Lucene search
K

MariaDB 10.1.x < 10.1.16 Multiple DoS

🗓️ 28 Sep 2016 00:00:00Reported by TenableType 
nessus
 nessus
🔗 www.tenable.com👁 13 Views

MariaDB 10.1.x < 10.1.16 Denial of Service Vulnerabilitie

Refs
Code
#
# (C) Tenable Network Security, Inc.
#

include("compat.inc");

if (description)
{
  script_id(93788);
  script_version("1.8");
  script_cvs_date("Date: 2019/01/02 11:18:37");


  script_name(english:"MariaDB 10.1.x < 10.1.16 Multiple DoS");
  script_summary(english:"Checks the MariaDB version.");

  script_set_attribute(attribute:"synopsis", value:
"The remote database server is affected by multiple denial of service
vulnerabilities.");
  script_set_attribute(attribute:"description", value:
"The version of MariaDB running on the remote host is 10.1.x prior to
10.1.16. It is, therefore, affected by multiple denial of service
vulnerabilities :

  - A denial of service vulnerability exists in the
    get_best_group_min_max() function within file
    sql/opt_range.cc when handling query plans. An
    authenticated, remote attacker can exploit this to crash
    the database.

  - A denial of service vulnerability exists in the
    emb_stmt_execute() function within file
    libmysqld/lib_sql.cc when handling queries. An
    authenticated, remote attacker can exploit this to crash
    the database.");
  script_set_attribute(attribute:"see_also", value:"https://mariadb.org/mariadb-10-1-16-now-available/");
  script_set_attribute(attribute:"see_also", value:"https://mariadb.com/kb/en/library/mariadb-10116-changelog/");
  script_set_attribute(attribute:"see_also", value:"https://mariadb.com/kb/en/library/mariadb-10116-release-notes/");
  script_set_attribute(attribute:"see_also", value:"https://jira.mariadb.org/browse/MDEV-10318");
  script_set_attribute(attribute:"see_also", value:"https://jira.mariadb.org/browse/MDEV-10324");
  script_set_attribute(attribute:"solution", value:
"Upgrade to MariaDB version 10.1.16 or later.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:S/C:N/I:N/A:C");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");

  script_set_attribute(attribute:"vuln_publication_date", value:"2016/07/01");
  script_set_attribute(attribute:"patch_publication_date", value:"2016/07/18");
  script_set_attribute(attribute:"plugin_publication_date", value:"2016/09/28");

  script_set_attribute(attribute:"plugin_type", value:"remote");
  script_set_attribute(attribute:"cpe", value:"cpe:/a:mariadb:mariadb");
  script_set_attribute(attribute:"potential_vulnerability", value:"true");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Databases");

  script_copyright(english:"This script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("mysql_version.nasl", "mysql_login.nasl");
  script_require_keys("Settings/ParanoidReport");
  script_require_ports("Services/mysql", 3306);

  exit(0);
}

include("mysql_version.inc");

mysql_check_version(variant:'MariaDB', fixed:'10.1.16-MariaDB', min:'10.1', severity:SECURITY_WARNING);

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation