Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2013-2018 and is owned by Tenable, Inc. or an Affiliate thereof.MYSQL_5_5_33.NASL
HistoryOct 16, 2013 - 12:00 a.m.

MySQL 5.5 < 5.5.33 Multiple Vulnerabilities

2013-10-1600:00:00
This script is Copyright (C) 2013-2018 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
12
JSON

The version of MySQL 5.5 installed on the remote host is a version prior to 5.5.33. It is, therefore, potentially affected by vulnerabilities in the following components :

  • Server Optimizer
  • Server Replication
#
# (C) Tenable Network Security, Inc.
#

include("compat.inc");

if (description)
{
  script_id(70462);
  script_version("1.6");
  script_cvs_date("Date: 2018/11/15 20:50:21");

  script_cve_id("CVE-2013-3839", "CVE-2013-5807");
  script_bugtraq_id(63105, 63109);

  script_name(english:"MySQL 5.5 < 5.5.33 Multiple Vulnerabilities");
  script_summary(english:"Checks version of MySQL server");

  script_set_attribute(attribute:"synopsis", value:
"The remote database server may be affected by multiple
vulnerabilities.");
  script_set_attribute(attribute:"description", value:
"The version of MySQL 5.5 installed on the remote host is a version
prior to 5.5.33.  It is, therefore, potentially affected by
vulnerabilities in the following components :

  - Server Optimizer
  - Server Replication");
  # https://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html#AppendixMSQL
  script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?f2d5fae1");
  script_set_attribute(attribute:"see_also", value:"http://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-33.html");
  script_set_attribute(attribute:"solution", value:"Upgrade to MySQL version 5.5.33 or later.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:S/C:P/I:P/A:N");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");

  script_set_attribute(attribute:"vuln_publication_date", value:"2013/10/15");
  script_set_attribute(attribute:"patch_publication_date", value:"2013/07/31");
  script_set_attribute(attribute:"plugin_publication_date", value:"2013/10/16");

  script_set_attribute(attribute:"plugin_type", value:"remote");
  script_set_attribute(attribute:"cpe", value:"cpe:/a:oracle:mysql");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Databases");

  script_copyright(english:"This script is Copyright (C) 2013-2018 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("mysql_version.nasl", "mysql_login.nasl");
  script_require_keys("Settings/ParanoidReport");
  script_require_ports("Services/mysql", 3306);

  exit(0);
}

include("mysql_version.inc");

mysql_check_version(fixed:'5.5.33', min:'5.5', severity:SECURITY_WARNING);
VendorProductVersionCPE
oraclemysqlcpe:/a:oracle:mysql

Related

openvas 21
nessus 19
fedora 3
ubuntu 1
mariadbunix 2
cve 2
prion 2
cvelist 2
ubuntucve 2
veracode 3
amazon 1
debian 3
redhat 3
oraclelinux 1
centos 3
gentoo 1
securityvulns 1
oracle 1
openvas
openvas
Ubuntu: Security Advisory (USN-2006-1)
2013-10-29 00:00:00
Fedora Update for community-mysql FEDORA-2013-19654
2013-11-08 00:00:00
Ubuntu Update for mysql-5.5 USN-2006-1
2013-10-29 00:00:00
nessus
nessus
Fedora 20 : community-mysql-5.5.34-1.fc20 (2013-19601)
2013-11-11 00:00:00
Fedora 18 : mysql-5.5.34-1.fc18 (2013-19648)
2013-11-02 00:00:00
MariaDB 5.5.0 < 5.5.33 Multiple Vulnerabilities
2022-11-18 00:00:00
fedora
fedora
[SECURITY] Fedora 20 Update: community-mysql-5.5.34-1.fc20
2013-11-10 07:48:08
[SECURITY] Fedora 19 Update: community-mysql-5.5.34-1.fc19
2013-11-02 04:52:00
[SECURITY] Fedora 18 Update: mysql-5.5.34-1.fc18
2013-11-02 04:56:50
ubuntu
ubuntu
MySQL vulnerabilities
2013-10-24 00:00:00
mariadbunix
mariadbunix
CVE-2013-5807
2013-10-16 17:55:00
CVE-2013-3839
2013-10-16 15:55:00
cve
cve
CVE-2013-5807
2013-10-16 17:55:00
CVE-2013-3839
2013-10-16 15:55:00
prion
prion
Design/Logic Flaw
2013-10-16 17:55:00
Design/Logic Flaw
2013-10-16 15:55:00
cvelist
cvelist
CVE-2013-5807
2013-10-16 17:31:00
CVE-2013-3839
2013-10-16 15:00:00
ubuntucve
ubuntucve
CVE-2013-5807
2013-10-16 00:00:00
CVE-2013-3839
2013-10-16 00:00:00
veracode
veracode
Authorization Bypass
2019-01-15 08:57:09
Improper Access Control
2019-05-02 04:57:29
Denial Of Service (DoS)
2019-05-16 01:23:04
amazon
amazon
Low: mysql51
2013-11-03 12:08:00
debian
debian
[SECURITY] [DSA 2780-1] mysql-5.1 security update
2013-10-18 13:51:23
[SECURITY] [DSA 2818-1] mysql-5.5 security update
2013-12-16 15:57:48
[SECURITY] [DSA 2818-1] mysql-5.5 security update
2013-12-16 15:57:29
redhat
redhat
(RHSA-2014:0189) Moderate: mariadb55-mariadb security update
2014-02-19 00:00:00
(RHSA-2014:0186) Moderate: mysql55-mysql security update
2014-02-18 00:00:00
(RHSA-2014:0173) Moderate: mysql55-mysql security update
2014-02-13 00:00:00
oraclelinux
oraclelinux
mysql55-mysql security update
2014-02-18 00:00:00
centos
centos
mariadb55 security update
2014-02-26 15:32:19
mysql55 security update
2014-02-19 17:28:37
mysql55 security update
2014-02-19 13:53:22
gentoo
gentoo
MySQL: Multiple vulnerabilities
2014-09-04 00:00:00
securityvulns
securityvulns
Oracle / Sun / MySQL / PeopleSoft applications multiple security vulnerabilities
2013-12-09 00:00:00
oracle
oracle
Oracle Critical Patch Update - October 2013
2013-10-15 00:00:00
JSON
Related for MYSQL_5_5_33.NASL
openvas21nessus19fedora3ubuntu1mariadbunix2cve2prion2cvelist2ubuntucve2veracode3amazon1debian3redhat3oraclelinux1centos3gentoo1securityvulns1oracle1