7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.952 High
EPSS
Percentile
99.3%
Issue Overview:
This update fixes several vulnerabilities in the MySQL database server. (CVE-2014-0386, CVE-2014-0393, CVE-2014-0401, CVE-2014-0402, CVE-2014-0412, CVE-2014-0437, CVE-2013-5908)
A buffer overflow flaw was found in the way the MySQL command line client tool (mysql) processed excessively long version strings. If a user connected to a malicious MySQL server via the mysql client, the server could use this flaw to crash the mysql client or, potentially, execute arbitrary code as the user running the mysql client. (CVE-2014-0001)
Affected Packages:
mysql51
Issue Correction:
Run yum update mysql51 to update your system.
New Packages:
i686:
mysql51-embedded-5.1.73-3.68.amzn1.i686
mysql51-common-5.1.73-3.68.amzn1.i686
mysql51-5.1.73-3.68.amzn1.i686
mysql51-devel-5.1.73-3.68.amzn1.i686
mysql51-server-5.1.73-3.68.amzn1.i686
mysql51-bench-5.1.73-3.68.amzn1.i686
mysql51-debuginfo-5.1.73-3.68.amzn1.i686
mysql51-test-5.1.73-3.68.amzn1.i686
mysql51-embedded-devel-5.1.73-3.68.amzn1.i686
mysql51-libs-5.1.73-3.68.amzn1.i686
src:
mysql51-5.1.73-3.68.amzn1.src
x86_64:
mysql51-server-5.1.73-3.68.amzn1.x86_64
mysql51-libs-5.1.73-3.68.amzn1.x86_64
mysql51-test-5.1.73-3.68.amzn1.x86_64
mysql51-debuginfo-5.1.73-3.68.amzn1.x86_64
mysql51-embedded-devel-5.1.73-3.68.amzn1.x86_64
mysql51-embedded-5.1.73-3.68.amzn1.x86_64
mysql51-bench-5.1.73-3.68.amzn1.x86_64
mysql51-devel-5.1.73-3.68.amzn1.x86_64
mysql51-common-5.1.73-3.68.amzn1.x86_64
mysql51-5.1.73-3.68.amzn1.x86_64
Red Hat: CVE-2013-5908, CVE-2014-0001, CVE-2014-0386, CVE-2014-0393, CVE-2014-0401, CVE-2014-0402, CVE-2014-0412, CVE-2014-0437
Mitre: CVE-2013-5908, CVE-2014-0001, CVE-2014-0386, CVE-2014-0393, CVE-2014-0401, CVE-2014-0402, CVE-2014-0412, CVE-2014-0437
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Amazon Linux | 1 | i686 | mysql51-embedded | < 5.1.73-3.68.amzn1 | mysql51-embedded-5.1.73-3.68.amzn1.i686.rpm |
Amazon Linux | 1 | i686 | mysql51-common | < 5.1.73-3.68.amzn1 | mysql51-common-5.1.73-3.68.amzn1.i686.rpm |
Amazon Linux | 1 | i686 | mysql51 | < 5.1.73-3.68.amzn1 | mysql51-5.1.73-3.68.amzn1.i686.rpm |
Amazon Linux | 1 | i686 | mysql51-devel | < 5.1.73-3.68.amzn1 | mysql51-devel-5.1.73-3.68.amzn1.i686.rpm |
Amazon Linux | 1 | i686 | mysql51-server | < 5.1.73-3.68.amzn1 | mysql51-server-5.1.73-3.68.amzn1.i686.rpm |
Amazon Linux | 1 | i686 | mysql51-bench | < 5.1.73-3.68.amzn1 | mysql51-bench-5.1.73-3.68.amzn1.i686.rpm |
Amazon Linux | 1 | i686 | mysql51-debuginfo | < 5.1.73-3.68.amzn1 | mysql51-debuginfo-5.1.73-3.68.amzn1.i686.rpm |
Amazon Linux | 1 | i686 | mysql51-test | < 5.1.73-3.68.amzn1 | mysql51-test-5.1.73-3.68.amzn1.i686.rpm |
Amazon Linux | 1 | i686 | mysql51-embedded-devel | < 5.1.73-3.68.amzn1 | mysql51-embedded-devel-5.1.73-3.68.amzn1.i686.rpm |
Amazon Linux | 1 | i686 | mysql51-libs | < 5.1.73-3.68.amzn1 | mysql51-libs-5.1.73-3.68.amzn1.i686.rpm |