Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2013-2018 and is owned by Tenable, Inc. or an Affiliate thereof.MYSQL_5_6_13.NASL
HistoryOct 16, 2013 - 12:00 a.m.

MySQL 5.6.x < 5.6.13 Multiple Vulnerabilities

2013-10-1600:00:00
This script is Copyright (C) 2013-2018 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
28
JSON

The version of MySQL installed on the remote host is 5.6.x older than 5.6.13. As such, it is reportedly affected by vulnerabilities in the following components :

  • InnoDB
  • Server Optimizer
  • Server Replication
#
# (C) Tenable Network Security, Inc.
#

include("compat.inc");

if (description)
{
  script_id(70463);
  script_version("1.6");
  script_cvs_date("Date: 2018/11/15 20:50:21");

  script_cve_id(
    "CVE-2013-3839",
    "CVE-2013-5767",
    "CVE-2013-5786",
    "CVE-2013-5793",
    "CVE-2013-5807"
  );
  script_bugtraq_id(63105, 63107, 63109, 63113, 63116);

  script_name(english:"MySQL 5.6.x < 5.6.13 Multiple Vulnerabilities");
  script_summary(english:"Checks version of MySQL server");

  script_set_attribute(attribute:"synopsis", value:
"The remote database server may be affected by multiple
vulnerabilities.");
  script_set_attribute(attribute:"description", value:
"The version of MySQL installed on the remote host is 5.6.x older than
5.6.13.  As such, it is reportedly affected by vulnerabilities in the
following components :

  - InnoDB
  - Server Optimizer
  - Server Replication");
  script_set_attribute(attribute:"see_also", value:"https://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-13.html");
  # https://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html#AppendixMSQL
  script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?f2d5fae1");
  script_set_attribute(attribute:"solution", value:"Upgrade to MySQL version 5.6.13 or later.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:S/C:P/I:P/A:N");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");

  script_set_attribute(attribute:"vuln_publication_date", value:"2013/10/15");
  script_set_attribute(attribute:"patch_publication_date", value:"2013/07/31");
  script_set_attribute(attribute:"plugin_publication_date", value:"2013/10/16");

  script_set_attribute(attribute:"plugin_type", value:"remote");
  script_set_attribute(attribute:"cpe", value:"cpe:/a:mysql:mysql");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Databases");

  script_copyright(english:"This script is Copyright (C) 2013-2018 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("mysql_version.nasl", "mysql_login.nasl");
  script_require_keys("Settings/ParanoidReport");
  script_require_ports("Services/mysql", 3306);

  exit(0);
}


include("mysql_version.inc");

mysql_check_version(fixed:'5.6.13', severity:SECURITY_WARNING, min:'5.6');
VendorProductVersionCPE
mysqlmysqlcpe:/a:mysql:mysql

Related

openvas 23
prion 5
cve 5
ubuntucve 5
nessus 19
fedora 3
ubuntu 1
mariadbunix 2
veracode 3
amazon 1
debian 3
gentoo 1
redhat 3
oraclelinux 1
centos 3
securityvulns 1
oracle 1
openvas
openvas
Oracle MySQL Multiple Unspecified vulnerabilities-34 (Jun 2016) - Linux
2016-06-07 00:00:00
Oracle MySQL Multiple Unspecified vulnerabilities-01 (Oct 2013) - Windows
2013-10-28 00:00:00
Ubuntu: Security Advisory (USN-2006-1)
2013-10-29 00:00:00
prion
prion
Design/Logic Flaw
2013-10-16 15:55:00
Design/Logic Flaw
2013-10-16 17:55:00
Buffer overflow
2013-10-16 15:55:00
cve
cve
CVE-2013-5793
2013-10-16 17:55:00
CVE-2013-5786
2013-10-16 15:55:00
CVE-2013-5807
2013-10-16 17:55:00
ubuntucve
ubuntucve
CVE-2013-5786
2013-10-16 00:00:00
CVE-2013-5793
2013-10-16 00:00:00
CVE-2013-5767
2013-10-16 00:00:00
nessus
nessus
Fedora 18 : mysql-5.5.34-1.fc18 (2013-19648)
2013-11-02 00:00:00
Fedora 20 : community-mysql-5.5.34-1.fc20 (2013-19601)
2013-11-11 00:00:00
MySQL 5.5 < 5.5.33 Multiple Vulnerabilities
2013-10-16 00:00:00
fedora
fedora
[SECURITY] Fedora 20 Update: community-mysql-5.5.34-1.fc20
2013-11-10 07:48:08
[SECURITY] Fedora 19 Update: community-mysql-5.5.34-1.fc19
2013-11-02 04:52:00
[SECURITY] Fedora 18 Update: mysql-5.5.34-1.fc18
2013-11-02 04:56:50
ubuntu
ubuntu
MySQL vulnerabilities
2013-10-24 00:00:00
mariadbunix
mariadbunix
CVE-2013-5807
2013-10-16 17:55:00
CVE-2013-3839
2013-10-16 15:55:00
veracode
veracode
Authorization Bypass
2019-01-15 08:57:09
Improper Access Control
2019-05-02 04:57:29
Denial Of Service (DoS)
2019-05-16 01:23:04
amazon
amazon
Low: mysql51
2013-11-03 12:08:00
debian
debian
[SECURITY] [DSA 2780-1] mysql-5.1 security update
2013-10-18 13:51:23
[SECURITY] [DSA 2818-1] mysql-5.5 security update
2013-12-16 15:57:48
[SECURITY] [DSA 2818-1] mysql-5.5 security update
2013-12-16 15:57:29
gentoo
gentoo
MySQL: Multiple vulnerabilities
2014-09-04 00:00:00
redhat
redhat
(RHSA-2014:0189) Moderate: mariadb55-mariadb security update
2014-02-19 00:00:00
(RHSA-2014:0186) Moderate: mysql55-mysql security update
2014-02-18 00:00:00
(RHSA-2014:0173) Moderate: mysql55-mysql security update
2014-02-13 00:00:00
oraclelinux
oraclelinux
mysql55-mysql security update
2014-02-18 00:00:00
centos
centos
mysql55 security update
2014-02-19 17:28:37
mariadb55 security update
2014-02-26 15:32:19
mysql55 security update
2014-02-19 13:53:22
securityvulns
securityvulns
Oracle / Sun / MySQL / PeopleSoft applications multiple security vulnerabilities
2013-12-09 00:00:00
oracle
oracle
Oracle Critical Patch Update - October 2013
2013-10-15 00:00:00
JSON
Related for MYSQL_5_6_13.NASL
openvas23prion5cve5ubuntucve5nessus19fedora3ubuntu1mariadbunix2veracode3amazon1debian3gentoo1redhat3oraclelinux1centos3securityvulns1oracle1