This script is Copyright (C) 2015-2020 and is owned by Tenable, Inc. or an Affiliate thereof.MYSQL_5_5_46_RPM.NASLOracle MySQL 5.5.x < 5.5.46 Multiple Vulnerabilities (October 2015 CPU) (January 2016 CPU) (July 2016 CPU)
6.2 Medium
CVSS2
Attack Vector
LOCAL
Attack Complexity
HIGH
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:H/Au:N/C:C/I:C/A:C
7.5 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
HIGH
Privileges Required
HIGH
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
0.008 Low
EPSS
Percentile
82.2%
The version of Oracle MySQL installed on the remote host is 5.5.x prior to 5.5.46. It is, therefore, affected by the following vulnerabilities :
-
An unspecified flaw exists in the Types subcomponent.
An authenticated, remote attacker can exploit this to gain access to sensitive information. (CVE-2015-4826) -
An unspecified flaw exists in the Security:Privileges subcomponent. An authenticated, remote attacker can exploit this to impact integrity. (CVE-2015-4830)
-
An unspecified flaw exists in the Security:Encryption subcomponent. An unauthenticated, remote attacker can exploit this to gain access to sensitive information.
(CVE-2015-7744) -
An unspecified flaw exists in the Options subcomponent that allows a local attacker to gain elevated privileges. (CVE-2016-3471)
Additionally, unspecified denial of service vulnerabilities exist in the following MySQL subcomponents :
-
DDL (CVE-2015-4815)
-
DML (CVE-2015-4858, CVE-2015-4913)
-
InnoDB (CVE-2015-4861)
-
Parser (CVE-2015-4870)
-
Partition (CVE-2015-4792, CVE-2015-4802)
-
SP (CVE-2015-4836)
#
# (C) Tenable Network Security, Inc.
#
include("compat.inc");
if (description)
{
script_id(86658);
script_version("1.14");
script_set_attribute(attribute:"plugin_modification_date", value:"2020/06/03");
script_cve_id(
"CVE-2015-4792",
"CVE-2015-4802",
"CVE-2015-4815",
"CVE-2015-4826",
"CVE-2015-4830",
"CVE-2015-4836",
"CVE-2015-4858",
"CVE-2015-4861",
"CVE-2015-4870",
"CVE-2015-4913",
"CVE-2015-7744",
"CVE-2016-3471"
);
script_bugtraq_id(
77137,
77145,
77153,
77165,
77171,
77190,
77208,
77222,
77228,
77237,
91913
);
script_name(english:"Oracle MySQL 5.5.x < 5.5.46 Multiple Vulnerabilities (October 2015 CPU) (January 2016 CPU) (July 2016 CPU)");
script_summary(english:"Checks the rpm output for the updated packages.");
script_set_attribute(attribute:"synopsis", value:
"The remote host is missing one or more security updates.");
script_set_attribute(attribute:"description", value:
"The version of Oracle MySQL installed on the remote host is 5.5.x
prior to 5.5.46. It is, therefore, affected by the following
vulnerabilities :
- An unspecified flaw exists in the Types subcomponent.
An authenticated, remote attacker can exploit this to
gain access to sensitive information. (CVE-2015-4826)
- An unspecified flaw exists in the Security:Privileges
subcomponent. An authenticated, remote attacker can
exploit this to impact integrity. (CVE-2015-4830)
- An unspecified flaw exists in the Security:Encryption
subcomponent. An unauthenticated, remote attacker can
exploit this to gain access to sensitive information.
(CVE-2015-7744)
- An unspecified flaw exists in the Options subcomponent
that allows a local attacker to gain elevated
privileges. (CVE-2016-3471)
Additionally, unspecified denial of service vulnerabilities exist in
the following MySQL subcomponents :
- DDL (CVE-2015-4815)
- DML (CVE-2015-4858, CVE-2015-4913)
- InnoDB (CVE-2015-4861)
- Parser (CVE-2015-4870)
- Partition (CVE-2015-4792, CVE-2015-4802)
- SP (CVE-2015-4836)");
# https://www.oracle.com/ocom/groups/public/@otn/documents/webcontent/2368795.xml
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?1de82df5");
# https://www.oracle.com/ocom/groups/public/@otn/documents/webcontent/2368796.xml
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?10ceb1c6");
# http://www.oracle.com/ocom/groups/public/@otn/documents/webcontent/3089849.xml
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?42cde00c");
script_set_attribute(attribute:"see_also", value:"https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-46.html");
script_set_attribute(attribute:"see_also", value:"https://support.oracle.com/epmos/faces/DocumentDisplay?id=2048227.1");
script_set_attribute(attribute:"see_also", value:"https://support.oracle.com/rs?type=doc&id=2096144.1");
script_set_attribute(attribute:"see_also", value:"https://support.oracle.com/rs?type=doc&id=2157431.1");
# http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?75a4a4fb");
# https://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?d13bbe45");
# http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?453b5f8c");
script_set_attribute(attribute:"solution", value:
"Upgrade to MySQL version 5.5.46 or later.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:H/Au:S/C:C/I:C/A:C");
script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H");
script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2016-3471");
script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
script_set_attribute(attribute:"exploit_available", value:"true");
script_set_attribute(attribute:"vuln_publication_date", value:"2015/10/20");
script_set_attribute(attribute:"patch_publication_date", value:"2015/10/20");
script_set_attribute(attribute:"plugin_publication_date", value:"2015/10/29");
script_set_attribute(attribute:"agent", value:"unix");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"cpe:/a:oracle:mysql");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:mysql");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:mysql");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:mysql");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:mysql");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mysql");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:mysql");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:mysql");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:mysql");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Databases");
script_copyright(english:"This script is Copyright (C) 2015-2020 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled");
script_require_ports("Host/RedHat/release", "Host/AmazonLinux/release", "Host/SuSE/release", "Host/CentOS/release");
exit(0);
}
include("mysql_version.inc");
fix_version = "5.5.46";
exists_version = "5.5";
mysql_check_rpms(mysql_packages:default_mysql_rpm_list_server_only, fix_ver:fix_version, exists_ver:exists_version, rhel_os_list:default_mysql_rhel_os_list, centos_os_list:default_mysql_centos_os_list, suse_os_list:default_mysql_suse_os_list, ala_os_list:default_mysql_ala_os_list, severity:SECURITY_HOLE);
| Vendor | Product | Version | CPE |
|---|---|---|---|
| oracle | mysql | cpe:/a:oracle:mysql | |
| amazon | linux | mysql | p-cpe:/a:amazon:linux:mysql |
| centos | centos | mysql | p-cpe:/a:centos:centos:mysql |
| fedoraproject | fedora | mysql | p-cpe:/a:fedoraproject:fedora:mysql |
| fermilab | scientific_linux | mysql | p-cpe:/a:fermilab:scientific_linux:mysql |
| novell | opensuse | mysql | p-cpe:/a:novell:opensuse:mysql |
| novell | suse_linux | mysql | p-cpe:/a:novell:suse_linux:mysql |
| oracle | linux | mysql | p-cpe:/a:oracle:linux:mysql |
| redhat | enterprise_linux | mysql | p-cpe:/a:redhat:enterprise_linux:mysql |
References
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4792
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4802
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4815
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4826
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4830
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4836
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4858
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4861
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4870
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4913
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7744
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3471
www.nessus.org/u?10ceb1c6
www.nessus.org/u?1de82df5
www.nessus.org/u?42cde00c
www.nessus.org/u?453b5f8c
www.nessus.org/u?75a4a4fb
www.nessus.org/u?d13bbe45
dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-46.html
support.oracle.com/epmos/faces/DocumentDisplay?id=2048227.1
support.oracle.com/rs?type=doc&id=2096144.1
support.oracle.com/rs?type=doc&id=2157431.1
Related
6.2 Medium
CVSS2
Attack Vector
LOCAL
Attack Complexity
HIGH
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:H/Au:N/C:C/I:C/A:C
7.5 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
HIGH
Privileges Required
HIGH
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
0.008 Low
EPSS
Percentile
82.2%