This update fixes several vulnerabilities in the MySQL database server. (CVE-2014-0386 , CVE-2014-0393 , CVE-2014-0401 , CVE-2014-0402 , CVE-2014-0412 , CVE-2014-0437 , CVE-2013-5908)
A buffer overflow flaw was found in the way the MySQL command line client tool (mysql) processed excessively long version strings. If a user connected to a malicious MySQL server via the mysql client, the server could use this flaw to crash the mysql client or, potentially, execute arbitrary code as the user running the mysql client.
(CVE-2014-0001)
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Amazon Linux AMI Security Advisory ALAS-2014-298.
#
include("compat.inc");
if (description)
{
script_id(72946);
script_version("1.4");
script_cvs_date("Date: 2018/04/18 15:09:35");
script_cve_id("CVE-2013-5908", "CVE-2014-0001", "CVE-2014-0386", "CVE-2014-0393", "CVE-2014-0401", "CVE-2014-0402", "CVE-2014-0412", "CVE-2014-0437");
script_xref(name:"ALAS", value:"2014-298");
script_xref(name:"RHSA", value:"2014:0164");
script_name(english:"Amazon Linux AMI : mysql51 (ALAS-2014-298)");
script_summary(english:"Checks rpm output for the updated packages");
script_set_attribute(
attribute:"synopsis",
value:"The remote Amazon Linux AMI host is missing a security update."
);
script_set_attribute(
attribute:"description",
value:
"This update fixes several vulnerabilities in the MySQL database
server. (CVE-2014-0386 , CVE-2014-0393 , CVE-2014-0401 , CVE-2014-0402
, CVE-2014-0412 , CVE-2014-0437 , CVE-2013-5908)
A buffer overflow flaw was found in the way the MySQL command line
client tool (mysql) processed excessively long version strings. If a
user connected to a malicious MySQL server via the mysql client, the
server could use this flaw to crash the mysql client or, potentially,
execute arbitrary code as the user running the mysql client.
(CVE-2014-0001)"
);
script_set_attribute(
attribute:"see_also",
value:"https://alas.aws.amazon.com/ALAS-2014-298.html"
);
script_set_attribute(
attribute:"solution",
value:"Run 'yum update mysql51' to update your system."
);
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:mysql51");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:mysql51-bench");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:mysql51-common");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:mysql51-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:mysql51-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:mysql51-embedded");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:mysql51-embedded-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:mysql51-libs");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:mysql51-server");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:mysql51-test");
script_set_attribute(attribute:"cpe", value:"cpe:/o:amazon:linux");
script_set_attribute(attribute:"patch_publication_date", value:"2014/03/06");
script_set_attribute(attribute:"plugin_publication_date", value:"2014/03/12");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_copyright(english:"This script is Copyright (C) 2014-2018 Tenable Network Security, Inc.");
script_family(english:"Amazon Linux Local Security Checks");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/AmazonLinux/release", "Host/AmazonLinux/rpm-list");
exit(0);
}
include("audit.inc");
include("global_settings.inc");
include("rpm.inc");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/AmazonLinux/release");
if (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, "Amazon Linux");
os_ver = pregmatch(pattern: "^AL(A|\d)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Amazon Linux");
os_ver = os_ver[1];
if (os_ver != "A")
{
if (os_ver == 'A') os_ver = 'AMI';
audit(AUDIT_OS_NOT, "Amazon Linux AMI", "Amazon Linux " + os_ver);
}
if (!get_kb_item("Host/AmazonLinux/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
flag = 0;
if (rpm_check(release:"ALA", reference:"mysql51-5.1.73-3.68.amzn1")) flag++;
if (rpm_check(release:"ALA", reference:"mysql51-bench-5.1.73-3.68.amzn1")) flag++;
if (rpm_check(release:"ALA", reference:"mysql51-common-5.1.73-3.68.amzn1")) flag++;
if (rpm_check(release:"ALA", reference:"mysql51-debuginfo-5.1.73-3.68.amzn1")) flag++;
if (rpm_check(release:"ALA", reference:"mysql51-devel-5.1.73-3.68.amzn1")) flag++;
if (rpm_check(release:"ALA", reference:"mysql51-embedded-5.1.73-3.68.amzn1")) flag++;
if (rpm_check(release:"ALA", reference:"mysql51-embedded-devel-5.1.73-3.68.amzn1")) flag++;
if (rpm_check(release:"ALA", reference:"mysql51-libs-5.1.73-3.68.amzn1")) flag++;
if (rpm_check(release:"ALA", reference:"mysql51-server-5.1.73-3.68.amzn1")) flag++;
if (rpm_check(release:"ALA", reference:"mysql51-test-5.1.73-3.68.amzn1")) flag++;
if (flag)
{
if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
else security_hole(0);
exit(0);
}
else
{
tested = pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, "mysql51 / mysql51-bench / mysql51-common / mysql51-debuginfo / etc");
}
Vendor | Product | Version | CPE |
---|---|---|---|
amazon | linux | mysql51 | p-cpe:/a:amazon:linux:mysql51 |
amazon | linux | mysql51-bench | p-cpe:/a:amazon:linux:mysql51-bench |
amazon | linux | mysql51-common | p-cpe:/a:amazon:linux:mysql51-common |
amazon | linux | mysql51-debuginfo | p-cpe:/a:amazon:linux:mysql51-debuginfo |
amazon | linux | mysql51-devel | p-cpe:/a:amazon:linux:mysql51-devel |
amazon | linux | mysql51-embedded | p-cpe:/a:amazon:linux:mysql51-embedded |
amazon | linux | mysql51-embedded-devel | p-cpe:/a:amazon:linux:mysql51-embedded-devel |
amazon | linux | mysql51-libs | p-cpe:/a:amazon:linux:mysql51-libs |
amazon | linux | mysql51-server | p-cpe:/a:amazon:linux:mysql51-server |
amazon | linux | mysql51-test | p-cpe:/a:amazon:linux:mysql51-test |
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5908
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0001
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0386
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0393
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0401
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0402
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0412
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0437
alas.aws.amazon.com/ALAS-2014-298.html