ID CVE-2017-3244
Summary Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 5.5.53 and earlier, 5.6.34 and earlier and 5.7.16 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS v3.0 Base Score 6.5 (Availability impacts).
References
Vulnerable Configurations
  • Oracle MySQL 5.5.53
    cpe:2.3:a:oracle:mysql:5.5.53
  • Oracle MySQL 5.6.34
    cpe:2.3:a:oracle:mysql:5.6.34
  • Oracle MySQL 5.7.16
    cpe:2.3:a:oracle:mysql:5.7.16
CVSS
Base: 4.0 (as of 30-01-2017 - 23:02)
Impact:
Exploitability:
Access
VectorComplexityAuthentication
NETWORK LOW SINGLE_INSTANCE
Impact
ConfidentialityIntegrityAvailability
NONE NONE PARTIAL
nessus via4
  • NASL family Ubuntu Local Security Checks
    NASL id UBUNTU_USN-3174-1.NASL
    description Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to 5.5.54 in Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. Ubuntu 16.04 LTS and Ubuntu 16.10 have been updated to MySQL 5.7.17. In addition to security fixes, the updated packages contain bug fixes, new features, and possibly incompatible changes. Please see the following for more information: http://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-54.html http://dev.mysql.com/doc/relnotes/mysql/5.7/en/news-5-7-17.html http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727 .html. Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-01-16
    modified 2018-12-01
    plugin id 96656
    published 2017-01-20
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=96656
    title Ubuntu 12.04 LTS / 14.04 LTS / 16.04 LTS / 16.10 : mysql-5.5, mysql-5.7 vulnerabilities (USN-3174-1)
  • NASL family Databases
    NASL id MYSQL_5_6_35.NASL
    description The version of MySQL running on the remote host is 5.6.x prior to 5.6.35. It is, therefore, affected by multiple vulnerabilities : - An unspecified flaw exists in the Security: Encryption subcomponent that allows an authenticated, remote attacker to cause a denial of service condition. (CVE-2016-8318) - An unspecified flaw exists in the Replication subcomponent that allows an authenticated, remote attacker to cause a denial of service condition. (CVE-2016-8327) - An unspecified flaw exists in the Optimizer subcomponent that allows an authenticated, remote attacker to cause a denial of service condition. (CVE-2017-3238) - An unspecified flaw exists in the DML subcomponent that allows an authenticated, remote attacker to cause a denial of service condition. (CVE-2017-3244) - An unspecified flaw exists in the InnoDB subcomponent that allows an authenticated, remote attacker to cause a denial of service condition. (CVE-2017-3257) - An unspecified flaw exists in the DDL subcomponent that allows an authenticated, remote attacker to cause a denial of service condition. (CVE-2017-3258) - An unspecified flaw exists in the Packaging subcomponent that allows a local attacker to impact confidentiality and availability. (CVE-2017-3265) - An unspecified flaw exists in the DDL subcomponent that allows an authenticated, remote attacker to cause a denial of service condition. (CVE-2017-3273) - Multiple unspecified flaws exist in the Packaging subcomponent that allow a local attacker to gain elevated privileges. (CVE-2017-3291, CVE-2017-3312) - An unspecified flaw exists in the MyISAM subcomponent that allows a local attacker to disclose sensitive information. (CVE-2017-3313) - An unspecified flaw exists in the Logging subcomponent that allows a local attacker to cause a denial of service condition. (CVE-2017-3317) - An unspecified flaw exists in the Error Handling subcomponent that allows a local attacker to disclose sensitive information. (CVE-2017-3318) - A local privilege escalation vulnerability exists in the mysqld_safe component due to unsafe use of the 'rm' and 'chown' commands. A local attacker can exploit this to gain elevated privileges. - An unspecified flaw exists in the mysqld_safe component that allows an authenticated, remote attacker to have an unspecified impact. - An overflow condition exists in the Optimizer component due to improper validation of user-supplied input when handling nested expressions. An authenticated, remote attacker can exploit this to cause a stack-based buffer overflow, resulting in a denial of service condition. - An unspecified flaw exists when handling a CREATE TABLE query with a DATA DIRECTORY clause. An authenticated, remote attacker can exploit this to gain elevated privileges. Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.
    last seen 2019-01-16
    modified 2019-01-02
    plugin id 95878
    published 2016-12-15
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=95878
    title MySQL 5.6.x < 5.6.35 Multiple Vulnerabilities (January 2017 CPU)
  • NASL family Slackware Local Security Checks
    NASL id SLACKWARE_SSA_2017-018-01.NASL
    description New mariadb packages are available for Slackware 14.1, 14.2, and -current to fix security issues.
    last seen 2018-09-01
    modified 2018-07-26
    plugin id 96612
    published 2017-01-19
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=96612
    title Slackware 14.1 / 14.2 / current : mariadb (SSA:2017-018-01)
  • NASL family Debian Local Security Checks
    NASL id DEBIAN_DLA-797.NASL
    description Several issues have been discovered in the MySQL database server. The vulnerabilities are addressed by upgrading MySQL to the new upstream version 5.5.54, which includes additional changes, such as performance improvements, bug fixes, new features, and possibly incompatible changes. Please see the MySQL 5.5 Release Notes and Oracle's Critical Patch Update advisory for further details : https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-54.html http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727 .html For Debian 7 'Wheezy', these problems have been fixed in version 5.5.54-0+deb7u1. We recommend that you upgrade your mysql-5.5 packages. NOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-01-16
    modified 2018-11-13
    plugin id 96732
    published 2017-01-25
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=96732
    title Debian DLA-797-1 : mysql-5.5 security update
  • NASL family SuSE Local Security Checks
    NASL id SUSE_SU-2017-0411-1.NASL
    description This mariadb version update to 10.0.29 fixes the following issues : - CVE-2017-3318: unspecified vulnerability affecting Error Handling (bsc#1020896) - CVE-2017-3317: unspecified vulnerability affecting Logging (bsc#1020894) - CVE-2017-3312: insecure error log file handling in mysqld_safe, incomplete CVE-2016-6664 (bsc#1020873) - CVE-2017-3291: unrestricted mysqld_safe's ledir (bsc#1020884) - CVE-2017-3265: unsafe chmod/chown use in init script (bsc#1020885) - CVE-2017-3258: unspecified vulnerability in the DDL component (bsc#1020875) - CVE-2017-3257: unspecified vulnerability affecting InnoDB (bsc#1020878) - CVE-2017-3244: unspecified vulnerability affecing the DML component (bsc#1020877) - CVE-2017-3243: unspecified vulnerability affecting the Charsets component (bsc#1020891) - CVE-2017-3238: unspecified vulnerability affecting the Optimizer component (bsc#1020882) - CVE-2016-6664: Root Privilege Escalation (bsc#1008253) - Applications using the client library for MySQL (libmysqlclient.so) had a use-after-free issue that could cause the applications to crash (bsc#1022428) - notable changes : - XtraDB updated to 5.6.34-79.1 - TokuDB updated to 5.6.34-79.1 - Innodb updated to 5.6.35 - Performance Schema updated to 5.6.35 Release notes and changelog : - https://kb.askmonty.org/en/mariadb-10029-release-notes - https://kb.askmonty.org/en/mariadb-10029-changelog Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-01-16
    modified 2018-11-30
    plugin id 97063
    published 2017-02-08
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=97063
    title SUSE SLES12 Security Update : mariadb (SUSE-SU-2017:0411-1)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_SU-2017-0412-1.NASL
    description This mariadb version update to 10.0.29 fixes the following issues : - CVE-2017-3318: unspecified vulnerability affecting Error Handling (bsc#1020896) - CVE-2017-3317: unspecified vulnerability affecting Logging (bsc#1020894) - CVE-2017-3312: insecure error log file handling in mysqld_safe, incomplete CVE-2016-6664 (bsc#1020873) - CVE-2017-3291: unrestricted mysqld_safe's ledir (bsc#1020884) - CVE-2017-3265: unsafe chmod/chown use in init script (bsc#1020885) - CVE-2017-3258: unspecified vulnerability in the DDL component (bsc#1020875) - CVE-2017-3257: unspecified vulnerability affecting InnoDB (bsc#1020878) - CVE-2017-3244: unspecified vulnerability affecing the DML component (bsc#1020877) - CVE-2017-3243: unspecified vulnerability affecting the Charsets component (bsc#1020891) - CVE-2017-3238: unspecified vulnerability affecting the Optimizer component (bsc#1020882) - CVE-2016-6664: Root Privilege Escalation (bsc#1008253) - Applications using the client library for MySQL (libmysqlclient.so) had a use-after-free issue that could cause the applications to crash (bsc#1022428) - notable changes : - XtraDB updated to 5.6.34-79.1 - TokuDB updated to 5.6.34-79.1 - Innodb updated to 5.6.35 - Performance Schema updated to 5.6.35 Release notes and changelog : - https://kb.askmonty.org/en/mariadb-10029-release-notes - https://kb.askmonty.org/en/mariadb-10029-changelog Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-01-16
    modified 2018-11-30
    plugin id 97064
    published 2017-02-08
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=97064
    title SUSE SLED12 / SLES12 Security Update : mariadb (SUSE-SU-2017:0412-1)
  • NASL family Scientific Linux Local Security Checks
    NASL id SL_20170801_MARIADB_ON_SL7_X.NASL
    description The following packages have been upgraded to a later upstream version: mariadb (5.5.56). Security Fix(es) : - It was discovered that the mysql and mysqldump tools did not correctly handle database and table names containing newline characters. A database user with privileges to create databases or tables could cause the mysql command to execute arbitrary shell or SQL commands while restoring database backup created using the mysqldump tool. (CVE-2016-5483, CVE-2017-3600) - A flaw was found in the way the mysqld_safe script handled creation of error log file. The mysql operating system user could use this flaw to escalate their privileges to root. (CVE-2016-5617, CVE-2016-6664) - Multiple flaws were found in the way the MySQL init script handled initialization of the database data directory and permission setting on the error log file. The mysql operating system user could use these flaws to escalate their privileges to root. (CVE-2017-3265) - It was discovered that the mysqld_safe script honored the ledir option value set in a MySQL configuration file. A user able to modify one of the MySQL configuration files could use this flaw to escalate their privileges to root. (CVE-2017-3291) - Multiple flaws were found in the way the mysqld_safe script handled creation of error log file. The mysql operating system user could use these flaws to escalate their privileges to root. (CVE-2017-3312) - A flaw was found in the way MySQL client library (libmysqlclient) handled prepared statements when server connection was lost. A malicious server or a man-in-the-middle attacker could possibly use this flaw to crash an application using libmysqlclient. (CVE-2017-3302) (CVE-2017-3238, CVE-2017-3243, CVE-2017-3244, CVE-2017-3258, CVE-2017-3308, CVE-2017-3309, CVE-2017-3313, CVE-2017-3317, CVE-2017-3318, CVE-2017-3453, CVE-2017-3456, CVE-2017-3464)
    last seen 2019-01-16
    modified 2018-12-27
    plugin id 102648
    published 2017-08-22
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=102648
    title Scientific Linux Security Update : mariadb on SL7.x x86_64
  • NASL family FreeBSD Local Security Checks
    NASL id FREEBSD_PKG_4D2F9D09DDB711E6A9A5B499BAEBFEAF.NASL
    description Oracle reports : No further details have been provided in the Critical Patch Update
    last seen 2018-11-13
    modified 2018-11-10
    plugin id 96618
    published 2017-01-19
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=96618
    title FreeBSD : mysql -- multiple vulnerabilities (4d2f9d09-ddb7-11e6-a9a5-b499baebfeaf)
  • NASL family Huawei Local Security Checks
    NASL id EULEROS_SA-2017-1169.NASL
    description According to the versions of the mariadb packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - It was discovered that the mysql and mysqldump tools did not correctly handle database and table names containing newline characters. A database user with privileges to create databases or tables could cause the mysql command to execute arbitrary shell or SQL commands while restoring database backup created using the mysqldump tool. (CVE-2016-5483, CVE-2017-3600) - A flaw was found in the way the mysqld_safe script handled creation of error log file. The mysql operating system user could use this flaw to escalate their privileges to root. (CVE-2016-5617, CVE-2016-6664) - Multiple flaws were found in the way the MySQL init script handled initialization of the database data directory and permission setting on the error log file. The mysql operating system user could use these flaws to escalate their privileges to root. (CVE-2017-3265) - It was discovered that the mysqld_safe script honored the ledir option value set in a MySQL configuration file. A user able to modify one of the MySQL configuration files could use this flaw to escalate their privileges to root. (CVE-2017-3291) - Multiple flaws were found in the way the mysqld_safe script handled creation of error log file. The mysql operating system user could use these flaws to escalate their privileges to root. (CVE-2017-3312) - A flaw was found in the way MySQL client library (libmysqlclient) handled prepared statements when server connection was lost. A malicious server or a man-in-the-middle attacker could possibly use this flaw to crash an application using libmysqlclient. (CVE-2017-3302) - This update fixes several vulnerabilities in the MariaDB database server. Information about these flaws can be found on the Oracle Critical Patch Update Advisory page, listed in the References section. (CVE-2017-3238, CVE-2017-3243, CVE-2017-3244, CVE-2017-3258, CVE-2017-3308, CVE-2017-3309, CVE-2017-3313, CVE-2017-3317, CVE-2017-3318, CVE-2017-3453, CVE-2017-3456, CVE-2017-3464) Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-01-16
    modified 2018-11-14
    plugin id 103007
    published 2017-09-08
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=103007
    title EulerOS 2.0 SP1 : mariadb (EulerOS-SA-2017-1169)
  • NASL family Oracle Linux Local Security Checks
    NASL id ORACLELINUX_ELSA-2017-2192.NASL
    description From Red Hat Security Advisory 2017:2192 : An update for mariadb is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. MariaDB is a multi-user, multi-threaded SQL database server that is binary compatible with MySQL. The following packages have been upgraded to a later upstream version: mariadb (5.5.56). (BZ#1458933) Security Fix(es) : * It was discovered that the mysql and mysqldump tools did not correctly handle database and table names containing newline characters. A database user with privileges to create databases or tables could cause the mysql command to execute arbitrary shell or SQL commands while restoring database backup created using the mysqldump tool. (CVE-2016-5483, CVE-2017-3600) * A flaw was found in the way the mysqld_safe script handled creation of error log file. The mysql operating system user could use this flaw to escalate their privileges to root. (CVE-2016-5617, CVE-2016-6664) * Multiple flaws were found in the way the MySQL init script handled initialization of the database data directory and permission setting on the error log file. The mysql operating system user could use these flaws to escalate their privileges to root. (CVE-2017-3265) * It was discovered that the mysqld_safe script honored the ledir option value set in a MySQL configuration file. A user able to modify one of the MySQL configuration files could use this flaw to escalate their privileges to root. (CVE-2017-3291) * Multiple flaws were found in the way the mysqld_safe script handled creation of error log file. The mysql operating system user could use these flaws to escalate their privileges to root. (CVE-2017-3312) * A flaw was found in the way MySQL client library (libmysqlclient) handled prepared statements when server connection was lost. A malicious server or a man-in-the-middle attacker could possibly use this flaw to crash an application using libmysqlclient. (CVE-2017-3302) * This update fixes several vulnerabilities in the MariaDB database server. Information about these flaws can be found on the Oracle Critical Patch Update Advisory page, listed in the References section. (CVE-2017-3238, CVE-2017-3243, CVE-2017-3244, CVE-2017-3258, CVE-2017-3308, CVE-2017-3309, CVE-2017-3313, CVE-2017-3317, CVE-2017-3318, CVE-2017-3453, CVE-2017-3456, CVE-2017-3464) Additional Changes : For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.4 Release Notes linked from the References section.
    last seen 2019-01-16
    modified 2018-07-26
    plugin id 102299
    published 2017-08-09
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=102299
    title Oracle Linux 7 : mariadb (ELSA-2017-2192)
  • NASL family Databases
    NASL id MYSQL_5_5_54.NASL
    description The version of MySQL running on the remote host is 5.5.x prior to 5.5.54. It is, therefore, affected by multiple vulnerabilities : - An unspecified flaw exists in the Optimizer subcomponent that allows an authenticated, remote attacker to cause a denial of service condition. (CVE-2017-3238) - An unspecified flaw exists in the Charsets subcomponent that allows an authenticated, remote attacker to cause a denial of service condition. (CVE-2017-3243) - An unspecified flaw exists in the DML subcomponent that allows an authenticated, remote attacker to cause a denial of service condition. (CVE-2017-3244) - An unspecified flaw exists in the DDL subcomponent that allows an authenticated, remote attacker to cause a denial of service condition. (CVE-2017-3258) - An unspecified flaw exists in the Packaging subcomponent that allows a local attacker to impact confidentiality and availability. (CVE-2017-3265) - Multiple unspecified flaws exist in the Packaging subcomponent that allow a local attacker to gain elevated privileges. (CVE-2017-3291, CVE-2017-3312) - An unspecified flaw exists in the MyISAM subcomponent that allows a local attacker to disclose sensitive information. (CVE-2017-3313) - An unspecified flaw exists in the Logging subcomponent that allows a local attacker to cause a denial of service condition. (CVE-2017-3317) - An unspecified flaw exists in the Error Handling subcomponent that allows a local attacker to disclose sensitive information. (CVE-2017-3318) - A local privilege escalation vulnerability exists in the mysqld_safe component due to unsafe use of the 'rm' and 'chown' commands. A local attacker can exploit this to gain elevated privileges. - An unspecified flaw exists in the mysqld_safe component that allows an authenticated, remote attacker to have an unspecified impact. - An overflow condition exists in the Optimizer component due to improper validation of user-supplied input when handling nested expressions. An authenticated, remote attacker can exploit this to cause a stack-based buffer overflow, resulting in a denial of service condition. - An unspecified flaw exists when handling a CREATE TABLE query with a DATA DIRECTORY clause. An authenticated, remote attacker can exploit this to gain elevated privileges. Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.
    last seen 2019-01-16
    modified 2019-01-02
    plugin id 95876
    published 2016-12-15
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=95876
    title MySQL 5.5.x < 5.5.54 Multiple Vulnerabilities (January 2017 CPU)
  • NASL family Amazon Linux Local Security Checks
    NASL id ALA_ALAS-2017-789.NASL
    description The following security-related issues were fixed : CVE-2017-3238 Server: Optimizer unspecified vulnerability CVE-2017-3243 Server: Charsets unspecified vulnerability CVE-2017-3244 Server: DML unspecified vulnerability CVE-2017-3258 Server: DDL unspecified vulnerability CVE-2017-3313 Server: MyISAM unspecified vulnerability CVE-2017-3317 Logging unspecified vulnerability CVE-2017-3318 Server: Error Handling unspecified vulnerability
    last seen 2018-09-01
    modified 2018-04-18
    plugin id 96807
    published 2017-01-27
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=96807
    title Amazon Linux AMI : mysql55 (ALAS-2017-789)
  • NASL family Debian Local Security Checks
    NASL id DEBIAN_DSA-3770.NASL
    description Several issues have been discovered in the MariaDB database server. The vulnerabilities are addressed by upgrading MariaDB to the new upstream version 10.0.29. Please see the MariaDB 10.0 Release Notes for further details : - https://mariadb.com/kb/en/mariadb/mariadb-10029-release- notes/
    last seen 2019-01-16
    modified 2018-11-19
    plugin id 96669
    published 2017-01-23
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=96669
    title Debian DSA-3770-1 : mariadb-10.0 - security update
  • NASL family Databases
    NASL id MYSQL_5_5_54_RPM.NASL
    description The version of MySQL running on the remote host is 5.5.x prior to 5.5.54. It is, therefore, affected by multiple vulnerabilities : - An unspecified flaw exists in the Optimizer subcomponent that allows an authenticated, remote attacker to cause a denial of service condition. (CVE-2017-3238) - An unspecified flaw exists in the Charsets subcomponent that allows an authenticated, remote attacker to cause a denial of service condition. (CVE-2017-3243) - An unspecified flaw exists in the DML subcomponent that allows an authenticated, remote attacker to cause a denial of service condition. (CVE-2017-3244) - An unspecified flaw exists in the DDL subcomponent that allows an authenticated, remote attacker to cause a denial of service condition. (CVE-2017-3258) - An unspecified flaw exists in the Packaging subcomponent that allows a local attacker to impact confidentiality and availability. (CVE-2017-3265) - Multiple unspecified flaws exist in the Packaging subcomponent that allow a local attacker to gain elevated privileges. (CVE-2017-3291, CVE-2017-3312) - An unspecified flaw exists in the MyISAM subcomponent that allows a local attacker to disclose sensitive information. (CVE-2017-3313) - An unspecified flaw exists in the Logging subcomponent that allows a local attacker to cause a denial of service condition. (CVE-2017-3317) - An unspecified flaw exists in the Error Handling subcomponent that allows a local attacker to disclose sensitive information. (CVE-2017-3318) - A local privilege escalation vulnerability exists in the mysqld_safe component due to unsafe use of the 'rm' and 'chown' commands. A local attacker can exploit this to gain elevated privileges. - An unspecified flaw exists in the mysqld_safe component that allows an authenticated, remote attacker to have an unspecified impact. - An overflow condition exists in the Optimizer component due to improper validation of user-supplied input when handling nested expressions. An authenticated, remote attacker can exploit this to cause a stack-based buffer overflow, resulting in a denial of service condition. - An unspecified flaw exists when handling a CREATE TABLE query with a DATA DIRECTORY clause. An authenticated, remote attacker can exploit this to gain elevated privileges. Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.
    last seen 2019-01-16
    modified 2019-01-02
    plugin id 95877
    published 2016-12-15
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=95877
    title MySQL 5.5.x < 5.5.54 Multiple Vulnerabilities (January 2017 CPU)
  • NASL family Amazon Linux Local Security Checks
    NASL id ALA_ALAS-2017-790.NASL
    description The following security-related issues were fixed : CVE-2016-8318 Server: Security: Encryption unspecified vulnerability CVE-2016-8327 Server: Replication unspecified vulnerability CVE-2017-3238 Server: Optimizer unspecified vulnerability CVE-2017-3244 Server: DML unspecified vulnerability CVE-2017-3257 Server: InnoDB unspecified vulnerability CVE-2017-3258 Server: DDL unspecified vulnerability CVE-2017-3273 Server: DDL unspecified vulnerability CVE-2017-3313 Server: MyISAM unspecified vulnerability CVE-2017-3317 Logging unspecified vulnerability CVE-2017-3318 Server: Error Handling unspecified vulnerability
    last seen 2018-09-02
    modified 2018-04-18
    plugin id 96808
    published 2017-01-27
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=96808
    title Amazon Linux AMI : mysql56 (ALAS-2017-790)
  • NASL family Databases
    NASL id MYSQL_5_7_17.NASL
    description The version of MySQL running on the remote host is 5.7.x prior to 5.7.17. It is, therefore, affected by multiple vulnerabilities : - An unspecified flaw exists in the Security: Encryption subcomponent that allows an authenticated, remote attacker to cause a denial of service condition. (CVE-2016-8318) - An unspecified flaw exists in the Replication subcomponent that allows an authenticated, remote attacker to cause a denial of service condition. (CVE-2016-8327) - Multiple unspecified flaws exist in the Optimizer subcomponent that allow an authenticated, remote attacker to cause a denial of service condition. (CVE-2017-3238, CVE-2017-3251) - An unspecified flaw exists in the DML subcomponent that allows an authenticated, remote attacker to cause a denial of service condition. (CVE-2017-3244) - An unspecified flaw exists in the Replication subcomponent that allows an authenticated, remote attacker to cause a denial of service condition. (CVE-2017-3256) - An unspecified flaw exists in the InnoDB subcomponent that allows an authenticated, remote attacker to cause a denial of service condition. (CVE-2017-3257) - An unspecified flaw exists in the DDL subcomponent that allows an authenticated, remote attacker to cause a denial of service condition. (CVE-2017-3258) - An unspecified flaw exists in the Packaging subcomponent that allows a local attacker to impact confidentiality and availability. (CVE-2017-3265) - An unspecified flaw exists in the DDL subcomponent that allows an authenticated, remote attacker to cause a denial of service condition. (CVE-2017-3273) - Multiple unspecified flaws exist in the Packaging subcomponent that allow a local attacker to gain elevated privileges. (CVE-2017-3291, CVE-2017-3312) - An unspecified flaw exists in the MyISAM subcomponent that allows a local attacker to disclose sensitive information. (CVE-2017-3313) - An unspecified flaw exists in the Logging subcomponent that allows a local attacker to cause a denial of service condition. (CVE-2017-3317) - An unspecified flaw exists in the Error Handling subcomponent that allows a local attacker to disclose sensitive information. (CVE-2017-3318) - An unspecified flaw exists in the X Plugin subcomponent that allows an authenticated, remote attacker to disclose sensitive information. (CVE-2017-3319) - An unspecified flaw exists in the Security: Encryption subcomponent that allows an authenticated, remote attacker to disclose sensitive information. (CVE-2017-3320) - An unspecified flaw exists in the X Plugin subcomponent that allows an authenticated, remote attacker to cause a denial of service condition. (CVE-2017-3646) - A local privilege escalation vulnerability exists in the mysqld_safe component due to unsafe use of the 'rm' and 'chown' commands. A local attacker can exploit this to gain elevated privileges. - An unspecified flaw exists in the mysqld_safe component that allows an authenticated, remote attacker to have an unspecified impact. - An overflow condition exists in the Optimizer component due to improper validation of user-supplied input when handling nested expressions. An authenticated, remote attacker can exploit this to cause a stack-based buffer overflow, resulting in a denial of service condition. - An unspecified flaw exists when handling a CREATE TABLE query with a DATA DIRECTORY clause. An authenticated, remote attacker can exploit this to gain elevated privileges. Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.
    last seen 2019-01-16
    modified 2019-01-02
    plugin id 95880
    published 2016-12-15
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=95880
    title MySQL 5.7.x < 5.7.17 Multiple Vulnerabilities (January 2017 CPU) (July 2017 CPU)
  • NASL family Debian Local Security Checks
    NASL id DEBIAN_DSA-3767.NASL
    description Several issues have been discovered in the MySQL database server. The vulnerabilities are addressed by upgrading MySQL to the new upstream version 5.5.54, which includes additional changes, such as performance improvements, bug fixes, new features, and possibly incompatible changes. Please see the MySQL 5.5 Release Notes and Oracle's Critical Patch Update advisory for further details : - https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5 -54.html - http://www.oracle.com/technetwork/security-advisory/cpuj an2017-2881727.html
    last seen 2019-01-16
    modified 2018-11-13
    plugin id 96638
    published 2017-01-20
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=96638
    title Debian DSA-3767-1 : mysql-5.5 - security update
  • NASL family Databases
    NASL id MYSQL_5_6_35_RPM.NASL
    description The version of MySQL running on the remote host is 5.6.x prior to 5.6.35. It is, therefore, affected by multiple vulnerabilities : - An unspecified flaw exists in the Security: Encryption subcomponent that allows an authenticated, remote attacker to cause a denial of service condition. (CVE-2016-8318) - An unspecified flaw exists in the Replication subcomponent that allows an authenticated, remote attacker to cause a denial of service condition. (CVE-2016-8327) - An unspecified flaw exists in the Optimizer subcomponent that allows an authenticated, remote attacker to cause a denial of service condition. (CVE-2017-3238) - An unspecified flaw exists in the DML subcomponent that allows an authenticated, remote attacker to cause a denial of service condition. (CVE-2017-3244) - An unspecified flaw exists in the InnoDB subcomponent that allows an authenticated, remote attacker to cause a denial of service condition. (CVE-2017-3257) - An unspecified flaw exists in the DDL subcomponent that allows an authenticated, remote attacker to cause a denial of service condition. (CVE-2017-3258) - An unspecified flaw exists in the Packaging subcomponent that allows a local attacker to impact confidentiality and availability. (CVE-2017-3265) - An unspecified flaw exists in the DDL subcomponent that allows an authenticated, remote attacker to cause a denial of service condition. (CVE-2017-3273) - Multiple unspecified flaws exist in the Packaging subcomponent that allow a local attacker to gain elevated privileges. (CVE-2017-3291, CVE-2017-3312) - An unspecified flaw exists in the MyISAM subcomponent that allows a local attacker to disclose sensitive information. (CVE-2017-3313) - An unspecified flaw exists in the Logging subcomponent that allows a local attacker to cause a denial of service condition. (CVE-2017-3317) - An unspecified flaw exists in the Error Handling subcomponent that allows a local attacker to disclose sensitive information. (CVE-2017-3318) - A local privilege escalation vulnerability exists in the mysqld_safe component due to unsafe use of the 'rm' and 'chown' commands. A local attacker can exploit this to gain elevated privileges. - An unspecified flaw exists in the mysqld_safe component that allows an authenticated, remote attacker to have an unspecified impact. - An overflow condition exists in the Optimizer component due to improper validation of user-supplied input when handling nested expressions. An authenticated, remote attacker can exploit this to cause a stack-based buffer overflow, resulting in a denial of service condition. - An unspecified flaw exists when handling a CREATE TABLE query with a DATA DIRECTORY clause. An authenticated, remote attacker can exploit this to gain elevated privileges. Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.
    last seen 2019-01-16
    modified 2019-01-02
    plugin id 95879
    published 2016-12-15
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=95879
    title MySQL 5.6.x < 5.6.35 Multiple Vulnerabilities (January 2017 CPU)
  • NASL family SuSE Local Security Checks
    NASL id OPENSUSE-2017-258.NASL
    description mysql-community-server was updated to version 5.6.35 to fix bugs and security issues : - Changes http://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6- 35.html - Fixed CVEs: CVE-2016-8318 [boo#1020872], CVE-2017-3312 [boo#1020873], CVE-2017-3258 [boo#1020875], CVE-2017-3273 [boo#1020876], CVE-2017-3244 [boo#1020877], CVE-2017-3257 [boo#1020878], CVE-2017-3238 [boo#1020882], CVE-2017-3291 [boo#1020884], CVE-2017-3265 [boo#1020885], CVE-2017-3313 [boo#1020890], CVE-2016-8327 [boo#1020893], CVE-2017-3317 [boo#1020894], CVE-2017-3318 [boo#1020896]
    last seen 2019-01-16
    modified 2018-11-19
    plugin id 97278
    published 2017-02-21
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=97278
    title openSUSE Security Update : mysql-community-server (openSUSE-2017-258)
  • NASL family Huawei Local Security Checks
    NASL id EULEROS_SA-2017-1170.NASL
    description According to the versions of the mariadb packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - It was discovered that the mysql and mysqldump tools did not correctly handle database and table names containing newline characters. A database user with privileges to create databases or tables could cause the mysql command to execute arbitrary shell or SQL commands while restoring database backup created using the mysqldump tool. (CVE-2016-5483, CVE-2017-3600) - A flaw was found in the way the mysqld_safe script handled creation of error log file. The mysql operating system user could use this flaw to escalate their privileges to root. (CVE-2016-5617, CVE-2016-6664) - Multiple flaws were found in the way the MySQL init script handled initialization of the database data directory and permission setting on the error log file. The mysql operating system user could use these flaws to escalate their privileges to root. (CVE-2017-3265) - It was discovered that the mysqld_safe script honored the ledir option value set in a MySQL configuration file. A user able to modify one of the MySQL configuration files could use this flaw to escalate their privileges to root. (CVE-2017-3291) - Multiple flaws were found in the way the mysqld_safe script handled creation of error log file. The mysql operating system user could use these flaws to escalate their privileges to root. (CVE-2017-3312) - A flaw was found in the way MySQL client library (libmysqlclient) handled prepared statements when server connection was lost. A malicious server or a man-in-the-middle attacker could possibly use this flaw to crash an application using libmysqlclient. (CVE-2017-3302) - This update fixes several vulnerabilities in the MariaDB database server. Information about these flaws can be found on the Oracle Critical Patch Update Advisory page, listed in the References section. (CVE-2017-3238, CVE-2017-3243, CVE-2017-3244, CVE-2017-3258, CVE-2017-3308, CVE-2017-3309, CVE-2017-3313, CVE-2017-3317, CVE-2017-3318, CVE-2017-3453, CVE-2017-3456, CVE-2017-3464) Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-01-16
    modified 2018-11-14
    plugin id 103008
    published 2017-09-08
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=103008
    title EulerOS 2.0 SP2 : mariadb (EulerOS-SA-2017-1170)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2017-2192.NASL
    description An update for mariadb is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. MariaDB is a multi-user, multi-threaded SQL database server that is binary compatible with MySQL. The following packages have been upgraded to a later upstream version: mariadb (5.5.56). (BZ#1458933) Security Fix(es) : * It was discovered that the mysql and mysqldump tools did not correctly handle database and table names containing newline characters. A database user with privileges to create databases or tables could cause the mysql command to execute arbitrary shell or SQL commands while restoring database backup created using the mysqldump tool. (CVE-2016-5483, CVE-2017-3600) * A flaw was found in the way the mysqld_safe script handled creation of error log file. The mysql operating system user could use this flaw to escalate their privileges to root. (CVE-2016-5617, CVE-2016-6664) * Multiple flaws were found in the way the MySQL init script handled initialization of the database data directory and permission setting on the error log file. The mysql operating system user could use these flaws to escalate their privileges to root. (CVE-2017-3265) * It was discovered that the mysqld_safe script honored the ledir option value set in a MySQL configuration file. A user able to modify one of the MySQL configuration files could use this flaw to escalate their privileges to root. (CVE-2017-3291) * Multiple flaws were found in the way the mysqld_safe script handled creation of error log file. The mysql operating system user could use these flaws to escalate their privileges to root. (CVE-2017-3312) * A flaw was found in the way MySQL client library (libmysqlclient) handled prepared statements when server connection was lost. A malicious server or a man-in-the-middle attacker could possibly use this flaw to crash an application using libmysqlclient. (CVE-2017-3302) * This update fixes several vulnerabilities in the MariaDB database server. Information about these flaws can be found on the Oracle Critical Patch Update Advisory page, listed in the References section. (CVE-2017-3238, CVE-2017-3243, CVE-2017-3244, CVE-2017-3258, CVE-2017-3308, CVE-2017-3309, CVE-2017-3313, CVE-2017-3317, CVE-2017-3318, CVE-2017-3453, CVE-2017-3456, CVE-2017-3464) Additional Changes : For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.4 Release Notes linked from the References section.
    last seen 2019-01-16
    modified 2018-11-26
    plugin id 102152
    published 2017-08-03
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=102152
    title RHEL 7 : mariadb (RHSA-2017:2192)
  • NASL family Gentoo Local Security Checks
    NASL id GENTOO_GLSA-201702-17.NASL
    description The remote host is affected by the vulnerability described in GLSA-201702-17 (MySQL: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in MySQL. Please review the CVE identifiers referenced below for details. Impact : An attacker could possibly escalate privileges, gain access to critical data or complete access to all MySQL server accessible data, or cause a Denial of Service condition via unspecified vectors. Workaround : There is no known workaround at this time.
    last seen 2019-01-16
    modified 2017-02-21
    plugin id 97260
    published 2017-02-21
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=97260
    title GLSA-201702-17 : MySQL: Multiple vulnerabilities
  • NASL family Gentoo Local Security Checks
    NASL id GENTOO_GLSA-201702-18.NASL
    description The remote host is affected by the vulnerability described in GLSA-201702-18 (MariaDB: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in MariaDB. Please review the CVE identifiers referenced below for details. Impact : An attacker could possibly escalate privileges, gain access to critical data or complete access to all MariaDB Server accessible data, or cause a Denial of Service condition via unspecified vectors. Workaround : There is no known workaround at this time.
    last seen 2019-01-16
    modified 2018-07-26
    plugin id 97261
    published 2017-02-21
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=97261
    title GLSA-201702-18 : MariaDB: Multiple vulnerabilities
  • NASL family Databases
    NASL id MYSQL_5_7_17_RPM.NASL
    description The version of MySQL running on the remote host is 5.7.x prior to 5.7.17. It is, therefore, affected by multiple vulnerabilities : - An unspecified flaw exists in the Security: Encryption subcomponent that allows an authenticated, remote attacker to cause a denial of service condition. (CVE-2016-8318) - An unspecified flaw exists in the Replication subcomponent that allows an authenticated, remote attacker to cause a denial of service condition. (CVE-2016-8327) - Multiple unspecified flaws exist in the Optimizer subcomponent that allow an authenticated, remote attacker to cause a denial of service condition. (CVE-2017-3238, CVE-2017-3251) - An unspecified flaw exists in the DML subcomponent that allows an authenticated, remote attacker to cause a denial of service condition. (CVE-2017-3244) - An unspecified flaw exists in the Replication subcomponent that allows an authenticated, remote attacker to cause a denial of service condition. (CVE-2017-3256) - An unspecified flaw exists in the InnoDB subcomponent that allows an authenticated, remote attacker to cause a denial of service condition. (CVE-2017-3257) - An unspecified flaw exists in the DDL subcomponent that allows an authenticated, remote attacker to cause a denial of service condition. (CVE-2017-3258) - An unspecified flaw exists in the Packaging subcomponent that allows a local attacker to impact confidentiality and availability. (CVE-2017-3265) - An unspecified flaw exists in the DDL subcomponent that allows an authenticated, remote attacker to cause a denial of service condition. (CVE-2017-3273) - Multiple unspecified flaws exist in the Packaging subcomponent that allow a local attacker to gain elevated privileges. (CVE-2017-3291, CVE-2017-3312) - An unspecified flaw exists in the MyISAM subcomponent that allows a local attacker to disclose sensitive information. (CVE-2017-3313) - An unspecified flaw exists in the Logging subcomponent that allows a local attacker to cause a denial of service condition. (CVE-2017-3317) - An unspecified flaw exists in the Error Handling subcomponent that allows a local attacker to disclose sensitive information. (CVE-2017-3318) - An unspecified flaw exists in the X Plugin subcomponent that allows an authenticated, remote attacker to disclose sensitive information. (CVE-2017-3319) - An unspecified flaw exists in the Security: Encryption subcomponent that allows an authenticated, remote attacker to disclose sensitive information. (CVE-2017-3320) - An unspecified flaw exists in the X Plugin subcomponent that allows an authenticated, remote attacker to cause a denial of service condition. (CVE-2017-3646) - A local privilege escalation vulnerability exists in the mysqld_safe component due to unsafe use of the 'rm' and 'chown' commands. A local attacker can exploit this to gain elevated privileges. - An unspecified flaw exists in the mysqld_safe component that allows an authenticated, remote attacker to have an unspecified impact. - An overflow condition exists in the Optimizer component due to improper validation of user-supplied input when handling nested expressions. An authenticated, remote attacker can exploit this to cause a stack-based buffer overflow, resulting in a denial of service condition. - An unspecified flaw exists when handling a CREATE TABLE query with a DATA DIRECTORY clause. An authenticated, remote attacker can exploit this to gain elevated privileges. Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.
    last seen 2019-01-16
    modified 2019-01-02
    plugin id 95881
    published 2016-12-15
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=95881
    title MySQL 5.7.x < 5.7.17 Multiple Vulnerabilities (January 2017 CPU) (July 2017 CPU)
  • NASL family SuSE Local Security Checks
    NASL id OPENSUSE-2017-257.NASL
    description This mariadb version update to 10.0.29 fixes the following issues : - CVE-2017-3318: unspecified vulnerability affecting Error Handling (bsc#1020896) - CVE-2017-3317: unspecified vulnerability affecting Logging (bsc#1020894) - CVE-2017-3312: insecure error log file handling in mysqld_safe, incomplete CVE-2016-6664 (bsc#1020873) - CVE-2017-3291: unrestricted mysqld_safe's ledir (bsc#1020884) - CVE-2017-3265: unsafe chmod/chown use in init script (bsc#1020885) - CVE-2017-3258: unspecified vulnerability in the DDL component (bsc#1020875) - CVE-2017-3257: unspecified vulnerability affecting InnoDB (bsc#1020878) - CVE-2017-3244: unspecified vulnerability affecing the DML component (bsc#1020877) - CVE-2017-3243: unspecified vulnerability affecting the Charsets component (bsc#1020891) - CVE-2017-3238: unspecified vulnerability affecting the Optimizer component (bsc#1020882) - CVE-2016-6664: Root Privilege Escalation (bsc#1008253) - Applications using the client library for MySQL (libmysqlclient.so) had a use-after-free issue that could cause the applications to crash (bsc#1022428) - notable changes : - XtraDB updated to 5.6.34-79.1 - TokuDB updated to 5.6.34-79.1 - Innodb updated to 5.6.35 - Performance Schema updated to 5.6.35 Release notes and changelog : - https://kb.askmonty.org/en/mariadb-10029-release-notes - https://kb.askmonty.org/en/mariadb-10029-changelog This update was imported from the SUSE:SLE-12-SP1:Update update project.
    last seen 2019-01-16
    modified 2018-11-19
    plugin id 97277
    published 2017-02-21
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=97277
    title openSUSE Security Update : mariadb (openSUSE-2017-257)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_SU-2017-0408-1.NASL
    description This mysql version update to 5.5.54 fixes the following issues : - CVE-2017-3318: Unspecified vulnerability affecting Error Handling (bsc#1020896) - CVE-2017-3317: Unspecified vulnerability affecting Logging (bsc#1020894) - CVE-2017-3313: Unspecified vulnerability affecting the MyISAM component (bsc#1020890) - CVE-2017-3312: Insecure error log file handling in mysqld_safe, incomplete CVE-2016-6664 (bsc#1020873) - CVE-2017-3291: Unrestricted mysqld_safe's ledir (bsc#1020884) - CVE-2017-3265: Unsafe chmod/chown use in init script (bsc#1020885) - CVE-2017-3258: Unspecified vulnerability in the DDL component (bsc#1020875) - CVE-2017-3244: Unspecified vulnerability affecing the DML component (bsc#1020877) - CVE-2017-3243: Unspecified vulnerability affecting the Charsets component (bsc#1020891) - CVE-2017-3238: Unspecified vulnerability affecting the Optimizer component (bsc#1020882) - Applications using the client library for MySQL (libmysqlclient.so) had a use-after-free issue that could cause the applications to crash (bsc#1022428) Release Notes: http://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5- 54.html Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-01-16
    modified 2018-11-30
    plugin id 97046
    published 2017-02-07
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=97046
    title SUSE SLES11 Security Update : mysql (SUSE-SU-2017:0408-1)
  • NASL family SuSE Local Security Checks
    NASL id OPENSUSE-2017-315.NASL
    description mysql-community-server was updated to version 5.6.35 to fix bugs and security issues : - Changes http://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6- 35.html - Fixed CVEs: CVE-2016-8318 [boo#1020872], CVE-2017-3312 [boo#1020873], CVE-2017-3258 [boo#1020875], CVE-2017-3273 [boo#1020876], CVE-2017-3244 [boo#1020877], CVE-2017-3257 [boo#1020878], CVE-2017-3238 [boo#1020882], CVE-2017-3291 [boo#1020884], CVE-2017-3265 [boo#1020885], CVE-2017-3313 [boo#1020890], CVE-2016-8327 [boo#1020893], CVE-2017-3317 [boo#1020894], CVE-2017-3318 [boo#1020896]
    last seen 2019-01-16
    modified 2018-11-19
    plugin id 97569
    published 2017-03-07
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=97569
    title openSUSE Security Update : mysql-community-server (openSUSE-2017-315)
  • NASL family CentOS Local Security Checks
    NASL id CENTOS_RHSA-2017-2192.NASL
    description An update for mariadb is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. MariaDB is a multi-user, multi-threaded SQL database server that is binary compatible with MySQL. The following packages have been upgraded to a later upstream version: mariadb (5.5.56). (BZ#1458933) Security Fix(es) : * It was discovered that the mysql and mysqldump tools did not correctly handle database and table names containing newline characters. A database user with privileges to create databases or tables could cause the mysql command to execute arbitrary shell or SQL commands while restoring database backup created using the mysqldump tool. (CVE-2016-5483, CVE-2017-3600) * A flaw was found in the way the mysqld_safe script handled creation of error log file. The mysql operating system user could use this flaw to escalate their privileges to root. (CVE-2016-5617, CVE-2016-6664) * Multiple flaws were found in the way the MySQL init script handled initialization of the database data directory and permission setting on the error log file. The mysql operating system user could use these flaws to escalate their privileges to root. (CVE-2017-3265) * It was discovered that the mysqld_safe script honored the ledir option value set in a MySQL configuration file. A user able to modify one of the MySQL configuration files could use this flaw to escalate their privileges to root. (CVE-2017-3291) * Multiple flaws were found in the way the mysqld_safe script handled creation of error log file. The mysql operating system user could use these flaws to escalate their privileges to root. (CVE-2017-3312) * A flaw was found in the way MySQL client library (libmysqlclient) handled prepared statements when server connection was lost. A malicious server or a man-in-the-middle attacker could possibly use this flaw to crash an application using libmysqlclient. (CVE-2017-3302) * This update fixes several vulnerabilities in the MariaDB database server. Information about these flaws can be found on the Oracle Critical Patch Update Advisory page, listed in the References section. (CVE-2017-3238, CVE-2017-3243, CVE-2017-3244, CVE-2017-3258, CVE-2017-3308, CVE-2017-3309, CVE-2017-3313, CVE-2017-3317, CVE-2017-3318, CVE-2017-3453, CVE-2017-3456, CVE-2017-3464) Additional Changes : For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.4 Release Notes linked from the References section.
    last seen 2019-01-16
    modified 2018-11-10
    plugin id 102755
    published 2017-08-25
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=102755
    title CentOS 7 : mariadb (CESA-2017:2192)
redhat via4
advisories
  • rhsa
    id RHSA-2017:2192
  • rhsa
    id RHSA-2017:2787
  • rhsa
    id RHSA-2017:2886
  • rhsa
    id RHSA-2018:0279
  • rhsa
    id RHSA-2018:0574
rpms
  • mariadb-1:5.5.56-2.el7
  • mariadb-bench-1:5.5.56-2.el7
  • mariadb-devel-1:5.5.56-2.el7
  • mariadb-embedded-1:5.5.56-2.el7
  • mariadb-embedded-devel-1:5.5.56-2.el7
  • mariadb-libs-1:5.5.56-2.el7
  • mariadb-server-1:5.5.56-2.el7
  • mariadb-test-1:5.5.56-2.el7
refmap via4
bid 95565
confirm http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html
debian
  • DSA-3767
  • DSA-3770
gentoo
  • GLSA-201702-17
  • GLSA-201702-18
sectrack 1037640
Last major update 31-01-2017 - 11:35
Published 27-01-2017 - 17:59
Last modified 22-03-2018 - 21:29
Back to Top