The version of MariaDB installed on the remote host is 10.0.x prior to 10.0.28, and is affected by multiple vulnerabilities :
- An unspecified flaw may allow an authenticated attacker to bypass restrictions and create the β/var/lib/mysql/my.cnfβ file with custom contents without the FILE privilege requirement.
- A flaw in the C software version of AES Encryption and Decryption is triggered as table lookups do not properly consider cache-bank access times. This may allow a local user to disclose AES keys via a specially crafted application.
- An unspecified flaw exists related to the MyISAM subcomponent. This may allow a local attacker to gain elevated privileges. No further details have been provided by the vendor.
- An unspecified flaw exists related to the DML subcomponent. This may allow an authenticated remote attacker to cause a denial of service. No further details have been provided by the vendor.
- An unspecified flaw exists related to the GIS subcomponent. This may allow an authenticated remote attacker to cause a denial of service. No further details have been provided by the vendor.
- An unspecified flaw exists related to the Optimizer subcomponent. This may allow an authenticated remote attacker to cause a denial of service. No further details have been provided by the vendor.
- An unspecified flaw exists related to the Federated subcomponent. This may allow an authenticated remote attacker to cause a denial of service. No further details have been provided by the vendor.
- An unspecified flaw exists related to the Security: Encryption subcomponent. This may allow an authenticated remote attacker to disclose potentially sensitive information. No further details have been provided by the vendor.
- An unspecified flaw exists related to the Types subcomponent. This may allow an authenticated remote attacker to cause a denial of service. No further details have been provided by the vendor.
- A flaw exists in the βfill_alter_inplace_info()β function in βsql/sql_table.ccβ that is triggered when altering persistent virtual columns. This may allow an authenticated attacker to crash the database.
- A flaw exists in the βmysql_rm_table_no_locks()β function in βsql/sql_table.ccβ that is triggered during the handling of βCREATE OR REPLACE TABLEβ queries. This may allow an authenticated attacker to crash the database.
- A flaw exists in βscripts/mysqld_safe.shβ that is triggered when handling arguments to βmalloc-libβ. This may allow a local attacker to potentially gain elevated privileges. Note that CVE-2016-6664 is reportedly a duplicate assignment of CVE-2016-5617, which was assigned to this issueβs manifestation in Oracle MySQL.