ID CVE-2014-0437
Summary Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.72 and earlier, 5.5.34 and earlier, and 5.6.14 and earlier allows remote authenticated users to affect availability via unknown vectors related to Optimizer.
References
Vulnerable Configurations
  • MySQL 5.1
    cpe:2.3:a:mysql:mysql:5.1
  • MySQL 5.1.1
    cpe:2.3:a:mysql:mysql:5.1.1
  • MySQL 5.1.10
    cpe:2.3:a:mysql:mysql:5.1.10
  • MySQL 5.1.11
    cpe:2.3:a:mysql:mysql:5.1.11
  • MySQL 5.1.12
    cpe:2.3:a:mysql:mysql:5.1.12
  • MySQL 5.1.13
    cpe:2.3:a:mysql:mysql:5.1.13
  • MySQL 5.1.14
    cpe:2.3:a:mysql:mysql:5.1.14
  • MySQL 5.1.15
    cpe:2.3:a:mysql:mysql:5.1.15
  • MySQL 5.1.16
    cpe:2.3:a:mysql:mysql:5.1.16
  • MySQL 5.1.17
    cpe:2.3:a:mysql:mysql:5.1.17
  • MySQL 5.1.18
    cpe:2.3:a:mysql:mysql:5.1.18
  • MySQL 5.1.19
    cpe:2.3:a:mysql:mysql:5.1.19
  • MySQL 5.1.2
    cpe:2.3:a:mysql:mysql:5.1.2
  • MySQL 5.1.20
    cpe:2.3:a:mysql:mysql:5.1.20
  • MySQL 5.1.21
    cpe:2.3:a:mysql:mysql:5.1.21
  • MySQL 5.1.22
    cpe:2.3:a:mysql:mysql:5.1.22
  • MySQL 5.1.23
    cpe:2.3:a:mysql:mysql:5.1.23
  • MySQL 5.1.23a
    cpe:2.3:a:mysql:mysql:5.1.23:a
  • MySQL 5.1.23_bk
    cpe:2.3:a:mysql:mysql:5.1.23_bk
  • MySQL 5.1.23a
    cpe:2.3:a:mysql:mysql:5.1.23a
  • MySQL 5.1.24
    cpe:2.3:a:mysql:mysql:5.1.24
  • MySQL 5.1.25
    cpe:2.3:a:mysql:mysql:5.1.25
  • MySQL 5.1.26
    cpe:2.3:a:mysql:mysql:5.1.26
  • MySQL 5.1.27
    cpe:2.3:a:mysql:mysql:5.1.27
  • MySQL 5.1.28
    cpe:2.3:a:mysql:mysql:5.1.28
  • MySQL 5.1.29
    cpe:2.3:a:mysql:mysql:5.1.29
  • MySQL 5.1.3
    cpe:2.3:a:mysql:mysql:5.1.3
  • MySQL 5.1.30
    cpe:2.3:a:mysql:mysql:5.1.30
  • MySQL 5.1.31
    cpe:2.3:a:mysql:mysql:5.1.31
  • MySQL 5.1.31 Service Pack 1
    cpe:2.3:a:mysql:mysql:5.1.31:sp1
  • MySQL 5.1.32
    cpe:2.3:a:mysql:mysql:5.1.32
  • MySQL 5.1.32-bzr
    cpe:2.3:a:mysql:mysql:5.1.32-bzr
  • MySQL 5.1.33
    cpe:2.3:a:mysql:mysql:5.1.33
  • MySQL 5.1.34
    cpe:2.3:a:mysql:mysql:5.1.34
  • MySQL 5.1.34 Service Pack 1
    cpe:2.3:a:mysql:mysql:5.1.34:sp1
  • MySQL 5.1.35
    cpe:2.3:a:mysql:mysql:5.1.35
  • MySQL 5.1.36
    cpe:2.3:a:mysql:mysql:5.1.36
  • MySQL 5.1.37
    cpe:2.3:a:mysql:mysql:5.1.37
  • MySQL 5.1.37 Service Pack 1
    cpe:2.3:a:mysql:mysql:5.1.37:sp1
  • MySQL 5.1.38
    cpe:2.3:a:mysql:mysql:5.1.38
  • MySQL 5.1.39
    cpe:2.3:a:mysql:mysql:5.1.39
  • MySQL 5.1.4
    cpe:2.3:a:mysql:mysql:5.1.4
  • MySQL 5.1.40
    cpe:2.3:a:mysql:mysql:5.1.40
  • MySQL 5.1.40 Service Pack 1
    cpe:2.3:a:mysql:mysql:5.1.40:sp1
  • MySQL 5.1.41
    cpe:2.3:a:mysql:mysql:5.1.41
  • MySQL 5.1.42
    cpe:2.3:a:mysql:mysql:5.1.42
  • MySQL 5.1.43
    cpe:2.3:a:mysql:mysql:5.1.43
  • MySQL 5.1.43 Service Pack 1
    cpe:2.3:a:mysql:mysql:5.1.43:sp1
  • MySQL 5.1.44
    cpe:2.3:a:mysql:mysql:5.1.44
  • MySQL 5.1.45
    cpe:2.3:a:mysql:mysql:5.1.45
  • MySQL 5.1.46
    cpe:2.3:a:mysql:mysql:5.1.46
  • MySQL 5.1.46 Service Pack 1
    cpe:2.3:a:mysql:mysql:5.1.46:sp1
  • MySQL 5.1.47
    cpe:2.3:a:mysql:mysql:5.1.47
  • MySQL 5.1.48
    cpe:2.3:a:mysql:mysql:5.1.48
  • MySQL 5.1.49
    cpe:2.3:a:mysql:mysql:5.1.49
  • MySQL 5.1.49 Service Pack 1
    cpe:2.3:a:mysql:mysql:5.1.49:sp1
  • MySQL 5.1.5
    cpe:2.3:a:mysql:mysql:5.1.5
  • MySQL 5.1.50
    cpe:2.3:a:mysql:mysql:5.1.50
  • MySQL 5.1.5a
    cpe:2.3:a:mysql:mysql:5.1.5a
  • MySQL 5.1.6
    cpe:2.3:a:mysql:mysql:5.1.6
  • MySQL 5.1.7
    cpe:2.3:a:mysql:mysql:5.1.7
  • MySQL 5.1.8
    cpe:2.3:a:mysql:mysql:5.1.8
  • MySQL 5.1.9
    cpe:2.3:a:mysql:mysql:5.1.9
  • Oracle MySQL 5.1.51
    cpe:2.3:a:oracle:mysql:5.1.51
  • Oracle MySQL 5.1.52
    cpe:2.3:a:oracle:mysql:5.1.52
  • Oracle MySQL 5.1.52 Service Pack 1
    cpe:2.3:a:oracle:mysql:5.1.52:sp1
  • Oracle MySQL 5.1.53
    cpe:2.3:a:oracle:mysql:5.1.53
  • Oracle MySQL 5.1.54
    cpe:2.3:a:oracle:mysql:5.1.54
  • Oracle MySQL 5.1.55
    cpe:2.3:a:oracle:mysql:5.1.55
  • Oracle MySQL 5.1.56
    cpe:2.3:a:oracle:mysql:5.1.56
  • Oracle MySQL 5.1.57
    cpe:2.3:a:oracle:mysql:5.1.57
  • Oracle MySQL 5.1.58
    cpe:2.3:a:oracle:mysql:5.1.58
  • Oracle MySQL 5.1.59
    cpe:2.3:a:oracle:mysql:5.1.59
  • Oracle MySQL 5.1.60
    cpe:2.3:a:oracle:mysql:5.1.60
  • Oracle MySQL 5.1.61
    cpe:2.3:a:oracle:mysql:5.1.61
  • Oracle MySQL 5.1.62
    cpe:2.3:a:oracle:mysql:5.1.62
  • Oracle MySQL 5.1.63
    cpe:2.3:a:oracle:mysql:5.1.63
  • Oracle MySQL 5.1.64
    cpe:2.3:a:oracle:mysql:5.1.64
  • Oracle MySQL 5.1.65
    cpe:2.3:a:oracle:mysql:5.1.65
  • Oracle MySQL 5.1.66
    cpe:2.3:a:oracle:mysql:5.1.66
  • Oracle MySQL 5.1.67
    cpe:2.3:a:oracle:mysql:5.1.67
  • Oracle MySQL 5.1.68
    cpe:2.3:a:oracle:mysql:5.1.68
  • Oracle MySQL 5.1.69
    cpe:2.3:a:oracle:mysql:5.1.69
  • Oracle MySQL 5.1.70
    cpe:2.3:a:oracle:mysql:5.1.70
  • Oracle MySQL 5.1.71
    cpe:2.3:a:oracle:mysql:5.1.71
  • Oracle MySQL 5.1.72
    cpe:2.3:a:oracle:mysql:5.1.72
  • MySQL 5.5.0
    cpe:2.3:a:mysql:mysql:5.5.0
  • MySQL 5.5.1
    cpe:2.3:a:mysql:mysql:5.5.1
  • MySQL 5.5.2
    cpe:2.3:a:mysql:mysql:5.5.2
  • MySQL 5.5.3
    cpe:2.3:a:mysql:mysql:5.5.3
  • MySQL 5.5.4
    cpe:2.3:a:mysql:mysql:5.5.4
  • MySQL 5.5.5
    cpe:2.3:a:mysql:mysql:5.5.5
  • MySQL 5.5.6
    cpe:2.3:a:mysql:mysql:5.5.6
  • MySQL 5.5.7
    cpe:2.3:a:mysql:mysql:5.5.7
  • MySQL 5.5.8
    cpe:2.3:a:mysql:mysql:5.5.8
  • MySQL 5.5.9
    cpe:2.3:a:mysql:mysql:5.5.9
  • Oracle MySQL 5.5.10
    cpe:2.3:a:oracle:mysql:5.5.10
  • Oracle MySQL 5.5.11
    cpe:2.3:a:oracle:mysql:5.5.11
  • Oracle MySQL 5.5.12
    cpe:2.3:a:oracle:mysql:5.5.12
  • Oracle MySQL 5.5.13
    cpe:2.3:a:oracle:mysql:5.5.13
  • Oracle MySQL 5.5.14
    cpe:2.3:a:oracle:mysql:5.5.14
  • Oracle MySQL 5.5.15
    cpe:2.3:a:oracle:mysql:5.5.15
  • Oracle MySQL 5.5.16
    cpe:2.3:a:oracle:mysql:5.5.16
  • Oracle MySQL 5.5.17
    cpe:2.3:a:oracle:mysql:5.5.17
  • Oracle MySQL 5.5.18
    cpe:2.3:a:oracle:mysql:5.5.18
  • Oracle MySQL 5.5.19
    cpe:2.3:a:oracle:mysql:5.5.19
  • Oracle MySQL 5.5.20
    cpe:2.3:a:oracle:mysql:5.5.20
  • Oracle MySQL 5.5.21
    cpe:2.3:a:oracle:mysql:5.5.21
  • Oracle MySQL 5.5.22
    cpe:2.3:a:oracle:mysql:5.5.22
  • Oracle MySQL 5.5.23
    cpe:2.3:a:oracle:mysql:5.5.23
  • Oracle MySQL 5.5.24
    cpe:2.3:a:oracle:mysql:5.5.24
  • Oracle MySQL 5.5.25
    cpe:2.3:a:oracle:mysql:5.5.25
  • Oracle MySQL 5.5.25a
    cpe:2.3:a:oracle:mysql:5.5.25:a
  • Oracle MySQL 5.5.26
    cpe:2.3:a:oracle:mysql:5.5.26
  • Oracle MySQL 5.5.27
    cpe:2.3:a:oracle:mysql:5.5.27
  • Oracle MySQL 5.5.28
    cpe:2.3:a:oracle:mysql:5.5.28
  • Oracle MySQL 5.5.29
    cpe:2.3:a:oracle:mysql:5.5.29
  • Oracle MySQL 5.5.30
    cpe:2.3:a:oracle:mysql:5.5.30
  • Oracle MySQL 5.5.31
    cpe:2.3:a:oracle:mysql:5.5.31
  • Oracle MySQL 5.5.32
    cpe:2.3:a:oracle:mysql:5.5.32
  • Oracle MySQL 5.5.33
    cpe:2.3:a:oracle:mysql:5.5.33
  • Oracle MySQL 5.5.34
    cpe:2.3:a:oracle:mysql:5.5.34
  • Oracle MySQL 5.6.0
    cpe:2.3:a:oracle:mysql:5.6.0
  • Oracle MySQL 5.6.1
    cpe:2.3:a:oracle:mysql:5.6.1
  • Oracle MySQL 5.6.10
    cpe:2.3:a:oracle:mysql:5.6.10
  • Oracle MySQL 5.6.11
    cpe:2.3:a:oracle:mysql:5.6.11
  • Oracle MySQL 5.6.12
    cpe:2.3:a:oracle:mysql:5.6.12
  • Oracle MySQL 5.6.13
    cpe:2.3:a:oracle:mysql:5.6.13
  • Oracle MySQL 5.6.14
    cpe:2.3:a:oracle:mysql:5.6.14
  • Oracle MySQL 5.6.2
    cpe:2.3:a:oracle:mysql:5.6.2
  • Oracle MySQL 5.6.3
    cpe:2.3:a:oracle:mysql:5.6.3
  • Oracle MySQL 5.6.4
    cpe:2.3:a:oracle:mysql:5.6.4
  • Oracle MySQL 5.6.5
    cpe:2.3:a:oracle:mysql:5.6.5
  • Oracle MySQL 5.6.6
    cpe:2.3:a:oracle:mysql:5.6.6
  • Oracle MySQL 5.6.7
    cpe:2.3:a:oracle:mysql:5.6.7
  • Oracle MySQL 5.6.8
    cpe:2.3:a:oracle:mysql:5.6.8
  • Oracle MySQL 5.6.9
    cpe:2.3:a:oracle:mysql:5.6.9
CVSS
Base: 3.5 (as of 16-01-2014 - 10:40)
Impact:
Exploitability:
Access
VectorComplexityAuthentication
NETWORK MEDIUM SINGLE_INSTANCE
Impact
ConfidentialityIntegrityAvailability
NONE NONE PARTIAL
nessus via4
  • NASL family OracleVM Local Security Checks
    NASL id ORACLEVM_OVMSA-2017-0035.NASL
    description The remote OracleVM system is missing necessary patches to address critical security updates : - fix date in the test - Fix (CVE-2016-6662, CVE-2016-6663) Resolves: #1397309 - Fixed reload_acl_and_cache Resolves: #1281370 - Add support for TLSv1.1 and TLSv1.2 - Fixed test events_1 (end date in past) Resolves: #1287048
    last seen 2019-02-21
    modified 2018-07-24
    plugin id 96790
    published 2017-01-26
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=96790
    title OracleVM 3.3 / 3.4 : mysql (OVMSA-2017-0035)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2014-0186.NASL
    description Updated mysql55-mysql packages that fix several security issues are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon (mysqld) and many client programs and libraries. This update fixes several vulnerabilities in the MySQL database server. Information about these flaws can be found on the Oracle Critical Patch Update Advisory page, listed in the References section. (CVE-2013-5807, CVE-2013-5891, CVE-2014-0386, CVE-2014-0393, CVE-2014-0401, CVE-2014-0402, CVE-2014-0412, CVE-2014-0420, CVE-2014-0437, CVE-2013-3839, CVE-2013-5908) A buffer overflow flaw was found in the way the MySQL command line client tool (mysql) processed excessively long version strings. If a user connected to a malicious MySQL server via the mysql client, the server could use this flaw to crash the mysql client or, potentially, execute arbitrary code as the user running the mysql client. (CVE-2014-0001) The CVE-2014-0001 issue was discovered by Garth Mollett of the Red Hat Security Response Team. These updated packages upgrade MySQL to version 5.5.36. Refer to the MySQL Release Notes listed in the References section for a complete list of changes. All MySQL users should upgrade to these updated packages, which correct these issues. After installing this update, the MySQL server daemon (mysqld) will be restarted automatically.
    last seen 2019-02-21
    modified 2018-11-26
    plugin id 72568
    published 2014-02-19
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=72568
    title RHEL 5 : mysql55-mysql (RHSA-2014:0186)
  • NASL family Databases
    NASL id MYSQL_5_1_73.NASL
    description The version of MySQL installed on the remote host is 5.1.x prior to 5.1.73. It is, therefore, reportedly affected by vulnerabilities in the following components : - Error Handling - InnoDB - Optimizer - Privileges
    last seen 2019-02-21
    modified 2018-11-15
    plugin id 71972
    published 2014-01-15
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=71972
    title MySQL 5.1.x < 5.1.73 Multiple Vulnerabilities
  • NASL family Gentoo Local Security Checks
    NASL id GENTOO_GLSA-201409-04.NASL
    description The remote host is affected by the vulnerability described in GLSA-201409-04 (MySQL: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in MySQL. Please review the CVE identifiers referenced below for details. Impact : A local attacker could possibly gain escalated privileges. A remote attacker could send a specially crafted SQL query, possibly resulting in a Denial of Service condition. A remote attacker could entice a user to connect to specially crafted MySQL server, possibly resulting in execution of arbitrary code with the privileges of the process. Workaround : There is no known workaround at this time.
    last seen 2019-02-21
    modified 2018-07-12
    plugin id 77548
    published 2014-09-05
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=77548
    title GLSA-201409-04 : MySQL: Multiple vulnerabilities
  • NASL family SuSE Local Security Checks
    NASL id SUSE_11_LIBMYSQL55CLIENT18-140527.NASL
    description MySQL was updated to version 5.5.37 to address various security issues. More information is available at http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.h tml#AppendixMSQL and http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.h tml#AppendixMSQL .
    last seen 2019-02-21
    modified 2014-06-07
    plugin id 74373
    published 2014-06-07
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=74373
    title SuSE 11.3 Security Update : MySQL (SAT Patch Number 9303)
  • NASL family Scientific Linux Local Security Checks
    NASL id SL_20140212_MYSQL_ON_SL6_X.NASL
    description (CVE-2014-0386, CVE-2014-0393, CVE-2014-0401, CVE-2014-0402, CVE-2014-0412, CVE-2014-0437, CVE-2013-5908) A buffer overflow flaw was found in the way the MySQL command line client tool (mysql) processed excessively long version strings. If a user connected to a malicious MySQL server via the mysql client, the server could use this flaw to crash the mysql client or, potentially, execute arbitrary code as the user running the mysql client. (CVE-2014-0001) This update also fixes the following bug : - Prior to this update, MySQL did not check whether a MySQL socket was actually being used by any process before starting the mysqld service. If a particular mysqld service did not exit cleanly while a socket was being used by a process, this socket was considered to be still in use during the next start-up of this service, which resulted in a failure to start the service up. With this update, if a socket exists but is not used by any process, it is ignored during the mysqld service start-up. After installing this update, the MySQL server daemon (mysqld) will be restarted automatically.
    last seen 2019-02-21
    modified 2018-12-28
    plugin id 72477
    published 2014-02-13
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=72477
    title Scientific Linux Security Update : mysql on SL6.x i386/x86_64
  • NASL family CentOS Local Security Checks
    NASL id CENTOS_RHSA-2014-0186.NASL
    description Updated mysql55-mysql packages that fix several security issues are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon (mysqld) and many client programs and libraries. This update fixes several vulnerabilities in the MySQL database server. Information about these flaws can be found on the Oracle Critical Patch Update Advisory page, listed in the References section. (CVE-2013-5807, CVE-2013-5891, CVE-2014-0386, CVE-2014-0393, CVE-2014-0401, CVE-2014-0402, CVE-2014-0412, CVE-2014-0420, CVE-2014-0437, CVE-2013-3839, CVE-2013-5908) A buffer overflow flaw was found in the way the MySQL command line client tool (mysql) processed excessively long version strings. If a user connected to a malicious MySQL server via the mysql client, the server could use this flaw to crash the mysql client or, potentially, execute arbitrary code as the user running the mysql client. (CVE-2014-0001) The CVE-2014-0001 issue was discovered by Garth Mollett of the Red Hat Security Response Team. These updated packages upgrade MySQL to version 5.5.36. Refer to the MySQL Release Notes listed in the References section for a complete list of changes. All MySQL users should upgrade to these updated packages, which correct these issues. After installing this update, the MySQL server daemon (mysqld) will be restarted automatically.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 72592
    published 2014-02-20
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=72592
    title CentOS 5 : mysql55-mysql (CESA-2014:0186)
  • NASL family CentOS Local Security Checks
    NASL id CENTOS_RHSA-2014-0173.NASL
    description The remote CentOS host is missing a security update which has been documented in Red Hat advisory RHSA-2014:0173.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 72863
    published 2014-03-07
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=72863
    title CentOS 6 : mysql55-mysql (CESA-2014:0173)
  • NASL family CentOS Local Security Checks
    NASL id CENTOS_RHSA-2014-0189.NASL
    description The remote CentOS host is missing a security update which has been documented in Red Hat advisory RHSA-2014:0189.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 72864
    published 2014-03-07
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=72864
    title CentOS 6 : mariadb55-mariadb (CESA-2014:0189)
  • NASL family Mandriva Local Security Checks
    NASL id MANDRIVA_MDVSA-2015-091.NASL
    description This update provides MariaDB 5.5.42, which fixes several security issues and other bugs. Please refer to the Oracle Critical Patch Update Advisories and the Release Notes for MariaDB for further information regarding the security vulnerabilities. Additionally the jemalloc packages is being provided as it was previousely provided with the mariadb source code, built and used but removed from the mariadb source code since 5.5.40.
    last seen 2019-02-21
    modified 2018-11-15
    plugin id 82344
    published 2015-03-30
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=82344
    title Mandriva Linux Security Advisory : mariadb (MDVSA-2015:091)
  • NASL family Mandriva Local Security Checks
    NASL id MANDRIVA_MDVSA-2014-028.NASL
    description Multiple vulnerabilities has been discovered and corrected in mariadb : Buffer overflow in client/mysql.cc in Oracle MySQL and MariaDB before 5.5.35 allows remote database servers to cause a denial of service (crash) and possibly execute arbitrary code via a long server version string (CVE-2014-0001). Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.72 and earlier, 5.5.34 and earlier, and 5.6.14 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB (CVE-2014-0412). Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.72 and earlier, 5.5.34 and earlier, and 5.6.14 and earlier allows remote authenticated users to affect availability via unknown vectors related to Optimizer (CVE-2014-0437). Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.72 and earlier, 5.5.34 and earlier, and 5.6.14 and earlier allows remote attackers to affect availability via unknown vectors related to Error Handling (CVE-2013-5908). Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.34 and earlier, and 5.6.14 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Replication (CVE-2014-0420). Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.71 and earlier, 5.5.33 and earlier, and 5.6.13 and earlier allows remote authenticated users to affect integrity via unknown vectors related to InnoDB (CVE-2014-0393). Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.33 and earlier and 5.6.13 and earlier allows remote authenticated users to affect availability via unknown vectors related to Partition (CVE-2013-5891). Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.71 and earlier, 5.5.33 and earlier, and 5.6.13 and earlier allows remote authenticated users to affect availability via unknown vectors related to Optimizer (CVE-2014-0386). Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.72 and earlier, 5.5.34 and earlier, and 5.6.14 and earlier allows remote authenticated users to affect availability via unknown vectors (CVE-2014-0401). Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.71 and earlier, 5.5.33 and earlier, and 5.6.13 and earlier allows remote authenticated users to affect availability via unknown vectors related to Locking (CVE-2014-0402). The updated packages have been upgraded to the 5.5.35 version which is not vulnerable to these issues.
    last seen 2019-02-21
    modified 2018-11-15
    plugin id 72495
    published 2014-02-14
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=72495
    title Mandriva Linux Security Advisory : mariadb (MDVSA-2014:028)
  • NASL family Debian Local Security Checks
    NASL id DEBIAN_DSA-2848.NASL
    description Several issues have been discovered in the MySQL database server. The vulnerabilities are addressed by upgrading MySQL to the new upstream version 5.5.35. Please see the MySQL 5.5 Release Notes and Oracle's Critical Patch Update advisory for further details : - http://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5- 34.html - http://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5- 35.html - http://www.oracle.com/technetwork/topics/security/cpujan 2014-1972949.html
    last seen 2019-02-21
    modified 2018-11-19
    plugin id 72109
    published 2014-01-24
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=72109
    title Debian DSA-2848-1 : mysql-5.5 - several vulnerabilities
  • NASL family Databases
    NASL id MYSQL_5_6_15.NASL
    description The version of MySQL installed on the remote host is 5.6.x older than 5.6.15. As such, it is reportedly affected by vulnerabilities in the following components : - Error Handling - GIS - InnoDB - Privileges - Optimizer - Replication
    last seen 2019-02-21
    modified 2018-11-15
    plugin id 71976
    published 2014-01-15
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=71976
    title MySQL 5.6.x < 5.6.15 Multiple Vulnerabilities
  • NASL family Oracle Linux Local Security Checks
    NASL id ORACLELINUX_ELSA-2014-0186.NASL
    description From Red Hat Security Advisory 2014:0186 : Updated mysql55-mysql packages that fix several security issues are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon (mysqld) and many client programs and libraries. This update fixes several vulnerabilities in the MySQL database server. Information about these flaws can be found on the Oracle Critical Patch Update Advisory page, listed in the References section. (CVE-2013-5807, CVE-2013-5891, CVE-2014-0386, CVE-2014-0393, CVE-2014-0401, CVE-2014-0402, CVE-2014-0412, CVE-2014-0420, CVE-2014-0437, CVE-2013-3839, CVE-2013-5908) A buffer overflow flaw was found in the way the MySQL command line client tool (mysql) processed excessively long version strings. If a user connected to a malicious MySQL server via the mysql client, the server could use this flaw to crash the mysql client or, potentially, execute arbitrary code as the user running the mysql client. (CVE-2014-0001) The CVE-2014-0001 issue was discovered by Garth Mollett of the Red Hat Security Response Team. These updated packages upgrade MySQL to version 5.5.36. Refer to the MySQL Release Notes listed in the References section for a complete list of changes. All MySQL users should upgrade to these updated packages, which correct these issues. After installing this update, the MySQL server daemon (mysqld) will be restarted automatically.
    last seen 2019-02-21
    modified 2018-07-18
    plugin id 72566
    published 2014-02-19
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=72566
    title Oracle Linux 5 : mysql55-mysql (ELSA-2014-0186)
  • NASL family F5 Networks Local Security Checks
    NASL id F5_BIGIP_SOL16389.NASL
    description CVE-2013-5908 Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.72 and earlier, 5.5.34 and earlier, and 5.6.14 and earlier allows remote attackers to affect availability via unknown vectors related to Error Handling. CVE-2014-0401 Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.72 and earlier, 5.5.34 and earlier, and 5.6.14 and earlier allows remote authenticated users to affect availability via unknown vectors. CVE-2014-0437 Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.72 and earlier, 5.5.34 and earlier, and 5.6.14 and earlier allows remote authenticated users to affect availability via unknown vectors related to Optimizer. CVE-2014-0393 Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.71 and earlier, 5.5.33 and earlier, and 5.6.13 and earlier allows remote authenticated users to affect integrity via unknown vectors related to InnoDB. CVE-2014-0386 Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.71 and earlier, 5.5.33 and earlier, and 5.6.13 and earlier allows remote authenticated users to affect availability via unknown vectors related to Optimizer. CVE-2014-0412 Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.72 and earlier, 5.5.34 and earlier, and 5.6.14 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB. CVE-2014-0402 Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.71 and earlier, 5.5.33 and earlier, and 5.6.13 and earlier allows remote authenticated users to affect availability via unknown vectors related to Locking.
    last seen 2019-02-21
    modified 2019-01-04
    plugin id 82672
    published 2015-04-10
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=82672
    title F5 Networks BIG-IP : Multiple MySQL vulnerabilities (K16389)
  • NASL family Debian Local Security Checks
    NASL id DEBIAN_DSA-2845.NASL
    description This DSA updates the MySQL 5.1 database to 5.1.73. This fixes multiple unspecified security problems in MySQL: http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.h tml
    last seen 2019-02-21
    modified 2018-11-13
    plugin id 72010
    published 2014-01-20
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=72010
    title Debian DSA-2845-1 : mysql-5.1 - several vulnerabilities
  • NASL family CentOS Local Security Checks
    NASL id CENTOS_RHSA-2014-0164.NASL
    description Updated mysql packages that fix several security issues and one bug are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon (mysqld) and many client programs and libraries. This update fixes several vulnerabilities in the MySQL database server. Information about these flaws can be found on the Oracle Critical Patch Update Advisory page, listed in the References section. (CVE-2014-0386, CVE-2014-0393, CVE-2014-0401, CVE-2014-0402, CVE-2014-0412, CVE-2014-0437, CVE-2013-5908) A buffer overflow flaw was found in the way the MySQL command line client tool (mysql) processed excessively long version strings. If a user connected to a malicious MySQL server via the mysql client, the server could use this flaw to crash the mysql client or, potentially, execute arbitrary code as the user running the mysql client. (CVE-2014-0001) The CVE-2014-0001 issue was discovered by Garth Mollett of the Red Hat Security Response Team. This update also fixes the following bug : * Prior to this update, MySQL did not check whether a MySQL socket was actually being used by any process before starting the mysqld service. If a particular mysqld service did not exit cleanly while a socket was being used by a process, this socket was considered to be still in use during the next start-up of this service, which resulted in a failure to start the service up. With this update, if a socket exists but is not used by any process, it is ignored during the mysqld service start-up. (BZ#1058719) These updated packages upgrade MySQL to version 5.1.73. Refer to the MySQL Release Notes listed in the References section for a complete list of changes. All MySQL users should upgrade to these updated packages, which correct these issues. After installing this update, the MySQL server daemon (mysqld) will be restarted automatically.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 72491
    published 2014-02-14
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=72491
    title CentOS 6 : mysql (CESA-2014:0164)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2014-0164.NASL
    description Updated mysql packages that fix several security issues and one bug are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon (mysqld) and many client programs and libraries. This update fixes several vulnerabilities in the MySQL database server. Information about these flaws can be found on the Oracle Critical Patch Update Advisory page, listed in the References section. (CVE-2014-0386, CVE-2014-0393, CVE-2014-0401, CVE-2014-0402, CVE-2014-0412, CVE-2014-0437, CVE-2013-5908) A buffer overflow flaw was found in the way the MySQL command line client tool (mysql) processed excessively long version strings. If a user connected to a malicious MySQL server via the mysql client, the server could use this flaw to crash the mysql client or, potentially, execute arbitrary code as the user running the mysql client. (CVE-2014-0001) The CVE-2014-0001 issue was discovered by Garth Mollett of the Red Hat Security Response Team. This update also fixes the following bug : * Prior to this update, MySQL did not check whether a MySQL socket was actually being used by any process before starting the mysqld service. If a particular mysqld service did not exit cleanly while a socket was being used by a process, this socket was considered to be still in use during the next start-up of this service, which resulted in a failure to start the service up. With this update, if a socket exists but is not used by any process, it is ignored during the mysqld service start-up. (BZ#1058719) These updated packages upgrade MySQL to version 5.1.73. Refer to the MySQL Release Notes listed in the References section for a complete list of changes. All MySQL users should upgrade to these updated packages, which correct these issues. After installing this update, the MySQL server daemon (mysqld) will be restarted automatically.
    last seen 2019-02-21
    modified 2018-11-26
    plugin id 72474
    published 2014-02-13
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=72474
    title RHEL 6 : mysql (RHSA-2014:0164)
  • NASL family Databases
    NASL id MARIADB_5_5_35.NASL
    description The version of MariaDB 5.5 running on the remote host is a version prior to 5.5.35. It is, therefore, potentially affected by the following vulnerabilities : - Errors exist related to the following subcomponents : Error Handling, FTS, GIS, InnoDB, Locking, Optimizer, Partition, Performance Schema, Privileges, Replication, and Thread Pooling. (CVE-2013-5860, CVE-2013-5881, CVE-2013-5891, CVE-2013-5894, CVE-2013-5908, CVE-2014-0386, CVE-2014-0393, CVE-2014-0401, CVE-2014-0402, CVE-2014-0412, CVE-2014-0420, CVE-2014-0427, CVE-2014-0430, CVE-2014-0431, CVE-2014-0433, CVE-2014-0437) - An unspecified error exists related to stored procedures handling that could allow denial of service attacks. (CVE-2013-5882) - An error exists in the file 'client/mysql.cc' that could allow a buffer overflow leading to denial of service or possibly arbitrary code execution. (CVE-2014-0001)
    last seen 2019-02-21
    modified 2018-11-15
    plugin id 72374
    published 2014-02-06
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=72374
    title MariaDB 5.5 < 5.5.35 Multiple Vulnerabilities
  • NASL family Oracle Linux Local Security Checks
    NASL id ORACLELINUX_ELSA-2014-0164.NASL
    description From Red Hat Security Advisory 2014:0164 : Updated mysql packages that fix several security issues and one bug are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon (mysqld) and many client programs and libraries. This update fixes several vulnerabilities in the MySQL database server. Information about these flaws can be found on the Oracle Critical Patch Update Advisory page, listed in the References section. (CVE-2014-0386, CVE-2014-0393, CVE-2014-0401, CVE-2014-0402, CVE-2014-0412, CVE-2014-0437, CVE-2013-5908) A buffer overflow flaw was found in the way the MySQL command line client tool (mysql) processed excessively long version strings. If a user connected to a malicious MySQL server via the mysql client, the server could use this flaw to crash the mysql client or, potentially, execute arbitrary code as the user running the mysql client. (CVE-2014-0001) The CVE-2014-0001 issue was discovered by Garth Mollett of the Red Hat Security Response Team. This update also fixes the following bug : * Prior to this update, MySQL did not check whether a MySQL socket was actually being used by any process before starting the mysqld service. If a particular mysqld service did not exit cleanly while a socket was being used by a process, this socket was considered to be still in use during the next start-up of this service, which resulted in a failure to start the service up. With this update, if a socket exists but is not used by any process, it is ignored during the mysqld service start-up. (BZ#1058719) These updated packages upgrade MySQL to version 5.1.73. Refer to the MySQL Release Notes listed in the References section for a complete list of changes. All MySQL users should upgrade to these updated packages, which correct these issues. After installing this update, the MySQL server daemon (mysqld) will be restarted automatically.
    last seen 2019-02-21
    modified 2018-07-18
    plugin id 72471
    published 2014-02-13
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=72471
    title Oracle Linux 6 : mysql (ELSA-2014-0164)
  • NASL family Ubuntu Local Security Checks
    NASL id UBUNTU_USN-2086-1.NASL
    description Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to 5.1.73 in Ubuntu 10.04 LTS. Ubuntu 12.04 LTS, Ubuntu 12.10, and Ubuntu 13.10 have been updated to MySQL 5.5.35. In addition to security fixes, the updated packages contain bug fixes, new features, and possibly incompatible changes. Please see the following for more information: http://dev.mysql.com/doc/relnotes/mysql/5.1/en/news-5-1-73.html http://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-35.html http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.h tml. Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-12-01
    plugin id 72089
    published 2014-01-22
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=72089
    title Ubuntu 10.04 LTS / 12.04 LTS / 12.10 / 13.10 : mysql-5.5, mysql-dfsg-5.1 vulnerabilities (USN-2086-1)
  • NASL family Scientific Linux Local Security Checks
    NASL id SL_20140218_MYSQL55_MYSQL_ON_SL5_X.NASL
    description A buffer overflow flaw was found in the way the MySQL command line client tool (mysql) processed excessively long version strings. If a user connected to a malicious MySQL server via the mysql client, the server could use this flaw to crash the mysql client or, potentially, execute arbitrary code as the user running the mysql client. (CVE-2014-0001) Upstream does not issue any more security advisories for the MySQL 5.0 packages (mysql-5.0.* and related packages). The only trusted way to upgrade from MySQL 5.0 to MySQL 5.5 is by using MySQL 5.1 as an intermediate step. This is why the mysql51* Software Collection packages are provided. Note that the MySQL 5.1 packages are not supported and are provided only for the purposes of migrating to MySQL 5.5. You should not use the mysql51* packages on any of your production systems. Specific instructions for this migration are provided by the upstream Deployment Guide. After installing this update, the MySQL server daemon (mysqld) will be restarted automatically.
    last seen 2019-02-21
    modified 2018-12-28
    plugin id 72569
    published 2014-02-19
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=72569
    title Scientific Linux Security Update : mysql55-mysql on SL5.x i386/x86_64
  • NASL family Amazon Linux Local Security Checks
    NASL id ALA_ALAS-2014-298.NASL
    description This update fixes several vulnerabilities in the MySQL database server. (CVE-2014-0386 , CVE-2014-0393 , CVE-2014-0401 , CVE-2014-0402 , CVE-2014-0412 , CVE-2014-0437 , CVE-2013-5908) A buffer overflow flaw was found in the way the MySQL command line client tool (mysql) processed excessively long version strings. If a user connected to a malicious MySQL server via the mysql client, the server could use this flaw to crash the mysql client or, potentially, execute arbitrary code as the user running the mysql client. (CVE-2014-0001)
    last seen 2019-02-21
    modified 2018-04-18
    plugin id 72946
    published 2014-03-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=72946
    title Amazon Linux AMI : mysql51 (ALAS-2014-298)
  • NASL family Databases
    NASL id MYSQL_5_5_35.NASL
    description The version of MySQL installed on the remote host is version 5.5.x prior to 5.5.35. It is, therefore, potentially affected by vulnerabilities in the following components : - Error Handling - InnoDB - Privileges - Optimizer - Replication
    last seen 2019-02-21
    modified 2018-11-15
    plugin id 71974
    published 2014-01-15
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=71974
    title MySQL 5.5.x < 5.5.35 Multiple Vulnerabilities
redhat via4
advisories
  • bugzilla
    id 1058719
    title MySQL server does not restart after unclean reboot
    oval
    AND
    • OR
      • comment Red Hat Enterprise Linux 6 Client is installed
        oval oval:com.redhat.rhba:tst:20111656001
      • comment Red Hat Enterprise Linux 6 Server is installed
        oval oval:com.redhat.rhba:tst:20111656002
      • comment Red Hat Enterprise Linux 6 Workstation is installed
        oval oval:com.redhat.rhba:tst:20111656003
      • comment Red Hat Enterprise Linux 6 ComputeNode is installed
        oval oval:com.redhat.rhba:tst:20111656004
    • OR
      • AND
        • comment mysql is earlier than 0:5.1.73-3.el6_5
          oval oval:com.redhat.rhsa:tst:20140164005
        • comment mysql is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhba:tst:20131647006
      • AND
        • comment mysql-bench is earlier than 0:5.1.73-3.el6_5
          oval oval:com.redhat.rhsa:tst:20140164013
        • comment mysql-bench is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhba:tst:20131647020
      • AND
        • comment mysql-devel is earlier than 0:5.1.73-3.el6_5
          oval oval:com.redhat.rhsa:tst:20140164009
        • comment mysql-devel is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhba:tst:20131647008
      • AND
        • comment mysql-embedded is earlier than 0:5.1.73-3.el6_5
          oval oval:com.redhat.rhsa:tst:20140164011
        • comment mysql-embedded is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhba:tst:20131647012
      • AND
        • comment mysql-embedded-devel is earlier than 0:5.1.73-3.el6_5
          oval oval:com.redhat.rhsa:tst:20140164019
        • comment mysql-embedded-devel is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhba:tst:20131647014
      • AND
        • comment mysql-libs is earlier than 0:5.1.73-3.el6_5
          oval oval:com.redhat.rhsa:tst:20140164007
        • comment mysql-libs is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhba:tst:20131647010
      • AND
        • comment mysql-server is earlier than 0:5.1.73-3.el6_5
          oval oval:com.redhat.rhsa:tst:20140164017
        • comment mysql-server is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhba:tst:20131647018
      • AND
        • comment mysql-test is earlier than 0:5.1.73-3.el6_5
          oval oval:com.redhat.rhsa:tst:20140164015
        • comment mysql-test is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhba:tst:20131647016
    rhsa
    id RHSA-2014:0164
    released 2014-02-12
    severity Moderate
    title RHSA-2014:0164: mysql security and bug fix update (Moderate)
  • bugzilla
    id 1054592
    title CVE-2014-0001 mysql: command-line tool buffer overflow via long server version string
    oval
    AND
    • comment Red Hat Enterprise Linux 5 is installed
      oval oval:com.redhat.rhba:tst:20070331001
    • OR
      • AND
        • comment mysql55-mysql is earlier than 0:5.5.36-2.el5
          oval oval:com.redhat.rhsa:tst:20140186002
        • comment mysql55-mysql is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20140186003
      • AND
        • comment mysql55-mysql-bench is earlier than 0:5.5.36-2.el5
          oval oval:com.redhat.rhsa:tst:20140186008
        • comment mysql55-mysql-bench is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20140186009
      • AND
        • comment mysql55-mysql-devel is earlier than 0:5.5.36-2.el5
          oval oval:com.redhat.rhsa:tst:20140186010
        • comment mysql55-mysql-devel is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20140186011
      • AND
        • comment mysql55-mysql-libs is earlier than 0:5.5.36-2.el5
          oval oval:com.redhat.rhsa:tst:20140186004
        • comment mysql55-mysql-libs is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20140186005
      • AND
        • comment mysql55-mysql-server is earlier than 0:5.5.36-2.el5
          oval oval:com.redhat.rhsa:tst:20140186006
        • comment mysql55-mysql-server is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20140186007
      • AND
        • comment mysql55-mysql-test is earlier than 0:5.5.36-2.el5
          oval oval:com.redhat.rhsa:tst:20140186012
        • comment mysql55-mysql-test is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20140186013
    rhsa
    id RHSA-2014:0186
    released 2014-02-18
    severity Moderate
    title RHSA-2014:0186: mysql55-mysql security update (Moderate)
  • rhsa
    id RHSA-2014:0173
  • rhsa
    id RHSA-2014:0189
rpms
  • mysql-0:5.1.73-3.el6_5
  • mysql-bench-0:5.1.73-3.el6_5
  • mysql-devel-0:5.1.73-3.el6_5
  • mysql-embedded-0:5.1.73-3.el6_5
  • mysql-embedded-devel-0:5.1.73-3.el6_5
  • mysql-libs-0:5.1.73-3.el6_5
  • mysql-server-0:5.1.73-3.el6_5
  • mysql-test-0:5.1.73-3.el6_5
  • mysql55-mysql-0:5.5.36-2.el5
  • mysql55-mysql-bench-0:5.5.36-2.el5
  • mysql55-mysql-devel-0:5.5.36-2.el5
  • mysql55-mysql-libs-0:5.5.36-2.el5
  • mysql55-mysql-server-0:5.5.36-2.el5
  • mysql55-mysql-test-0:5.5.36-2.el5
refmap via4
bid
  • 64758
  • 64849
confirm http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html
debian
  • DSA-2845
  • DSA-2848
gentoo GLSA-201409-04
osvdb 102074
secunia
  • 56491
  • 56541
  • 56580
ubuntu USN-2086-1
xf oracle-cpujan2014-cve20140437(90385)
Last major update 06-01-2017 - 21:59
Published 15-01-2014 - 11:08
Last modified 28-08-2017 - 21:34
Back to Top