{"id": "CVE-2012-1690", "bulletinFamily": "NVD", "title": "CVE-2012-1690", "description": "Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.61 and earlier, and 5.5.21 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer, a different vulnerability than CVE-2012-1703.", "published": "2012-05-03T18:55:02", "modified": "2017-12-06T21:29:11", "cvss": {"score": 4.0, "vector": "AV:NETWORK/AC:LOW/Au:SINGLE_INSTANCE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-1690", "reporter": "NVD", "references": ["http://security.gentoo.org/glsa/glsa-201308-06.xml", "http://rhn.redhat.com/errata/RHSA-2012-1462.html", "http://www.oracle.com/technetwork/topics/security/cpuapr2012-366314.html", "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150", "http://www.securitytracker.com/id?1026934", "http://www.securityfocus.com/bid/53074"], "cvelist": ["CVE-2012-1690"], "type": "cve", "lastseen": "2017-12-07T12:34:06", "history": [{"bulletin": {"assessment": {"href": "", "name": "", "system": ""}, "bulletinFamily": "NVD", "cpe": ["cpe:/a:mysql:mysql:5.1.43", "cpe:/a:oracle:mysql:5.5.16", "cpe:/a:mysql:mysql:5.1.34", "cpe:/a:mysql:mysql:5.1.42", "cpe:/a:mysql:mysql:5.1.7", "cpe:/a:oracle:mysql:5.1.52:sp1", "cpe:/a:mysql:mysql:5.1.11", "cpe:/a:mysql:mysql:5.1.23", "cpe:/a:oracle:mysql:5.5.13", "cpe:/a:mysql:mysql:5.1.40:sp1", "cpe:/a:oracle:mysql:5.1.61", "cpe:/a:mysql:mysql:5.5.4", "cpe:/a:mysql:mysql:5.1.15", "cpe:/a:mysql:mysql:5.1.8", "cpe:/a:oracle:mysql:5.1.55", "cpe:/a:mysql:mysql:5.1.33", "cpe:/a:mysql:mysql:5.1.38", "cpe:/a:oracle:mysql:5.5.10", "cpe:/a:mysql:mysql:5.1.23:a", "cpe:/a:mysql:mysql:5.1.31", "cpe:/a:oracle:mysql:5.5.18", "cpe:/a:oracle:mysql:5.5.19", "cpe:/a:mysql:mysql:5.1.21", "cpe:/a:oracle:mysql:5.1.51", "cpe:/a:mysql:mysql:5.1.4", "cpe:/a:mysql:mysql:5.1.27", "cpe:/a:mysql:mysql:5.1.37", "cpe:/a:oracle:mysql:5.5.14", "cpe:/a:oracle:mysql:5.1.60", "cpe:/a:mysql:mysql:5.1.20", "cpe:/a:mysql:mysql:5.1.35", "cpe:/a:oracle:mysql:5.5.15", "cpe:/a:mysql:mysql:5.1.17", "cpe:/a:mysql:mysql:5.5.8", "cpe:/a:mysql:mysql:5.1.23a", "cpe:/a:oracle:mysql:5.1.52", "cpe:/a:mysql:mysql:5.1.13", "cpe:/a:mysql:mysql:5.1.43:sp1", "cpe:/a:mysql:mysql:5.1.34:sp1", "cpe:/a:mysql:mysql:5.1.6", "cpe:/a:mysql:mysql:5.1.12", "cpe:/a:mysql:mysql:5.1.9", "cpe:/a:oracle:mysql:5.1.59", "cpe:/a:mysql:mysql:5.1.49", "cpe:/a:mysql:mysql:5.1.28", "cpe:/a:oracle:mysql:5.1.53", "cpe:/a:mysql:mysql:5.1.37:sp1", "cpe:/a:mysql:mysql:5.1.46", "cpe:/a:oracle:mysql:5.1.54", "cpe:/a:mysql:mysql:5.1", "cpe:/a:mysql:mysql:5.5.9", "cpe:/a:mysql:mysql:5.5.3", "cpe:/a:mysql:mysql:5.1.40", "cpe:/a:mysql:mysql:5.1.45", "cpe:/a:mysql:mysql:5.1.31:sp1", "cpe:/a:mysql:mysql:5.1.36", "cpe:/a:mysql:mysql:5.1.32", "cpe:/a:mysql:mysql:5.5.5", "cpe:/a:mysql:mysql:5.1.14", "cpe:/a:oracle:mysql:5.1.57", "cpe:/a:mysql:mysql:5.1.44", "cpe:/a:mysql:mysql:5.1.39", "cpe:/a:mysql:mysql:5.1.48", "cpe:/a:oracle:mysql:5.1.56", "cpe:/a:mysql:mysql:5.1.46:sp1", "cpe:/a:mysql:mysql:5.5.2", "cpe:/a:mysql:mysql:5.5.1", "cpe:/a:mysql:mysql:5.1.25", "cpe:/a:mysql:mysql:5.1.29", "cpe:/a:mysql:mysql:5.1.19", "cpe:/a:oracle:mysql:5.5.11", "cpe:/a:mysql:mysql:5.1.5a", "cpe:/a:mysql:mysql:5.1.3", "cpe:/a:mysql:mysql:5.1.50", "cpe:/a:mysql:mysql:5.1.22", "cpe:/a:mysql:mysql:5.5.7", "cpe:/a:oracle:mysql:5.5.20", "cpe:/a:mysql:mysql:5.1.49:sp1", "cpe:/a:mysql:mysql:5.5.6", "cpe:/a:mysql:mysql:5.1.16", "cpe:/a:mysql:mysql:5.1.24", "cpe:/a:mysql:mysql:5.1.5", "cpe:/a:oracle:mysql:5.1.58", "cpe:/a:mysql:mysql:5.1.23_bk", "cpe:/a:mysql:mysql:5.1.18", "cpe:/a:mysql:mysql:5.1.26", "cpe:/a:mysql:mysql:5.1.1", "cpe:/a:mysql:mysql:5.1.32-bzr", "cpe:/a:oracle:mysql:5.5.12", "cpe:/a:oracle:mysql:5.5.17", "cpe:/a:oracle:mysql:5.5.21", "cpe:/a:mysql:mysql:5.1.47", "cpe:/a:mysql:mysql:5.1.41", "cpe:/a:mysql:mysql:5.1.2", "cpe:/a:mysql:mysql:5.1.30", "cpe:/a:mysql:mysql:5.1.10"], "cvelist": ["CVE-2012-1690"], "cvss": {"score": 4.0, "vector": "AV:NETWORK/AC:LOW/Au:SINGLE_INSTANCE/C:NONE/I:NONE/A:PARTIAL/"}, "description": "Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.61 and earlier, and 5.5.21 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer, a different vulnerability than CVE-2012-1703.", "edition": 2, "enchantments": {}, "hash": "ebaf9009542a4bac375bfb7be15fc735332603768259271e9a3ace2560ec1190", "hashmap": [{"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "scanner"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "reporter"}, {"hash": "a01a7b9bc23559e12abe544130658da8", "key": "cvelist"}, {"hash": "d5876ab54be3ea97df067db91295712f", "key": "modified"}, {"hash": "273a0cfef512556a89d9d2d6d4092cb7", "key": "href"}, {"hash": "7dd98ddd3b39c629315590ce4291a98f", "key": "cpe"}, {"hash": "6d3f4796275bb54c21a33b82f399cc6d", "key": "assessment"}, {"hash": "45aed28972c76ea303e73448b23d0a7a", "key": "description"}, {"hash": "0896bb452cd363302f503157a94a17b6", "key": "title"}, {"hash": "58572bce3ce694426f9b3b8f1167a734", "key": "published"}, {"hash": "1716b5fcbb7121af74efdc153d0166c5", "key": "type"}, {"hash": "3acd5c52298d52c7e188feeb289548b8", "key": "cvss"}, {"hash": "dd12e4b9f978bfbab06061612944618f", "key": "references"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "bulletinFamily"}], "history": [], "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-1690", "id": "CVE-2012-1690", "lastseen": "2017-04-18T15:53:20", "modified": "2016-11-21T22:00:36", "objectVersion": "1.2", "published": "2012-05-03T18:55:02", "references": ["http://security.gentoo.org/glsa/glsa-201308-06.xml", "http://rhn.redhat.com/errata/RHSA-2012-1462.html", "http://www.oracle.com/technetwork/topics/security/cpuapr2012-366314.html", "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150", "http://www.securityfocus.com/bid/53074"], "reporter": "NVD", "scanner": [], "title": "CVE-2012-1690", "type": "cve", "viewCount": 0}, "differentElements": ["references", "modified"], "edition": 2, "lastseen": "2017-04-18T15:53:20"}, {"bulletin": {"assessment": {"href": "", "name": "", "system": ""}, "bulletinFamily": "NVD", "cpe": ["cpe:/a:mysql:mysql:5.1.43", "cpe:/a:oracle:mysql:5.5.16", "cpe:/a:mysql:mysql:5.1.34", "cpe:/a:mysql:mysql:5.1.42", "cpe:/a:mysql:mysql:5.1.7", "cpe:/a:oracle:mysql:5.1.52:sp1", "cpe:/a:mysql:mysql:5.1.11", "cpe:/a:mysql:mysql:5.1.23", "cpe:/a:oracle:mysql:5.5.13", "cpe:/a:mysql:mysql:5.1.40:sp1", "cpe:/a:oracle:mysql:5.1.61", "cpe:/a:mysql:mysql:5.5.4", "cpe:/a:mysql:mysql:5.1.15", "cpe:/a:mysql:mysql:5.1.8", "cpe:/a:oracle:mysql:5.1.55", "cpe:/a:mysql:mysql:5.1.33", "cpe:/a:mysql:mysql:5.1.38", "cpe:/a:oracle:mysql:5.5.10", "cpe:/a:mysql:mysql:5.1.23:a", "cpe:/a:mysql:mysql:5.1.31", "cpe:/a:oracle:mysql:5.5.18", "cpe:/a:oracle:mysql:5.5.19", "cpe:/a:mysql:mysql:5.1.21", "cpe:/a:oracle:mysql:5.1.51", "cpe:/a:mysql:mysql:5.1.4", "cpe:/a:mysql:mysql:5.1.27", "cpe:/a:mysql:mysql:5.1.37", "cpe:/a:oracle:mysql:5.5.14", "cpe:/a:oracle:mysql:5.1.60", "cpe:/a:mysql:mysql:5.1.20", "cpe:/a:mysql:mysql:5.1.35", "cpe:/a:oracle:mysql:5.5.15", "cpe:/a:mysql:mysql:5.1.17", "cpe:/a:mysql:mysql:5.5.8", "cpe:/a:mysql:mysql:5.1.23a", "cpe:/a:oracle:mysql:5.1.52", "cpe:/a:mysql:mysql:5.1.13", "cpe:/a:mysql:mysql:5.1.43:sp1", "cpe:/a:mysql:mysql:5.1.34:sp1", "cpe:/a:mysql:mysql:5.1.6", "cpe:/a:mysql:mysql:5.1.12", "cpe:/a:mysql:mysql:5.1.9", "cpe:/a:oracle:mysql:5.1.59", "cpe:/a:mysql:mysql:5.1.49", "cpe:/a:mysql:mysql:5.1.28", "cpe:/a:oracle:mysql:5.1.53", "cpe:/a:mysql:mysql:5.1.37:sp1", "cpe:/a:mysql:mysql:5.1.46", "cpe:/a:oracle:mysql:5.1.54", "cpe:/a:mysql:mysql:5.1", "cpe:/a:mysql:mysql:5.5.9", "cpe:/a:mysql:mysql:5.5.3", "cpe:/a:mysql:mysql:5.1.40", "cpe:/a:mysql:mysql:5.1.45", "cpe:/a:mysql:mysql:5.1.31:sp1", "cpe:/a:mysql:mysql:5.1.36", "cpe:/a:mysql:mysql:5.1.32", "cpe:/a:mysql:mysql:5.5.5", "cpe:/a:mysql:mysql:5.1.14", "cpe:/a:oracle:mysql:5.1.57", "cpe:/a:mysql:mysql:5.1.44", "cpe:/a:mysql:mysql:5.1.39", "cpe:/a:mysql:mysql:5.1.48", "cpe:/a:oracle:mysql:5.1.56", "cpe:/a:mysql:mysql:5.1.46:sp1", "cpe:/a:mysql:mysql:5.5.2", "cpe:/a:mysql:mysql:5.5.1", "cpe:/a:mysql:mysql:5.1.25", "cpe:/a:mysql:mysql:5.1.29", "cpe:/a:mysql:mysql:5.1.19", "cpe:/a:oracle:mysql:5.5.11", "cpe:/a:mysql:mysql:5.1.5a", "cpe:/a:mysql:mysql:5.1.3", "cpe:/a:mysql:mysql:5.1.50", "cpe:/a:mysql:mysql:5.1.22", "cpe:/a:mysql:mysql:5.5.7", "cpe:/a:oracle:mysql:5.5.20", "cpe:/a:mysql:mysql:5.1.49:sp1", "cpe:/a:mysql:mysql:5.5.6", "cpe:/a:mysql:mysql:5.1.16", "cpe:/a:mysql:mysql:5.1.24", "cpe:/a:mysql:mysql:5.1.5", "cpe:/a:oracle:mysql:5.1.58", "cpe:/a:mysql:mysql:5.1.23_bk", "cpe:/a:mysql:mysql:5.1.18", "cpe:/a:mysql:mysql:5.1.26", "cpe:/a:mysql:mysql:5.1.1", "cpe:/a:mysql:mysql:5.1.32-bzr", "cpe:/a:oracle:mysql:5.5.12", "cpe:/a:oracle:mysql:5.5.17", "cpe:/a:oracle:mysql:5.5.21", "cpe:/a:mysql:mysql:5.1.47", "cpe:/a:mysql:mysql:5.1.41", "cpe:/a:mysql:mysql:5.1.2", "cpe:/a:mysql:mysql:5.1.30", "cpe:/a:mysql:mysql:5.1.10"], "cvelist": ["CVE-2012-1690"], "cvss": {"score": 4.0, "vector": "AV:NETWORK/AC:LOW/Au:SINGLE_INSTANCE/C:NONE/I:NONE/A:PARTIAL/"}, "description": "Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.61 and earlier, and 5.5.21 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.", "edition": 1, "hash": "cceb28dd335508cfc7fa2772d69aabb1373b35751ae2ee2b20a83b8be011aa0e", "hashmap": [{"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "scanner"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "reporter"}, {"hash": "a01a7b9bc23559e12abe544130658da8", "key": "cvelist"}, {"hash": "273a0cfef512556a89d9d2d6d4092cb7", "key": "href"}, {"hash": "783a27b3a225036e05b36e92b65665b6", "key": "modified"}, {"hash": "56765472680401499c79732468ba4340", "key": "objectVersion"}, {"hash": "7dd98ddd3b39c629315590ce4291a98f", "key": "cpe"}, {"hash": "6d3f4796275bb54c21a33b82f399cc6d", "key": "assessment"}, {"hash": "0896bb452cd363302f503157a94a17b6", "key": "title"}, {"hash": "58572bce3ce694426f9b3b8f1167a734", "key": "published"}, {"hash": "1716b5fcbb7121af74efdc153d0166c5", "key": "type"}, {"hash": "f66e2ccac788ae042f3b852b7c102054", "key": "description"}, {"hash": "3acd5c52298d52c7e188feeb289548b8", "key": "cvss"}, {"hash": "dd12e4b9f978bfbab06061612944618f", "key": "references"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "bulletinFamily"}], "history": [], "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-1690", "id": "CVE-2012-1690", "lastseen": "2016-09-03T16:26:48", "modified": "2014-02-20T23:50:00", "objectVersion": "1.2", "published": "2012-05-03T18:55:02", "references": ["http://security.gentoo.org/glsa/glsa-201308-06.xml", "http://rhn.redhat.com/errata/RHSA-2012-1462.html", "http://www.oracle.com/technetwork/topics/security/cpuapr2012-366314.html", "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150", "http://www.securityfocus.com/bid/53074"], "reporter": "NVD", "scanner": [], "title": "CVE-2012-1690", "type": "cve", "viewCount": 0}, "differentElements": ["description", "modified"], "edition": 1, "lastseen": "2016-09-03T16:26:48"}], "edition": 3, "hashmap": [{"key": "assessment", "hash": "6d3f4796275bb54c21a33b82f399cc6d"}, {"key": "bulletinFamily", "hash": "601892ece72be3be2f57266ca2354792"}, {"key": "cpe", "hash": "7dd98ddd3b39c629315590ce4291a98f"}, {"key": "cvelist", "hash": "a01a7b9bc23559e12abe544130658da8"}, {"key": "cvss", "hash": "3acd5c52298d52c7e188feeb289548b8"}, {"key": "description", "hash": "45aed28972c76ea303e73448b23d0a7a"}, {"key": "href", "hash": "273a0cfef512556a89d9d2d6d4092cb7"}, {"key": "modified", "hash": "d88121df9d3cde2dd481d4aa554ba47e"}, {"key": "published", "hash": "58572bce3ce694426f9b3b8f1167a734"}, {"key": "references", "hash": "3ae4abf335c9087a6dc82013e5f63f73"}, {"key": "reporter", "hash": "601892ece72be3be2f57266ca2354792"}, {"key": "scanner", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "title", "hash": "0896bb452cd363302f503157a94a17b6"}, {"key": "type", "hash": "1716b5fcbb7121af74efdc153d0166c5"}], "hash": "6b867a47dcfd559d3a669ecd242c24f8c931b92f0203a9e4524113e4dd0a950f", "viewCount": 2, "enchantments": {"score": {"value": 5.0, "vector": "NONE", "modified": "2017-12-07T12:34:06"}, "vulnersScore": 5.0}, "objectVersion": "1.3", "cpe": ["cpe:/a:mysql:mysql:5.1.43", "cpe:/a:oracle:mysql:5.5.16", "cpe:/a:mysql:mysql:5.1.34", "cpe:/a:mysql:mysql:5.1.42", "cpe:/a:mysql:mysql:5.1.7", "cpe:/a:oracle:mysql:5.1.52:sp1", "cpe:/a:mysql:mysql:5.1.11", "cpe:/a:mysql:mysql:5.1.23", "cpe:/a:oracle:mysql:5.5.13", "cpe:/a:mysql:mysql:5.1.40:sp1", "cpe:/a:oracle:mysql:5.1.61", "cpe:/a:mysql:mysql:5.5.4", "cpe:/a:mysql:mysql:5.1.15", "cpe:/a:mysql:mysql:5.1.8", "cpe:/a:oracle:mysql:5.1.55", "cpe:/a:mysql:mysql:5.1.33", "cpe:/a:mysql:mysql:5.1.38", "cpe:/a:oracle:mysql:5.5.10", "cpe:/a:mysql:mysql:5.1.23:a", "cpe:/a:mysql:mysql:5.1.31", "cpe:/a:oracle:mysql:5.5.18", "cpe:/a:oracle:mysql:5.5.19", "cpe:/a:mysql:mysql:5.1.21", "cpe:/a:oracle:mysql:5.1.51", "cpe:/a:mysql:mysql:5.1.4", "cpe:/a:mysql:mysql:5.1.27", "cpe:/a:mysql:mysql:5.1.37", "cpe:/a:oracle:mysql:5.5.14", "cpe:/a:oracle:mysql:5.1.60", "cpe:/a:mysql:mysql:5.1.20", "cpe:/a:mysql:mysql:5.1.35", "cpe:/a:oracle:mysql:5.5.15", "cpe:/a:mysql:mysql:5.1.17", "cpe:/a:mysql:mysql:5.5.8", "cpe:/a:mysql:mysql:5.1.23a", "cpe:/a:oracle:mysql:5.1.52", "cpe:/a:mysql:mysql:5.1.13", "cpe:/a:mysql:mysql:5.1.43:sp1", "cpe:/a:mysql:mysql:5.1.34:sp1", "cpe:/a:mysql:mysql:5.1.6", "cpe:/a:mysql:mysql:5.1.12", "cpe:/a:mysql:mysql:5.1.9", "cpe:/a:oracle:mysql:5.1.59", "cpe:/a:mysql:mysql:5.1.49", "cpe:/a:mysql:mysql:5.1.28", "cpe:/a:oracle:mysql:5.1.53", "cpe:/a:mysql:mysql:5.1.37:sp1", "cpe:/a:mysql:mysql:5.1.46", "cpe:/a:oracle:mysql:5.1.54", "cpe:/a:mysql:mysql:5.1", "cpe:/a:mysql:mysql:5.5.9", "cpe:/a:mysql:mysql:5.5.3", "cpe:/a:mysql:mysql:5.1.40", "cpe:/a:mysql:mysql:5.1.45", "cpe:/a:mysql:mysql:5.1.31:sp1", "cpe:/a:mysql:mysql:5.1.36", "cpe:/a:mysql:mysql:5.1.32", "cpe:/a:mysql:mysql:5.5.5", "cpe:/a:mysql:mysql:5.1.14", "cpe:/a:oracle:mysql:5.1.57", "cpe:/a:mysql:mysql:5.1.44", "cpe:/a:mysql:mysql:5.1.39", "cpe:/a:mysql:mysql:5.1.48", "cpe:/a:oracle:mysql:5.1.56", "cpe:/a:mysql:mysql:5.1.46:sp1", "cpe:/a:mysql:mysql:5.5.2", "cpe:/a:mysql:mysql:5.5.1", "cpe:/a:mysql:mysql:5.1.25", "cpe:/a:mysql:mysql:5.1.29", "cpe:/a:mysql:mysql:5.1.19", "cpe:/a:oracle:mysql:5.5.11", "cpe:/a:mysql:mysql:5.1.5a", "cpe:/a:mysql:mysql:5.1.3", "cpe:/a:mysql:mysql:5.1.50", "cpe:/a:mysql:mysql:5.1.22", "cpe:/a:mysql:mysql:5.5.7", "cpe:/a:oracle:mysql:5.5.20", "cpe:/a:mysql:mysql:5.1.49:sp1", "cpe:/a:mysql:mysql:5.5.6", "cpe:/a:mysql:mysql:5.1.16", "cpe:/a:mysql:mysql:5.1.24", "cpe:/a:mysql:mysql:5.1.5", "cpe:/a:oracle:mysql:5.1.58", "cpe:/a:mysql:mysql:5.1.23_bk", "cpe:/a:mysql:mysql:5.1.18", "cpe:/a:mysql:mysql:5.1.26", "cpe:/a:mysql:mysql:5.1.1", "cpe:/a:mysql:mysql:5.1.32-bzr", "cpe:/a:oracle:mysql:5.5.12", "cpe:/a:oracle:mysql:5.5.17", "cpe:/a:oracle:mysql:5.5.21", "cpe:/a:mysql:mysql:5.1.47", "cpe:/a:mysql:mysql:5.1.41", "cpe:/a:mysql:mysql:5.1.2", "cpe:/a:mysql:mysql:5.1.30", "cpe:/a:mysql:mysql:5.1.10"], "assessment": {"href": "", "name": "", "system": ""}, "scanner": []}

{"openvas": [{"lastseen": "2018-10-22T16:36:28", "references": ["http://www.oracle.com/technetwork/topics/security/cpuapr2012-366314.html#AppendixMSQL", "http://secunia.com/advisories/48890"], "pluginID": "1361412562310812180", "description": "The host is running MySQL and is prone\n to multiple unspecified vulnerabilities.", "edition": 6, "reporter": "Copyright (c) 2017 Greenbone Networks GmbH", "published": "2017-11-23T00:00:00", "title": "MySQL Server Components Multiple Unspecified Vulnerabilities", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "Databases", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-1690", "CVE-2012-1688", "CVE-2012-1703"], "modified": "2018-10-19T00:00:00", "id": "OPENVAS:1361412562310812180", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310812180", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_mysql_server_components_mult_unspec_vuln_lin.nasl 11989 2018-10-19 11:25:26Z cfischer $\n#\n# MySQL Server Components Multiple Unspecified Vulnerabilities (Linux)\n#\n# Authors:\n# Kashinath T <tkashinath@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2017 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:mysql:mysql\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.812180\");\n script_version(\"$Revision: 11989 $\");\n script_cve_id(\"CVE-2012-1690\", \"CVE-2012-1688\", \"CVE-2012-1703\");\n script_bugtraq_id(53074, 53067, 53058);\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-19 13:25:26 +0200 (Fri, 19 Oct 2018) $\");\n script_tag(name:\"creation_date\", value:\"2017-11-23 14:48:53 +0530 (Thu, 23 Nov 2017)\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:S/C:N/I:N/A:C\");\n script_name(\"MySQL Server Components Multiple Unspecified Vulnerabilities\");\n script_xref(name:\"URL\", value:\"http://secunia.com/advisories/48890\");\n script_xref(name:\"URL\", value:\"http://www.oracle.com/technetwork/topics/security/cpuapr2012-366314.html#AppendixMSQL\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2017 Greenbone Networks GmbH\");\n script_family(\"Databases\");\n script_tag(name:\"qod_type\", value:\"remote_banner_unreliable\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_dependencies(\"mysql_version.nasl\", \"os_detection.nasl\");\n script_require_ports(\"Services/mysql\", 3306);\n script_mandatory_keys(\"MySQL/installed\", \"Host/runs_unixoide\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation could allow\n remote authenticated users to affect availability via unknown vectors.\");\n\n script_tag(name:\"affected\", value:\"MySQL version 5.1.x before 5.1.62\n and 5.5.x before 5.5.22\");\n\n script_tag(name:\"insight\", value:\"Multiple unspecified error in Server\n Optimizer and Server DML components.\");\n\n script_tag(name:\"solution\", value:\"Apply the patch from the referenced advisory.\");\n\n script_tag(name:\"summary\", value:\"The host is running MySQL and is prone\n to multiple unspecified vulnerabilities.\");\n exit(0);\n}\n\ninclude(\"version_func.inc\");\ninclude(\"host_details.inc\");\n\nif(!sqlPort = get_app_port(cpe:CPE)) exit(0);\n\nif(!infos = get_app_version_and_location(cpe:CPE, port:sqlPort, exit_no_version:TRUE)) exit(0);\nmysqlVer = infos['version'];\nmysqlPath = infos['location'];\n\nif(mysqlVer && mysqlVer =~ \"^(5\\.(1|5))\")\n{\n if(version_in_range(version:mysqlVer, test_version:\"5.1\", test_version2:\"5.1.61\") ||\n version_in_range(version:mysqlVer, test_version:\"5.5\", test_version2:\"5.5.21\"))\n {\n report = report_fixed_ver( installed_version:mysqlVer, fixed_version: \"Apply the patch\", install_path:mysqlPath );\n security_message(port:sqlPort, data:report);\n exit(0);\n }\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:LOW/Au:SINGLE_INSTANCE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2018-10-22T16:41:43", "references": ["http://www.oracle.com/technetwork/topics/security/cpuapr2012-366314.html#AppendixMSQL", "http://secunia.com/advisories/48890"], "pluginID": "1361412562310803808", "description": "The host is running MySQL and is prone to multiple unspecified\n vulnerabilities.", "edition": 9, "reporter": "Copyright (c) 2013 Greenbone Networks GmbH", "published": "2013-06-04T00:00:00", "title": "MySQL Server Components Multiple Unspecified Vulnerabilities", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "Databases", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-1690", "CVE-2012-1688", "CVE-2012-1703"], "modified": "2018-10-12T00:00:00", "id": "OPENVAS:1361412562310803808", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310803808", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_mysql_server_components_mult_unspec_vuln.nasl 11865 2018-10-12 10:03:43Z cfischer $\n#\n# MySQL Server Components Multiple Unspecified Vulnerabilities\n#\n# Authors:\n# Thanga Prakash S <tprakash@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:mysql:mysql\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.803808\");\n script_version(\"$Revision: 11865 $\");\n script_cve_id(\"CVE-2012-1690\", \"CVE-2012-1688\", \"CVE-2012-1703\");\n script_bugtraq_id(53074, 53067, 53058);\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-12 12:03:43 +0200 (Fri, 12 Oct 2018) $\");\n script_tag(name:\"creation_date\", value:\"2013-06-04 13:12:18 +0530 (Tue, 04 Jun 2013)\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:S/C:N/I:N/A:C\");\n script_name(\"MySQL Server Components Multiple Unspecified Vulnerabilities\");\n script_xref(name:\"URL\", value:\"http://secunia.com/advisories/48890\");\n script_xref(name:\"URL\", value:\"http://www.oracle.com/technetwork/topics/security/cpuapr2012-366314.html#AppendixMSQL\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"Databases\");\n script_tag(name:\"qod_type\", value:\"remote_banner\");\n script_dependencies(\"mysql_version.nasl\", \"os_detection.nasl\");\n script_require_ports(\"Services/mysql\", 3306);\n script_mandatory_keys(\"MySQL/installed\", \"Host/runs_windows\");\n script_tag(name:\"impact\", value:\"Successful exploitation could allow remote authenticated users to affect\n availability via unknown vectors.\");\n script_tag(name:\"affected\", value:\"MySQL version 5.1.x before 5.1.62 and 5.5.x before 5.5.22\");\n script_tag(name:\"insight\", value:\"Multiple unspecified error in Server Optimizer and Server DML components.\");\n script_tag(name:\"solution\", value:\"Apply the patch from the referenced advisory.\");\n script_tag(name:\"summary\", value:\"The host is running MySQL and is prone to multiple unspecified\n vulnerabilities.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"version_func.inc\");\ninclude(\"host_details.inc\");\n\nif(!sqlPort = get_app_port(cpe:CPE)) exit(0);\nmysqlVer = get_app_version(cpe:CPE, port:sqlPort);\n\nif(mysqlVer && mysqlVer =~ \"^(5\\.(1|5))\")\n{\n if(version_in_range(version:mysqlVer, test_version:\"5.1\", test_version2:\"5.1.61\") ||\n version_in_range(version:mysqlVer, test_version:\"5.5\", test_version2:\"5.5.21\"))\n {\n security_message(sqlPort);\n exit(0);\n }\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:LOW/Au:SINGLE_INSTANCE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2017-07-24T12:50:39", "references": [], "pluginID": "71475", "description": "The remote host is missing an update to mysql-5.1\nannounced via advisory DSA 2496-1.", "edition": 2, "reporter": "Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com", "published": "2012-08-10T00:00:00", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "title": "Debian Security Advisory DSA 2496-1 (mysql-5.1)", "type": "openvas", "naslFamily": "Debian Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-0583", "CVE-2012-1690", "CVE-2012-1688", "CVE-2012-1703", "CVE-2012-2122"], "modified": "2017-07-07T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=71475", "id": "OPENVAS:71475", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_2496_1.nasl 6612 2017-07-07 12:08:03Z cfischer $\n# Description: Auto-generated from advisory DSA 2496-1 (mysql-5.1)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Several issues have been discovered in the MySQL database server. The\nvulnerabilities are addressed by upgrading MySQL to a new upstream\nversion, 5.1.63, which includes additional changes, such as performance\nimprovements and corrections for data loss defects. These changes are\ndescribed in the MySQL release notes at:\nhttp://dev.mysql.com/doc/refman/5.1/en/news-5-1-x.html\n\nCVE-2012-2122, an authentication bypass vulnerability, occurs only when\nMySQL has been built in with certain optimisations enabled. The packages\nin Debian stable (squeeze) are not known to be affected by this\nvulnerability. It is addressed in this update nonetheless, so future\nrebuilds will not become vulnerable to this issue.\n\nFor the stable distribution (squeeze), these problems have been fixed in\nversion 5.1.63-0+squeeze1.\n\nFor the testing distribution (wheezy), these problems has been fixed\nin version 5.1.62-1 of the mysql-5.1 package and version 5.5.24+dfsg-1\nof the mysql-5.5 package.\n\nWe recommend that you upgrade your MySQL packages.\";\ntag_summary = \"The remote host is missing an update to mysql-5.1\nannounced via advisory DSA 2496-1.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%202496-1\";\n\nif(description)\n{\n script_id(71475);\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:S/C:N/I:N/A:C\");\n script_cve_id(\"CVE-2012-0583\", \"CVE-2012-1688\", \"CVE-2012-1690\", \"CVE-2012-1703\", \"CVE-2012-2122\");\n script_version(\"$Revision: 6612 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 14:08:03 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-08-10 03:06:25 -0400 (Fri, 10 Aug 2012)\");\n script_name(\"Debian Security Advisory DSA 2496-1 (mysql-5.1)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\nres = \"\";\nreport = \"\";\nif((res = isdpkgvuln(pkg:\"libmysqlclient-dev\", ver:\"5.1.63-0+squeeze1\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libmysqlclient16\", ver:\"5.1.63-0+squeeze1\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libmysqld-dev\", ver:\"5.1.63-0+squeeze1\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libmysqld-pic\", ver:\"5.1.63-0+squeeze1\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"mysql-client\", ver:\"5.1.63-0+squeeze1\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"mysql-client-5.1\", ver:\"5.1.63-0+squeeze1\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"mysql-common\", ver:\"5.1.63-0+squeeze1\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"mysql-server\", ver:\"5.1.63-0+squeeze1\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"mysql-server-5.1\", ver:\"5.1.63-0+squeeze1\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"mysql-server-core-5.1\", ver:\"5.1.63-0+squeeze1\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:LOW/Au:SINGLE_INSTANCE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2018-09-02T00:00:48", "references": [], "pluginID": "136141256231071475", "description": "The remote host is missing an update to mysql-5.1\nannounced via advisory DSA 2496-1.", "edition": 3, "reporter": "Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com", "published": "2012-08-10T00:00:00", "title": "Debian Security Advisory DSA 2496-1 (mysql-5.1)", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "Debian Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-0583", "CVE-2012-1690", "CVE-2012-1688", "CVE-2012-1703", "CVE-2012-2122"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:136141256231071475", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231071475", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_2496_1.nasl 9352 2018-04-06 07:13:02Z cfischer $\n# Description: Auto-generated from advisory DSA 2496-1 (mysql-5.1)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Several issues have been discovered in the MySQL database server. The\nvulnerabilities are addressed by upgrading MySQL to a new upstream\nversion, 5.1.63, which includes additional changes, such as performance\nimprovements and corrections for data loss defects. These changes are\ndescribed in the MySQL release notes at:\nhttp://dev.mysql.com/doc/refman/5.1/en/news-5-1-x.html\n\nCVE-2012-2122, an authentication bypass vulnerability, occurs only when\nMySQL has been built in with certain optimisations enabled. The packages\nin Debian stable (squeeze) are not known to be affected by this\nvulnerability. It is addressed in this update nonetheless, so future\nrebuilds will not become vulnerable to this issue.\n\nFor the stable distribution (squeeze), these problems have been fixed in\nversion 5.1.63-0+squeeze1.\n\nFor the testing distribution (wheezy), these problems has been fixed\nin version 5.1.62-1 of the mysql-5.1 package and version 5.5.24+dfsg-1\nof the mysql-5.5 package.\n\nWe recommend that you upgrade your MySQL packages.\";\ntag_summary = \"The remote host is missing an update to mysql-5.1\nannounced via advisory DSA 2496-1.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%202496-1\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.71475\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:S/C:N/I:N/A:C\");\n script_cve_id(\"CVE-2012-0583\", \"CVE-2012-1688\", \"CVE-2012-1690\", \"CVE-2012-1703\", \"CVE-2012-2122\");\n script_version(\"$Revision: 9352 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:13:02 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-08-10 03:06:25 -0400 (Fri, 10 Aug 2012)\");\n script_name(\"Debian Security Advisory DSA 2496-1 (mysql-5.1)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\nres = \"\";\nreport = \"\";\nif((res = isdpkgvuln(pkg:\"libmysqlclient-dev\", ver:\"5.1.63-0+squeeze1\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libmysqlclient16\", ver:\"5.1.63-0+squeeze1\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libmysqld-dev\", ver:\"5.1.63-0+squeeze1\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libmysqld-pic\", ver:\"5.1.63-0+squeeze1\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"mysql-client\", ver:\"5.1.63-0+squeeze1\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"mysql-client-5.1\", ver:\"5.1.63-0+squeeze1\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"mysql-common\", ver:\"5.1.63-0+squeeze1\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"mysql-server\", ver:\"5.1.63-0+squeeze1\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"mysql-server-5.1\", ver:\"5.1.63-0+squeeze1\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"mysql-server-core-5.1\", ver:\"5.1.63-0+squeeze1\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:LOW/Au:SINGLE_INSTANCE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2018-01-08T12:56:48", "references": ["http://lists.centos.org/pipermail/centos-announce/2012-November/018995.html", "2012:1462"], "pluginID": "881538", "description": "Check for the Version of mysql", "edition": 3, "reporter": "Copyright (c) 2012 Greenbone Networks GmbH", "published": "2012-11-15T00:00:00", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "title": "CentOS Update for mysql CESA-2012:1462 centos6 ", "type": "openvas", "naslFamily": "CentOS Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-3163", "CVE-2012-3166", "CVE-2012-1690", "CVE-2012-3160", "CVE-2012-3150", "CVE-2012-1688", "CVE-2012-3180", "CVE-2012-3167", "CVE-2012-1689", "CVE-2012-3197", "CVE-2012-3173", "CVE-2012-1734", "CVE-2012-3158", "CVE-2012-0540", "CVE-2012-2749", "CVE-2012-3177", "CVE-2012-1703"], "modified": "2018-01-08T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=881538", "id": "OPENVAS:881538", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for mysql CESA-2012:1462 centos6 \n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"MySQL is a multi-user, multi-threaded SQL database server. It consists of\n the MySQL server daemon (mysqld) and many client programs and libraries.\n\n This update fixes several vulnerabilities in the MySQL database server.\n Information about these flaws can be found on the Oracle Critical Patch\n Update Advisory pages, listed in the References section. (CVE-2012-1688,\n CVE-2012-1690, CVE-2012-1703, CVE-2012-2749, CVE-2012-0540, CVE-2012-1689,\n CVE-2012-1734, CVE-2012-3163, CVE-2012-3158, CVE-2012-3177, CVE-2012-3166,\n CVE-2012-3173, CVE-2012-3150, CVE-2012-3180, CVE-2012-3167, CVE-2012-3197,\n CVE-2012-3160)\n \n These updated packages upgrade MySQL to version 5.1.66. Refer to the MySQL\n release notes listed in the References section for a full list of changes.\n \n All MySQL users should upgrade to these updated packages, which correct\n these issues. After installing this update, the MySQL server daemon\n (mysqld) will be restarted automatically.\";\n\ntag_affected = \"mysql on CentOS 6\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2012-November/018995.html\");\n script_id(881538);\n script_version(\"$Revision: 8313 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-08 08:02:11 +0100 (Mon, 08 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-11-15 11:42:46 +0530 (Thu, 15 Nov 2012)\");\n script_cve_id(\"CVE-2012-0540\", \"CVE-2012-1688\", \"CVE-2012-1689\", \"CVE-2012-1690\",\n \"CVE-2012-1703\", \"CVE-2012-1734\", \"CVE-2012-2749\", \"CVE-2012-3150\",\n \"CVE-2012-3158\", \"CVE-2012-3160\", \"CVE-2012-3163\", \"CVE-2012-3166\",\n \"CVE-2012-3167\", \"CVE-2012-3173\", \"CVE-2012-3177\", \"CVE-2012-3180\",\n \"CVE-2012-3197\");\n script_tag(name:\"cvss_base\", value:\"9.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:S/C:C/I:C/A:C\");\n script_xref(name: \"CESA\", value: \"2012:1462\");\n script_name(\"CentOS Update for mysql CESA-2012:1462 centos6 \");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of mysql\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS6\")\n{\n\n if ((res = isrpmvuln(pkg:\"mysql\", rpm:\"mysql~5.1.66~1.el6_3\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-bench\", rpm:\"mysql-bench~5.1.66~1.el6_3\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-devel\", rpm:\"mysql-devel~5.1.66~1.el6_3\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-embedded\", rpm:\"mysql-embedded~5.1.66~1.el6_3\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-embedded-devel\", rpm:\"mysql-embedded-devel~5.1.66~1.el6_3\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-libs\", rpm:\"mysql-libs~5.1.66~1.el6_3\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-server\", rpm:\"mysql-server~5.1.66~1.el6_3\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-test\", rpm:\"mysql-test~5.1.66~1.el6_3\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 9.0, "vector": "AV:NETWORK/AC:LOW/Au:SINGLE_INSTANCE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-09-01T23:58:54", "references": ["http://lists.centos.org/pipermail/centos-announce/2012-November/018995.html", "2012:1462"], "pluginID": "1361412562310881538", "description": "Check for the Version of mysql", "edition": 3, "reporter": "Copyright (c) 2012 Greenbone Networks GmbH", "published": "2012-11-15T00:00:00", "title": "CentOS Update for mysql CESA-2012:1462 centos6 ", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "CentOS Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-3163", "CVE-2012-3166", "CVE-2012-1690", "CVE-2012-3160", "CVE-2012-3150", "CVE-2012-1688", "CVE-2012-3180", "CVE-2012-3167", "CVE-2012-1689", "CVE-2012-3197", "CVE-2012-3173", "CVE-2012-1734", "CVE-2012-3158", "CVE-2012-0540", "CVE-2012-2749", "CVE-2012-3177", "CVE-2012-1703"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:1361412562310881538", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310881538", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for mysql CESA-2012:1462 centos6 \n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"MySQL is a multi-user, multi-threaded SQL database server. It consists of\n the MySQL server daemon (mysqld) and many client programs and libraries.\n\n This update fixes several vulnerabilities in the MySQL database server.\n Information about these flaws can be found on the Oracle Critical Patch\n Update Advisory pages, listed in the References section. (CVE-2012-1688,\n CVE-2012-1690, CVE-2012-1703, CVE-2012-2749, CVE-2012-0540, CVE-2012-1689,\n CVE-2012-1734, CVE-2012-3163, CVE-2012-3158, CVE-2012-3177, CVE-2012-3166,\n CVE-2012-3173, CVE-2012-3150, CVE-2012-3180, CVE-2012-3167, CVE-2012-3197,\n CVE-2012-3160)\n \n These updated packages upgrade MySQL to version 5.1.66. Refer to the MySQL\n release notes listed in the References section for a full list of changes.\n \n All MySQL users should upgrade to these updated packages, which correct\n these issues. After installing this update, the MySQL server daemon\n (mysqld) will be restarted automatically.\";\n\ntag_affected = \"mysql on CentOS 6\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2012-November/018995.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.881538\");\n script_version(\"$Revision: 9352 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:13:02 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-11-15 11:42:46 +0530 (Thu, 15 Nov 2012)\");\n script_cve_id(\"CVE-2012-0540\", \"CVE-2012-1688\", \"CVE-2012-1689\", \"CVE-2012-1690\",\n \"CVE-2012-1703\", \"CVE-2012-1734\", \"CVE-2012-2749\", \"CVE-2012-3150\",\n \"CVE-2012-3158\", \"CVE-2012-3160\", \"CVE-2012-3163\", \"CVE-2012-3166\",\n \"CVE-2012-3167\", \"CVE-2012-3173\", \"CVE-2012-3177\", \"CVE-2012-3180\",\n \"CVE-2012-3197\");\n script_tag(name:\"cvss_base\", value:\"9.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:S/C:C/I:C/A:C\");\n script_xref(name: \"CESA\", value: \"2012:1462\");\n script_name(\"CentOS Update for mysql CESA-2012:1462 centos6 \");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of mysql\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS6\")\n{\n\n if ((res = isrpmvuln(pkg:\"mysql\", rpm:\"mysql~5.1.66~1.el6_3\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-bench\", rpm:\"mysql-bench~5.1.66~1.el6_3\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-devel\", rpm:\"mysql-devel~5.1.66~1.el6_3\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-embedded\", rpm:\"mysql-embedded~5.1.66~1.el6_3\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-embedded-devel\", rpm:\"mysql-embedded-devel~5.1.66~1.el6_3\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-libs\", rpm:\"mysql-libs~5.1.66~1.el6_3\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-server\", rpm:\"mysql-server~5.1.66~1.el6_3\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-test\", rpm:\"mysql-test~5.1.66~1.el6_3\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 9.0, "vector": "AV:NETWORK/AC:LOW/Au:SINGLE_INSTANCE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-01-03T10:56:29", "references": ["2012:1462-01", "https://www.redhat.com/archives/rhsa-announce/2012-November/msg00010.html"], "pluginID": "870861", "description": "Check for the Version of mysql", "edition": 3, "reporter": "Copyright (c) 2012 Greenbone Networks GmbH", "published": "2012-11-15T00:00:00", "title": "RedHat Update for mysql RHSA-2012:1462-01", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "Red Hat Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-3163", "CVE-2012-3166", "CVE-2012-1690", "CVE-2012-3160", "CVE-2012-3150", "CVE-2012-1688", "CVE-2012-3180", "CVE-2012-3167", "CVE-2012-1689", "CVE-2012-3197", "CVE-2012-3173", "CVE-2012-1734", "CVE-2012-3158", "CVE-2012-0540", "CVE-2012-2749", "CVE-2012-3177", "CVE-2012-1703"], "modified": "2018-01-03T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=870861", "id": "OPENVAS:870861", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for mysql RHSA-2012:1462-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"MySQL is a multi-user, multi-threaded SQL database server. It consists of\n the MySQL server daemon (mysqld) and many client programs and libraries.\n\n This update fixes several vulnerabilities in the MySQL database server.\n Information about these flaws can be found on the Oracle Critical Patch\n Update Advisory pages, listed in the References section. (CVE-2012-1688,\n CVE-2012-1690, CVE-2012-1703, CVE-2012-2749, CVE-2012-0540, CVE-2012-1689,\n CVE-2012-1734, CVE-2012-3163, CVE-2012-3158, CVE-2012-3177, CVE-2012-3166,\n CVE-2012-3173, CVE-2012-3150, CVE-2012-3180, CVE-2012-3167, CVE-2012-3197,\n CVE-2012-3160)\n\n These updated packages upgrade MySQL to version 5.1.66. Refer to the MySQL\n release notes listed in the References section for a full list of changes.\n\n All MySQL users should upgrade to these updated packages, which correct\n these issues. After installing this update, the MySQL server daemon\n (mysqld) will be restarted automatically.\";\n\ntag_affected = \"mysql on Red Hat Enterprise Linux Desktop (v. 6),\n Red Hat Enterprise Linux Server (v. 6),\n Red Hat Enterprise Linux Workstation (v. 6)\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/rhsa-announce/2012-November/msg00010.html\");\n script_id(870861);\n script_version(\"$Revision: 8273 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-03 07:29:19 +0100 (Wed, 03 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-11-15 11:40:01 +0530 (Thu, 15 Nov 2012)\");\n script_cve_id(\"CVE-2012-0540\", \"CVE-2012-1688\", \"CVE-2012-1689\", \"CVE-2012-1690\",\n \"CVE-2012-1703\", \"CVE-2012-1734\", \"CVE-2012-2749\", \"CVE-2012-3150\",\n \"CVE-2012-3158\", \"CVE-2012-3160\", \"CVE-2012-3163\", \"CVE-2012-3166\",\n \"CVE-2012-3167\", \"CVE-2012-3173\", \"CVE-2012-3177\", \"CVE-2012-3180\",\n \"CVE-2012-3197\");\n script_tag(name:\"cvss_base\", value:\"9.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:S/C:C/I:C/A:C\");\n script_xref(name: \"RHSA\", value: \"2012:1462-01\");\n script_name(\"RedHat Update for mysql RHSA-2012:1462-01\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of mysql\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"RHENT_6\")\n{\n\n if ((res = isrpmvuln(pkg:\"mysql\", rpm:\"mysql~5.1.66~1.el6_3\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-bench\", rpm:\"mysql-bench~5.1.66~1.el6_3\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-debuginfo\", rpm:\"mysql-debuginfo~5.1.66~1.el6_3\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-devel\", rpm:\"mysql-devel~5.1.66~1.el6_3\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-libs\", rpm:\"mysql-libs~5.1.66~1.el6_3\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-server\", rpm:\"mysql-server~5.1.66~1.el6_3\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-test\", rpm:\"mysql-test~5.1.66~1.el6_3\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 9.0, "vector": "AV:NETWORK/AC:LOW/Au:SINGLE_INSTANCE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-09-02T00:00:00", "references": ["2012:1462-01", "https://www.redhat.com/archives/rhsa-announce/2012-November/msg00010.html"], "pluginID": "1361412562310870861", "description": "Check for the Version of mysql", "edition": 3, "reporter": "Copyright (c) 2012 Greenbone Networks GmbH", "published": "2012-11-15T00:00:00", "title": "RedHat Update for mysql RHSA-2012:1462-01", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "Red Hat Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-3163", "CVE-2012-3166", "CVE-2012-1690", "CVE-2012-3160", "CVE-2012-3150", "CVE-2012-1688", "CVE-2012-3180", "CVE-2012-3167", "CVE-2012-1689", "CVE-2012-3197", "CVE-2012-3173", "CVE-2012-1734", "CVE-2012-3158", "CVE-2012-0540", "CVE-2012-2749", "CVE-2012-3177", "CVE-2012-1703"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:1361412562310870861", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310870861", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for mysql RHSA-2012:1462-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"MySQL is a multi-user, multi-threaded SQL database server. It consists of\n the MySQL server daemon (mysqld) and many client programs and libraries.\n\n This update fixes several vulnerabilities in the MySQL database server.\n Information about these flaws can be found on the Oracle Critical Patch\n Update Advisory pages, listed in the References section. (CVE-2012-1688,\n CVE-2012-1690, CVE-2012-1703, CVE-2012-2749, CVE-2012-0540, CVE-2012-1689,\n CVE-2012-1734, CVE-2012-3163, CVE-2012-3158, CVE-2012-3177, CVE-2012-3166,\n CVE-2012-3173, CVE-2012-3150, CVE-2012-3180, CVE-2012-3167, CVE-2012-3197,\n CVE-2012-3160)\n\n These updated packages upgrade MySQL to version 5.1.66. Refer to the MySQL\n release notes listed in the References section for a full list of changes.\n\n All MySQL users should upgrade to these updated packages, which correct\n these issues. After installing this update, the MySQL server daemon\n (mysqld) will be restarted automatically.\";\n\ntag_affected = \"mysql on Red Hat Enterprise Linux Desktop (v. 6),\n Red Hat Enterprise Linux Server (v. 6),\n Red Hat Enterprise Linux Workstation (v. 6)\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/rhsa-announce/2012-November/msg00010.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.870861\");\n script_version(\"$Revision: 9352 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:13:02 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-11-15 11:40:01 +0530 (Thu, 15 Nov 2012)\");\n script_cve_id(\"CVE-2012-0540\", \"CVE-2012-1688\", \"CVE-2012-1689\", \"CVE-2012-1690\",\n \"CVE-2012-1703\", \"CVE-2012-1734\", \"CVE-2012-2749\", \"CVE-2012-3150\",\n \"CVE-2012-3158\", \"CVE-2012-3160\", \"CVE-2012-3163\", \"CVE-2012-3166\",\n \"CVE-2012-3167\", \"CVE-2012-3173\", \"CVE-2012-3177\", \"CVE-2012-3180\",\n \"CVE-2012-3197\");\n script_tag(name:\"cvss_base\", value:\"9.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:S/C:C/I:C/A:C\");\n script_xref(name: \"RHSA\", value: \"2012:1462-01\");\n script_name(\"RedHat Update for mysql RHSA-2012:1462-01\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of mysql\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"RHENT_6\")\n{\n\n if ((res = isrpmvuln(pkg:\"mysql\", rpm:\"mysql~5.1.66~1.el6_3\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-bench\", rpm:\"mysql-bench~5.1.66~1.el6_3\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-debuginfo\", rpm:\"mysql-debuginfo~5.1.66~1.el6_3\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-devel\", rpm:\"mysql-devel~5.1.66~1.el6_3\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-libs\", rpm:\"mysql-libs~5.1.66~1.el6_3\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-server\", rpm:\"mysql-server~5.1.66~1.el6_3\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-test\", rpm:\"mysql-test~5.1.66~1.el6_3\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 9.0, "vector": "AV:NETWORK/AC:LOW/Au:SINGLE_INSTANCE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-09-28T18:25:36", "references": ["http://linux.oracle.com/errata/ELSA-2012-1462.html"], "pluginID": "1361412562310123778", "description": "Oracle Linux Local Security Checks ELSA-2012-1462", "edition": 5, "reporter": "Eero Volotinen", "published": "2015-10-06T00:00:00", "title": "Oracle Linux Local Check: ELSA-2012-1462", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 2.1}}, "naslFamily": "Oracle Linux Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-3163", "CVE-2012-3166", "CVE-2012-1690", "CVE-2012-3160", "CVE-2012-3150", "CVE-2012-1688", "CVE-2012-3180", "CVE-2012-3167", "CVE-2012-1689", "CVE-2012-3197", "CVE-2012-3173", "CVE-2012-1734", "CVE-2012-3158", "CVE-2012-0540", "CVE-2012-2749", "CVE-2012-3177", "CVE-2012-1703"], "modified": "2018-09-28T00:00:00", "id": "OPENVAS:1361412562310123778", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310123778", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: ELSA-2012-1462.nasl 11688 2018-09-28 13:36:28Z cfischer $\n#\n# Oracle Linux Local Check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.123778\");\n script_version(\"$Revision: 11688 $\");\n script_tag(name:\"creation_date\", value:\"2015-10-06 14:08:26 +0300 (Tue, 06 Oct 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-28 15:36:28 +0200 (Fri, 28 Sep 2018) $\");\n script_name(\"Oracle Linux Local Check: ELSA-2012-1462\");\n script_tag(name:\"insight\", value:\"ELSA-2012-1462 - mysql security update. Please see the references for more insight.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"Oracle Linux Local Security Checks ELSA-2012-1462\");\n script_xref(name:\"URL\", value:\"http://linux.oracle.com/errata/ELSA-2012-1462.html\");\n script_cve_id(\"CVE-2012-0540\", \"CVE-2012-1688\", \"CVE-2012-1689\", \"CVE-2012-1690\", \"CVE-2012-1703\", \"CVE-2012-1734\", \"CVE-2012-2749\", \"CVE-2012-3150\", \"CVE-2012-3158\", \"CVE-2012-3160\", \"CVE-2012-3163\", \"CVE-2012-3166\", \"CVE-2012-3167\", \"CVE-2012-3173\", \"CVE-2012-3177\", \"CVE-2012-3180\", \"CVE-2012-3197\");\n script_tag(name:\"cvss_base\", value:\"9.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:S/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\", re:\"ssh/login/release=OracleLinux6\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Eero Volotinen\");\n script_family(\"Oracle Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"OracleLinux6\")\n{\n if ((res = isrpmvuln(pkg:\"mysql\", rpm:\"mysql~5.1.66~1.el6_3\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"mysql-bench\", rpm:\"mysql-bench~5.1.66~1.el6_3\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"mysql-devel\", rpm:\"mysql-devel~5.1.66~1.el6_3\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"mysql-embedded\", rpm:\"mysql-embedded~5.1.66~1.el6_3\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"mysql-embedded-devel\", rpm:\"mysql-embedded-devel~5.1.66~1.el6_3\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"mysql-libs\", rpm:\"mysql-libs~5.1.66~1.el6_3\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"mysql-server\", rpm:\"mysql-server~5.1.66~1.el6_3\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"mysql-test\", rpm:\"mysql-test~5.1.66~1.el6_3\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif (__pkg_match) exit(99);\n exit(0);\n\n", "cvss": {"score": 9.0, "vector": "AV:NETWORK/AC:LOW/Au:SINGLE_INSTANCE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-10-29T12:39:59", "references": ["https://security.gentoo.org/glsa/201308-06"], "pluginID": "1361412562310121014", "description": "Gentoo Linux Local Security Checks GLSA 201308-06", "edition": 7, "reporter": "Eero Volotinen", "published": "2015-09-29T00:00:00", "title": "Gentoo Security Advisory GLSA 201308-06", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "Gentoo Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-5627", "CVE-2012-0583", "CVE-2012-3163", "CVE-2012-3166", "CVE-2012-1690", "CVE-2013-2395", "CVE-2012-3160", "CVE-2013-1521", "CVE-2012-0075", "CVE-2012-0489", "CVE-2013-1567", "CVE-2013-1623", "CVE-2013-0385", "CVE-2013-1532", "CVE-2013-2392", "CVE-2013-0371", "CVE-2012-5614", "CVE-2013-1526", "CVE-2012-1697", "CVE-2013-1544", "CVE-2013-1492", "CVE-2012-0112", "CVE-2013-1523", "CVE-2013-1506", "CVE-2012-3150", "CVE-2012-5611", "CVE-2013-0386", "CVE-2012-1688", "CVE-2012-0574", "CVE-2012-0491", "CVE-2012-3180", "CVE-2012-0553", "CVE-2012-5096", "CVE-2012-3167", "CVE-2012-1689", "CVE-2013-1552", "CVE-2012-0496", "CVE-2013-1555", "CVE-2012-0113", "CVE-2012-3197", "CVE-2012-1705", "CVE-2012-0484", "CVE-2012-3173", "CVE-2013-3808", "CVE-2013-2381", "CVE-2012-1734", "CVE-2012-0494", "CVE-2012-3158", "CVE-2013-0383", "CVE-2012-0115", "CVE-2013-1512", "CVE-2013-0368", "CVE-2013-0389", "CVE-2013-2391", "CVE-2012-5060", "CVE-2012-0101", "CVE-2013-0375", "CVE-2012-0488", "CVE-2013-1570", "CVE-2012-1702", "CVE-2012-0493", "CVE-2013-0367", "CVE-2013-1566", "CVE-2012-0114", "CVE-2013-1511", "CVE-2013-1502", "CVE-2012-0495", "CVE-2012-0540", "CVE-2013-1548", "CVE-2013-1531", "CVE-2013-2375", "CVE-2012-0119", "CVE-2012-0492", "CVE-2012-0116", "CVE-2012-0572", "CVE-2012-2749", "CVE-2012-0485", "CVE-2012-5615", "CVE-2012-0578", "CVE-2013-2389", "CVE-2012-0117", "CVE-2013-3804", "CVE-2012-0487", "CVE-2012-5613", "CVE-2012-3177", "CVE-2012-0087", "CVE-2012-0490", "CVE-2013-2378", "CVE-2012-1703", "CVE-2012-2102", "CVE-2012-2122", "CVE-2012-1696", "CVE-2013-3802", "CVE-2012-0120", "CVE-2013-2376", "CVE-2012-5612", "CVE-2013-0384", "CVE-2011-2262", "CVE-2012-0118", "CVE-2012-0102", "CVE-2012-0486"], "modified": "2018-10-26T00:00:00", "id": "OPENVAS:1361412562310121014", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310121014", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: glsa-201308-06.nasl 12128 2018-10-26 13:35:25Z cfischer $\n#\n# Gentoo Linux security check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.121014\");\n script_version(\"$Revision: 12128 $\");\n script_tag(name:\"creation_date\", value:\"2015-09-29 11:25:42 +0300 (Tue, 29 Sep 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-26 15:35:25 +0200 (Fri, 26 Oct 2018) $\");\n script_name(\"Gentoo Security Advisory GLSA 201308-06\");\n script_tag(name:\"insight\", value:\"Multiple vulnerabilities have been discovered in MySQL. Please review the CVE identifiers referenced below for details.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"https://security.gentoo.org/glsa/201308-06\");\n script_cve_id(\"CVE-2011-2262\", \"CVE-2012-0075\", \"CVE-2012-0087\", \"CVE-2012-0101\", \"CVE-2012-0102\", \"CVE-2012-0112\", \"CVE-2012-0113\", \"CVE-2012-0114\", \"CVE-2012-0115\", \"CVE-2012-0116\", \"CVE-2012-0117\", \"CVE-2012-0118\", \"CVE-2012-0119\", \"CVE-2012-0120\", \"CVE-2012-0484\", \"CVE-2012-0485\", \"CVE-2012-0486\", \"CVE-2012-0487\", \"CVE-2012-0488\", \"CVE-2012-0489\", \"CVE-2012-0490\", \"CVE-2012-0491\", \"CVE-2012-0492\", \"CVE-2012-0493\", \"CVE-2012-0494\", \"CVE-2012-0495\", \"CVE-2012-0496\", \"CVE-2012-0540\", \"CVE-2012-0553\", \"CVE-2012-0572\", \"CVE-2012-0574\", \"CVE-2012-0578\", \"CVE-2012-0583\", \"CVE-2012-1688\", \"CVE-2012-1689\", \"CVE-2012-1690\", \"CVE-2012-1696\", \"CVE-2012-1697\", \"CVE-2012-1702\", \"CVE-2012-1703\", \"CVE-2012-1705\", \"CVE-2012-1734\", \"CVE-2012-2102\", \"CVE-2012-2122\", \"CVE-2012-2749\", \"CVE-2012-3150\", \"CVE-2012-3158\", \"CVE-2012-3160\", \"CVE-2012-3163\", \"CVE-2012-3166\", \"CVE-2012-3167\", \"CVE-2012-3173\", \"CVE-2012-3177\", \"CVE-2012-3180\", \"CVE-2012-3197\", \"CVE-2012-5060\", \"CVE-2012-5096\", \"CVE-2012-5611\", \"CVE-2012-5612\", \"CVE-2012-5613\", \"CVE-2012-5614\", \"CVE-2012-5615\", \"CVE-2012-5627\", \"CVE-2013-0367\", \"CVE-2013-0368\", \"CVE-2013-0371\", \"CVE-2013-0375\", \"CVE-2013-0383\", \"CVE-2013-0384\", \"CVE-2013-0385\", \"CVE-2013-0386\", \"CVE-2013-0389\", \"CVE-2013-1492\", \"CVE-2013-1502\", \"CVE-2013-1506\", \"CVE-2013-1511\", \"CVE-2013-1512\", \"CVE-2013-1521\", \"CVE-2013-1523\", \"CVE-2013-1526\", \"CVE-2013-1531\", \"CVE-2013-1532\", \"CVE-2013-1544\", \"CVE-2013-1548\", \"CVE-2013-1552\", \"CVE-2013-1555\", \"CVE-2013-1566\", \"CVE-2013-1567\", \"CVE-2013-1570\", \"CVE-2013-1623\", \"CVE-2013-2375\", \"CVE-2013-2376\", \"CVE-2013-2378\", \"CVE-2013-2381\", \"CVE-2013-2389\", \"CVE-2013-2391\", \"CVE-2013-2392\", \"CVE-2013-2395\", \"CVE-2013-3802\", \"CVE-2013-3804\", \"CVE-2013-3808\");\n script_tag(name:\"cvss_base\", value:\"9.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:S/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/gentoo\", \"ssh/login/pkg\");\n script_category(ACT_GATHER_INFO);\n script_tag(name:\"summary\", value:\"Gentoo Linux Local Security Checks GLSA 201308-06\");\n script_copyright(\"Eero Volotinen\");\n script_family(\"Gentoo Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-gentoo.inc\");\n\nres = \"\";\nreport = \"\";\n\nif((res=ispkgvuln(pkg:\"dev-db/mysql\", unaffected: make_list(\"ge 5.1.70\"), vulnerable: make_list(\"lt 5.1.70\"))) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99);\n}\n", "cvss": {"score": 9.0, "vector": "AV:NETWORK/AC:LOW/Au:SINGLE_INSTANCE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "nessus": [{"lastseen": "2018-09-02T00:02:11", "references": ["http://www.oracle.com/technetwork/topics/security/cpuapr2012-366314.html", "http://www.nessus.org/u?113e249d", "http://www.nessus.org/u?113e249d", "http://dev.mysql.com/doc/refman/5.1/en/news-5-1-62.html", "http://www.openwall.com/lists/oss-security/2012/02/24/2"], "pluginID": "58802", "description": "The version of MySQL 5.1 installed on the remote host is earlier than 5.1.62. It is, therefore, affected by the following vulnerabilities :\n\n - An error exists related to the included yaSSL component that could allow arbitrary code execution.\n (CVE-2012-0882)\n\n - Errors exist related to 'Server Optimizer', 'Server DML', 'Partition' and, in combination with InnoDB, 'HANDLER READ NEXT' that could allow denial of service attacks. (CVE-2012-1688, CVE-2012-1690, CVE-2012-1703, CVE-2012-2102)", "edition": 6, "reporter": "Tenable", "published": "2012-04-19T00:00:00", "title": "MySQL 5.1 < 5.1.62 Multiple Vulnerabilities", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "Databases", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-1690", "CVE-2012-1688", "CVE-2012-1703", "CVE-2012-2102", "CVE-2012-0882"], "modified": "2018-07-16T00:00:00", "cpe": ["cpe:/a:mysql:mysql"], "id": "MYSQL_5_1_62.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=58802", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(58802);\n script_version(\"1.10\");\n script_cvs_date(\"Date: 2018/07/16 14:09:13\");\n script_cve_id(\n \"CVE-2012-0882\",\n \"CVE-2012-1688\",\n \"CVE-2012-1690\",\n \"CVE-2012-1703\",\n \"CVE-2012-2102\"\n );\n script_bugtraq_id(51925, 52931, 53058, 53067, 53074);\n\n script_name(english:\"MySQL 5.1 < 5.1.62 Multiple Vulnerabilities\");\n script_summary(english:\"Checks version of MySQL server\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote database server is affected by multiple vulnerabilities.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"The version of MySQL 5.1 installed on the remote host is earlier\nthan 5.1.62. It is, therefore, affected by the following\nvulnerabilities :\n\n - An error exists related to the included yaSSL\n component that could allow arbitrary code execution.\n (CVE-2012-0882)\n\n - Errors exist related to 'Server Optimizer',\n 'Server DML', 'Partition' and, in combination with\n InnoDB, 'HANDLER READ NEXT' that could allow denial of\n service attacks. (CVE-2012-1688, CVE-2012-1690,\n CVE-2012-1703, CVE-2012-2102)\"\n );\n script_set_attribute(attribute:\"see_also\", value:\"http://www.oracle.com/technetwork/topics/security/cpuapr2012-366314.html\");\n # http://eromang.zataz.com/2012/04/10/oracle-mysql-innodb-bugs-13510739-and-63775-dos-demo/\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?113e249d\");\n script_set_attribute(attribute:\"see_also\", value:\"http://dev.mysql.com/doc/refman/5.1/en/news-5-1-62.html\");\n # http://eromang.zataz.com/2012/04/10/oracle-mysql-innodb-bugs-13510739-and-63775-dos-demo/\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?113e249d\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.openwall.com/lists/oss-security/2012/02/24/2\");\n script_set_attribute(attribute:\"solution\", value:\"Upgrade to MySQL version 5.1.62 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/04/17\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/03/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/04/19\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:mysql:mysql\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Databases\");\n\n script_copyright(english:\"This script is Copyright (C) 2012-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"mysql_version.nasl\", \"mysql_login.nasl\");\n script_require_keys(\"Settings/ParanoidReport\");\n script_require_ports(\"Services/mysql\", 3306);\n\n exit(0);\n}\n\ninclude(\"mysql_version.inc\");\n\nmysql_check_version(fixed:'5.1.62', min:'5.1', severity:SECURITY_WARNING);\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-09-02T00:02:01", "references": ["http://dev.mysql.com/doc/refman/5.5/en/news-5-5-22.html", "http://www.nessus.org/u?113e249d", "http://www.openwall.com/lists/oss-security/2012/02/24/2"], "pluginID": "58661", "description": "The version of MySQL 5.5 installed on the remote host is earlier than 5.5.22. It is, therefore, affected by the following vulnerabilities :\n\n - An error exists related to the included yaSSL component that could allow arbitrary code execution.\n (CVE-2012-0882)\n\n - Errors exist related to 'Server Optimizer', 'Server DML', 'Partition' and, in combination with InnoDB, 'HANDLER READ NEXT' that could allow denial of service attacks. (CVE-2012-1688, CVE-2012-1690, CVE-2012-1697, CVE-2012-1703, CVE-2012-2102)", "edition": 6, "reporter": "Tenable", "published": "2012-04-11T00:00:00", "title": "MySQL 5.5 < 5.5.22 Multiple Vulnerabilities", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "Databases", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-1690", "CVE-2012-1697", "CVE-2012-1688", "CVE-2012-1703", "CVE-2012-2102", "CVE-2012-0882"], "modified": "2018-07-16T00:00:00", "cpe": ["cpe:/a:mysql:mysql"], "id": "MYSQL_5_5_22.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=58661", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(58661);\n script_version(\"1.14\");\n script_cvs_date(\"Date: 2018/07/16 14:09:13\");\n script_cve_id(\n \"CVE-2012-0882\",\n \"CVE-2012-1688\",\n \"CVE-2012-1690\",\n \"CVE-2012-1697\",\n \"CVE-2012-1703\",\n \"CVE-2012-2102\"\n );\n script_bugtraq_id(51925, 52931, 53058, 53064, 53067, 53074);\n\n script_name(english:\"MySQL 5.5 < 5.5.22 Multiple Vulnerabilities\");\n script_summary(english:\"Checks version of MySQL server\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote database server is affected by multiple vulnerabilities.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"The version of MySQL 5.5 installed on the remote host is earlier than\n5.5.22. It is, therefore, affected by the following vulnerabilities :\n\n - An error exists related to the included yaSSL\n component that could allow arbitrary code execution.\n (CVE-2012-0882)\n\n - Errors exist related to 'Server Optimizer',\n 'Server DML', 'Partition' and, in combination with\n InnoDB, 'HANDLER READ NEXT' that could allow denial of\n service attacks. (CVE-2012-1688, CVE-2012-1690,\n CVE-2012-1697, CVE-2012-1703, CVE-2012-2102)\"\n );\n script_set_attribute(attribute:\"see_also\", value:\"http://dev.mysql.com/doc/refman/5.5/en/news-5-5-22.html\");\n # http://eromang.zataz.com/2012/04/10/oracle-mysql-innodb-bugs-13510739-and-63775-dos-demo/\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?113e249d\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.openwall.com/lists/oss-security/2012/02/24/2\");\n script_set_attribute(\n attribute:\"solution\",\n value:\"Upgrade to MySQL version 5.5.22 or later.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/03/21\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/03/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/04/11\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:mysql:mysql\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Databases\");\n\n script_copyright(english:\"This script is Copyright (C) 2012-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"mysql_version.nasl\", \"mysql_login.nasl\");\n script_require_keys(\"Settings/ParanoidReport\");\n script_require_ports(\"Services/mysql\", 3306);\n\n exit(0);\n}\n\ninclude(\"mysql_version.inc\");\n\nmysql_check_version(fixed:'5.5.22', min:'5.5', severity:SECURITY_HOLE);\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-11-13T16:42:08", "references": ["https://bugzilla.novell.com/show_bug.cgi?id=675870", "http://dev.mysql.com/doc/refman/5.1/en/mysql-cluster-news-7-1.html", "https://bugzilla.novell.com/show_bug.cgi?id=734436", "https://bugzilla.novell.com/show_bug.cgi?id=758460", "https://bugzilla.novell.com/show_bug.cgi?id=742272", "https://lists.opensuse.org/opensuse-updates/2012-05/msg00018.html"], "pluginID": "74626", "description": "MySQL Cluster 7.1.21 fixes several security issues and bugs. Please refer to the following upstream announcement for details :\n\nhttp://dev.mysql.com/doc/refman/5.1/en/mysql-cluster-news-7-1.html", "edition": 5, "reporter": "Tenable", "published": "2014-06-13T00:00:00", "title": "openSUSE Security Update : mysql-cluster (openSUSE-SU-2012:0617-1)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "SuSE Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-0583", "CVE-2012-1690", "CVE-2012-1697", "CVE-2012-1688", "CVE-2009-5026", "CVE-2012-1703", "CVE-2012-1696"], "modified": "2018-11-10T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:mysql-cluster-debugsource", "p-cpe:/a:novell:opensuse:mysql-cluster-ndb-management", "p-cpe:/a:novell:opensuse:mysql-cluster-ndb-tools-debuginfo", "p-cpe:/a:novell:opensuse:mysql-cluster-bench", "p-cpe:/a:novell:opensuse:mysql-cluster-client", "p-cpe:/a:novell:opensuse:mysql-cluster-ndb-tools", "p-cpe:/a:novell:opensuse:mysql-cluster-client-debuginfo", "p-cpe:/a:novell:opensuse:libmysqlclusterclient_r16", "cpe:/o:novell:opensuse:12.1", "p-cpe:/a:novell:opensuse:mysql-cluster-test", "p-cpe:/a:novell:opensuse:mysql-cluster-ndb-storage-debuginfo", "cpe:/o:novell:opensuse:11.4", "p-cpe:/a:novell:opensuse:mysql-cluster", "p-cpe:/a:novell:opensuse:mysql-cluster-debug-debuginfo", "p-cpe:/a:novell:opensuse:mysql-cluster-debug", "p-cpe:/a:novell:opensuse:libmysqlclusterclient_r16-debuginfo", "p-cpe:/a:novell:opensuse:mysql-cluster-ndb-extra", "p-cpe:/a:novell:opensuse:mysql-cluster-bench-debuginfo", "p-cpe:/a:novell:opensuse:mysql-cluster-tools-debuginfo", "p-cpe:/a:novell:opensuse:mysql-cluster-test-debuginfo", "p-cpe:/a:novell:opensuse:mysql-cluster-ndb-management-debuginfo", "p-cpe:/a:novell:opensuse:mysql-cluster-debuginfo", "p-cpe:/a:novell:opensuse:mysql-cluster-ndb-extra-debuginfo", "p-cpe:/a:novell:opensuse:mysql-cluster-ndb-storage", "p-cpe:/a:novell:opensuse:mysql-cluster-tools", "p-cpe:/a:novell:opensuse:libmysqlclusterclient16", "p-cpe:/a:novell:opensuse:libmysqlclusterclient16-debuginfo"], "id": "OPENSUSE-2012-276.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=74626", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2012-276.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(74626);\n script_version(\"1.2\");\n script_cvs_date(\"Date: 2018/11/10 11:50:00\");\n\n script_cve_id(\"CVE-2009-5026\", \"CVE-2012-0583\", \"CVE-2012-1688\", \"CVE-2012-1690\", \"CVE-2012-1696\", \"CVE-2012-1697\", \"CVE-2012-1703\");\n\n script_name(english:\"openSUSE Security Update : mysql-cluster (openSUSE-SU-2012:0617-1)\");\n script_summary(english:\"Check for the openSUSE-2012-276 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"MySQL Cluster 7.1.21 fixes several security issues and bugs. Please\nrefer to the following upstream announcement for details :\n\nhttp://dev.mysql.com/doc/refman/5.1/en/mysql-cluster-news-7-1.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://dev.mysql.com/doc/refman/5.1/en/mysql-cluster-news-7-1.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=675870\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=734436\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=742272\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=758460\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.opensuse.org/opensuse-updates/2012-05/msg00018.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected mysql-cluster packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libmysqlclusterclient16\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libmysqlclusterclient16-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libmysqlclusterclient_r16\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libmysqlclusterclient_r16-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mysql-cluster\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mysql-cluster-bench\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mysql-cluster-bench-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mysql-cluster-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mysql-cluster-client-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mysql-cluster-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mysql-cluster-debug-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mysql-cluster-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mysql-cluster-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mysql-cluster-ndb-extra\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mysql-cluster-ndb-extra-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mysql-cluster-ndb-management\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mysql-cluster-ndb-management-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mysql-cluster-ndb-storage\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mysql-cluster-ndb-storage-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mysql-cluster-ndb-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mysql-cluster-ndb-tools-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mysql-cluster-test\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mysql-cluster-test-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mysql-cluster-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mysql-cluster-tools-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:11.4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:12.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/05/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/06/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE11\\.4|SUSE12\\.1)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"11.4 / 12.1\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE11.4\", reference:\"libmysqlclusterclient16-7.1.21-52.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"libmysqlclusterclient16-debuginfo-7.1.21-52.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"libmysqlclusterclient_r16-7.1.21-52.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"libmysqlclusterclient_r16-debuginfo-7.1.21-52.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"mysql-cluster-7.1.21-52.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"mysql-cluster-bench-7.1.21-52.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"mysql-cluster-bench-debuginfo-7.1.21-52.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"mysql-cluster-client-7.1.21-52.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"mysql-cluster-client-debuginfo-7.1.21-52.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"mysql-cluster-debug-7.1.21-52.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"mysql-cluster-debug-debuginfo-7.1.21-52.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"mysql-cluster-debuginfo-7.1.21-52.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"mysql-cluster-debugsource-7.1.21-52.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"mysql-cluster-ndb-extra-7.1.21-52.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"mysql-cluster-ndb-extra-debuginfo-7.1.21-52.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"mysql-cluster-ndb-management-7.1.21-52.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"mysql-cluster-ndb-management-debuginfo-7.1.21-52.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"mysql-cluster-ndb-storage-7.1.21-52.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"mysql-cluster-ndb-storage-debuginfo-7.1.21-52.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"mysql-cluster-ndb-tools-7.1.21-52.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"mysql-cluster-ndb-tools-debuginfo-7.1.21-52.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"mysql-cluster-test-7.1.21-52.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"mysql-cluster-test-debuginfo-7.1.21-52.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"mysql-cluster-tools-7.1.21-52.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"mysql-cluster-tools-debuginfo-7.1.21-52.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"libmysqlclusterclient16-7.1.21-2.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"libmysqlclusterclient16-debuginfo-7.1.21-2.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"libmysqlclusterclient_r16-7.1.21-2.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"libmysqlclusterclient_r16-debuginfo-7.1.21-2.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"mysql-cluster-7.1.21-2.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"mysql-cluster-bench-7.1.21-2.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"mysql-cluster-bench-debuginfo-7.1.21-2.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"mysql-cluster-client-7.1.21-2.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"mysql-cluster-client-debuginfo-7.1.21-2.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"mysql-cluster-debug-7.1.21-2.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"mysql-cluster-debug-debuginfo-7.1.21-2.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"mysql-cluster-debuginfo-7.1.21-2.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"mysql-cluster-debugsource-7.1.21-2.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"mysql-cluster-ndb-extra-7.1.21-2.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"mysql-cluster-ndb-extra-debuginfo-7.1.21-2.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"mysql-cluster-ndb-management-7.1.21-2.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"mysql-cluster-ndb-management-debuginfo-7.1.21-2.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"mysql-cluster-ndb-storage-7.1.21-2.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"mysql-cluster-ndb-storage-debuginfo-7.1.21-2.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"mysql-cluster-ndb-tools-7.1.21-2.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"mysql-cluster-ndb-tools-debuginfo-7.1.21-2.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"mysql-cluster-test-7.1.21-2.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"mysql-cluster-test-debuginfo-7.1.21-2.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"mysql-cluster-tools-7.1.21-2.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"mysql-cluster-tools-debuginfo-7.1.21-2.4.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libmysqlclusterclient16 / libmysqlclusterclient16-debuginfo / etc\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-11-11T13:05:04", "references": ["https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=677018", "https://www.debian.org/security/2012/dsa-2496", "https://packages.debian.org/source/squeeze/mysql-5.1", "https://security-tracker.debian.org/tracker/CVE-2012-2122", "http://dev.mysql.com/doc/refman/5.1/en/news-5-1-x.html", "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=670636"], "pluginID": "59774", "description": "Due to the non-disclosure of security patch information from Oracle, we are forced to ship an upstream version update of MySQL 5.1. There are several known incompatible changes, which are listed in /usr/share/doc/mysql-server/NEWS.Debian.gz.\n\nSeveral issues have been discovered in the MySQL database server. The vulnerabilities are addressed by upgrading MySQL to a new upstream version, 5.1.63, which includes additional changes, such as performance improvements and corrections for data loss defects. These changes are described in the MySQL release notes.\n\n CVE-2012-2122, an authentication bypass vulnerability, occurs only when MySQL has been built in with certain optimisations enabled. The packages in Debian stable (squeeze) are not known to be affected by this vulnerability. It is addressed in this update nonetheless, so future rebuilds will not become vulnerable to this issue.", "edition": 7, "reporter": "Tenable", "published": "2012-06-29T00:00:00", "title": "Debian DSA-2496-1 : mysql-5.1 - several vulnerabilities", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "Debian Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-0583", "CVE-2012-1690", "CVE-2012-1688", "CVE-2012-1689", "CVE-2012-1734", "CVE-2012-0540", "CVE-2012-2749", "CVE-2012-1703", "CVE-2012-2102", "CVE-2012-2122"], "modified": "2018-11-10T00:00:00", "cpe": ["cpe:/o:debian:debian_linux:6.0", "p-cpe:/a:debian:debian_linux:mysql-5.1"], "id": "DEBIAN_DSA-2496.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=59774", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-2496. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(59774);\n script_version(\"1.17\");\n script_cvs_date(\"Date: 2018/11/10 11:49:35\");\n\n script_cve_id(\"CVE-2012-0540\", \"CVE-2012-0583\", \"CVE-2012-1688\", \"CVE-2012-1689\", \"CVE-2012-1690\", \"CVE-2012-1703\", \"CVE-2012-1734\", \"CVE-2012-2102\", \"CVE-2012-2122\", \"CVE-2012-2749\");\n script_bugtraq_id(53058, 53061, 53067, 53074, 53911);\n script_xref(name:\"DSA\", value:\"2496\");\n\n script_name(english:\"Debian DSA-2496-1 : mysql-5.1 - several vulnerabilities\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Due to the non-disclosure of security patch information from\n Oracle, we are forced to ship an upstream version update of MySQL\n 5.1. There are several known incompatible changes, which are\n listed in /usr/share/doc/mysql-server/NEWS.Debian.gz.\n\nSeveral issues have been discovered in the MySQL database server. The\nvulnerabilities are addressed by upgrading MySQL to a new upstream\nversion, 5.1.63, which includes additional changes, such as\nperformance improvements and corrections for data loss defects. These\nchanges are described in the MySQL release notes.\n\n CVE-2012-2122, an authentication bypass vulnerability, occurs only\n when MySQL has been built in with certain optimisations enabled. The\n packages in Debian stable (squeeze) are not known to be affected by\n this vulnerability. It is addressed in this update nonetheless, so\n future rebuilds will not become vulnerable to this issue.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=670636\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=677018\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://dev.mysql.com/doc/refman/5.1/en/news-5-1-x.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2012-2122\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/squeeze/mysql-5.1\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2012/dsa-2496\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the MySQL packages.\n\nFor the stable distribution (squeeze), these problems have been fixed\nin version 5.1.63-0+squeeze1.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'CANVAS');\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:mysql-5.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:6.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/06/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/06/29\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"6.0\", prefix:\"libmysqlclient-dev\", reference:\"5.1.63-0+squeeze1\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libmysqlclient16\", reference:\"5.1.63-0+squeeze1\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libmysqld-dev\", reference:\"5.1.63-0+squeeze1\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libmysqld-pic\", reference:\"5.1.63-0+squeeze1\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"mysql-client\", reference:\"5.1.63-0+squeeze1\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"mysql-client-5.1\", reference:\"5.1.63-0+squeeze1\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"mysql-common\", reference:\"5.1.63-0+squeeze1\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"mysql-server\", reference:\"5.1.63-0+squeeze1\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"mysql-server-5.1\", reference:\"5.1.63-0+squeeze1\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"mysql-server-core-5.1\", reference:\"5.1.63-0+squeeze1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:LOW/Au:SINGLE_INSTANCE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2018-09-02T00:06:01", "references": ["http://www.nessus.org/u?66a78548"], "pluginID": "62934", "description": "This update fixes several vulnerabilities in the MySQL database server. Information about these flaws can be found on the Oracle Critical Patch Update Advisory pages. (CVE-2012-1688, CVE-2012-1690, CVE-2012-1703, CVE-2012-2749, CVE-2012-0540, CVE-2012-1689, CVE-2012-1734, CVE-2012-3163, CVE-2012-3158, CVE-2012-3177, CVE-2012-3166, CVE-2012-3173, CVE-2012-3150, CVE-2012-3180, CVE-2012-3167, CVE-2012-3197, CVE-2012-3160)\n\nThese updated packages upgrade MySQL to version 5.1.66. Refer to the MySQL release notes for a full list of changes.\n\nAfter installing this update, the MySQL server daemon (mysqld) will be restarted automatically.", "edition": 4, "reporter": "Tenable", "published": "2012-11-16T00:00:00", "title": "Scientific Linux Security Update : mysql on SL6.x i386/x86_64", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "Scientific Linux Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-3163", "CVE-2012-3166", "CVE-2012-1690", "CVE-2012-3160", "CVE-2012-3150", "CVE-2012-1688", "CVE-2012-3180", "CVE-2012-3167", "CVE-2012-1689", "CVE-2012-3197", "CVE-2012-3173", "CVE-2012-1734", "CVE-2012-3158", "CVE-2012-0540", "CVE-2012-2749", "CVE-2012-3177", "CVE-2012-1703"], "modified": "2013-01-24T00:00:00", "cpe": ["x-cpe:/o:fermilab:scientific_linux"], "id": "SL_20121114_MYSQL_ON_SL6_X.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=62934", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(62934);\n script_version(\"$Revision: 1.3 $\");\n script_cvs_date(\"$Date: 2013/01/24 03:33:08 $\");\n\n script_cve_id(\"CVE-2012-0540\", \"CVE-2012-1688\", \"CVE-2012-1689\", \"CVE-2012-1690\", \"CVE-2012-1703\", \"CVE-2012-1734\", \"CVE-2012-2749\", \"CVE-2012-3150\", \"CVE-2012-3158\", \"CVE-2012-3160\", \"CVE-2012-3163\", \"CVE-2012-3166\", \"CVE-2012-3167\", \"CVE-2012-3173\", \"CVE-2012-3177\", \"CVE-2012-3180\", \"CVE-2012-3197\");\n\n script_name(english:\"Scientific Linux Security Update : mysql on SL6.x i386/x86_64\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update fixes several vulnerabilities in the MySQL database\nserver. Information about these flaws can be found on the Oracle\nCritical Patch Update Advisory pages. (CVE-2012-1688, CVE-2012-1690,\nCVE-2012-1703, CVE-2012-2749, CVE-2012-0540, CVE-2012-1689,\nCVE-2012-1734, CVE-2012-3163, CVE-2012-3158, CVE-2012-3177,\nCVE-2012-3166, CVE-2012-3173, CVE-2012-3150, CVE-2012-3180,\nCVE-2012-3167, CVE-2012-3197, CVE-2012-3160)\n\nThese updated packages upgrade MySQL to version 5.1.66. Refer to the\nMySQL release notes for a full list of changes.\n\nAfter installing this update, the MySQL server daemon (mysqld) will be\nrestarted automatically.\"\n );\n # http://listserv.fnal.gov/scripts/wa.exe?A2=ind1211&L=scientific-linux-errata&T=0&P=1447\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?66a78548\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:C/I:C/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/11/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/11/16\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2013 Tenable Network Security, Inc.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL6\", reference:\"mysql-5.1.66-1.el6_3\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"mysql-bench-5.1.66-1.el6_3\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"mysql-devel-5.1.66-1.el6_3\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"mysql-embedded-5.1.66-1.el6_3\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"mysql-embedded-devel-5.1.66-1.el6_3\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"mysql-libs-5.1.66-1.el6_3\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"mysql-server-5.1.66-1.el6_3\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"mysql-test-5.1.66-1.el6_3\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 9.0, "vector": "AV:NETWORK/AC:LOW/Au:SINGLE_INSTANCE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-11-13T16:50:57", "references": ["http://www.nessus.org/u?687fd865", "http://www.nessus.org/u?d0bd5117", "http://dev.mysql.com/doc/refman/5.1/en/news-5-1-63.html", "https://access.redhat.com/security/cve/cve-2012-3177", "https://access.redhat.com/security/cve/cve-2012-3160", "https://access.redhat.com/security/cve/cve-2012-1690", "http://dev.mysql.com/doc/refman/5.1/en/news-5-1-66.html", "https://access.redhat.com/security/cve/cve-2012-1734", "https://access.redhat.com/security/cve/cve-2012-1689", "http://dev.mysql.com/doc/refman/5.1/en/news-5-1-64.html", "https://access.redhat.com/security/cve/cve-2012-3150", "https://access.redhat.com/security/cve/cve-2012-1703", "https://access.redhat.com/security/cve/cve-2012-3163", "https://access.redhat.com/security/cve/cve-2012-3166", "https://access.redhat.com/security/cve/cve-2012-3158", "https://access.redhat.com/errata/RHSA-2012:1462", "https://access.redhat.com/security/cve/cve-2012-1688", "http://www.nessus.org/u?f5c32e24", "https://access.redhat.com/security/cve/cve-2012-3167", "https://access.redhat.com/security/cve/cve-2012-3180", "http://dev.mysql.com/doc/refman/5.1/en/news-5-1-62.html", "https://access.redhat.com/security/cve/cve-2012-3197", "https://access.redhat.com/security/cve/cve-2012-0540", "https://access.redhat.com/security/cve/cve-2012-2749", "https://access.redhat.com/security/cve/cve-2012-3173", "http://dev.mysql.com/doc/refman/5.1/en/news-5-1-65.html"], "pluginID": "62923", "description": "Updated mysql packages that fix several security issues are now available for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nMySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon (mysqld) and many client programs and libraries.\n\nThis update fixes several vulnerabilities in the MySQL database server. Information about these flaws can be found on the Oracle Critical Patch Update Advisory pages, listed in the References section. (CVE-2012-1688, CVE-2012-1690, CVE-2012-1703, CVE-2012-2749, CVE-2012-0540, CVE-2012-1689, CVE-2012-1734, CVE-2012-3163, CVE-2012-3158, CVE-2012-3177, CVE-2012-3166, CVE-2012-3173, CVE-2012-3150, CVE-2012-3180, CVE-2012-3167, CVE-2012-3197, CVE-2012-3160)\n\nThese updated packages upgrade MySQL to version 5.1.66. Refer to the MySQL release notes listed in the References section for a full list of changes.\n\nAll MySQL users should upgrade to these updated packages, which correct these issues. After installing this update, the MySQL server daemon (mysqld) will be restarted automatically.", "edition": 8, "reporter": "Tenable", "published": "2012-11-15T00:00:00", "title": "RHEL 6 : mysql (RHSA-2012:1462)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "Red Hat Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-3163", "CVE-2012-3166", "CVE-2012-1690", "CVE-2012-3160", "CVE-2012-3150", "CVE-2012-1688", "CVE-2012-3180", "CVE-2012-3167", "CVE-2012-1689", "CVE-2012-3197", "CVE-2012-3173", "CVE-2012-1734", "CVE-2012-3158", "CVE-2012-0540", "CVE-2012-2749", "CVE-2012-3177", "CVE-2012-1703"], "modified": "2018-11-10T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:mysql-bench", "p-cpe:/a:redhat:enterprise_linux:mysql-debuginfo", "cpe:/o:redhat:enterprise_linux:6.3", "p-cpe:/a:redhat:enterprise_linux:mysql-devel", "p-cpe:/a:redhat:enterprise_linux:mysql-embedded-devel", "p-cpe:/a:redhat:enterprise_linux:mysql-embedded", "p-cpe:/a:redhat:enterprise_linux:mysql-server", "p-cpe:/a:redhat:enterprise_linux:mysql-test", "p-cpe:/a:redhat:enterprise_linux:mysql-libs", "cpe:/o:redhat:enterprise_linux:6", "p-cpe:/a:redhat:enterprise_linux:mysql"], "id": "REDHAT-RHSA-2012-1462.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=62923", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2012:1462. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(62923);\n script_version (\"1.17\");\n script_cvs_date(\"Date: 2018/11/10 11:49:52\");\n\n script_cve_id(\"CVE-2012-0540\", \"CVE-2012-1688\", \"CVE-2012-1689\", \"CVE-2012-1690\", \"CVE-2012-1703\", \"CVE-2012-1734\", \"CVE-2012-2749\", \"CVE-2012-3150\", \"CVE-2012-3158\", \"CVE-2012-3160\", \"CVE-2012-3163\", \"CVE-2012-3166\", \"CVE-2012-3167\", \"CVE-2012-3173\", \"CVE-2012-3177\", \"CVE-2012-3180\", \"CVE-2012-3197\");\n script_bugtraq_id(53058, 53067, 53074, 54540, 54547, 54551, 55120, 55990, 56003, 56005, 56017, 56018, 56021, 56027, 56028, 56036, 56041);\n script_xref(name:\"RHSA\", value:\"2012:1462\");\n\n script_name(english:\"RHEL 6 : mysql (RHSA-2012:1462)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated mysql packages that fix several security issues are now\navailable for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having\nimportant security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nMySQL is a multi-user, multi-threaded SQL database server. It consists\nof the MySQL server daemon (mysqld) and many client programs and\nlibraries.\n\nThis update fixes several vulnerabilities in the MySQL database\nserver. Information about these flaws can be found on the Oracle\nCritical Patch Update Advisory pages, listed in the References\nsection. (CVE-2012-1688, CVE-2012-1690, CVE-2012-1703, CVE-2012-2749,\nCVE-2012-0540, CVE-2012-1689, CVE-2012-1734, CVE-2012-3163,\nCVE-2012-3158, CVE-2012-3177, CVE-2012-3166, CVE-2012-3173,\nCVE-2012-3150, CVE-2012-3180, CVE-2012-3167, CVE-2012-3197,\nCVE-2012-3160)\n\nThese updated packages upgrade MySQL to version 5.1.66. Refer to the\nMySQL release notes listed in the References section for a full list\nof changes.\n\nAll MySQL users should upgrade to these updated packages, which\ncorrect these issues. After installing this update, the MySQL server\ndaemon (mysqld) will be restarted automatically.\"\n );\n # http://www.oracle.com/technetwork/topics/security/cpuapr2012-366314.html#\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?d0bd5117\"\n );\n # http://www.oracle.com/technetwork/topics/security/cpujul2012-392727.html#\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?f5c32e24\"\n );\n # http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html#\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?687fd865\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://dev.mysql.com/doc/refman/5.1/en/news-5-1-62.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://dev.mysql.com/doc/refman/5.1/en/news-5-1-63.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://dev.mysql.com/doc/refman/5.1/en/news-5-1-64.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://dev.mysql.com/doc/refman/5.1/en/news-5-1-65.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://dev.mysql.com/doc/refman/5.1/en/news-5-1-66.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2012:1462\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-3177\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-0540\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-1689\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-1688\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-1690\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-1703\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-1734\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-3160\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-3158\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-2749\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-3163\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-3173\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-3166\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-3167\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-3150\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-3197\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-3180\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:mysql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:mysql-bench\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:mysql-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:mysql-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:mysql-embedded\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:mysql-embedded-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:mysql-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:mysql-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:mysql-test\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6.3\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/11/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/11/15\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = eregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 6.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2012:1462\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"mysql-5.1.66-1.el6_3\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"mysql-5.1.66-1.el6_3\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"mysql-5.1.66-1.el6_3\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"mysql-bench-5.1.66-1.el6_3\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"mysql-bench-5.1.66-1.el6_3\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"mysql-bench-5.1.66-1.el6_3\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", reference:\"mysql-debuginfo-5.1.66-1.el6_3\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", reference:\"mysql-devel-5.1.66-1.el6_3\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", reference:\"mysql-embedded-5.1.66-1.el6_3\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", reference:\"mysql-embedded-devel-5.1.66-1.el6_3\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", reference:\"mysql-libs-5.1.66-1.el6_3\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"mysql-server-5.1.66-1.el6_3\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"mysql-server-5.1.66-1.el6_3\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"mysql-server-5.1.66-1.el6_3\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"mysql-test-5.1.66-1.el6_3\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"mysql-test-5.1.66-1.el6_3\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"mysql-test-5.1.66-1.el6_3\")) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"mysql / mysql-bench / mysql-debuginfo / mysql-devel / etc\");\n }\n}\n", "cvss": {"score": 9.0, "vector": "AV:NETWORK/AC:LOW/Au:SINGLE_INSTANCE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-11-13T16:54:58", "references": ["https://bugzilla.novell.com/show_bug.cgi?id=675870", "https://bugzilla.novell.com/show_bug.cgi?id=734436", "http://kb.askmonty.org/en/changelogs-mariadb-51-series", "https://bugzilla.novell.com/show_bug.cgi?id=758460", "http://kb.askmonty.org/v/mariadb-5212-release-notes", "https://lists.opensuse.org/opensuse-updates/2012-05/msg00020.html", "http://kb.askmonty.org/v/mariadb-5211-release-notes", "https://bugzilla.novell.com/show_bug.cgi?id=742272", "http://kb.askmonty.org/v/mariadb-5210-release-notes"], "pluginID": "74624", "description": "mariadb update to version 5.2.12 fixes several security issues and bugs. Please refer to the following upstream announcements for details :\n\nhttp://kb.askmonty.org/v/mariadb-5212-release-notes http://kb.askmonty.org/v/mariadb-5211-release-notes http://kb.askmonty.org/v/mariadb-5210-release-notes", "edition": 5, "reporter": "Tenable", "published": "2014-06-13T00:00:00", "title": "openSUSE Security Update : mariadb (openSUSE-2012-274)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "SuSE Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-0583", "CVE-2012-1690", "CVE-2012-0075", "CVE-2012-0112", "CVE-2012-1688", "CVE-2012-0113", "CVE-2012-0484", "CVE-2012-0115", "CVE-2012-0101", "CVE-2012-0114", "CVE-2012-0119", "CVE-2012-0492", "CVE-2012-0116", "CVE-2012-0485", "CVE-2012-0087", "CVE-2012-0490", "CVE-2012-1703", "CVE-2012-0120", "CVE-2011-2262", "CVE-2012-0118", "CVE-2012-0102"], "modified": "2018-11-10T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:mariadb-client", "p-cpe:/a:novell:opensuse:libmariadbclient_r16", "p-cpe:/a:novell:opensuse:mariadb-tools", "p-cpe:/a:novell:opensuse:mariadb-test-debuginfo", "p-cpe:/a:novell:opensuse:libmariadbclient16-debuginfo", "p-cpe:/a:novell:opensuse:libmariadbclient16", "cpe:/o:novell:opensuse:12.1", "p-cpe:/a:novell:opensuse:mariadb-bench-debuginfo", "p-cpe:/a:novell:opensuse:mariadb-debugsource", "cpe:/o:novell:opensuse:11.4", "p-cpe:/a:novell:opensuse:mariadb-tools-debuginfo", "p-cpe:/a:novell:opensuse:libmariadbclient_r16-debuginfo", "p-cpe:/a:novell:opensuse:mariadb-debuginfo", "p-cpe:/a:novell:opensuse:mariadb-debug-debuginfo", "p-cpe:/a:novell:opensuse:mariadb-client-debuginfo", "p-cpe:/a:novell:opensuse:mariadb", "p-cpe:/a:novell:opensuse:mariadb-test", "p-cpe:/a:novell:opensuse:mariadb-debug", "p-cpe:/a:novell:opensuse:mariadb-bench"], "id": "OPENSUSE-2012-274.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=74624", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2012-274.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(74624);\n script_version(\"1.2\");\n script_cvs_date(\"Date: 2018/11/10 11:50:00\");\n\n script_cve_id(\"CVE-2011-2262\", \"CVE-2012-0075\", \"CVE-2012-0087\", \"CVE-2012-0101\", \"CVE-2012-0102\", \"CVE-2012-0112\", \"CVE-2012-0113\", \"CVE-2012-0114\", \"CVE-2012-0115\", \"CVE-2012-0116\", \"CVE-2012-0118\", \"CVE-2012-0119\", \"CVE-2012-0120\", \"CVE-2012-0484\", \"CVE-2012-0485\", \"CVE-2012-0490\", \"CVE-2012-0492\", \"CVE-2012-0583\", \"CVE-2012-1688\", \"CVE-2012-1690\", \"CVE-2012-1703\");\n\n script_name(english:\"openSUSE Security Update : mariadb (openSUSE-2012-274)\");\n script_summary(english:\"Check for the openSUSE-2012-274 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"mariadb update to version 5.2.12 fixes several security issues and\nbugs. Please refer to the following upstream announcements for \ndetails :\n\nhttp://kb.askmonty.org/v/mariadb-5212-release-notes\nhttp://kb.askmonty.org/v/mariadb-5211-release-notes\nhttp://kb.askmonty.org/v/mariadb-5210-release-notes\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://kb.askmonty.org/en/changelogs-mariadb-51-series\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://kb.askmonty.org/v/mariadb-5210-release-notes\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://kb.askmonty.org/v/mariadb-5211-release-notes\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://kb.askmonty.org/v/mariadb-5212-release-notes\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=675870\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=734436\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=742272\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=758460\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.opensuse.org/opensuse-updates/2012-05/msg00020.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected mariadb packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:N/I:N/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libmariadbclient16\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libmariadbclient16-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libmariadbclient_r16\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libmariadbclient_r16-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mariadb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mariadb-bench\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mariadb-bench-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mariadb-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mariadb-client-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mariadb-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mariadb-debug-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mariadb-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mariadb-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mariadb-test\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mariadb-test-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mariadb-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mariadb-tools-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:11.4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:12.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/05/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/06/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE11\\.4|SUSE12\\.1)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"11.4 / 12.1\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE11.4\", reference:\"libmariadbclient16-5.1.62-39.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"libmariadbclient16-debuginfo-5.1.62-39.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"libmariadbclient_r16-5.1.62-39.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"libmariadbclient_r16-debuginfo-5.1.62-39.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"mariadb-5.1.62-39.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"mariadb-bench-5.1.62-39.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"mariadb-bench-debuginfo-5.1.62-39.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"mariadb-client-5.1.62-39.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"mariadb-client-debuginfo-5.1.62-39.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"mariadb-debug-5.1.62-39.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"mariadb-debug-debuginfo-5.1.62-39.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"mariadb-debuginfo-5.1.62-39.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"mariadb-debugsource-5.1.62-39.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"mariadb-test-5.1.62-39.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"mariadb-test-debuginfo-5.1.62-39.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"mariadb-tools-5.1.62-39.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"mariadb-tools-debuginfo-5.1.62-39.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"libmariadbclient16-5.2.12-2.5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"libmariadbclient16-debuginfo-5.2.12-2.5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"libmariadbclient_r16-5.2.12-2.5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"libmariadbclient_r16-debuginfo-5.2.12-2.5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"mariadb-5.2.12-2.5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"mariadb-bench-5.2.12-2.5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"mariadb-bench-debuginfo-5.2.12-2.5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"mariadb-client-5.2.12-2.5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"mariadb-client-debuginfo-5.2.12-2.5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"mariadb-debug-5.2.12-2.5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"mariadb-debug-debuginfo-5.2.12-2.5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"mariadb-debuginfo-5.2.12-2.5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"mariadb-debugsource-5.2.12-2.5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"mariadb-test-5.2.12-2.5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"mariadb-test-debuginfo-5.2.12-2.5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"mariadb-tools-5.2.12-2.5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"mariadb-tools-debuginfo-5.2.12-2.5.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libmariadbclient16 / libmariadbclient16-debuginfo / etc\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:LOW/Au:SINGLE_INSTANCE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2018-09-02T00:08:36", "references": ["https://oss.oracle.com/pipermail/el-errata/2012-November/003138.html"], "pluginID": "68658", "description": "From Red Hat Security Advisory 2012:1462 :\n\nUpdated mysql packages that fix several security issues are now available for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nMySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon (mysqld) and many client programs and libraries.\n\nThis update fixes several vulnerabilities in the MySQL database server. Information about these flaws can be found on the Oracle Critical Patch Update Advisory pages, listed in the References section. (CVE-2012-1688, CVE-2012-1690, CVE-2012-1703, CVE-2012-2749, CVE-2012-0540, CVE-2012-1689, CVE-2012-1734, CVE-2012-3163, CVE-2012-3158, CVE-2012-3177, CVE-2012-3166, CVE-2012-3173, CVE-2012-3150, CVE-2012-3180, CVE-2012-3167, CVE-2012-3197, CVE-2012-3160)\n\nThese updated packages upgrade MySQL to version 5.1.66. Refer to the MySQL release notes listed in the References section for a full list of changes.\n\nAll MySQL users should upgrade to these updated packages, which correct these issues. After installing this update, the MySQL server daemon (mysqld) will be restarted automatically.", "edition": 5, "reporter": "Tenable", "published": "2013-07-12T00:00:00", "title": "Oracle Linux 6 : mysql (ELSA-2012-1462)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "Oracle Linux Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-3163", "CVE-2012-3166", "CVE-2012-1690", "CVE-2012-3160", "CVE-2012-3150", "CVE-2012-1688", "CVE-2012-3180", "CVE-2012-3167", "CVE-2012-1689", "CVE-2012-3197", "CVE-2012-3173", "CVE-2012-1734", "CVE-2012-3158", "CVE-2012-0540", "CVE-2012-2749", "CVE-2012-3177", "CVE-2012-1703"], "modified": "2018-07-18T00:00:00", "cpe": ["cpe:/o:oracle:linux:6", "p-cpe:/a:oracle:linux:mysql", "p-cpe:/a:oracle:linux:mysql-devel", "p-cpe:/a:oracle:linux:mysql-embedded", "p-cpe:/a:oracle:linux:mysql-libs", "p-cpe:/a:oracle:linux:mysql-bench", "p-cpe:/a:oracle:linux:mysql-test", "p-cpe:/a:oracle:linux:mysql-embedded-devel", "p-cpe:/a:oracle:linux:mysql-server"], "id": "ORACLELINUX_ELSA-2012-1462.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=68658", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2012:1462 and \n# Oracle Linux Security Advisory ELSA-2012-1462 respectively.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(68658);\n script_version(\"1.5\");\n script_cvs_date(\"Date: 2018/07/18 17:43:57\");\n\n script_cve_id(\"CVE-2012-0540\", \"CVE-2012-1688\", \"CVE-2012-1689\", \"CVE-2012-1690\", \"CVE-2012-1703\", \"CVE-2012-1734\", \"CVE-2012-2749\", \"CVE-2012-3150\", \"CVE-2012-3158\", \"CVE-2012-3160\", \"CVE-2012-3163\", \"CVE-2012-3166\", \"CVE-2012-3167\", \"CVE-2012-3173\", \"CVE-2012-3177\", \"CVE-2012-3180\", \"CVE-2012-3197\");\n script_bugtraq_id(53058, 53067, 53074, 54540, 54547, 54551, 55120, 55990, 56003, 56005, 56017, 56018, 56021, 56027, 56028, 56036, 56041);\n script_xref(name:\"RHSA\", value:\"2012:1462\");\n\n script_name(english:\"Oracle Linux 6 : mysql (ELSA-2012-1462)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2012:1462 :\n\nUpdated mysql packages that fix several security issues are now\navailable for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having\nimportant security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nMySQL is a multi-user, multi-threaded SQL database server. It consists\nof the MySQL server daemon (mysqld) and many client programs and\nlibraries.\n\nThis update fixes several vulnerabilities in the MySQL database\nserver. Information about these flaws can be found on the Oracle\nCritical Patch Update Advisory pages, listed in the References\nsection. (CVE-2012-1688, CVE-2012-1690, CVE-2012-1703, CVE-2012-2749,\nCVE-2012-0540, CVE-2012-1689, CVE-2012-1734, CVE-2012-3163,\nCVE-2012-3158, CVE-2012-3177, CVE-2012-3166, CVE-2012-3173,\nCVE-2012-3150, CVE-2012-3180, CVE-2012-3167, CVE-2012-3197,\nCVE-2012-3160)\n\nThese updated packages upgrade MySQL to version 5.1.66. Refer to the\nMySQL release notes listed in the References section for a full list\nof changes.\n\nAll MySQL users should upgrade to these updated packages, which\ncorrect these issues. After installing this update, the MySQL server\ndaemon (mysqld) will be restarted automatically.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2012-November/003138.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected mysql packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:mysql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:mysql-bench\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:mysql-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:mysql-embedded\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:mysql-embedded-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:mysql-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:mysql-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:mysql-test\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:6\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/11/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/12\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !eregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = eregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 6\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL6\", reference:\"mysql-5.1.66-1.el6_3\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"mysql-bench-5.1.66-1.el6_3\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"mysql-devel-5.1.66-1.el6_3\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"mysql-embedded-5.1.66-1.el6_3\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"mysql-embedded-devel-5.1.66-1.el6_3\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"mysql-libs-5.1.66-1.el6_3\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"mysql-server-5.1.66-1.el6_3\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"mysql-test-5.1.66-1.el6_3\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"mysql / mysql-bench / mysql-devel / mysql-embedded / etc\");\n}\n", "cvss": {"score": 9.0, "vector": "AV:NETWORK/AC:LOW/Au:SINGLE_INSTANCE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-11-11T13:05:56", "references": ["http://www.nessus.org/u?6a199ab9"], "pluginID": "62921", "description": "Updated mysql packages that fix several security issues are now available for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nMySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon (mysqld) and many client programs and libraries.\n\nThis update fixes several vulnerabilities in the MySQL database server. Information about these flaws can be found on the Oracle Critical Patch Update Advisory pages, listed in the References section. (CVE-2012-1688, CVE-2012-1690, CVE-2012-1703, CVE-2012-2749, CVE-2012-0540, CVE-2012-1689, CVE-2012-1734, CVE-2012-3163, CVE-2012-3158, CVE-2012-3177, CVE-2012-3166, CVE-2012-3173, CVE-2012-3150, CVE-2012-3180, CVE-2012-3167, CVE-2012-3197, CVE-2012-3160)\n\nThese updated packages upgrade MySQL to version 5.1.66. Refer to the MySQL release notes listed in the References section for a full list of changes.\n\nAll MySQL users should upgrade to these updated packages, which correct these issues. After installing this update, the MySQL server daemon (mysqld) will be restarted automatically.", "edition": 7, "reporter": "Tenable", "published": "2012-11-15T00:00:00", "title": "CentOS 6 : mysql (CESA-2012:1462)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "CentOS Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-3163", "CVE-2012-3166", "CVE-2012-1690", "CVE-2012-3160", "CVE-2012-3150", "CVE-2012-1688", "CVE-2012-3180", "CVE-2012-3167", "CVE-2012-1689", "CVE-2012-3197", "CVE-2012-3173", "CVE-2012-1734", "CVE-2012-3158", "CVE-2012-0540", "CVE-2012-2749", "CVE-2012-3177", "CVE-2012-1703"], "modified": "2018-11-10T00:00:00", "cpe": ["p-cpe:/a:centos:centos:mysql-devel", "p-cpe:/a:centos:centos:mysql-server", "cpe:/o:centos:centos:6", "p-cpe:/a:centos:centos:mysql-embedded", "p-cpe:/a:centos:centos:mysql-libs", "p-cpe:/a:centos:centos:mysql-bench", "p-cpe:/a:centos:centos:mysql-test", "p-cpe:/a:centos:centos:mysql-embedded-devel", "p-cpe:/a:centos:centos:mysql"], "id": "CENTOS_RHSA-2012-1462.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=62921", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2012:1462 and \n# CentOS Errata and Security Advisory 2012:1462 respectively.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(62921);\n script_version(\"1.7\");\n script_cvs_date(\"Date: 2018/11/10 11:49:30\");\n\n script_cve_id(\"CVE-2012-0540\", \"CVE-2012-1688\", \"CVE-2012-1689\", \"CVE-2012-1690\", \"CVE-2012-1703\", \"CVE-2012-1734\", \"CVE-2012-2749\", \"CVE-2012-3150\", \"CVE-2012-3158\", \"CVE-2012-3160\", \"CVE-2012-3163\", \"CVE-2012-3166\", \"CVE-2012-3167\", \"CVE-2012-3173\", \"CVE-2012-3177\", \"CVE-2012-3180\", \"CVE-2012-3197\");\n script_bugtraq_id(53058, 53067, 53074, 54540, 54547, 54551, 55120, 55990, 56003, 56005, 56017, 56018, 56021, 56027, 56028, 56036, 56041);\n script_xref(name:\"RHSA\", value:\"2012:1462\");\n\n script_name(english:\"CentOS 6 : mysql (CESA-2012:1462)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated mysql packages that fix several security issues are now\navailable for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having\nimportant security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nMySQL is a multi-user, multi-threaded SQL database server. It consists\nof the MySQL server daemon (mysqld) and many client programs and\nlibraries.\n\nThis update fixes several vulnerabilities in the MySQL database\nserver. Information about these flaws can be found on the Oracle\nCritical Patch Update Advisory pages, listed in the References\nsection. (CVE-2012-1688, CVE-2012-1690, CVE-2012-1703, CVE-2012-2749,\nCVE-2012-0540, CVE-2012-1689, CVE-2012-1734, CVE-2012-3163,\nCVE-2012-3158, CVE-2012-3177, CVE-2012-3166, CVE-2012-3173,\nCVE-2012-3150, CVE-2012-3180, CVE-2012-3167, CVE-2012-3197,\nCVE-2012-3160)\n\nThese updated packages upgrade MySQL to version 5.1.66. Refer to the\nMySQL release notes listed in the References section for a full list\nof changes.\n\nAll MySQL users should upgrade to these updated packages, which\ncorrect these issues. After installing this update, the MySQL server\ndaemon (mysqld) will be restarted automatically.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2012-November/018995.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?6a199ab9\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected mysql packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:mysql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:mysql-bench\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:mysql-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:mysql-embedded\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:mysql-embedded-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:mysql-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:mysql-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:mysql-test\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:6\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/11/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/11/15\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/CentOS/release\")) audit(AUDIT_OS_NOT, \"CentOS\");\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-6\", reference:\"mysql-5.1.66-1.el6_3\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"mysql-bench-5.1.66-1.el6_3\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"mysql-devel-5.1.66-1.el6_3\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"mysql-embedded-5.1.66-1.el6_3\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"mysql-embedded-devel-5.1.66-1.el6_3\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"mysql-libs-5.1.66-1.el6_3\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"mysql-server-5.1.66-1.el6_3\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"mysql-test-5.1.66-1.el6_3\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 9.0, "vector": "AV:NETWORK/AC:LOW/Au:SINGLE_INSTANCE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-11-13T17:08:38", "references": ["http://dev.mysql.com/doc/refman/5.5/en/news-5-5-22.html", "https://bugzilla.novell.com/show_bug.cgi?id=675870", "http://dev.mysql.com/doc/refman/5.5/en/news-5-5-20.html", "http://dev.mysql.com/doc/refman/5.5/en/news-5-5-23.html", "http://dev.mysql.com/doc/refman/5.5/en/news-5-5-18.html", "https://bugzilla.novell.com/show_bug.cgi?id=734436", "https://lists.opensuse.org/opensuse-updates/2012-05/msg00019.html", "http://dev.mysql.com/doc/refman/5.5/en/news-5-5-16.html", "http://dev.mysql.com/doc/refman/5.5/en/news-5-5-21.html", "http://dev.mysql.com/doc/refman/5.1/en/news-5-1-59.html", "https://bugzilla.novell.com/show_bug.cgi?id=758460", "http://dev.mysql.com/doc/refman/5.5/en/news-5-5-19.html", "http://dev.mysql.com/doc/refman/5.1/en/news-5-1-58.html", "http://dev.mysql.com/doc/refman/5.1/en/news-5-1-62.html", "https://bugzilla.novell.com/show_bug.cgi?id=742272", "http://dev.mysql.com/doc/refman/5.5/en/news-5-5-17.html", "http://dev.mysql.com/doc/refman/5.1/en/news-5-1-61.html", "http://dev.mysql.com/doc/refman/5.1/en/news-5-1-60.html"], "pluginID": "74623", "description": "mysql update to version 5.5.23 fixes several security issues and bugs.\nPlease refer to the following upstream announcements for details :\n\n - http://dev.mysql.com/doc/refman/5.5/en/news-5-5-16.html\n\n - http://dev.mysql.com/doc/refman/5.5/en/news-5-5-17.html\n\n - http://dev.mysql.com/doc/refman/5.5/en/news-5-5-18.html\n\n - http://dev.mysql.com/doc/refman/5.5/en/news-5-5-19.html\n\n - http://dev.mysql.com/doc/refman/5.5/en/news-5-5-20.html\n\n - http://dev.mysql.com/doc/refman/5.5/en/news-5-5-21.html\n\n - http://dev.mysql.com/doc/refman/5.5/en/news-5-5-22.html\n\n - http://dev.mysql.com/doc/refman/5.5/en/news-5-5-23.html", "edition": 5, "reporter": "Tenable", "published": "2014-06-13T00:00:00", "title": "openSUSE Security Update : mysql-community-server (openSUSE-2012-273)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "SuSE Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-0583", "CVE-2012-1690", "CVE-2012-0075", "CVE-2012-0489", "CVE-2012-1697", "CVE-2012-0112", "CVE-2012-1688", "CVE-2012-0491", "CVE-2012-0496", "CVE-2012-0113", "CVE-2012-0484", "CVE-2012-0494", "CVE-2012-0115", "CVE-2012-0101", "CVE-2012-0488", "CVE-2012-0493", "CVE-2012-0114", "CVE-2012-0495", "CVE-2012-0119", "CVE-2012-0492", "CVE-2012-0116", "CVE-2012-0485", "CVE-2012-0117", "CVE-2012-0487", "CVE-2012-0087", "CVE-2012-0490", "CVE-2012-1703", "CVE-2012-1696", "CVE-2012-0120", "CVE-2011-2262", "CVE-2012-0118", "CVE-2012-0102", "CVE-2012-0486"], "modified": "2018-11-10T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:mysql-community-server-debug", "p-cpe:/a:novell:opensuse:libmysqlclient16-32bit", "p-cpe:/a:novell:opensuse:libmysqld-devel", "p-cpe:/a:novell:opensuse:mysql-community-server-tools-debuginfo", "p-cpe:/a:novell:opensuse:mysql-community-server", "cpe:/o:novell:opensuse:12.1", "p-cpe:/a:novell:opensuse:libmysqlclient_r16-debuginfo", "p-cpe:/a:novell:opensuse:libmysqlclient18", "p-cpe:/a:novell:opensuse:libmysqlclient-devel-32bit", "p-cpe:/a:novell:opensuse:libmysqlclient16", "p-cpe:/a:novell:opensuse:mysql-community-server-client-debuginfo", "p-cpe:/a:novell:opensuse:libmysqlclient_r18-32bit", "p-cpe:/a:novell:opensuse:libmysqld0", "cpe:/o:novell:opensuse:11.4", "p-cpe:/a:novell:opensuse:libmysqlclient16-debuginfo-32bit", "p-cpe:/a:novell:opensuse:mysql-community-server-client", "p-cpe:/a:novell:opensuse:mysql-community-server-tools", "p-cpe:/a:novell:opensuse:libmysqlclient_r16-debuginfo-32bit", "p-cpe:/a:novell:opensuse:libmysqld18", "p-cpe:/a:novell:opensuse:libmysqlclient-devel", "p-cpe:/a:novell:opensuse:mysql-community-server-bench-debuginfo", "p-cpe:/a:novell:opensuse:libmysqlclient_r16", "p-cpe:/a:novell:opensuse:mysql-community-server-debuginfo", "p-cpe:/a:novell:opensuse:libmysqlclient_r16-32bit", "p-cpe:/a:novell:opensuse:libmysqlclient16-debuginfo", "p-cpe:/a:novell:opensuse:libmysqlclient_r18", "p-cpe:/a:novell:opensuse:mysql-community-server-bench", "p-cpe:/a:novell:opensuse:mysql-community-server-debug-debuginfo", "p-cpe:/a:novell:opensuse:libmysqld18-debuginfo", "p-cpe:/a:novell:opensuse:mysql-community-server-debugsource", "p-cpe:/a:novell:opensuse:mysql-community-server-test-debuginfo", "p-cpe:/a:novell:opensuse:libmysqlclient18-32bit", "p-cpe:/a:novell:opensuse:mysql-community-server-test", "p-cpe:/a:novell:opensuse:libmysqlclient18-debuginfo", "p-cpe:/a:novell:opensuse:libmysqld0-debuginfo", "p-cpe:/a:novell:opensuse:libmysqlclient18-debuginfo-32bit"], "id": "OPENSUSE-2012-273.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=74623", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2012-273.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(74623);\n script_version(\"1.2\");\n script_cvs_date(\"Date: 2018/11/10 11:50:00\");\n\n script_cve_id(\"CVE-2011-2262\", \"CVE-2012-0075\", \"CVE-2012-0087\", \"CVE-2012-0101\", \"CVE-2012-0102\", \"CVE-2012-0112\", \"CVE-2012-0113\", \"CVE-2012-0114\", \"CVE-2012-0115\", \"CVE-2012-0116\", \"CVE-2012-0117\", \"CVE-2012-0118\", \"CVE-2012-0119\", \"CVE-2012-0120\", \"CVE-2012-0484\", \"CVE-2012-0485\", \"CVE-2012-0486\", \"CVE-2012-0487\", \"CVE-2012-0488\", \"CVE-2012-0489\", \"CVE-2012-0490\", \"CVE-2012-0491\", \"CVE-2012-0492\", \"CVE-2012-0493\", \"CVE-2012-0494\", \"CVE-2012-0495\", \"CVE-2012-0496\", \"CVE-2012-0583\", \"CVE-2012-1688\", \"CVE-2012-1690\", \"CVE-2012-1696\", \"CVE-2012-1697\", \"CVE-2012-1703\");\n\n script_name(english:\"openSUSE Security Update : mysql-community-server (openSUSE-2012-273)\");\n script_summary(english:\"Check for the openSUSE-2012-273 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"mysql update to version 5.5.23 fixes several security issues and bugs.\nPlease refer to the following upstream announcements for details :\n\n - http://dev.mysql.com/doc/refman/5.5/en/news-5-5-16.html\n\n - http://dev.mysql.com/doc/refman/5.5/en/news-5-5-17.html\n\n - http://dev.mysql.com/doc/refman/5.5/en/news-5-5-18.html\n\n - http://dev.mysql.com/doc/refman/5.5/en/news-5-5-19.html\n\n - http://dev.mysql.com/doc/refman/5.5/en/news-5-5-20.html\n\n - http://dev.mysql.com/doc/refman/5.5/en/news-5-5-21.html\n\n - http://dev.mysql.com/doc/refman/5.5/en/news-5-5-22.html\n\n - http://dev.mysql.com/doc/refman/5.5/en/news-5-5-23.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://dev.mysql.com/doc/refman/5.1/en/news-5-1-58.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://dev.mysql.com/doc/refman/5.1/en/news-5-1-59.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://dev.mysql.com/doc/refman/5.1/en/news-5-1-60.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://dev.mysql.com/doc/refman/5.1/en/news-5-1-61.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://dev.mysql.com/doc/refman/5.1/en/news-5-1-62.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://dev.mysql.com/doc/refman/5.5/en/news-5-5-16.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://dev.mysql.com/doc/refman/5.5/en/news-5-5-17.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://dev.mysql.com/doc/refman/5.5/en/news-5-5-18.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://dev.mysql.com/doc/refman/5.5/en/news-5-5-19.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://dev.mysql.com/doc/refman/5.5/en/news-5-5-20.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://dev.mysql.com/doc/refman/5.5/en/news-5-5-21.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://dev.mysql.com/doc/refman/5.5/en/news-5-5-22.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://dev.mysql.com/doc/refman/5.5/en/news-5-5-23.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=675870\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=734436\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=742272\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=758460\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.opensuse.org/opensuse-updates/2012-05/msg00019.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected mysql-community-server packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:N/I:N/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libmysqlclient-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libmysqlclient-devel-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libmysqlclient16\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libmysqlclient16-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libmysqlclient16-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libmysqlclient16-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libmysqlclient18\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libmysqlclient18-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libmysqlclient18-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libmysqlclient18-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libmysqlclient_r16\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libmysqlclient_r16-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libmysqlclient_r16-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libmysqlclient_r16-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libmysqlclient_r18\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libmysqlclient_r18-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libmysqld-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libmysqld0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libmysqld0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libmysqld18\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libmysqld18-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mysql-community-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mysql-community-server-bench\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mysql-community-server-bench-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mysql-community-server-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mysql-community-server-client-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mysql-community-server-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mysql-community-server-debug-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mysql-community-server-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mysql-community-server-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mysql-community-server-test\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mysql-community-server-test-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mysql-community-server-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mysql-community-server-tools-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:11.4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:12.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/05/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/06/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE11\\.4|SUSE12\\.1)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"11.4 / 12.1\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE11.4\", reference:\"libmysqlclient-devel-5.1.62-52.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"libmysqlclient16-5.1.62-52.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"libmysqlclient16-debuginfo-5.1.62-52.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"libmysqlclient_r16-5.1.62-52.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"libmysqlclient_r16-debuginfo-5.1.62-52.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"libmysqld-devel-5.1.62-52.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"libmysqld0-5.1.62-52.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"libmysqld0-debuginfo-5.1.62-52.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"mysql-community-server-5.1.62-52.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"mysql-community-server-bench-5.1.62-52.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"mysql-community-server-bench-debuginfo-5.1.62-52.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"mysql-community-server-client-5.1.62-52.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"mysql-community-server-client-debuginfo-5.1.62-52.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"mysql-community-server-debug-5.1.62-52.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"mysql-community-server-debug-debuginfo-5.1.62-52.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"mysql-community-server-debuginfo-5.1.62-52.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"mysql-community-server-debugsource-5.1.62-52.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"mysql-community-server-test-5.1.62-52.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"mysql-community-server-test-debuginfo-5.1.62-52.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"mysql-community-server-tools-5.1.62-52.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"mysql-community-server-tools-debuginfo-5.1.62-52.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", cpu:\"x86_64\", reference:\"libmysqlclient16-32bit-5.1.62-52.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", cpu:\"x86_64\", reference:\"libmysqlclient16-debuginfo-32bit-5.1.62-52.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", cpu:\"x86_64\", reference:\"libmysqlclient_r16-32bit-5.1.62-52.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", cpu:\"x86_64\", reference:\"libmysqlclient_r16-debuginfo-32bit-5.1.62-52.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"libmysqlclient-devel-5.5.23-3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"libmysqlclient18-5.5.23-3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"libmysqlclient18-debuginfo-5.5.23-3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"libmysqlclient_r18-5.5.23-3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"libmysqld-devel-5.5.23-3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"libmysqld18-5.5.23-3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"libmysqld18-debuginfo-5.5.23-3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"mysql-community-server-5.5.23-3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"mysql-community-server-bench-5.5.23-3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"mysql-community-server-bench-debuginfo-5.5.23-3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"mysql-community-server-client-5.5.23-3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"mysql-community-server-client-debuginfo-5.5.23-3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"mysql-community-server-debug-5.5.23-3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"mysql-community-server-debug-debuginfo-5.5.23-3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"mysql-community-server-debuginfo-5.5.23-3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"mysql-community-server-debugsource-5.5.23-3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"mysql-community-server-test-5.5.23-3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"mysql-community-server-test-debuginfo-5.5.23-3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"mysql-community-server-tools-5.5.23-3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"mysql-community-server-tools-debuginfo-5.5.23-3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", cpu:\"x86_64\", reference:\"libmysqlclient-devel-32bit-5.5.23-3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", cpu:\"x86_64\", reference:\"libmysqlclient18-32bit-5.5.23-3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", cpu:\"x86_64\", reference:\"libmysqlclient18-debuginfo-32bit-5.5.23-3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", cpu:\"x86_64\", reference:\"libmysqlclient_r18-32bit-5.5.23-3.6.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libmysqlclient-devel / libmysqlclient16-32bit / libmysqlclient16 / etc\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:LOW/Au:SINGLE_INSTANCE/C:NONE/I:NONE/A:COMPLETE/"}}], "debian": [{"lastseen": "2018-10-16T22:13:39", "references": [], "affectedPackage": [{"OS": "Debian", "OSVersion": "6", "packageVersion": "5.1.63-0+squeeze1", "arch": "all", "packageFilename": "libmysqld-dev_5.1.63-0+squeeze1_all.deb", "packageName": "libmysqld-dev", "operator": "lt"}, {"OS": "Debian", "OSVersion": "6", "packageVersion": "5.1.63-0+squeeze1", "arch": "all", "packageFilename": "libmysqlclient-dev_5.1.63-0+squeeze1_all.deb", "packageName": "libmysqlclient-dev", "operator": "lt"}, {"OS": "Debian", "OSVersion": "6", "packageVersion": "5.1.63-0+squeeze1", "arch": "all", "packageFilename": "mysql-server_5.1.63-0+squeeze1_all.deb", "packageName": "mysql-server", "operator": "lt"}, {"OS": "Debian", "OSVersion": "6", "packageVersion": "5.1.63-0+squeeze1", "arch": "all", "packageFilename": "mysql-server-5.1_5.1.63-0+squeeze1_all.deb", "packageName": "mysql-server-5.1", "operator": "lt"}, {"OS": "Debian", "OSVersion": "6", "packageVersion": "5.1.63-0+squeeze1", "arch": "all", "packageFilename": "mysql-client_5.1.63-0+squeeze1_all.deb", "packageName": "mysql-client", "operator": "lt"}, {"OS": "Debian", "OSVersion": "6", "packageVersion": "5.1.63-0+squeeze1", "arch": "all", "packageFilename": "mysql-common_5.1.63-0+squeeze1_all.deb", "packageName": "mysql-common", "operator": "lt"}, {"OS": "Debian", "OSVersion": "6", "packageVersion": "5.1.63-0+squeeze1", "arch": "all", "packageFilename": "mysql-server-core-5.1_5.1.63-0+squeeze1_all.deb", "packageName": "mysql-server-core-5.1", "operator": "lt"}, {"OS": "Debian", "OSVersion": "6", "packageVersion": "5.1.63-0+squeeze1", "arch": "all", "packageFilename": "libmysqld-pic_5.1.63-0+squeeze1_all.deb", "packageName": "libmysqld-pic", "operator": "lt"}, {"OS": "Debian", "OSVersion": "6", "packageVersion": "5.1.63-0+squeeze1", "arch": "all", "packageFilename": "mysql-client-5.1_5.1.63-0+squeeze1_all.deb", "packageName": "mysql-client-5.1", "operator": "lt"}, {"OS": "Debian", "OSVersion": "6", "packageVersion": "5.1.63-0+squeeze1", "arch": "all", "packageFilename": "mysql-5.1_5.1.63-0+squeeze1_all.deb", "packageName": "mysql-5.1", "operator": "lt"}, {"OS": "Debian", "OSVersion": "6", "packageVersion": "5.1.63-0+squeeze1", "arch": "all", "packageFilename": "libmysqlclient16_5.1.63-0+squeeze1_all.deb", "packageName": "libmysqlclient16", "operator": "lt"}], "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-2496-1 security@debian.org\nhttp://www.debian.org/security/ Thijs Kinkhorst\nJune 18, 2012 http://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : mysql-5.1\nVulnerability : several\nProblem type : remote\nDebian-specific: no\nCVE ID : CVE-2012-0583 CVE-2012-1688 CVE-2012-1690 CVE-2012-1703 \n CVE-2012-2122\nDebian Bug : 670636 677018\n\nSeveral issues have been discovered in the MySQL database server. The\nvulnerabilities are addressed by upgrading MySQL to a new upstream\nversion, 5.1.63, which includes additional changes, such as performance\nimprovements and corrections for data loss defects. These changes are\ndescribed in the MySQL release notes at:\nhttp://dev.mysql.com/doc/refman/5.1/en/news-5-1-x.html\n\nCVE-2012-2122, an authentication bypass vulnerability, occurs only when\nMySQL has been built in with certain optimisations enabled. The packages\nin Debian stable (squeeze) are not known to be affected by this\nvulnerability. It is addressed in this update nonetheless, so future\nrebuilds will not become vulnerable to this issue.\n\nFor the stable distribution (squeeze), these problems have been fixed in\nversion 5.1.63-0+squeeze1.\n\nFor the testing distribution (wheezy), these problems has been fixed\nin version 5.1.62-1 of the mysql-5.1 package and version 5.5.24+dfsg-1\nof the mysql-5.5 package.\n\nWe recommend that you upgrade your MySQL packages.\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: http://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n", "edition": 1, "reporter": "Debian", "published": "2012-06-18T20:38:29", "title": "[SECURITY] [DSA 2496-1] mysql-5.1 security update", "type": "debian", "enchantments": {"score": {"modified": "2018-10-16T22:13:39", "vector": "NONE", "value": 7.5}}, "bulletinFamily": "unix", "cvelist": ["CVE-2012-0583", "CVE-2012-1690", "CVE-2012-1688", "CVE-2012-1703", "CVE-2012-2122"], "modified": "2012-06-18T20:38:29", "id": "DEBIAN:DSA-2496-1:03CAC", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2012/msg00136.html", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:LOW/Au:SINGLE_INSTANCE/C:NONE/I:NONE/A:COMPLETE/"}}], "redhat": [{"lastseen": "2018-06-12T21:10:51", "_object_types": ["robots.models.base.Bulletin", "robots.models.redhat.RedHatBulletin"], "references": [], "affectedPackage": [{"OS": "RedHat", "OSVersion": "6", "packageVersion": "5.1.66-1.el6_3", "arch": "i686", "packageName": "mysql-debuginfo", "packageFilename": "mysql-debuginfo-5.1.66-1.el6_3.i686.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "5.1.66-1.el6_3", "arch": "src", "packageName": "mysql", "packageFilename": "mysql-5.1.66-1.el6_3.src.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "5.1.66-1.el6_3", "arch": "x86_64", "packageName": "mysql-debuginfo", "packageFilename": "mysql-debuginfo-5.1.66-1.el6_3.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "5.1.66-1.el6_3", "arch": "i686", "packageName": "mysql-devel", "packageFilename": "mysql-devel-5.1.66-1.el6_3.i686.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "5.1.66-1.el6_3", "arch": "i686", "packageName": "mysql-test", "packageFilename": "mysql-test-5.1.66-1.el6_3.i686.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "5.1.66-1.el6_3", "arch": "i686", "packageName": "mysql-bench", "packageFilename": "mysql-bench-5.1.66-1.el6_3.i686.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "5.1.66-1.el6_3", "arch": "i686", "packageName": "mysql-embedded", "packageFilename": "mysql-embedded-5.1.66-1.el6_3.i686.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "5.1.66-1.el6_3", "arch": "i686", "packageName": "mysql-embedded-devel", "packageFilename": "mysql-embedded-devel-5.1.66-1.el6_3.i686.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "5.1.66-1.el6_3", "arch": "x86_64", "packageName": "mysql-devel", "packageFilename": "mysql-devel-5.1.66-1.el6_3.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "5.1.66-1.el6_3", "arch": "x86_64", "packageName": "mysql-bench", "packageFilename": "mysql-bench-5.1.66-1.el6_3.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "5.1.66-1.el6_3", "arch": "x86_64", "packageName": "mysql-embedded-devel", "packageFilename": "mysql-embedded-devel-5.1.66-1.el6_3.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "5.1.66-1.el6_3", "arch": "x86_64", "packageName": "mysql-test", "packageFilename": "mysql-test-5.1.66-1.el6_3.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "5.1.66-1.el6_3", "arch": "x86_64", "packageName": "mysql-embedded", "packageFilename": "mysql-embedded-5.1.66-1.el6_3.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "5.1.66-1.el6_3", "arch": "i686", "packageName": "mysql", "packageFilename": "mysql-5.1.66-1.el6_3.i686.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "5.1.66-1.el6_3", "arch": "i686", "packageName": "mysql-libs", "packageFilename": "mysql-libs-5.1.66-1.el6_3.i686.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "5.1.66-1.el6_3", "arch": "i686", "packageName": "mysql-server", "packageFilename": "mysql-server-5.1.66-1.el6_3.i686.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "5.1.66-1.el6_3", "arch": "x86_64", "packageName": "mysql", "packageFilename": "mysql-5.1.66-1.el6_3.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "5.1.66-1.el6_3", "arch": "x86_64", "packageName": "mysql-server", "packageFilename": "mysql-server-5.1.66-1.el6_3.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "5.1.66-1.el6_3", "arch": "x86_64", "packageName": "mysql-libs", "packageFilename": "mysql-libs-5.1.66-1.el6_3.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "5.1.66-1.el6_3", "arch": "ppc", "packageName": "mysql-debuginfo", "packageFilename": "mysql-debuginfo-5.1.66-1.el6_3.ppc.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "5.1.66-1.el6_3", "arch": "ppc64", "packageName": "mysql-debuginfo", "packageFilename": "mysql-debuginfo-5.1.66-1.el6_3.ppc64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "5.1.66-1.el6_3", "arch": "ppc64", "packageName": "mysql-embedded", "packageFilename": "mysql-embedded-5.1.66-1.el6_3.ppc64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "5.1.66-1.el6_3", "arch": "ppc", "packageName": "mysql-embedded", "packageFilename": "mysql-embedded-5.1.66-1.el6_3.ppc.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "5.1.66-1.el6_3", "arch": "ppc", "packageName": "mysql-embedded-devel", "packageFilename": "mysql-embedded-devel-5.1.66-1.el6_3.ppc.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "5.1.66-1.el6_3", "arch": "ppc64", "packageName": "mysql-embedded-devel", "packageFilename": "mysql-embedded-devel-5.1.66-1.el6_3.ppc64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "5.1.66-1.el6_3", "arch": "ppc64", "packageName": "mysql-server", "packageFilename": "mysql-server-5.1.66-1.el6_3.ppc64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "5.1.66-1.el6_3", "arch": "ppc", "packageName": "mysql-devel", "packageFilename": "mysql-devel-5.1.66-1.el6_3.ppc.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "5.1.66-1.el6_3", "arch": "ppc", "packageName": "mysql-libs", "packageFilename": "mysql-libs-5.1.66-1.el6_3.ppc.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "5.1.66-1.el6_3", "arch": "ppc64", "packageName": "mysql", "packageFilename": "mysql-5.1.66-1.el6_3.ppc64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "5.1.66-1.el6_3", "arch": "ppc64", "packageName": "mysql-bench", "packageFilename": "mysql-bench-5.1.66-1.el6_3.ppc64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "5.1.66-1.el6_3", "arch": "ppc64", "packageName": "mysql-devel", "packageFilename": "mysql-devel-5.1.66-1.el6_3.ppc64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "5.1.66-1.el6_3", "arch": "ppc64", "packageName": "mysql-libs", "packageFilename": "mysql-libs-5.1.66-1.el6_3.ppc64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "5.1.66-1.el6_3", "arch": "ppc64", "packageName": "mysql-test", "packageFilename": "mysql-test-5.1.66-1.el6_3.ppc64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "5.1.66-1.el6_3", "arch": "s390", "packageName": "mysql-debuginfo", "packageFilename": "mysql-debuginfo-5.1.66-1.el6_3.s390.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "5.1.66-1.el6_3", "arch": "s390x", "packageName": "mysql-debuginfo", "packageFilename": "mysql-debuginfo-5.1.66-1.el6_3.s390x.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "5.1.66-1.el6_3", "arch": "s390x", "packageName": "mysql-embedded-devel", "packageFilename": "mysql-embedded-devel-5.1.66-1.el6_3.s390x.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "5.1.66-1.el6_3", "arch": "s390", "packageName": "mysql-embedded", "packageFilename": "mysql-embedded-5.1.66-1.el6_3.s390.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "5.1.66-1.el6_3", "arch": "s390", "packageName": "mysql-embedded-devel", "packageFilename": "mysql-embedded-devel-5.1.66-1.el6_3.s390.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "5.1.66-1.el6_3", "arch": "s390x", "packageName": "mysql-embedded", "packageFilename": "mysql-embedded-5.1.66-1.el6_3.s390x.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "5.1.66-1.el6_3", "arch": "s390", "packageName": "mysql-devel", "packageFilename": "mysql-devel-5.1.66-1.el6_3.s390.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "5.1.66-1.el6_3", "arch": "s390x", "packageName": "mysql", "packageFilename": "mysql-5.1.66-1.el6_3.s390x.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "5.1.66-1.el6_3", "arch": "s390x", "packageName": "mysql-devel", "packageFilename": "mysql-devel-5.1.66-1.el6_3.s390x.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "5.1.66-1.el6_3", "arch": "s390", "packageName": "mysql-libs", "packageFilename": "mysql-libs-5.1.66-1.el6_3.s390.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "5.1.66-1.el6_3", "arch": "s390x", "packageName": "mysql-bench", "packageFilename": "mysql-bench-5.1.66-1.el6_3.s390x.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "5.1.66-1.el6_3", "arch": "s390x", "packageName": "mysql-libs", "packageFilename": "mysql-libs-5.1.66-1.el6_3.s390x.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "5.1.66-1.el6_3", "arch": "s390x", "packageName": "mysql-server", "packageFilename": "mysql-server-5.1.66-1.el6_3.s390x.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "5.1.66-1.el6_3", "arch": "s390x", "packageName": "mysql-test", "packageFilename": "mysql-test-5.1.66-1.el6_3.s390x.rpm", "operator": "lt"}], "description": "MySQL is a multi-user, multi-threaded SQL database server. It consists of\nthe MySQL server daemon (mysqld) and many client programs and libraries.\n\nThis update fixes several vulnerabilities in the MySQL database server.\nInformation about these flaws can be found on the Oracle Critical Patch\nUpdate Advisory pages, listed in the References section. (CVE-2012-1688,\nCVE-2012-1690, CVE-2012-1703, CVE-2012-2749, CVE-2012-0540, CVE-2012-1689,\nCVE-2012-1734, CVE-2012-3163, CVE-2012-3158, CVE-2012-3177, CVE-2012-3166,\nCVE-2012-3173, CVE-2012-3150, CVE-2012-3180, CVE-2012-3167, CVE-2012-3197,\nCVE-2012-3160)\n\nThese updated packages upgrade MySQL to version 5.1.66. Refer to the MySQL\nrelease notes listed in the References section for a full list of changes.\n\nAll MySQL users should upgrade to these updated packages, which correct\nthese issues. After installing this update, the MySQL server daemon\n(mysqld) will be restarted automatically.\n", "reporter": "RedHat", "published": "2012-11-14T05:00:00", "type": "redhat", "title": "(RHSA-2012:1462) Important: mysql security update", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "bulletinFamily": "unix", "cvelist": ["CVE-2012-0540", "CVE-2012-1688", "CVE-2012-1689", "CVE-2012-1690", "CVE-2012-1703", "CVE-2012-1734", "CVE-2012-2749", "CVE-2012-3150", "CVE-2012-3158", "CVE-2012-3160", "CVE-2012-3163", "CVE-2012-3166", "CVE-2012-3167", "CVE-2012-3173", "CVE-2012-3177", "CVE-2012-3180", "CVE-2012-3197"], "_object_type": "robots.models.redhat.RedHatBulletin", "modified": "2018-06-06T20:24:24", "id": "RHSA-2012:1462", "href": "https://access.redhat.com/errata/RHSA-2012:1462", "cvss": {"score": 9.0, "vector": "AV:NETWORK/AC:LOW/Au:SINGLE_INSTANCE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "oraclelinux": [{"lastseen": "2018-08-31T01:47:13", "references": [], "affectedPackage": [{"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "5.1.66-1.el6_3", "arch": "x86_64", "packageFilename": "mysql-5.1.66-1.el6_3.x86_64.rpm", "packageName": "mysql", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "5.1.66-1.el6_3", "arch": "x86_64", "packageFilename": "mysql-embedded-5.1.66-1.el6_3.x86_64.rpm", "packageName": "mysql-embedded", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "5.1.66-1.el6_3", "arch": "x86_64", "packageFilename": "mysql-libs-5.1.66-1.el6_3.x86_64.rpm", "packageName": "mysql-libs", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "5.1.66-1.el6_3", "arch": "x86_64", "packageFilename": "mysql-bench-5.1.66-1.el6_3.x86_64.rpm", "packageName": "mysql-bench", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "5.1.66-1.el6_3", "arch": "i686", "packageFilename": "mysql-5.1.66-1.el6_3.i686.rpm", "packageName": "mysql", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "5.1.66-1.el6_3", "arch": "i686", "packageFilename": "mysql-test-5.1.66-1.el6_3.i686.rpm", "packageName": "mysql-test", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "5.1.66-1.el6_3", "arch": "i686", "packageFilename": "mysql-devel-5.1.66-1.el6_3.i686.rpm", "packageName": "mysql-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "5.1.66-1.el6_3", "arch": "i686", "packageFilename": "mysql-devel-5.1.66-1.el6_3.i686.rpm", "packageName": "mysql-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "5.1.66-1.el6_3", "arch": "i686", "packageFilename": "mysql-embedded-devel-5.1.66-1.el6_3.i686.rpm", "packageName": "mysql-embedded-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "5.1.66-1.el6_3", "arch": "i686", "packageFilename": "mysql-embedded-devel-5.1.66-1.el6_3.i686.rpm", "packageName": "mysql-embedded-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "5.1.66-1.el6_3", "arch": "i686", "packageFilename": "mysql-libs-5.1.66-1.el6_3.i686.rpm", "packageName": "mysql-libs", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "5.1.66-1.el6_3", "arch": "i686", "packageFilename": "mysql-libs-5.1.66-1.el6_3.i686.rpm", "packageName": "mysql-libs", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "5.1.66-1.el6_3", "arch": "x86_64", "packageFilename": "mysql-devel-5.1.66-1.el6_3.x86_64.rpm", "packageName": "mysql-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "5.1.66-1.el6_3", "arch": "x86_64", "packageFilename": "mysql-test-5.1.66-1.el6_3.x86_64.rpm", "packageName": "mysql-test", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "5.1.66-1.el6_3", "arch": "i686", "packageFilename": "mysql-embedded-5.1.66-1.el6_3.i686.rpm", "packageName": "mysql-embedded", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "5.1.66-1.el6_3", "arch": "i686", "packageFilename": "mysql-embedded-5.1.66-1.el6_3.i686.rpm", "packageName": "mysql-embedded", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "5.1.66-1.el6_3", "arch": "x86_64", "packageFilename": "mysql-embedded-devel-5.1.66-1.el6_3.x86_64.rpm", "packageName": "mysql-embedded-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "5.1.66-1.el6_3", "arch": "i686", "packageFilename": "mysql-bench-5.1.66-1.el6_3.i686.rpm", "packageName": "mysql-bench", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "5.1.66-1.el6_3", "arch": "i686", "packageFilename": "mysql-server-5.1.66-1.el6_3.i686.rpm", "packageName": "mysql-server", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "5.1.66-1.el6_3", "arch": "src", "packageFilename": "mysql-5.1.66-1.el6_3.src.rpm", "packageName": "mysql", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "5.1.66-1.el6_3", "arch": "src", "packageFilename": "mysql-5.1.66-1.el6_3.src.rpm", "packageName": "mysql", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "5.1.66-1.el6_3", "arch": "x86_64", "packageFilename": "mysql-server-5.1.66-1.el6_3.x86_64.rpm", "packageName": "mysql-server", "operator": "lt"}], "description": "[5.1.66-1]\n- Update to 5.1.66, for assorted upstream bugfixes including\n CVEs announced in July and October 2012\nResolves: #871813", "edition": 3, "reporter": "Oracle", "published": "2012-11-14T00:00:00", "title": "mysql security update", "type": "oraclelinux", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "bulletinFamily": "unix", "cvelist": ["CVE-2012-3163", "CVE-2012-3166", "CVE-2012-1690", "CVE-2012-3160", "CVE-2012-3150", "CVE-2012-1688", "CVE-2012-3180", "CVE-2012-3167", "CVE-2012-1689", "CVE-2012-3197", "CVE-2012-3173", "CVE-2012-1734", "CVE-2012-3158", "CVE-2012-0540", "CVE-2012-2749", "CVE-2012-3177", "CVE-2012-1703"], "modified": "2012-11-14T00:00:00", "id": "ELSA-2012-1462", "href": "http://linux.oracle.com/errata/ELSA-2012-1462.html", "cvss": {"score": 9.0, "vector": "AV:NETWORK/AC:LOW/Au:SINGLE_INSTANCE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "centos": [{"lastseen": "2017-10-03T18:25:53", "references": ["https://rhn.redhat.com/errata/RHSA-2012-1462.html"], "affectedPackage": [{"OS": "CentOS", "OSVersion": "6", "packageVersion": "5.1.66-1.el6_3", "packageFilename": "mysql-server-5.1.66-1.el6_3.x86_64.rpm", "packageName": "mysql-server", "arch": "x86_64", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "5.1.66-1.el6_3", "packageFilename": "mysql-embedded-5.1.66-1.el6_3.i686.rpm", "packageName": "mysql-embedded", "arch": "i686", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "5.1.66-1.el6_3", "packageFilename": "mysql-embedded-5.1.66-1.el6_3.i686.rpm", "packageName": "mysql-embedded", "arch": "i686", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "5.1.66-1.el6_3", "packageFilename": "mysql-server-5.1.66-1.el6_3.i686.rpm", "packageName": "mysql-server", "arch": "i686", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "5.1.66-1.el6_3", "packageFilename": "mysql-embedded-devel-5.1.66-1.el6_3.x86_64.rpm", "packageName": "mysql-embedded-devel", "arch": "x86_64", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "5.1.66-1.el6_3", "packageFilename": "mysql-devel-5.1.66-1.el6_3.x86_64.rpm", "packageName": "mysql-devel", "arch": "x86_64", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "5.1.66-1.el6_3", "packageFilename": "mysql-bench-5.1.66-1.el6_3.i686.rpm", "packageName": "mysql-bench", "arch": "i686", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "5.1.66-1.el6_3", "packageFilename": "mysql-libs-5.1.66-1.el6_3.x86_64.rpm", "packageName": "mysql-libs", "arch": "x86_64", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "5.1.66-1.el6_3", "packageFilename": "mysql-libs-5.1.66-1.el6_3.i686.rpm", "packageName": "mysql-libs", "arch": "i686", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "5.1.66-1.el6_3", "packageFilename": "mysql-libs-5.1.66-1.el6_3.i686.rpm", "packageName": "mysql-libs", "arch": "i686", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "5.1.66-1.el6_3", "packageFilename": "mysql-embedded-devel-5.1.66-1.el6_3.i686.rpm", "packageName": "mysql-embedded-devel", "arch": "i686", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "5.1.66-1.el6_3", "packageFilename": "mysql-embedded-devel-5.1.66-1.el6_3.i686.rpm", "packageName": "mysql-embedded-devel", "arch": "i686", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "5.1.66-1.el6_3", "packageFilename": "mysql-devel-5.1.66-1.el6_3.i686.rpm", "packageName": "mysql-devel", "arch": "i686", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "5.1.66-1.el6_3", "packageFilename": "mysql-devel-5.1.66-1.el6_3.i686.rpm", "packageName": "mysql-devel", "arch": "i686", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "5.1.66-1.el6_3", "packageFilename": "mysql-test-5.1.66-1.el6_3.x86_64.rpm", "packageName": "mysql-test", "arch": "x86_64", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "5.1.66-1.el6_3", "packageFilename": "mysql-5.1.66-1.el6_3.x86_64.rpm", "packageName": "mysql", "arch": "x86_64", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "5.1.66-1.el6_3", "packageFilename": "mysql-embedded-5.1.66-1.el6_3.x86_64.rpm", "packageName": "mysql-embedded", "arch": "x86_64", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "5.1.66-1.el6_3", "packageFilename": "mysql-test-5.1.66-1.el6_3.i686.rpm", "packageName": "mysql-test", "arch": "i686", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "5.1.66-1.el6_3", "packageFilename": "mysql-bench-5.1.66-1.el6_3.x86_64.rpm", "packageName": "mysql-bench", "arch": "x86_64", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "5.1.66-1.el6_3", "packageFilename": "mysql-5.1.66-1.el6_3.i686.rpm", "packageName": "mysql", "arch": "i686", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "5.1.66-1.el6_3", "packageFilename": "mysql-5.1.66-1.el6_3.src.rpm", "packageName": "mysql", "arch": "any", "operator": "lt"}], "description": "**CentOS Errata and Security Advisory** CESA-2012:1462\n\n\nMySQL is a multi-user, multi-threaded SQL database server. It consists of\nthe MySQL server daemon (mysqld) and many client programs and libraries.\n\nThis update fixes several vulnerabilities in the MySQL database server.\nInformation about these flaws can be found on the Oracle Critical Patch\nUpdate Advisory pages, listed in the References section. (CVE-2012-1688,\nCVE-2012-1690, CVE-2012-1703, CVE-2012-2749, CVE-2012-0540, CVE-2012-1689,\nCVE-2012-1734, CVE-2012-3163, CVE-2012-3158, CVE-2012-3177, CVE-2012-3166,\nCVE-2012-3173, CVE-2012-3150, CVE-2012-3180, CVE-2012-3167, CVE-2012-3197,\nCVE-2012-3160)\n\nThese updated packages upgrade MySQL to version 5.1.66. Refer to the MySQL\nrelease notes listed in the References section for a full list of changes.\n\nAll MySQL users should upgrade to these updated packages, which correct\nthese issues. After installing this update, the MySQL server daemon\n(mysqld) will be restarted automatically.\n\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2012-November/018995.html\n\n**Affected packages:**\nmysql\nmysql-bench\nmysql-devel\nmysql-embedded\nmysql-embedded-devel\nmysql-libs\nmysql-server\nmysql-test\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2012-1462.html", "edition": 1, "reporter": "CentOS Project", "published": "2012-11-15T03:44:02", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "title": "mysql security update", "type": "centos", "bulletinFamily": "unix", "cvelist": ["CVE-2012-3163", "CVE-2012-3166", "CVE-2012-1690", "CVE-2012-3160", "CVE-2012-3150", "CVE-2012-1688", "CVE-2012-3180", "CVE-2012-3167", "CVE-2012-1689", "CVE-2012-3197", "CVE-2012-3173", "CVE-2012-1734", "CVE-2012-3158", "CVE-2012-0540", "CVE-2012-2749", "CVE-2012-3177", "CVE-2012-1703"], "modified": "2012-11-15T03:44:02", "href": "http://lists.centos.org/pipermail/centos-announce/2012-November/018995.html", "id": "CESA-2012:1462", "cvss": {"score": 9.0, "vector": "AV:NETWORK/AC:LOW/Au:SINGLE_INSTANCE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "securityvulns": [{"lastseen": "2018-08-31T11:09:46", "references": ["https://vulners.com/securityvulns/securityvulns:doc:28408", "https://vulners.com/securityvulns/securityvulns:doc:27945", "https://vulners.com/securityvulns/securityvulns:doc:27940", "https://vulners.com/securityvulns/securityvulns:doc:27934", "https://vulners.com/securityvulns/securityvulns:doc:27936", "https://vulners.com/securityvulns/securityvulns:doc:27937", "https://vulners.com/securityvulns/securityvulns:doc:28409", "https://vulners.com/securityvulns/securityvulns:doc:27933", "https://vulners.com/securityvulns/securityvulns:doc:27935", "https://vulners.com/securityvulns/securityvulns:doc:28016", "https://vulners.com/securityvulns/securityvulns:doc:28784", "https://vulners.com/securityvulns/securityvulns:doc:28407", "https://vulners.com/securityvulns/securityvulns:doc:27932", "https://vulners.com/securityvulns/securityvulns:doc:27938", "https://vulners.com/securityvulns/securityvulns:doc:28014", "https://vulners.com/securityvulns/securityvulns:doc:27939", "https://vulners.com/securityvulns/securityvulns:doc:28015"], "description": "Over 90 vulnerabilities in different applications are fixed by quarterly update.", "edition": 1, "reporter": "BUGTRAQ", "published": "2012-12-02T00:00:00", "title": "Oracle / Sun / People Soft / MySQL applications multiple security vulnerabilities", "type": "securityvulns", "enchantments": {"score": {"modified": "2018-08-31T11:09:46", "vector": "NONE", "value": 5.0}}, "bulletinFamily": "software", "affectedSoftware": [{"name": "FLEXCUBE Direct Banking", "version": "6.0", "operator": "eq"}, {"name": "MySQL", "version": "5.5", "operator": "eq"}, {"name": "JRockit", "version": "27.7", "operator": "eq"}, {"name": "Agile Product Supplier Collaboration for Process", "version": "6.0", "operator": "eq"}, {"name": "PeopleSoft Enterprise SCM", "version": "9.1", "operator": "eq"}, {"name": "FLEXCUBE Direct Banking", "version": "5.0", "operator": "eq"}, {"name": "PeopleSoft Enterprise HRMS", "version": "8.9", "operator": "eq"}, {"name": "Siebel Life Sciences", "version": "8.0", "operator": "eq"}, {"name": "Oracle DB UM Connector for Oracle Identity Manager", "version": "9.1", "operator": "eq"}, {"name": "PeopleSoft Enterprise Portal", "version": "9.1", "operator": "eq"}, {"name": "Siebel Life Sciences", "version": "8.2", "operator": "eq"}, {"name": "AutoVue", "version": "20.0", "operator": "eq"}, {"name": "MySQL", "version": "5.1", "operator": "eq"}, {"name": "PeopleSoft Enterprise FCSM", "version": "9.0", "operator": "eq"}, {"name": "Siebel Life Sciences", "version": "8.1", "operator": "eq"}, {"name": "PeopleSoft Enterprise FCSM", "version": "9.1", "operator": "eq"}, {"name": "PeopleSoft Enterprise HRMS", "version": "9.0", "operator": "eq"}, {"name": "FLEXCUBE Direct Banking", "version": "6.2", "operator": "eq"}, {"name": "WebCenter Forms Recognition", "version": "10.1", "operator": "eq"}, {"name": "FLEXCUBE Universal Banking", "version": "10.5", "operator": "eq"}, {"name": "PeopleSoft Enterprise HCM", "version": "9.1", "operator": "eq"}, {"name": "PeopleSoft Enterprise SCM", "version": "9.0", "operator": "eq"}, {"name": "FLEXCUBE Universal Banking", "version": "11.4", "operator": "eq"}, {"name": "JDeveloper", "version": "10.1", "operator": "eq"}, {"name": "PeopleSoft Enterprise PeopleTools", "version": "8.52", "operator": "eq"}, {"name": "JRockit", "version": "28.2", "operator": "eq"}, {"name": "PeopleSoft Enterprise CRM", "version": "9.1", "operator": "eq"}, {"name": "FLEXCUBE Direct Banking", "version": "5.3", "operator": "eq"}, {"name": "Oracle BI Publisher", "version": "10.1", "operator": "eq"}, {"name": "Oracle E-Business Suite Release", "version": "12", "operator": "eq"}, {"name": "PeopleSoft Enterprise HRMS", "version": "9.1", "operator": "eq"}, {"name": "Outside In Technology", "version": "8.3", "operator": "eq"}], "cvelist": ["CVE-2012-0583", "CVE-2012-0516", "CVE-2012-1690", "CVE-2012-0552", "CVE-2012-0576", "CVE-2012-1676", "CVE-2012-0581", "CVE-2012-1709", "CVE-2012-0510", "CVE-2012-0529", "CVE-2012-0577", "CVE-2012-0538", "CVE-2012-0512", "CVE-2012-0566", "CVE-2012-0558", "CVE-2012-0536", "CVE-2012-1708", "CVE-2012-0523", "CVE-2012-1697", "CVE-2012-1674", "CVE-2012-0545", "CVE-2012-0208", "CVE-2012-0511", "CVE-2012-0567", "CVE-2012-1688", "CVE-2012-0546", "CVE-2012-0565", "CVE-2012-0548", "CVE-2012-1693", "CVE-2012-0514", "CVE-2012-0549", "CVE-2012-0582", "CVE-2012-0520", "CVE-2012-1679", "CVE-2012-0579", "CVE-2012-0551", "CVE-2012-0525", "CVE-2012-0522", "CVE-2012-0561", "CVE-2012-0539", "CVE-2012-0556", "CVE-2012-1694", "CVE-2012-0534", "CVE-2012-0580", "CVE-2012-1681", "CVE-2012-0557", "CVE-2012-0519", "CVE-2012-1695", "CVE-2012-0537", "CVE-2012-0533", "CVE-2012-0575", "CVE-2012-0560", "CVE-2012-1692", "CVE-2012-0535", "CVE-2012-0526", "CVE-2012-1704", "CVE-2012-0513", "CVE-2012-0532", "CVE-2012-1707", "CVE-2012-0521", "CVE-2012-1698", "CVE-2012-0543", "CVE-2012-1684", "CVE-2012-1683", "CVE-2012-1691", "CVE-2012-0517", "CVE-2012-0531", "CVE-2012-1710", "CVE-2012-0515", "CVE-2012-0550", "CVE-2012-0509", "CVE-2012-0542", "CVE-2012-0562", "CVE-2012-0554", "CVE-2012-0544", "CVE-2012-0564", "CVE-2012-0530", "CVE-2012-1703", "CVE-2012-1696", "CVE-2012-0571", "CVE-2012-1706", "CVE-2012-0555", "CVE-2012-0559", "CVE-2012-0527", "CVE-2012-0573", "CVE-2012-0528", "CVE-2012-0541", "CVE-2012-0524"], "modified": "2012-12-02T00:00:00", "id": "SECURITYVULNS:VULN:12331", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:12331", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "gentoo": [{"lastseen": "2016-09-06T19:46:33", "references": ["http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0490", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0367", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0368", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1705", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1702", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5611", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2262", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0101", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0075", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1697", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1688", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2122", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0493", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1734", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0102", "https://bugs.gentoo.org/show_bug.cgi?id=477474", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2376", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2749", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0116", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2389", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0487", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3167", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1523", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2392", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0496", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5615", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0117", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1526", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0386", "https://bugs.gentoo.org/show_bug.cgi?id=462498", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1690", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0389", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0572", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0495", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2375", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3808", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0494", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2102", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3177", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3804", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1521", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3150", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5060", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0486", "https://bugs.gentoo.org/show_bug.cgi?id=417989", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1512", "https://bugs.gentoo.org/show_bug.cgi?id=466236", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0491", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3166", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5613", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1502", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1531", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0492", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0375", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3163", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0484", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1567", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1623", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5614", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3802", "https://bugs.gentoo.org/show_bug.cgi?id=412889", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1689", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0383", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5627", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0489", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0371", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0113", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0120", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3158", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0578", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0087", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3173", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3160", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0114", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1532", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1696", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5612", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2395", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2381", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0385", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0488", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3180", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0540", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0112", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3197", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1511", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0574", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5096", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1555", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0115", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1570", "https://bugs.gentoo.org/show_bug.cgi?id=411503", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0118", "https://bugs.gentoo.org/show_bug.cgi?id=445602", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1492", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1548", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0119", "https://bugs.gentoo.org/show_bug.cgi?id=399375", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1566", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0553", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1544", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1703", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1552", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1506", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0583", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0384", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2378", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0485", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2391"], "affectedPackage": [{"OS": "Gentoo", "OSVersion": "any", "packageVersion": "5.1.70", "arch": "all", "packageFilename": "UNKNOWN", "packageName": "dev-db/mysql", "operator": "lt"}], "edition": 1, "description": "### Background\n\nMySQL is a fast, multi-threaded, multi-user SQL database server.\n\n### Description\n\nMultiple vulnerabilities have been discovered in MySQL. Please review the CVE identifiers referenced below for details. \n\n### Impact\n\nA remote attacker could send a specially crafted request, possibly resulting in execution of arbitrary code with the privileges of the application or a Denial of Service condition. \n\n### Workaround\n\nThere is no known workaround at this time.\n\n### Resolution\n\nAll MySQL users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=dev-db/mysql-5.1.70\"", "reporter": "Gentoo Foundation", "published": "2013-08-29T00:00:00", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "type": "gentoo", "title": "MySQL: Multiple vulnerabilities", "bulletinFamily": "unix", "cvelist": ["CVE-2012-5627", "CVE-2012-0583", "CVE-2012-3163", "CVE-2012-3166", "CVE-2012-1690", "CVE-2013-2395", "CVE-2012-3160", "CVE-2013-1521", "CVE-2012-0075", "CVE-2012-0489", "CVE-2013-1567", "CVE-2013-1623", "CVE-2013-0385", "CVE-2013-1532", "CVE-2013-2392", "CVE-2013-0371", "CVE-2012-5614", "CVE-2013-1526", "CVE-2012-1697", "CVE-2013-1544", "CVE-2013-1492", "CVE-2012-0112", "CVE-2013-1523", "CVE-2013-1506", "CVE-2012-3150", "CVE-2012-5611", "CVE-2013-0386", "CVE-2012-1688", "CVE-2012-0574", "CVE-2012-0491", "CVE-2012-3180", "CVE-2012-0553", "CVE-2012-5096", "CVE-2012-3167", "CVE-2012-1689", "CVE-2013-1552", "CVE-2012-0496", "CVE-2013-1555", "CVE-2012-0113", "CVE-2012-3197", "CVE-2012-1705", "CVE-2012-0484", "CVE-2012-3173", "CVE-2013-3808", "CVE-2013-2381", "CVE-2012-1734", "CVE-2012-0494", "CVE-2012-3158", "CVE-2013-0383", "CVE-2012-0115", "CVE-2013-1512", "CVE-2013-0368", "CVE-2013-0389", "CVE-2013-2391", "CVE-2012-5060", "CVE-2012-0101", "CVE-2013-0375", "CVE-2012-0488", "CVE-2013-1570", "CVE-2012-1702", "CVE-2012-0493", "CVE-2013-0367", "CVE-2013-1566", "CVE-2012-0114", "CVE-2013-1511", "CVE-2013-1502", "CVE-2012-0495", "CVE-2012-0540", "CVE-2013-1548", "CVE-2013-1531", "CVE-2013-2375", "CVE-2012-0119", "CVE-2012-0492", "CVE-2012-0116", "CVE-2012-0572", "CVE-2012-2749", "CVE-2012-0485", "CVE-2012-5615", "CVE-2012-0578", "CVE-2013-2389", "CVE-2012-0117", "CVE-2013-3804", "CVE-2012-0487", "CVE-2012-5613", "CVE-2012-3177", "CVE-2012-0087", "CVE-2012-0490", "CVE-2013-2378", "CVE-2012-1703", "CVE-2012-2102", "CVE-2012-2122", "CVE-2012-1696", "CVE-2013-3802", "CVE-2012-0120", "CVE-2013-2376", "CVE-2012-5612", "CVE-2013-0384", "CVE-2011-2262", "CVE-2012-0118", "CVE-2012-0102", "CVE-2012-0486"], "modified": "2013-08-30T00:00:00", "id": "GLSA-201308-06", "href": "https://security.gentoo.org/glsa/201308-06", "cvss": {"score": 9.0, "vector": "AV:NETWORK/AC:LOW/Au:SINGLE_INSTANCE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "oracle": [{"lastseen": "2018-08-31T04:13:40", "references": [], "description": "A Critical Patch Update is a collection of patches for multiple security vulnerabilities. Critical Patch Update patches are usually cumulative but each advisory describes only the security fixes added since the previous Critical Patch Update advisory. Thus, prior Critical Patch Update advisories should be reviewed for information regarding earlier published security fixes. Please refer to:\n\n[Critical Patch Updates and Security Alerts](<http://www.oracle.com/technetwork/topics/security/alerts-086861.html>) for information about Oracle Security Advisories.\n\n**Due to the threat posed by a successful attack, Oracle strongly recommends that customers apply CPU fixes as soon as possible.** This Critical Patch Update contains 88 new security fixes across the product families listed below.\n\nOracle released a Security Alert on January 31st, 2012 to address the security issue CVE-2011-5035, a denial of service vulnerability in multiple Oracle products due to hashing collisions. Please see [Security Alert (CVE-2011-5035)](<http://www.oracle.com/technetwork/topics/security/alert-cve-2011-5035-1506603.html>) for the list of affected products and patch availability information.\n", "edition": 3, "reporter": "Oracle", "published": "2012-07-19T00:00:00", "title": "Oracle Critical Patch Update - April 2012", "type": "oracle", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "bulletinFamily": "software", "affectedSoftware": [{"name": "PeopleSoft Enterprise PeopleTools", "version": "8.50", "operator": "le"}, {"name": "SPARC Enterprise M Series Servers", "version": "1110", "operator": "le"}, {"name": "RDBMS Core", "version": "11.2.0.2", "operator": "le"}, {"name": "Oracle RDBMS", "version": "11.2.0.2", "operator": "le"}, {"name": "Oracle Agile PLM for Process", "version": "6.0.0", "operator": "le"}, {"name": "PeopleSoft Enterprise HRMS", "version": "9.0", "operator": "le"}, {"name": "Oracle Spatial", "version": "11.1.0.7", "operator": "le"}, {"name": "RDBMS Core", "version": "10.2.0.3", "operator": "le"}, {"name": "Oracle RDBMS", "version": "10.2.0.5", "operator": "le"}, {"name": "MySQL Server", "version": "5.1.61", "operator": "le"}, {"name": "OCI", "version": "11.1.0.7", "operator": "le"}, {"name": "Oracle RDBMS", "version": "11.1.0.7", "operator": "le"}, {"name": "RDBMS Core", "version": "10.2.0.5", "operator": "le"}, {"name": "Enterprise Manager Base Platform", "version": "11.1.0.7", "operator": "le"}, {"name": "RDBMS Core", "version": "11.1.0.7", "operator": "le"}, {"name": "MySQL Server", "version": "5.5.21", "operator": "le"}, {"name": "MySQL Server", "version": "5.5.19", "operator": "le"}, {"name": "Solaris", "version": "8", "operator": "le"}, {"name": "Oracle FLEXCUBE Universal Banking", "version": "10.0.0", "operator": "le"}, {"name": "Enterprise Manager Base Platform", "version": "10.2.0.5", "operator": "le"}, {"name": "OCI", "version": "10.2.0.3", "operator": "le"}, {"name": "Oracle Application Express", "version": "4.1", "operator": "le"}, {"name": "RDBMS Core", "version": "10.2.0.4", "operator": "le"}, {"name": "Oracle FLEXCUBE Universal Banking", "version": "11.0.0", "operator": "le"}, {"name": "Oracle FLEXCUBE Direct Banking", "version": "5.3.0", "operator": "le"}, {"name": "PeopleSoft Enterprise PeopleTools", "version": "8.51", "operator": "le"}, {"name": "Oracle RDBMS", "version": "10.2.0.3", "operator": "le"}, {"name": "Solaris", "version": "11", "operator": "le"}, {"name": "Oracle iStore", "version": "12.1.3", "operator": "le"}, {"name": "PeopleSoft Enterprise HCM", "version": "9.1", "operator": "le"}, {"name": "Siebel Clinical", "version": "7.8", "operator": "le"}, {"name": "Siebel Clinical", "version": "7.7", "operator": "le"}, {"name": "BI Publisher (formerly XML Publisher)", "version": "10.1.3.4.2", "operator": "le"}, {"name": "PeopleSoft Enterprise FCSM", "version": "9.0", "operator": "le"}, {"name": "Siebel Clinical", "version": "8.2.2.x", "operator": "le"}, {"name": "Oracle RDBMS", "version": "10.2.0.4", "operator": "le"}, {"name": "Oracle FLEXCUBE Direct Banking", "version": "5.0.2", "operator": "le"}, {"name": "PeopleSoft Enterprise HRMS", "version": "9.1", "operator": "le"}, {"name": "Solaris", "version": "10", "operator": "le"}, {"name": "Oracle iStore", "version": "11.5.10.2", "operator": "le"}, {"name": "Oracle Outside In Technology", "version": "8.3.7", "operator": "le"}, {"name": "RDBMS Core", "version": "11.2.0.3", "operator": "le"}, {"name": "Oracle JRockit", "version": "28.2.2", "operator": "le"}, {"name": "MySQL Server", "version": "5.1.60", "operator": "le"}, {"name": "Identity Manager", "version": "11.1.1.5", "operator": "le"}, {"name": "Oracle Spatial", "version": "10.2.0.4", "operator": "le"}, {"name": "GlassFish Enterprise Server", "version": "3.1.1", "operator": "le"}, {"name": "Oracle Spatial", "version": "10.2.0.3", "operator": "le"}, {"name": "Identity Manager", "version": "11.1.1.3", "operator": "le"}, {"name": "PeopleSoft Enterprise HRMS", "version": "8.9", "operator": "le"}, {"name": "Primavera P6 Enterprise Project Portfolio Management", "version": "8.2", "operator": "le"}, {"name": "Solaris", "version": "9", "operator": "le"}, {"name": "Oracle FLEXCUBE Direct Banking", "version": "6.2.0", "operator": "le"}, {"name": "Oracle Grid Engine", "version": "6.1", "operator": "le"}, {"name": "Siebel Clinical", "version": "8.1.1.x", "operator": "le"}, {"name": "Oracle AutoVue Desktop", "version": "20.1.1", "operator": "le"}, {"name": "Identity Manager Connector", "version": "9.1.0.4", "operator": "le"}, {"name": "BI Publisher (formerly XML Publisher)", "version": "10.1.3.4.1", "operator": "le"}, {"name": "Oracle Agile PLM for Process", "version": "6.1.1", "operator": "le"}, {"name": "Oracle Application Express", "version": "4.0", "operator": "le"}, {"name": "Enterprise Manager Base Platform", "version": "10.2.0.3", "operator": "le"}, {"name": "Oracle Outside In Technology", "version": "8.3.5", "operator": "le"}, {"name": "Enterprise Manager Base Platform", "version": "11.2.0.2", "operator": "le"}, {"name": "OCI", "version": "10.2.0.4", "operator": "le"}, {"name": "Enterprise Manager Base Platform", "version": "10.2.0.4", "operator": "le"}, {"name": "Oracle Spatial", "version": "10.2.0.5", "operator": "le"}, {"name": "Oracle Grid Engine", "version": "6.2", "operator": "le"}, {"name": "Oracle Application Object Library", "version": "12.0.6", "operator": "le"}, {"name": "Primavera P6 Enterprise Project Portfolio Management", "version": "8.1", "operator": "le"}, {"name": "Oracle iStore", "version": "12.1.2", "operator": "le"}, {"name": "PeopleSoft Enterprise PeopleTools", "version": "8.52", "operator": "le"}, {"name": "Oracle Agile PLM for Process", "version": "5.2.2", "operator": "le"}, {"name": "Enterprise Manager Base Platform", "version": "11.1.0.1", "operator": "le"}, {"name": "Oracle iStore", "version": "12.1.1", "operator": "le"}, {"name": "PeopleSoft Enterprise SCM", "version": "9.0", "operator": "le"}, {"name": "Oracle Application Object Library", "version": "12.1.3", "operator": "le"}, {"name": "Oracle iStore", "version": "12.0.6", "operator": "le"}, {"name": "Oracle iPlanet Web Server", "version": "7.0", "operator": "le"}, {"name": "Oracle FLEXCUBE Direct Banking", "version": "6.0.1", "operator": "le"}, {"name": "Oracle JRockit", "version": "27.7.1", "operator": "le"}, {"name": "Oracle JDeveloper", "version": "10.1.3.5", "operator": "le"}, {"name": "Primavera P6 Enterprise Project Portfolio Management", "version": "6.2.1", "operator": "le"}, {"name": "Oracle Spatial", "version": "11.2.0.3", "operator": "le"}, {"name": "Enterprise Manager Base Platform", "version": "11.2.0.3", "operator": "le"}, {"name": "Primavera P6 Enterprise Project Portfolio Management", "version": "8.0", "operator": "le"}, {"name": "Siebel Clinical", "version": "8.0.0.x", "operator": "le"}, {"name": "Oracle iStore", "version": "12.0.4", "operator": "le"}, {"name": "PeopleSoft Enterprise FCSM", "version": "9.1", "operator": "le"}, {"name": "PeopleSoft Enterprise CRM", "version": "9.1", "operator": "le"}, {"name": "Oracle WebCenter Forms Recognition", "version": "10.1.3.5", "operator": "le"}, {"name": "Oracle Spatial", "version": "11.2.0.2", "operator": "le"}, {"name": "PeopleSoft Enterprise Portal", "version": "9.1", "operator": "le"}, {"name": "PeopleSoft Enterprise SCM", "version": "9.1", "operator": "le"}], "cvelist": ["CVE-2012-0583", "CVE-2012-0516", "CVE-2012-1690", "CVE-2012-0552", "CVE-2012-0576", "CVE-2012-1676", "CVE-2012-0581", "CVE-2012-1709", "CVE-2012-0510", "CVE-2012-0529", "CVE-2012-0577", "CVE-2012-0538", "CVE-2012-0512", "CVE-2012-0566", "CVE-2012-0558", "CVE-2012-0536", "CVE-2011-3563", "CVE-2012-1708", "CVE-2012-0523", "CVE-2012-1697", "CVE-2012-1674", "CVE-2012-0545", "CVE-2012-0208", "CVE-2012-0511", "CVE-2012-0567", "CVE-2012-1688", "CVE-2012-0546", "CVE-2012-0565", "CVE-2012-0548", "CVE-2012-1693", "CVE-2012-0514", "CVE-2011-5035", "CVE-2012-0549", "CVE-2012-0582", "CVE-2012-0520", "CVE-2012-1679", "CVE-2012-0498", "CVE-2012-0579", "CVE-2012-0551", "CVE-2012-0525", "CVE-2012-0522", "CVE-2012-0561", "CVE-2012-0539", "CVE-2012-0556", "CVE-2012-1694", "CVE-2012-0534", "CVE-2012-0580", "CVE-2012-1681", "CVE-2012-0557", "CVE-2012-0519", "CVE-2012-0497", "CVE-2012-1695", "CVE-2012-0537", "CVE-2012-0533", "CVE-2012-0575", "CVE-2012-0560", "CVE-2012-1692", "CVE-2012-0535", "CVE-2012-0526", "CVE-2012-1704", "CVE-2012-0513", "CVE-2012-0532", "CVE-2012-0499", "CVE-2012-1707", "CVE-2012-0501", "CVE-2012-0521", "CVE-2012-1698", "CVE-2012-0543", "CVE-2012-1684", "CVE-2012-1683", "CVE-2012-1691", "CVE-2012-0517", "CVE-2012-0531", "CVE-2012-1710", "CVE-2012-0515", "CVE-2012-0550", "CVE-2012-0509", "CVE-2012-0542", "CVE-2012-0562", "CVE-2012-0554", "CVE-2012-0544", "CVE-2012-0564", "CVE-2012-0530", "CVE-2012-1703", "CVE-2012-1696", "CVE-2012-0571", "CVE-2012-1706", "CVE-2012-0555", "CVE-2012-0559", "CVE-2012-0527", "CVE-2012-0573", "CVE-2012-0528", "CVE-2012-0541", "CVE-2012-0524"], "modified": "2012-04-17T00:00:00", "id": "ORACLE:CPUAPR2012-366314", "href": "", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}]}