen2020-05-31
    modified2019-01-28
    plugin id121422
    published2019-01-28
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/121422
    titleMariaDB 10.1 < 10.1.31 Multiple Vulnerabilities
  • NASL familySuSE Local Security Checks
    NASL idOPENSUSE-2018-270.NASL
    descriptionThis update for mariadb fixes the following issues : MariaDB was updated to 10.0.34 (bsc#1078431) The following security vulnerabilities are fixed : - CVE-2018-2562: Vulnerability in the MySQL Server subcomponent: Server : Partition. Easily exploitable vulnerability allowed low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well as unauthorized update, insert or delete access to some of MySQL Server accessible data. - CVE-2018-2622: Vulnerability in the MySQL Server subcomponent: Server: DDL. Easily exploitable vulnerability allowed low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. - CVE-2018-2640: Vulnerability in the MySQL Server subcomponent: Server: Optimizer. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. - CVE-2018-2665: Vulnerability in the MySQL Server subcomponent: Server: Optimizer. Easily exploitable vulnerability allowed low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. - CVE-2018-2668: Vulnerability in the MySQL Server subcomponent: Server: Optimizer. Easily exploitable vulnerability allowed low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. - CVE-2018-2612: Vulnerability in the MySQL Server subcomponent: InnoDB. Easily exploitable vulnerability allowed high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all MySQL Server accessible data and unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. The MariaDB external release notes and changelog for this release : - https://kb.askmonty.org/en/mariadb-10034-release-notes - https://kb.askmonty.org/en/mariadb-10034-changelog This update was imported from the SUSE:SLE-12-SP1:Update update project.
    last seen2020-06-05
    modified2018-03-19
    plugin id108439
    published2018-03-19
    reporterThis script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/108439
    titleopenSUSE Security Update : mariadb (openSUSE-2018-270)
  • NASL familySuSE Local Security Checks
    NASL idOPENSUSE-2018-90.NASL
    descriptionThis update for mysql-community-server to version 5.6.39 fixes several issues. These security issues were fixed : - CVE-2018-2622: Vulnerability in the subcomponent: Server: DDL. Easily exploitable vulnerability allowed low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server (bsc#1076369). - CVE-2018-2562: Vulnerability in the subcomponent: Server : Partition. Easily exploitable vulnerability allowed low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well as unauthorized update, insert or delete access to some of MySQL Server accessible data (bsc#1076369). - CVE-2018-2640: Vulnerability in the subcomponent: Server: Optimizer. Easily exploitable vulnerability allowed low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server (bsc#1076369). - CVE-2018-2665: Vulnerability in the subcomponent: Server: Optimizer). Supported versions that are affected are 5.5.58 and prior, 5.6.38 and prior and 5.7.20 and prior. Easily exploitable vulnerability allowed low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server (bsc#1076369). - CVE-2018-2668: Vulnerability in the subcomponent: Server: Optimizer. Easily exploitable vulnerability allowed low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server (bsc#1076369). - CVE-2018-2696: Vulnerability in the subcomponent: Server : Security : Privileges). Supported versions that are affected are 5.6.38 and prior and 5.7.20 and prior. Easily exploitable vulnerability allowed unauthenticated attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server (bsc#1076369). - CVE-2018-2583: Vulnerability in the subcomponent: Stored Procedure. Easily exploitable vulnerability allowed high privileged attacker with network access via multiple protocols to compromise MySQL Server. While the vulnerability is in MySQL Server, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server (bsc#1076369). - CVE-2018-2612: Vulnerability in the subcomponent: InnoDB. Easily exploitable vulnerability allowed high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all MySQL Server accessible data and unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server (bsc#1076369). - CVE-2018-2703: Vulnerability in the subcomponent: Server : Security : Privileges. Easily exploitable vulnerability allowed low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server (bsc#1076369). - CVE-2018-2573: Vulnerability in the subcomponent: Server: GIS. Easily exploitable vulnerability allowed low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server (bsc#1076369). - CVE-2017-3737: OpenSSL introduced an
    last seen2020-06-05
    modified2018-01-26
    plugin id106359
    published2018-01-26
    reporterThis script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/106359
    titleopenSUSE Security Update : mysql-community-server (openSUSE-2018-90)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_SU-2018-0697-1.NASL
    descriptionThis update for mariadb fixes the following issues: MariaDB was updated to 10.0.34 (bsc#1078431) The following security vulnerabilities are fixed : - CVE-2018-2562: Vulnerability in the MySQL Server subcomponent: Server : Partition. Easily exploitable vulnerability allowed low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well as unauthorized update, insert or delete access to some of MySQL Server accessible data. - CVE-2018-2622: Vulnerability in the MySQL Server subcomponent: Server: DDL. Easily exploitable vulnerability allowed low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. - CVE-2018-2640: Vulnerability in the MySQL Server subcomponent: Server: Optimizer. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. - CVE-2018-2665: Vulnerability in the MySQL Server subcomponent: Server: Optimizer. Easily exploitable vulnerability allowed low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. - CVE-2018-2668: Vulnerability in the MySQL Server subcomponent: Server: Optimizer. Easily exploitable vulnerability allowed low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. - CVE-2018-2612: Vulnerability in the MySQL Server subcomponent: InnoDB. Easily exploitable vulnerability allowed high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all MySQL Server accessible data and unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. The MariaDB external release notes and changelog for this release : - https://kb.askmonty.org/en/mariadb-10034-release-notes - https://kb.askmonty.org/en/mariadb-10034-changelog Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id108401
    published2018-03-16
    reporterThis script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/108401
    titleSUSE SLED12 / SLES12 Security Update : mariadb (SUSE-SU-2018:0697-1)

Redhat

advisories
  • rhsa
    idRHSA-2018:0586
  • rhsa
    idRHSA-2018:0587
  • rhsa
    idRHSA-2019:1258
rpms
  • rh-mysql57-mysql-0:5.7.21-2.el6.1
  • rh-mysql57-mysql-0:5.7.21-2.el7.1
  • rh-mysql57-mysql-common-0:5.7.21-2.el6.1
  • rh-mysql57-mysql-common-0:5.7.21-2.el7.1
  • rh-mysql57-mysql-config-0:5.7.21-2.el6.1
  • rh-mysql57-mysql-config-0:5.7.21-2.el7.1
  • rh-mysql57-mysql-debuginfo-0:5.7.21-2.el6.1
  • rh-mysql57-mysql-debuginfo-0:5.7.21-2.el7.1
  • rh-mysql57-mysql-devel-0:5.7.21-2.el6.1
  • rh-mysql57-mysql-devel-0:5.7.21-2.el7.1
  • rh-mysql57-mysql-errmsg-0:5.7.21-2.el6.1
  • rh-mysql57-mysql-errmsg-0:5.7.21-2.el7.1
  • rh-mysql57-mysql-server-0:5.7.21-2.el6.1
  • rh-mysql57-mysql-server-0:5.7.21-2.el7.1
  • rh-mysql57-mysql-test-0:5.7.21-2.el6.1
  • rh-mysql57-mysql-test-0:5.7.21-2.el7.1
  • rh-mysql56-mysql-0:5.6.39-1.el6.1
  • rh-mysql56-mysql-0:5.6.39-1.el7.1
  • rh-mysql56-mysql-bench-0:5.6.39-1.el6.1
  • rh-mysql56-mysql-bench-0:5.6.39-1.el7.1
  • rh-mysql56-mysql-common-0:5.6.39-1.el6.1
  • rh-mysql56-mysql-common-0:5.6.39-1.el7.1
  • rh-mysql56-mysql-config-0:5.6.39-1.el6.1
  • rh-mysql56-mysql-config-0:5.6.39-1.el7.1
  • rh-mysql56-mysql-debuginfo-0:5.6.39-1.el6.1
  • rh-mysql56-mysql-debuginfo-0:5.6.39-1.el7.1
  • rh-mysql56-mysql-devel-0:5.6.39-1.el6.1
  • rh-mysql56-mysql-devel-0:5.6.39-1.el7.1
  • rh-mysql56-mysql-errmsg-0:5.6.39-1.el6.1
  • rh-mysql56-mysql-errmsg-0:5.6.39-1.el7.1
  • rh-mysql56-mysql-server-0:5.6.39-1.el6.1
  • rh-mysql56-mysql-server-0:5.6.39-1.el7.1
  • rh-mysql56-mysql-test-0:5.6.39-1.el6.1
  • rh-mysql56-mysql-test-0:5.6.39-1.el7.1
  • rh-mariadb102-galera-0:25.3.25-1.el6
  • rh-mariadb102-galera-0:25.3.25-1.el7
  • rh-mariadb102-galera-debuginfo-0:25.3.25-1.el6
  • rh-mariadb102-galera-debuginfo-0:25.3.25-1.el7
  • rh-mariadb102-mariadb-1:10.2.22-1.el6
  • rh-mariadb102-mariadb-1:10.2.22-1.el7
  • rh-mariadb102-mariadb-backup-1:10.2.22-1.el6
  • rh-mariadb102-mariadb-backup-1:10.2.22-1.el7
  • rh-mariadb102-mariadb-backup-syspaths-1:10.2.22-1.el6
  • rh-mariadb102-mariadb-backup-syspaths-1:10.2.22-1.el7
  • rh-mariadb102-mariadb-bench-1:10.2.22-1.el6
  • rh-mariadb102-mariadb-bench-1:10.2.22-1.el7
  • rh-mariadb102-mariadb-common-1:10.2.22-1.el6
  • rh-mariadb102-mariadb-common-1:10.2.22-1.el7
  • rh-mariadb102-mariadb-config-1:10.2.22-1.el6
  • rh-mariadb102-mariadb-config-1:10.2.22-1.el7
  • rh-mariadb102-mariadb-config-syspaths-1:10.2.22-1.el6
  • rh-mariadb102-mariadb-config-syspaths-1:10.2.22-1.el7
  • rh-mariadb102-mariadb-debuginfo-1:10.2.22-1.el6
  • rh-mariadb102-mariadb-debuginfo-1:10.2.22-1.el7
  • rh-mariadb102-mariadb-devel-1:10.2.22-1.el6
  • rh-mariadb102-mariadb-devel-1:10.2.22-1.el7
  • rh-mariadb102-mariadb-errmsg-1:10.2.22-1.el6
  • rh-mariadb102-mariadb-errmsg-1:10.2.22-1.el7
  • rh-mariadb102-mariadb-gssapi-client-1:10.2.22-1.el6
  • rh-mariadb102-mariadb-gssapi-client-1:10.2.22-1.el7
  • rh-mariadb102-mariadb-gssapi-server-1:10.2.22-1.el6
  • rh-mariadb102-mariadb-gssapi-server-1:10.2.22-1.el7
  • rh-mariadb102-mariadb-oqgraph-engine-1:10.2.22-1.el6
  • rh-mariadb102-mariadb-oqgraph-engine-1:10.2.22-1.el7
  • rh-mariadb102-mariadb-server-1:10.2.22-1.el6
  • rh-mariadb102-mariadb-server-1:10.2.22-1.el7
  • rh-mariadb102-mariadb-server-galera-1:10.2.22-1.el6
  • rh-mariadb102-mariadb-server-galera-1:10.2.22-1.el7
  • rh-mariadb102-mariadb-server-galera-syspaths-1:10.2.22-1.el6
  • rh-mariadb102-mariadb-server-galera-syspaths-1:10.2.22-1.el7
  • rh-mariadb102-mariadb-server-syspaths-1:10.2.22-1.el6
  • rh-mariadb102-mariadb-server-syspaths-1:10.2.22-1.el7
  • rh-mariadb102-mariadb-server-utils-1:10.2.22-1.el6
  • rh-mariadb102-mariadb-server-utils-1:10.2.22-1.el7
  • rh-mariadb102-mariadb-server-utils-syspaths-1:10.2.22-1.el6
  • rh-mariadb102-mariadb-server-utils-syspaths-1:10.2.22-1.el7
  • rh-mariadb102-mariadb-syspaths-1:10.2.22-1.el6
  • rh-mariadb102-mariadb-syspaths-1:10.2.22-1.el7
  • rh-mariadb102-mariadb-test-1:10.2.22-1.el6
  • rh-mariadb102-mariadb-test-1:10.2.22-1.el7