Lucene search
This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.MARIADB_10_1_47.NASLHistoryOct 06, 2020 - 12:00 a.m.
MariaDB 10.1.0 < 10.1.47 A Vulnerability
2020-10-0600:00:00
This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
75
The version of MariaDB installed on the remote host is prior to 10.1.47. It is, therefore, affected by a vulnerability as referenced in the mdb-10147-rn advisory. Note that Nessus has not tested for this issue but has instead relied only on the application’s self-reported version number.
##
# (C) Tenable Network Security, Inc.
##
include('compat.inc');
if (description)
{
script_id(141203);
script_version("1.3");
script_set_attribute(attribute:"plugin_modification_date", value:"2021/06/11");
script_cve_id("CVE-2020-15180");
script_name(english:"MariaDB 10.1.0 < 10.1.47 A Vulnerability");
script_set_attribute(attribute:"synopsis", value:
"The remote database server is affected by a vulnerability");
script_set_attribute(attribute:"description", value:
"The version of MariaDB installed on the remote host is prior to 10.1.47. It is, therefore, affected by a vulnerability
as referenced in the mdb-10147-rn advisory. Note that Nessus has not tested for this issue but has instead relied only
on the application's self-reported version number.");
script_set_attribute(attribute:"see_also", value:"https://mariadb.com/kb/en/mdb-10147-rn");
script_set_attribute(attribute:"solution", value:
"Upgrade to MariaDB version 10.1.47 or later.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H");
script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2020-15180");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"vuln_publication_date", value:"2020/10/05");
script_set_attribute(attribute:"patch_publication_date", value:"2020/10/05");
script_set_attribute(attribute:"plugin_publication_date", value:"2020/10/06");
script_set_attribute(attribute:"potential_vulnerability", value:"true");
script_set_attribute(attribute:"plugin_type", value:"remote");
script_set_attribute(attribute:"cpe", value:"cpe:/a:mariadb:mariadb");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Databases");
script_copyright(english:"This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("mysql_version.nasl", "mysql_login.nasl");
script_require_keys("Settings/ParanoidReport");
script_require_ports("Services/mysql", 3306);
exit(0);
}
include('mysql_version.inc');
mysql_check_version(variant: 'MariaDB', min:'10.1.0-MariaDB', fixed:make_list('10.1.47-MariaDB'), severity:SECURITY_WARNING);Related
redhat
redhat
(RHSA-2020:5379) Important: mariadb-galera security update
2020-12-08 14:47:51
nessus
nessus
MariaDB 10.2.0 < 10.2.34 A Vulnerability
2020-10-06 00:00:00
FreeBSD : MariaDB -- Undisclosed vulnerability (a2565962-1156-11eb-9c9c-d4c9ef517024)
2020-10-19 00:00:00
Debian DSA-4776-1 : mariadb-10.3 - security update
2020-10-21 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 8 package mariadb version 10.1.47-alt1
2020-12-11 00:00:00
Security fix for the ALT Linux 9 package mariadb version 10.4.17-alt1
2020-11-13 00:00:00
debiancve
debiancve
CVE-2020-15180
2021-05-27 20:15:00
openvas
openvas
Debian: Security Advisory (DLA-2409-1)
2020-10-22 00:00:00
Mageia: Security Advisory (MGASA-2020-0382)
2022-01-28 00:00:00
Debian: Security Advisory (DSA-4776-1)
2020-10-22 00:00:00
osv
osv
mariadb-10.1 - security update
2020-10-21 00:00:00
mariadb-10.3 - security update
2020-10-20 00:00:00
BIT-mariadb-2020-15180
2024-03-06 11:09:20
veracode
veracode
Remote Code Execution
2020-10-11 23:31:42
gentoo
gentoo
MariaDB: Remote code execution
2020-11-11 00:00:00
ubuntucve
ubuntucve
CVE-2020-15180
2021-05-27 00:00:00
f5
f5
K75885190 : MariaDB vulnerability CVE-2020-15180
2021-07-12 00:00:00
mariadbunix
mariadbunix
CVE-2020-15180
2021-05-27 20:15:07
cve
cve
CVE-2020-15180
2021-05-27 20:15:00
mageia
mageia
Updated mariadb packages fix security vulnerability
2020-10-13 15:39:02
debian
debian
[SECURITY] [DLA 2409-1] mariadb-10.1 security update
2020-10-21 07:39:12
[SECURITY] [DSA 4776-1] mariadb-10.3 security update
2020-10-20 17:53:58
prion
prion
Command injection
2021-05-27 20:15:00
freebsd
freebsd
MariaDB -- Undisclosed vulnerability
2020-10-07 00:00:00
alpinelinux
alpinelinux
CVE-2020-15180
2021-05-27 20:15:00
redhatcve
redhatcve
CVE-2020-15180
2020-11-05 13:01:52
suse
suse
Security update for mariadb (important)
2020-12-15 00:00:00
Security update for mariadb (moderate)
2020-12-02 00:00:00
Security update for mariadb (moderate)
2020-11-28 00:00:00
ubuntu
ubuntu
MariaDB vulnerabilities
2020-10-27 00:00:00
oraclelinux
oraclelinux
mariadb:10.3 security, bug fix, and enhancement update
2020-12-18 00:00:00
almalinux
almalinux
Important: mariadb:10.3 security, bug fix, and enhancement update
2020-12-15 16:03:43
rocky
rocky
mariadb:10.3 security, bug fix, and enhancement update
2020-12-15 16:03:43
Related for MARIADB_10_1_47.NASL