Lucene search
K

EulerOS Virtualization 3.0.1.0 : mariadb (EulerOS-SA-2019-1553)

🗓️ 14 May 2019 00:00:00Reported by TenableType 
nessus
 nessus
🔗 www.tenable.com👁 61 Views

EulerOS Virtualization affected by multiple MySQL and MariaDB vulnerabilitie

Related
Refs
Code
#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(125006);
  script_version("1.8");
  script_set_attribute(attribute:"plugin_modification_date", value:"2024/05/22");

  script_cve_id(
    "CVE-2014-6464",
    "CVE-2014-6469",
    "CVE-2014-6559",
    "CVE-2016-0505",
    "CVE-2016-0546",
    "CVE-2016-0598",
    "CVE-2016-0640",
    "CVE-2016-0641",
    "CVE-2016-0650",
    "CVE-2016-0666",
    "CVE-2016-3452",
    "CVE-2016-3477",
    "CVE-2016-3492",
    "CVE-2016-3521",
    "CVE-2016-3615",
    "CVE-2016-5440",
    "CVE-2016-5444",
    "CVE-2016-5629",
    "CVE-2016-6662",
    "CVE-2016-6663"
  );
  script_bugtraq_id(70446, 70451, 70487);

  script_name(english:"EulerOS Virtualization 3.0.1.0 : mariadb (EulerOS-SA-2019-1553)");

  script_set_attribute(attribute:"synopsis", value:
"The remote EulerOS Virtualization host is missing multiple security
updates.");
  script_set_attribute(attribute:"description", value:
"According to the versions of the mariadb packages installed, the
EulerOS Virtualization installation on the remote host is affected by
the following vulnerabilities :

  - Unspecified vulnerability in Oracle MySQL 5.5.49 and
    earlier, 5.6.30 and earlier, and 5.7.12 and earlier and
    MariaDB before 5.5.50, 10.0.x before 10.0.26, and
    10.1.x before 10.1.15 allows local users to affect
    confidentiality, integrity, and availability via
    vectors related to Server: Parser.(CVE-2016-3477)

  - Unspecified vulnerability in Oracle MySQL 5.5.51 and
    earlier, 5.6.32 and earlier, and 5.7.14 and earlier
    allows remote authenticated users to affect
    availability via vectors related to Server:
    Optimizer.(CVE-2016-3492)

  - Unspecified vulnerability in Oracle MySQL 5.5.51 and
    earlier, 5.6.32 and earlier, and 5.7.14 and earlier
    allows remote administrators to affect availability via
    vectors related to Server: Federated.(CVE-2016-5629)

  - Unspecified vulnerability in Oracle MySQL 5.5.47 and
    earlier, 5.6.28 and earlier, and 5.7.10 and earlier and
    MariaDB before 5.5.48, 10.0.x before 10.0.24, and
    10.1.x before 10.1.12 allows local users to affect
    availability via vectors related to
    Replication.(CVE-2016-0650)

  - Unspecified vulnerability in Oracle MySQL 5.5.49 and
    earlier, 5.6.30 and earlier, and 5.7.12 and earlier and
    MariaDB before 5.5.50, 10.0.x before 10.0.26, and
    10.1.x before 10.1.15 allows remote administrators to
    affect availability via vectors related to Server:
    RBR.(CVE-2016-5440)

  - Unspecified vulnerability in Oracle MySQL 5.5.49 and
    earlier, 5.6.30 and earlier, and 5.7.12 and earlier and
    MariaDB before 5.5.50, 10.0.x before 10.0.26, and
    10.1.x before 10.1.15 allows remote authenticated users
    to affect availability via vectors related to Server:
    Types.(CVE-2016-3521)

  - Unspecified vulnerability in Oracle MySQL 5.5.46 and
    earlier, 5.6.27 and earlier, and 5.7.9 and MariaDB
    before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before
    10.1.10 allows local users to affect confidentiality,
    integrity, and availability via unknown vectors related
    to Client. NOTE: the previous information is from the
    January 2016 CPU. Oracle has not commented on
    third-party claims that these are multiple buffer
    overflows in the mysqlshow tool that allow remote
    database servers to have unspecified impact via a long
    table or database name.(CVE-2016-0546)

  - Unspecified vulnerability in Oracle MySQL 5.5.46 and
    earlier, 5.6.27 and earlier, and 5.7.9 and MariaDB
    before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before
    10.1.10 allows remote authenticated users to affect
    availability via vectors related to DML.(CVE-2016-0598)

  - Unspecified vulnerability in Oracle MySQL 5.5.48 and
    earlier, 5.6.29 and earlier, and 5.7.11 and earlier and
    MariaDB before 5.5.49, 10.0.x before 10.0.25, and
    10.1.x before 10.1.14 allows remote attackers to affect
    confidentiality via vectors related to Server:
    Connection.(CVE-2016-5444)

  - Unspecified vulnerability in Oracle MySQL 5.5.49 and
    earlier, 5.6.30 and earlier, and 5.7.12 and earlier and
    MariaDB before 5.5.50, 10.0.x before 10.0.26, and
    10.1.x before 10.1.15 allows remote authenticated users
    to affect availability via vectors related to Server:
    DML.(CVE-2016-3615)

  - A race condition was found in the way MySQL performed
    MyISAM engine table repair. A database user with shell
    access to the server running mysqld could use this flaw
    to change permissions of arbitrary files writable by
    the mysql system user.(CVE-2016-6663)

  - It was discovered that the MySQL logging functionality
    allowed writing to MySQL configuration files. An
    administrative database user, or a database user with
    FILE privileges, could possibly use this flaw to run
    arbitrary commands with root privileges on the system
    running the database server.(CVE-2016-6662)

  - Unspecified vulnerability in Oracle MySQL 5.5.46 and
    earlier, 5.6.27 and earlier, and 5.7.9 and MariaDB
    before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before
    10.1.10 allows remote authenticated users to affect
    availability via unknown vectors related to
    Options.(CVE-2016-0505)

  - Unspecified vulnerability in Oracle MySQL 5.5.48 and
    earlier, 5.6.29 and earlier, and 5.7.11 and earlier and
    MariaDB before 5.5.49, 10.0.x before 10.0.25, and
    10.1.x before 10.1.14 allows local users to affect
    availability via vectors related to Security:
    Privileges.(CVE-2016-0666)

  - Unspecified vulnerability in Oracle MySQL Server 5.5.39
    and earlier and 5.6.20 and earlier allows remote
    authenticated users to affect availability via vectors
    related to SERVER:OPTIMIZER.(CVE-2014-6469)

  - Unspecified vulnerability in Oracle MySQL 5.5.47 and
    earlier, 5.6.28 and earlier, and 5.7.10 and earlier and
    MariaDB before 5.5.48, 10.0.x before 10.0.24, and
    10.1.x before 10.1.12 allows local users to affect
    integrity and availability via vectors related to
    DML.(CVE-2016-0640)

  - Unspecified vulnerability in Oracle MySQL 5.5.48 and
    earlier, 5.6.29 and earlier, and 5.7.10 and earlier and
    MariaDB before 5.5.49, 10.0.x before 10.0.25, and
    10.1.x before 10.1.14 allows remote attackers to affect
    confidentiality via vectors related to Server:
    Security: Encryption.(CVE-2016-3452)

  - Unspecified vulnerability in Oracle MySQL 5.5.47 and
    earlier, 5.6.28 and earlier, and 5.7.10 and earlier and
    MariaDB before 5.5.48, 10.0.x before 10.0.24, and
    10.1.x before 10.1.12 allows local users to affect
    confidentiality and availability via vectors related to
    MyISAM.(CVE-2016-0641)

  - Unspecified vulnerability in Oracle MySQL Server 5.5.39
    and earlier and 5.6.20 and earlier allows remote
    authenticated users to affect availability via vectors
    related to SERVER:INNODB DML FOREIGN
    KEYS.(CVE-2014-6464)

  - Unspecified vulnerability in Oracle MySQL Server 5.5.39
    and earlier, and 5.6.20 and earlier, allows remote
    attackers to affect confidentiality via vectors related
    to C API SSL CERTIFICATE HANDLING.(CVE-2014-6559)

Note that Tenable Network Security has extracted the preceding
description block directly from the EulerOS security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues.");
  # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-1553
  script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?6662e56e");
  script_set_attribute(attribute:"solution", value:
"Update the affected mariadb packages.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
  script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2016-6662");

  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");

  script_set_attribute(attribute:"patch_publication_date", value:"2019/05/09");
  script_set_attribute(attribute:"plugin_publication_date", value:"2019/05/14");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:mariadb");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:mariadb-libs");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:mariadb-server");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:huawei:euleros:uvp:3.0.1.0");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Huawei Local Security Checks");

  script_copyright(english:"This script is Copyright (C) 2019-2024 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/EulerOS/release", "Host/EulerOS/rpm-list", "Host/EulerOS/uvp_version");

  exit(0);
}

include("audit.inc");
include("global_settings.inc");
include("rpm.inc");

if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);

release = get_kb_item("Host/EulerOS/release");
if (isnull(release) || release !~ "^EulerOS") audit(AUDIT_OS_NOT, "EulerOS");
uvp = get_kb_item("Host/EulerOS/uvp_version");
if (uvp != "3.0.1.0") audit(AUDIT_OS_NOT, "EulerOS Virtualization 3.0.1.0");
if (!get_kb_item("Host/EulerOS/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "aarch64" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "EulerOS", cpu);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_ARCH_NOT, "i686 / x86_64", cpu);

flag = 0;

pkgs = ["mariadb-5.5.60-1",
        "mariadb-libs-5.5.60-1",
        "mariadb-server-5.5.60-1"];

foreach (pkg in pkgs)
  if (rpm_check(release:"EulerOS-2.0", reference:pkg)) flag++;

if (flag)
{
  security_report_v4(
    port       : 0,
    severity   : SECURITY_HOLE,
    extra      : rpm_report_get()
  );
  exit(0);
}
else
{
  tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, "mariadb");
}

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

22 May 2024 00:00Current
7.2High risk
Vulners AI Score7.2
CVSS 210
CVSS 39.8
CVSS 3.16.5
EPSS0.6773
SSVC
61