Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2012-2018 and is owned by Tenable, Inc. or an Affiliate thereof.MYSQL_5_1_64.NASL
HistoryOct 19, 2012 - 12:00 a.m.

MySQL 5.1 < 5.1.64 Multiple Vulnerabilities

2012-10-1900:00:00
This script is Copyright (C) 2012-2018 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
31

4 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:N/I:N/A:P

0.004 Low

EPSS

Percentile

72.0%

JSON

The version of MySQL 5.1 installed on the remote host is earlier than 5.1.64 and is, therefore, affected by vulnerabilities in the following components :

  • InnoDB
  • InnoDB Plugin
  • Server Full Text Search
#
# (C) Tenable Network Security, Inc.
#

include("compat.inc");

if (description)
{
  script_id(62637);
  script_version("1.7");
  script_cvs_date("Date: 2018/11/15 20:50:21");

  script_cve_id("CVE-2012-3166", "CVE-2012-3167", "CVE-2012-3173");
  script_bugtraq_id(56018, 56028, 56041);
  
  script_name(english:"MySQL 5.1 < 5.1.64 Multiple Vulnerabilities");
  script_summary(english:"Checks version of MySQL server");

  script_set_attribute(
    attribute:"synopsis",
    value:"The remote database server is affected by multiple vulnerabilities."
  );
  script_set_attribute(
    attribute:"description",
    value:
"The version of MySQL 5.1 installed on the remote host is earlier than
5.1.64 and is, therefore, affected by vulnerabilities in the following
components :

  - InnoDB
  - InnoDB Plugin
  - Server Full Text Search"
  );
  script_set_attribute(attribute:"see_also", value:"http://dev.mysql.com/doc/refman/5.1/en/news-5-1-64.html");
  # https://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html
  script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?87547c81");
  script_set_attribute(attribute:"solution", value:"Upgrade to MySQL version 5.1.64 or later.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:S/C:N/I:N/A:P");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");

  script_set_attribute(attribute:"vuln_publication_date", value:"2012/10/16");
  script_set_attribute(attribute:"patch_publication_date", value:"2012/10/16");
  script_set_attribute(attribute:"plugin_publication_date", value:"2012/10/19");

  script_set_attribute(attribute:"plugin_type", value:"remote");
  script_set_attribute(attribute:"cpe", value:"cpe:/a:mysql:mysql");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Databases");

  script_copyright(english:"This script is Copyright (C) 2012-2018 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("mysql_version.nasl", "mysql_login.nasl");
  script_require_keys("Settings/ParanoidReport");
  script_require_ports("Services/mysql", 3306);

  exit(0);
}

include("mysql_version.inc");

mysql_check_version(fixed:'5.1.64', min:'5.1', severity:SECURITY_WARNING);
VendorProductVersionCPE
mysqlmysqlcpe:/a:mysql:mysql

Related

openvas 12
nessus 10
veracode 8
nvd 3
prion 3
ubuntucve 3
cvelist 3
cve 3
debian 1
ubuntu 1
oraclelinux 1
redhat 1
centos 1
gentoo 1
oracle 1
openvas
openvas
Oracle MySQL Server Multiple Vulnerabilities - 03 - (Nov 2012) - Linux
2017-11-23 00:00:00
Oracle MySQL Server Multiple Vulnerabilities - 03 - (Nov 2012) - Windows
2012-11-26 00:00:00
Debian Security Advisory DSA 2581-1 (mysql-5.1 - several vulnerabilities)
2013-09-18 00:00:00
nessus
nessus
MySQL 5.5 < 5.5.26 Multiple Vulnerabilities
2012-10-19 00:00:00
MariaDB 5.5.0 < 5.5.27 Multiple Vulnerabilities
2022-11-18 00:00:00
Debian DSA-2581-1 : mysql-5.1 - several vulnerabilities
2012-12-05 00:00:00
veracode
veracode
Denial Of Service (DoS)
2019-05-02 04:41:01
Denial Of Service (DoS)
2019-05-02 04:41:01
Denial Of Service (DoS)
2019-05-02 04:41:00
nvd
nvd
CVE-2012-3166
2012-10-17 00:55:01
CVE-2012-3167
2012-10-17 00:55:01
CVE-2012-3173
2012-10-17 00:55:01
prion
prion
Buffer overflow
2012-10-17 00:55:00
Buffer overflow
2012-10-17 00:55:00
Design/Logic Flaw
2012-10-17 00:55:00
ubuntucve
ubuntucve
CVE-2012-3173
2012-10-16 00:00:00
CVE-2012-3167
2012-10-16 00:00:00
CVE-2012-3166
2012-10-16 00:00:00
cvelist
cvelist
CVE-2012-3173
2012-10-17 00:00:00
CVE-2012-3166
2012-10-17 00:00:00
CVE-2012-3167
2012-10-17 00:00:00
cve
cve
CVE-2012-3167
2012-10-17 00:55:01
CVE-2012-3173
2012-10-17 00:55:01
CVE-2012-3166
2012-10-17 00:55:01
debian
debian
[SECURITY] [DSA 2581-1] mysql-5.1 security update
2012-12-04 07:01:42
ubuntu
ubuntu
MySQL vulnerabilities
2012-11-05 00:00:00
oraclelinux
oraclelinux
mysql security update
2012-11-14 00:00:00
redhat
redhat
(RHSA-2012:1462) Important: mysql security update
2012-11-14 00:00:00
centos
centos
mysql security update
2012-11-15 03:44:02
gentoo
gentoo
MySQL: Multiple vulnerabilities
2013-08-29 00:00:00
oracle
oracle
Oracle Critical Patch Update - October 2012
2012-10-16 00:00:00

4 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:N/I:N/A:P

0.004 Low

EPSS

Percentile

72.0%

JSON
Related for MYSQL_5_1_64.NASL
openvas12nessus10veracode8nvd3prion3ubuntucve3cvelist3cve3debian1ubuntu1oraclelinux1redhat1centos1gentoo1oracle1