Low: mysql51

2013-11-0312:08:00

alas.aws.amazon.com

4 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:N/I:N/A:P

0.004 Low

EPSS

Percentile

72.4%

JSON

Issue Overview:

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.70 and earlier, 5.5.32 and earlier, and 5.6.12 and earlier allows remote authenticated users to affect availability via unknown vectors related to Optimizer.

Affected Packages:

mysql51

Issue Correction:
Run yum update mysql51 to update your system.

New Packages:

i686:  
    mysql51-common-5.1.72-1.64.amzn1.i686  
    mysql51-embedded-devel-5.1.72-1.64.amzn1.i686  
    mysql51-5.1.72-1.64.amzn1.i686  
    mysql51-devel-5.1.72-1.64.amzn1.i686  
    mysql51-debuginfo-5.1.72-1.64.amzn1.i686  
    mysql51-libs-5.1.72-1.64.amzn1.i686  
    mysql51-embedded-5.1.72-1.64.amzn1.i686  
    mysql51-bench-5.1.72-1.64.amzn1.i686  
    mysql51-test-5.1.72-1.64.amzn1.i686  
    mysql51-server-5.1.72-1.64.amzn1.i686  
  
src:  
    mysql51-5.1.72-1.64.amzn1.src  
  
x86_64:  
    mysql51-common-5.1.72-1.64.amzn1.x86_64  
    mysql51-embedded-devel-5.1.72-1.64.amzn1.x86_64  
    mysql51-server-5.1.72-1.64.amzn1.x86_64  
    mysql51-test-5.1.72-1.64.amzn1.x86_64  
    mysql51-libs-5.1.72-1.64.amzn1.x86_64  
    mysql51-5.1.72-1.64.amzn1.x86_64  
    mysql51-bench-5.1.72-1.64.amzn1.x86_64  
    mysql51-debuginfo-5.1.72-1.64.amzn1.x86_64  
    mysql51-devel-5.1.72-1.64.amzn1.x86_64  
    mysql51-embedded-5.1.72-1.64.amzn1.x86_64

Additional References

Red Hat: CVE-2013-3839

Mitre: CVE-2013-3839

OSVersionArchitecturePackageVersionFilename
Amazon Linux1i686mysql51-common< 5.1.72-1.64.amzn1mysql51-common-5.1.72-1.64.amzn1.i686.rpm
Amazon Linux1i686mysql51-embedded-devel< 5.1.72-1.64.amzn1mysql51-embedded-devel-5.1.72-1.64.amzn1.i686.rpm
Amazon Linux1i686mysql51< 5.1.72-1.64.amzn1mysql51-5.1.72-1.64.amzn1.i686.rpm
Amazon Linux1i686mysql51-devel< 5.1.72-1.64.amzn1mysql51-devel-5.1.72-1.64.amzn1.i686.rpm
Amazon Linux1i686mysql51-debuginfo< 5.1.72-1.64.amzn1mysql51-debuginfo-5.1.72-1.64.amzn1.i686.rpm
Amazon Linux1i686mysql51-libs< 5.1.72-1.64.amzn1mysql51-libs-5.1.72-1.64.amzn1.i686.rpm
Amazon Linux1i686mysql51-embedded< 5.1.72-1.64.amzn1mysql51-embedded-5.1.72-1.64.amzn1.i686.rpm
Amazon Linux1i686mysql51-bench< 5.1.72-1.64.amzn1mysql51-bench-5.1.72-1.64.amzn1.i686.rpm
Amazon Linux1i686mysql51-test< 5.1.72-1.64.amzn1mysql51-test-5.1.72-1.64.amzn1.i686.rpm
Amazon Linux1i686mysql51-server< 5.1.72-1.64.amzn1mysql51-server-5.1.72-1.64.amzn1.i686.rpm

OS	Version	Architecture	Package	Version	Filename
Amazon Linux	1	i686	mysql51-common	< 5.1.72-1.64.amzn1	mysql51-common-5.1.72-1.64.amzn1.i686.rpm
Amazon Linux	1	i686	mysql51-embedded-devel	< 5.1.72-1.64.amzn1	mysql51-embedded-devel-5.1.72-1.64.amzn1.i686.rpm
Amazon Linux	1	i686	mysql51	< 5.1.72-1.64.amzn1	mysql51-5.1.72-1.64.amzn1.i686.rpm
Amazon Linux	1	i686	mysql51-devel	< 5.1.72-1.64.amzn1	mysql51-devel-5.1.72-1.64.amzn1.i686.rpm
Amazon Linux	1	i686	mysql51-debuginfo	< 5.1.72-1.64.amzn1	mysql51-debuginfo-5.1.72-1.64.amzn1.i686.rpm
Amazon Linux	1	i686	mysql51-libs	< 5.1.72-1.64.amzn1	mysql51-libs-5.1.72-1.64.amzn1.i686.rpm
Amazon Linux	1	i686	mysql51-embedded	< 5.1.72-1.64.amzn1	mysql51-embedded-5.1.72-1.64.amzn1.i686.rpm
Amazon Linux	1	i686	mysql51-bench	< 5.1.72-1.64.amzn1	mysql51-bench-5.1.72-1.64.amzn1.i686.rpm
Amazon Linux	1	i686	mysql51-test	< 5.1.72-1.64.amzn1	mysql51-test-5.1.72-1.64.amzn1.i686.rpm
Amazon Linux	1	i686	mysql51-server	< 5.1.72-1.64.amzn1	mysql51-server-5.1.72-1.64.amzn1.i686.rpm