Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2013-2022 and is owned by Tenable, Inc. or an Affiliate thereof.MARIADB_5_5_28.NASL
HistoryMar 29, 2013 - 12:00 a.m.

MariaDB 5.5 < 5.5.28 Multiple Vulnerabilities

2013-03-2900:00:00
This script is Copyright (C) 2013-2022 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
13
JSON

The version of MariaDB 5.5 running on the remote host is prior to 5.5.28. It is, therefore, potentially affected by vulnerabilities in the following components :

  • GIS Extension
  • Server
  • Server Installation
  • Server Optimizer
  • yaSSL
#
# (C) Tenable Network Security, Inc.
#

include('compat.inc');

if (description)
{
  script_id(65731);
  script_version("1.11");
  script_set_attribute(attribute:"plugin_modification_date", value:"2022/11/18");

  script_cve_id(
    "CVE-2012-3160",
    "CVE-2012-3177",
    "CVE-2012-3180",
    "CVE-2012-5060"
  );
  script_bugtraq_id(
    56003,
    56005,
    56027,
    57411,
    58594
  );

  script_name(english:"MariaDB 5.5 < 5.5.28 Multiple Vulnerabilities");

  script_set_attribute(attribute:"synopsis", value:
"The remote database server is affected by multiple vulnerabilities.");
  script_set_attribute(attribute:"description", value:
"The version of MariaDB 5.5 running on the remote host is prior to
5.5.28. It is, therefore, potentially affected by vulnerabilities in
the following components :

  - GIS Extension
  - Server
  - Server Installation
  - Server Optimizer
  - yaSSL");
  script_set_attribute(attribute:"see_also", value:"https://mariadb.com/kb/en/library/mariadb-5528-release-notes/");
  script_set_attribute(attribute:"see_also", value:"http://dev.mysql.com/doc/refman/5.5/en/news-5-5-28.html");
  script_set_attribute(attribute:"solution", value:
"Upgrade to MariaDB version 5.5.28 or later.");
  script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:P/I:N/A:N");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2012-3160");

  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");

  script_set_attribute(attribute:"vuln_publication_date", value:"2013/02/05");
  script_set_attribute(attribute:"patch_publication_date", value:"2012/10/22");
  script_set_attribute(attribute:"plugin_publication_date", value:"2013/03/29");

  script_set_attribute(attribute:"potential_vulnerability", value:"true");
  script_set_attribute(attribute:"plugin_type", value:"remote");
  script_set_attribute(attribute:"cpe", value:"cpe:/a:mariadb:mariadb");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Databases");

  script_copyright(english:"This script is Copyright (C) 2013-2022 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("mysql_version.nasl", "mysql_login.nasl");
  script_require_keys("Settings/ParanoidReport");
  script_require_ports("Services/mysql", 3306);

  exit(0);
}

include("mysql_version.inc");

mysql_check_version(variant:'MariaDB', fixed:'5.5.28-MariaDB', min:'5.5', severity:SECURITY_NOTE);
VendorProductVersionCPE
mariadbmariadbcpe:/a:mariadb:mariadb

Related

nessus 15
openvas 17
veracode 8
prion 4
ubuntucve 4
cve 4
debian 1
ubuntu 2
oraclelinux 1
redhat 1
centos 1
gentoo 1
oracle 2
securityvulns 1
nessus
nessus
MySQL 5.1 < 5.1.66 Multiple Vulnerabilities
2012-10-19 00:00:00
MySQL 5.5 < 5.5.28 Multiple Vulnerabilities
2012-10-19 00:00:00
Oracle MySQL Server 5.5.x <= 5.5.27 / 5.1.x <= 5.1.65 Multiple Unspecified Vulnerabilities
2012-10-19 00:00:00
openvas
openvas
Oracle MySQL Server Multiple Vulnerabilities - 02 - (Nov 2012) - Linux
2017-11-22 00:00:00
Oracle MySQL Server Multiple Vulnerabilities - 02 - (Nov 2012) - Windows
2012-11-26 00:00:00
Oracle MySQL Server <= 5.1.65 / 5.5 <= 5.5.27 Security Update (cpujan2013) - Windows
2021-02-09 00:00:00
veracode
veracode
Denial Of Service (DoS)
2019-05-02 04:41:01
Denial Of Service (DoS)
2019-05-02 04:41:01
Denial Of Service (DoS)
2019-05-02 04:41:01
prion
prion
Design/Logic Flaw
2012-10-16 23:55:00
Design/Logic Flaw
2013-01-17 01:55:00
Design/Logic Flaw
2012-10-17 00:55:00
ubuntucve
ubuntucve
CVE-2012-3160
2012-10-16 00:00:00
CVE-2012-5060
2013-01-16 00:00:00
CVE-2012-3177
2012-10-16 00:00:00
cve
cve
CVE-2012-3160
2012-10-16 23:55:00
CVE-2012-5060
2013-01-17 01:55:00
CVE-2012-3177
2012-10-17 00:55:00
debian
debian
[SECURITY] [DSA 2581-1] mysql-5.1 security update
2012-12-04 07:02:14
ubuntu
ubuntu
MySQL vulnerabilities
2012-11-05 00:00:00
MySQL vulnerabilities
2013-01-22 00:00:00
oraclelinux
oraclelinux
mysql security update
2012-11-14 00:00:00
redhat
redhat
(RHSA-2012:1462) Important: mysql security update
2012-11-14 00:00:00
centos
centos
mysql security update
2012-11-15 03:44:02
gentoo
gentoo
MySQL: Multiple vulnerabilities
2013-08-29 00:00:00
oracle
oracle
Oracle Critical Patch Update - October 2012
2012-10-16 00:00:00
Oracle Critical Patch Update - January 2013
2013-01-15 00:00:00
securityvulns
securityvulns
Oracle / Sun / People Soft / MySQL applications multiple security vulnerabilities
2013-02-24 00:00:00
JSON
Related for MARIADB_5_5_28.NASL
nessus15openvas17veracode8prion4ubuntucve4cve4debian1ubuntu2oraclelinux1redhat1centos1gentoo1oracle2securityvulns1