Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
mageiaGentoo FoundationMGASA-2015-0279
HistoryJul 27, 2015 - 12:53 p.m.

Updated mariadb package fixes security vulnerabilities

2015-07-2712:53:07
Gentoo Foundation
advisories.mageia.org
15

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

5.9 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

0.004 Low

EPSS

Percentile

74.1%

JSON

The mariadb package has been updated to versions 5.5.44 and 10.0.20 in Mageia 4 and Mageia 5, respectively. Both fix an issue where the client is vulnerable to a man-in-the-middle attack when using the --ssl option, where the SSL/TLS protection could be disabled (CVE-2015-3152). The Mageia 4 update also fixes other unspecified security issues, such as CVE-2015-2582, CVE-2015-2620, CVE-2015-2643, CVE-2015-2648, CVE-2015-4737, and CVE-2015-4752. Refer to the Oracle Critical Patch Update for details.

OSVersionArchitecturePackageVersionFilename
Mageia4noarchmariadb< 5.5.44-1mariadb-5.5.44-1.mga4
Mageia5noarchmariadb< 10.0.20-1mariadb-10.0.20-1.mga5

Related

openvas 40
osv 4
debian 3
nessus 54
oraclelinux 2
veracode 24
redhat 6
centos 2
ubuntu 1
gentoo 1
kaspersky 1
cvelist 9
cve 9
prion 9
ubuntucve 9
nvd 9
fedora 2
f5 2
mariadbunix 6
freebsd 1
ibm 1
redhatcve 1
debiancve 1
suse 1
amazon 1
openvas
openvas
Debian: Security Advisory (DSA-3308-1)
2015-07-17 00:00:00
Mageia: Security Advisory (MGASA-2015-0279)
2015-10-15 00:00:00
Debian Security Advisory DSA 3308-1 (mysql-5.5 - security update)
2015-07-18 00:00:00
osv
osv
mysql-5.5 - security update
2015-07-18 00:00:00
mariadb-10.0 - security update
2015-07-20 00:00:00
mysql-5.5 packages as an option announcement
2015-12-16 00:00:00
debian
debian
[SECURITY] [DSA 3308-1] mysql-5.5 security update
2015-07-18 09:31:52
[SECURITY] [DSA 3308-1] mysql-5.5 security update
2015-07-18 09:31:52
[SECURITY] [DLA 1079-1] libdbd-mysql-perl security update
2017-08-31 11:58:27
nessus
nessus
Debian DSA-3308-1 : mysql-5.5 - security update
2015-07-20 00:00:00
MariaDB 10.0.x < 10.0.20 Multiple Vulnerabilities (BACKRONYM)
2015-07-16 00:00:00
MariaDB Server 10.0.x < 10.0.20 Multiple Vulnerabilities (BACKRONYM)
2016-05-13 00:00:00
oraclelinux
oraclelinux
mariadb security update
2015-08-24 00:00:00
mysql55-mysql security update
2015-08-17 00:00:00
veracode
veracode
Denial Of Service (DoS)
2019-05-02 05:17:52
Denial Of Service (DoS)
2019-05-02 05:17:52
Denial Of Service (DoS)
2019-05-02 05:17:51
redhat
redhat
(RHSA-2015:1647) Moderate: mariadb55-mariadb security update
2015-08-20 00:00:00
(RHSA-2015:1665) Moderate: mariadb security update
2015-08-24 00:00:00
(RHSA-2015:1629) Moderate: mysql55-mysql security update
2015-08-17 00:00:00
centos
centos
mariadb security update
2015-08-25 16:08:22
mysql55 security update
2015-08-17 15:20:46
ubuntu
ubuntu
MySQL vulnerabilities
2015-07-21 00:00:00
gentoo
gentoo
MySQL and MariaDB: Multiple vulnerabilities
2016-10-11 00:00:00
kaspersky
kaspersky
KLA10638 Multiple vulnerabilities in Oracle MySQL
2015-07-17 00:00:00
cvelist
cvelist
CVE-2015-2648
2015-07-16 10:00:00
CVE-2015-4737
2015-07-16 10:00:00
CVE-2015-2643
2015-07-16 10:00:00
cve
cve
CVE-2015-2648
2015-07-16 11:00:08
CVE-2015-4737
2015-07-16 11:00:32
CVE-2015-2643
2015-07-16 11:00:03
prion
prion
Design/Logic Flaw
2015-07-16 11:00:00
Design/Logic Flaw
2015-07-16 11:00:00
Design/Logic Flaw
2015-07-16 11:00:00
ubuntucve
ubuntucve
CVE-2015-4737
2015-07-16 00:00:00
CVE-2015-2648
2015-07-16 00:00:00
CVE-2015-2643
2015-07-16 00:00:00
nvd
nvd
CVE-2015-4737
2015-07-16 11:00:32
CVE-2015-2643
2015-07-16 11:00:03
CVE-2015-2648
2015-07-16 11:00:08
fedora
fedora
[SECURITY] Fedora 21 Update: mariadb-10.0.20-1.fc21
2015-07-10 19:10:52
[SECURITY] Fedora 22 Update: mariadb-10.0.20-1.fc22
2015-07-03 18:49:07
f5
f5
K16845 : MySQL vulnerability CVE-2015-3152
2015-07-02 00:00:00
SOL16845 - MySQL vulnerability CVE-2015-3152
2015-07-02 00:00:00
mariadbunix
mariadbunix
CVE-2015-2643
2015-07-16 11:00:00
CVE-2015-2648
2015-07-16 11:00:00
CVE-2015-2582
2015-07-16 10:59:00
freebsd
freebsd
mysql -- SSL Downgrade
2015-03-20 00:00:00
ibm
ibm
Security Bulletin: vulnerabilities in OpenSource Oracle MySQL Server affect IBM Security Guardium
2018-06-16 21:30:35
redhatcve
redhatcve
CVE-2017-10789
2017-07-04 10:49:05
debiancve
debiancve
CVE-2017-10789
2017-07-01 18:29:00
suse
suse
Security update for perl-DBD-mysql (moderate)
2018-05-29 18:07:51
amazon
amazon
Medium: php56
2015-08-17 12:46:00

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

5.9 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

0.004 Low

EPSS

Percentile

74.1%

JSON
Related for MGASA-2015-0279
openvas40osv4debian3nessus54oraclelinux2veracode24redhat6centos2ubuntu1gentoo1kaspersky1cvelist9cve9prion9ubuntucve9nvd9fedora2f52mariadbunix6freebsd1ibm1redhatcve1debiancve1suse1amazon1