ID CVE-2015-0432
Summary Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier allows remote authenticated users to affect availability via vectors related to Server : InnoDB : DDL : Foreign Key.
References
Vulnerable Configurations
  • Oracle Solaris 11.3
    cpe:2.3:o:oracle:solaris:11.3
  • Novell SUSE Linux Enterprise Desktop 11.0 Service Pack 3
    cpe:2.3:o:novell:suse_linux_enterprise_desktop:11.0:sp3
  • Debian Linux 7.0
    cpe:2.3:o:debian:debian_linux:7.0
  • Canonical Ubuntu Linux 12.04 LTS
    cpe:2.3:o:canonical:ubuntu_linux:12.04:-:-:-:lts
  • Canonical Ubuntu Linux 14.10
    cpe:2.3:o:canonical:ubuntu_linux:14.10
  • Canonical Ubuntu Linux 14.04 LTS (Long-Term Support)
    cpe:2.3:o:canonical:ubuntu_linux:14.04:-:-:-:lts
  • Oracle MySQL 5.5.40
    cpe:2.3:a:oracle:mysql:5.5.40
  • RedHat Enterprise Linux HPC Node 7.0
    cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0
  • RedHat Enterprise Linux Server 7.0
    cpe:2.3:o:redhat:enterprise_linux_server:7.0
  • RedHat Enterprise Linux Workstation 7.0
    cpe:2.3:o:redhat:enterprise_linux_workstation:7.0
  • RedHat Enterprise Linux Desktop 7.0
    cpe:2.3:o:redhat:enterprise_linux_desktop:7.0
CVSS
Base: 4.0 (as of 20-10-2016 - 12:49)
Impact:
Exploitability:
Access
VectorComplexityAuthentication
NETWORK LOW SINGLE_INSTANCE
Impact
ConfidentialityIntegrityAvailability
NONE NONE PARTIAL
redhat via4
advisories
  • bugzilla
    id 1184561
    title CVE-2015-0432 mysql: unspecified vulnerability related to Server:InnoDB:DDL:Foreign Key (CPU Jan 2015)
    oval
    AND
    • OR
      • comment Red Hat Enterprise Linux 7 Client is installed
        oval oval:com.redhat.rhsa:tst:20140675001
      • comment Red Hat Enterprise Linux 7 Server is installed
        oval oval:com.redhat.rhsa:tst:20140675002
      • comment Red Hat Enterprise Linux 7 Workstation is installed
        oval oval:com.redhat.rhsa:tst:20140675003
      • comment Red Hat Enterprise Linux 7 ComputeNode is installed
        oval oval:com.redhat.rhsa:tst:20140675004
    • OR
      • AND
        • comment mariadb is earlier than 1:5.5.41-2.el7_0
          oval oval:com.redhat.rhsa:tst:20150118005
        • comment mariadb is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20140702006
      • AND
        • comment mariadb-bench is earlier than 1:5.5.41-2.el7_0
          oval oval:com.redhat.rhsa:tst:20150118015
        • comment mariadb-bench is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20140702012
      • AND
        • comment mariadb-devel is earlier than 1:5.5.41-2.el7_0
          oval oval:com.redhat.rhsa:tst:20150118019
        • comment mariadb-devel is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20140702018
      • AND
        • comment mariadb-embedded is earlier than 1:5.5.41-2.el7_0
          oval oval:com.redhat.rhsa:tst:20150118013
        • comment mariadb-embedded is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20140702014
      • AND
        • comment mariadb-embedded-devel is earlier than 1:5.5.41-2.el7_0
          oval oval:com.redhat.rhsa:tst:20150118007
        • comment mariadb-embedded-devel is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20140702010
      • AND
        • comment mariadb-libs is earlier than 1:5.5.41-2.el7_0
          oval oval:com.redhat.rhsa:tst:20150118011
        • comment mariadb-libs is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20140702008
      • AND
        • comment mariadb-server is earlier than 1:5.5.41-2.el7_0
          oval oval:com.redhat.rhsa:tst:20150118017
        • comment mariadb-server is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20140702020
      • AND
        • comment mariadb-test is earlier than 1:5.5.41-2.el7_0
          oval oval:com.redhat.rhsa:tst:20150118009
        • comment mariadb-test is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20140702016
    rhsa
    id RHSA-2015:0118
    released 2015-02-03
    severity Moderate
    title RHSA-2015:0118: mariadb security update (Moderate)
  • rhsa
    id RHSA-2015:0116
  • rhsa
    id RHSA-2015:0117
  • rhsa
    id RHSA-2015:1628
rpms
  • mariadb-1:5.5.41-2.el7_0
  • mariadb-bench-1:5.5.41-2.el7_0
  • mariadb-devel-1:5.5.41-2.el7_0
  • mariadb-embedded-1:5.5.41-2.el7_0
  • mariadb-embedded-devel-1:5.5.41-2.el7_0
  • mariadb-libs-1:5.5.41-2.el7_0
  • mariadb-server-1:5.5.41-2.el7_0
  • mariadb-test-1:5.5.41-2.el7_0
  • mysql55-mysql-0:5.5.45-1.el5
  • mysql55-mysql-bench-0:5.5.45-1.el5
  • mysql55-mysql-devel-0:5.5.45-1.el5
  • mysql55-mysql-libs-0:5.5.45-1.el5
  • mysql55-mysql-server-0:5.5.45-1.el5
  • mysql55-mysql-test-0:5.5.45-1.el5
refmap via4
bid 72217
confirm
debian DSA-3135
fedora FEDORA-2015-1162
gentoo GLSA-201504-05
sectrack 1031581
secunia
  • 62728
  • 62730
  • 62732
suse SUSE-SU-2015:0743
ubuntu USN-2480-1
xf oracle-cpujan2015-cve20150432(100187)
Last major update 02-01-2017 - 21:59
Published 21-01-2015 - 14:59
Last modified 07-09-2017 - 21:29
Back to Top