Search...

MySQL debian.cnf Plaintext Credential Disclosure

2014-01-08T00:00:00

ID MYSQL_INSECURE_CRED_FILE.NASL
Type nessus
Reporter This script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
Modified 2021-01-02T00:00:00

Description

The version of MySQL installed on the remote host is 5.5.x prior to 5.5.33. It is, therefore, potentially affected by a race condition in the post-installation script of the MySQL server package (mysql-server-5.5.postinst) that creates the configuration file '/etc/mysql/debian.cnf' with world-readable permissions before restricting the permissions. This allows local users to read the file and obtain credentials for the privileged 'debian-sys-maint' user.

                                        
                                            #
# (C) Tenable Network Security, Inc.
#

include("compat.inc");

if (description)
{
  script_id(71862);
  script_version("1.5");
  script_cvs_date("Date: 2019/11/26");

  script_cve_id("CVE-2013-2162");
  script_bugtraq_id(60424);
  script_xref(name:"DSA", value:"2818");
  script_xref(name:"USN", value:"1909-1");

  script_name(english:"MySQL debian.cnf Plaintext Credential Disclosure");
  script_summary(english:"Checks version of MySQL server");

  script_set_attribute(attribute:"synopsis", value:
"The remote database server may be affected by an information disclosure
vulnerability.");
  script_set_attribute(attribute:"description", value:
"The version of MySQL installed on the remote host is 5.5.x prior to
5.5.33.  It is, therefore, potentially affected by a race condition in
the post-installation script of the MySQL server package
(mysql-server-5.5.postinst) that creates the configuration file
'/etc/mysql/debian.cnf' with world-readable permissions before
restricting the permissions.  This allows local users to read the file
and obtain credentials for the privileged 'debian-sys-maint' user.");
  script_set_attribute(attribute:"see_also", value:"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=711600");
  script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2013-2162");
  script_set_attribute(attribute:"see_also", value:"https://seclists.org/oss-sec/2013/q2/519");
  script_set_attribute(attribute:"solution", value:
"Upgrade the MySQL server package to 5.5.33 or later on Debian / 5.5.32
or later on Ubuntu.");
  script_set_cvss_base_vector("CVSS2#AV:L/AC:M/Au:N/C:P/I:N/A:N");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2013-2162");

  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");

  script_set_attribute(attribute:"vuln_publication_date", value:"2013/06/08");
  script_set_attribute(attribute:"patch_publication_date", value:"2013/12/16");
  script_set_attribute(attribute:"plugin_publication_date", value:"2014/01/08");

  script_set_attribute(attribute:"plugin_type", value:"remote");
  script_set_attribute(attribute:"cpe", value:"cpe:/a:mysql:mysql");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Databases");

  script_copyright(english:"This script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("mysql_version.nasl", "mysql_login.nasl", "os_fingerprint.nasl");
  script_require_keys("Settings/PCI_DSS");
  script_require_ports("Services/mysql", 3306);

  exit(0);
}

include("audit.inc");
include("global_settings.inc");
include("mysql_version.inc");

if (!get_kb_item("Settings/PCI_DSS")) audit(AUDIT_PCI);

os = get_kb_item_or_exit("Host/OS");
if ("ubuntu" &gt;&lt; tolower(os)) fixed_ver = "5.5.32";
else if ("debian" &gt;&lt; tolower(os)) fixed_ver = "5.5.33";
else audit(AUDIT_OS_NOT, "Debian or Ubuntu");

mysql_check_version(fixed:fixed_ver, min:'5.5', severity:SECURITY_NOTE);

JSON Vulners Source

Initial Source

{"id": "MYSQL_INSECURE_CRED_FILE.NASL", "bulletinFamily": "scanner", "title": "MySQL debian.cnf Plaintext Credential Disclosure", "description": "The version of MySQL installed on the remote host is 5.5.x prior to\n5.5.33. It is, therefore, potentially affected by a race condition in\nthe post-installation script of the MySQL server package\n(mysql-server-5.5.postinst) that creates the configuration file\n'/etc/mysql/debian.cnf' with world-readable permissions before\nrestricting the permissions. This allows local users to read the file\nand obtain credentials for the privileged 'debian-sys-maint' user.", "published": "2014-01-08T00:00:00", "modified": "2021-01-02T00:00:00", "cvss": {"score": 1.9, "vector": "AV:L/AC:M/Au:N/C:P/I:N/A:N"}, "href": "https://www.tenable.com/plugins/nessus/71862", "reporter": "This script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.", "references": ["https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=711600", "https://seclists.org/oss-sec/2013/q2/519", "https://security-tracker.debian.org/tracker/CVE-2013-2162"], "cvelist": ["CVE-2013-2162"], "type": "nessus", "lastseen": "2021-01-01T03:54:49", "edition": 27, "viewCount": 22, "enchantments": {"dependencies": {"references": [{"type": "cve", "idList": ["CVE-2013-2162"]}, {"type": "nessus", "idList": ["UBUNTU_USN-1909-1.NASL", "DEBIAN_DSA-2818.NASL", "DEBIAN_DLA-75.NASL"]}, {"type": "debian", "idList": ["DEBIAN:DLA-75-1:76BDC", "DEBIAN:DSA-2818-1:46F35"]}, {"type": "ubuntu", "idList": ["USN-1909-1"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310841524", "OPENVAS:1361412562310702818", "OPENVAS:702818", "OPENVAS:841524"]}], "modified": "2021-01-01T03:54:49", "rev": 2}, "score": {"value": 5.2, "vector": "NONE", "modified": "2021-01-01T03:54:49", "rev": 2}, "vulnersScore": 5.2}, "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(71862);\n script_version(\"1.5\");\n script_cvs_date(\"Date: 2019/11/26\");\n\n script_cve_id(\"CVE-2013-2162\");\n script_bugtraq_id(60424);\n script_xref(name:\"DSA\", value:\"2818\");\n script_xref(name:\"USN\", value:\"1909-1\");\n\n script_name(english:\"MySQL debian.cnf Plaintext Credential Disclosure\");\n script_summary(english:\"Checks version of MySQL server\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote database server may be affected by an information disclosure\nvulnerability.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of MySQL installed on the remote host is 5.5.x prior to\n5.5.33. It is, therefore, potentially affected by a race condition in\nthe post-installation script of the MySQL server package\n(mysql-server-5.5.postinst) that creates the configuration file\n'/etc/mysql/debian.cnf' with world-readable permissions before\nrestricting the permissions. This allows local users to read the file\nand obtain credentials for the privileged 'debian-sys-maint' user.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=711600\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2013-2162\");\n script_set_attribute(attribute:\"see_also\", value:\"https://seclists.org/oss-sec/2013/q2/519\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade the MySQL server package to 5.5.33 or later on Debian / 5.5.32\nor later on Ubuntu.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2013-2162\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2013/06/08\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/12/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/01/08\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:mysql:mysql\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Databases\");\n\n script_copyright(english:\"This script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"mysql_version.nasl\", \"mysql_login.nasl\", \"os_fingerprint.nasl\");\n script_require_keys(\"Settings/PCI_DSS\");\n script_require_ports(\"Services/mysql\", 3306);\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"mysql_version.inc\");\n\nif (!get_kb_item(\"Settings/PCI_DSS\")) audit(AUDIT_PCI);\n\nos = get_kb_item_or_exit(\"Host/OS\");\nif (\"ubuntu\" >< tolower(os)) fixed_ver = \"5.5.32\";\nelse if (\"debian\" >< tolower(os)) fixed_ver = \"5.5.33\";\nelse audit(AUDIT_OS_NOT, \"Debian or Ubuntu\");\n\nmysql_check_version(fixed:fixed_ver, min:'5.5', severity:SECURITY_NOTE);\n", "naslFamily": "Databases", "pluginID": "71862", "cpe": ["cpe:/a:mysql:mysql"], "scheme": null}

{"cve": [{"lastseen": "2020-10-03T12:45:59", "description": "Race condition in the post-installation script (mysql-server-5.5.postinst) for MySQL Server 5.5 for Debian GNU/Linux and Ubuntu Linux creates a configuration file with world-readable permissions before restricting the permissions, which allows local users to read the file and obtain sensitive information such as credentials.", "edition": 3, "cvss3": {}, "published": "2013-08-19T13:07:00", "title": "CVE-2013-2162", "type": "cve", "cwe": ["CWE-362"], "bulletinFamily": "NVD", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.4, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 1.9, "vectorString": "AV:L/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-2162"], "modified": "2014-01-14T04:24:00", "cpe": ["cpe:/o:canonical:ubuntu_linux:12.04", "cpe:/o:canonical:ubuntu_linux:12.10", "cpe:/o:canonical:ubuntu_linux:10.04", "cpe:/o:canonical:ubuntu_linux:13.04"], "id": "CVE-2013-2162", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-2162", "cvss": {"score": 1.9, "vector": "AV:L/AC:M/Au:N/C:P/I:N/A:N"}, "cpe23": ["cpe:2.3:o:canonical:ubuntu_linux:13.04:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:12.10:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:10.04:-:lts:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:12.04:-:lts:*:*:*:*:*"]}], "nessus": [{"lastseen": "2021-01-12T09:44:09", "description": "CVE-2014-4274\n\nInsecure handling of a temporary file that could lead to abritrary\nexecution of code through the creation of a mysql configuration file\npointing to an attacker-controlled plugin_dir.\n\nCVE-2013-2162\n\nInsecure creation of the debian.cnf credential file. Credentials could\nbe stolen by a local user monitoring that file while the package gets\ninstalled.\n\nCVE-2014-0001\n\nBuffer overrun in the MySQL client when the server sends a version\nstring that is too big for the allocated buffer.\n\nNOTE: Tenable Network Security has extracted the preceding description\nblock directly from the DLA security advisory. Tenable has attempted\nto automatically clean and format it as much as possible without\nintroducing additional issues.", "edition": 14, "published": "2015-03-26T00:00:00", "title": "Debian DLA-75-1 : mysql-5.1 security update", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-2162", "CVE-2014-4274", "CVE-2014-0001"], "modified": "2015-03-26T00:00:00", "cpe": ["cpe:/o:debian:debian_linux:6.0", "p-cpe:/a:debian:debian_linux:libmysqld-dev", "p-cpe:/a:debian:debian_linux:libmysqld-pic", "p-cpe:/a:debian:debian_linux:mysql-common", "p-cpe:/a:debian:debian_linux:mysql-server", "p-cpe:/a:debian:debian_linux:mysql-server-5.1", "p-cpe:/a:debian:debian_linux:mysql-server-core-5.1", "p-cpe:/a:debian:debian_linux:mysql-client-5.1", "p-cpe:/a:debian:debian_linux:libmysqlclient-dev", "p-cpe:/a:debian:debian_linux:libmysqlclient16", "p-cpe:/a:debian:debian_linux:mysql-client"], "id": "DEBIAN_DLA-75.NASL", "href": "https://www.tenable.com/plugins/nessus/82220", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Debian Security Advisory DLA-75-1. The text\n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(82220);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2013-2162\", \"CVE-2014-0001\", \"CVE-2014-4274\");\n script_bugtraq_id(60424, 65298, 69732);\n\n script_name(english:\"Debian DLA-75-1 : mysql-5.1 security update\");\n script_summary(english:\"Checks dpkg output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"CVE-2014-4274\n\nInsecure handling of a temporary file that could lead to abritrary\nexecution of code through the creation of a mysql configuration file\npointing to an attacker-controlled plugin_dir.\n\nCVE-2013-2162\n\nInsecure creation of the debian.cnf credential file. Credentials could\nbe stolen by a local user monitoring that file while the package gets\ninstalled.\n\nCVE-2014-0001\n\nBuffer overrun in the MySQL client when the server sends a version\nstring that is too big for the allocated buffer.\n\nNOTE: Tenable Network Security has extracted the preceding description\nblock directly from the DLA security advisory. Tenable has attempted\nto automatically clean and format it as much as possible without\nintroducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.debian.org/debian-lts-announce/2014/10/msg00008.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/squeeze-lts/mysql-5.1\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Upgrade the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libmysqlclient-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libmysqlclient16\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libmysqld-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libmysqld-pic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:mysql-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:mysql-client-5.1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:mysql-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:mysql-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:mysql-server-5.1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:mysql-server-core-5.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:6.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/10/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/03/26\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"6.0\", prefix:\"libmysqlclient-dev\", reference:\"5.1.73-1+deb6u1\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libmysqlclient16\", reference:\"5.1.73-1+deb6u1\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libmysqld-dev\", reference:\"5.1.73-1+deb6u1\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libmysqld-pic\", reference:\"5.1.73-1+deb6u1\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"mysql-client\", reference:\"5.1.73-1+deb6u1\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"mysql-client-5.1\", reference:\"5.1.73-1+deb6u1\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"mysql-common\", reference:\"5.1.73-1+deb6u1\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"mysql-server\", reference:\"5.1.73-1+deb6u1\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"mysql-server-5.1\", reference:\"5.1.73-1+deb6u1\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"mysql-server-core-5.1\", reference:\"5.1.73-1+deb6u1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-01T06:39:43", "description": "Multiple security issues were discovered in MySQL and this update\nincludes new upstream MySQL versions to fix these issues.\n\nMySQL has been updated to 5.1.70 in Ubuntu 10.04 LTS. Ubuntu 12.04\nLTS, Ubuntu 12.10 and Ubuntu 13.04 have been updated to MySQL 5.5.32.\n\nIn addition to security fixes, the updated packages contain bug fixes,\nnew features, and possibly incompatible changes.\n\nPlease see the following for more information:\nhttp://dev.mysql.com/doc/relnotes/mysql/5.1/en/news-5-1-70.html\nhttp://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-32.html\nhttp://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.\nhtml.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 24, "published": "2013-07-26T00:00:00", "title": "Ubuntu 10.04 LTS / 12.04 LTS / 12.10 / 13.04 : mysql-5.5, mysql-dfsg-5.1 vulnerabilities (USN-1909-1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-3809", "CVE-2013-3783", "CVE-2013-1861", "CVE-2013-2162", "CVE-2013-3812", "CVE-2013-3804", "CVE-2013-3802", "CVE-2013-3793"], "modified": "2021-01-02T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:mysql-server-5.5", "cpe:/o:canonical:ubuntu_linux:10.04:-:lts", "cpe:/o:canonical:ubuntu_linux:12.10", "cpe:/o:canonical:ubuntu_linux:13.04", "p-cpe:/a:canonical:ubuntu_linux:mysql-server-5.1", "cpe:/o:canonical:ubuntu_linux:12.04:-:lts"], "id": "UBUNTU_USN-1909-1.NASL", "href": "https://www.tenable.com/plugins/nessus/69073", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-1909-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(69073);\n script_version(\"1.9\");\n script_cvs_date(\"Date: 2019/09/19 12:54:29\");\n\n script_cve_id(\"CVE-2013-1861\", \"CVE-2013-2162\", \"CVE-2013-3783\", \"CVE-2013-3793\", \"CVE-2013-3802\", \"CVE-2013-3804\", \"CVE-2013-3809\", \"CVE-2013-3812\");\n script_bugtraq_id(58511, 60424, 61210, 61244, 61249, 61260, 61264, 61272);\n script_xref(name:\"USN\", value:\"1909-1\");\n\n script_name(english:\"Ubuntu 10.04 LTS / 12.04 LTS / 12.10 / 13.04 : mysql-5.5, mysql-dfsg-5.1 vulnerabilities (USN-1909-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Multiple security issues were discovered in MySQL and this update\nincludes new upstream MySQL versions to fix these issues.\n\nMySQL has been updated to 5.1.70 in Ubuntu 10.04 LTS. Ubuntu 12.04\nLTS, Ubuntu 12.10 and Ubuntu 13.04 have been updated to MySQL 5.5.32.\n\nIn addition to security fixes, the updated packages contain bug fixes,\nnew features, and possibly incompatible changes.\n\nPlease see the following for more information:\nhttp://dev.mysql.com/doc/relnotes/mysql/5.1/en/news-5-1-70.html\nhttp://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-32.html\nhttp://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.\nhtml.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/1909-1/\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Update the affected mysql-server-5.1 and / or mysql-server-5.5\npackages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:mysql-server-5.1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:mysql-server-5.5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:10.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:12.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:12.10\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:13.04\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2013/03/28\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/07/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/26\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2013-2019 Canonical, Inc. / NASL script (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(10\\.04|12\\.04|12\\.10|13\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 10.04 / 12.04 / 12.10 / 13.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"10.04\", pkgname:\"mysql-server-5.1\", pkgver:\"5.1.70-0ubuntu0.10.04.1\")) flag++;\nif (ubuntu_check(osver:\"12.04\", pkgname:\"mysql-server-5.5\", pkgver:\"5.5.32-0ubuntu0.12.04.1\")) flag++;\nif (ubuntu_check(osver:\"12.10\", pkgname:\"mysql-server-5.5\", pkgver:\"5.5.32-0ubuntu0.12.10.1\")) flag++;\nif (ubuntu_check(osver:\"13.04\", pkgname:\"mysql-server-5.5\", pkgver:\"5.5.32-0ubuntu0.13.04.1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"mysql-server-5.1 / mysql-server-5.5\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-01-12T09:48:16", "description": "Several issues have been discovered in the MySQL database server. The\nvulnerabilities are addressed by upgrading MySQL to a new upstream\nversion, 5.5.33, which includes additional changes, such as\nperformance improvements, bug fixes, new features, and possibly\nincompatible changes. Please see the MySQL 5.5 Release Notes for\nfurther details :\n\n -\n http://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-\n 32.html\n -\n http://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-\n 33.html\n\nIn addition this update fixes two issues affecting specifically the\nmysql-5.5 Debian package :\n\nA race condition in the post-installation script of the\nmysql-server-5.5 package creates the configuration file\n'/etc/mysql/debian.cnf' with world-readable permissions before\nrestricting the permissions, which allows local users to read the file\nand obtain sensitive information such as credentials for the\ndebian-sys-maint to perform administration tasks. (CVE-2013-2162 )\n\nMatthias Reichl reported that the mysql-5.5 package misses the patches\napplied previous in Debian's mysql-5.1 to drop the database 'test' and\nthe permissions that allow anonymous access, without a password, from\nlocalhost to the 'test' database and any databases starting\nwith'test_'. This update reintroduces these patches for the mysql-5.5\npackage.\n\nExisting databases and permissions are not touched. Please refer to\nthe NEWS file provided with this update for further information.", "edition": 18, "published": "2013-12-17T00:00:00", "title": "Debian DSA-2818-1 : mysql-5.5 - several vulnerabilities", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-3839", "CVE-2013-5807", "CVE-2013-3809", "CVE-2013-3783", "CVE-2013-1861", "CVE-2013-2162", "CVE-2013-3812", "CVE-2013-3804", "CVE-2013-3802", "CVE-2013-3793"], "modified": "2013-12-17T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:mysql-5.5", "cpe:/o:debian:debian_linux:7.0"], "id": "DEBIAN_DSA-2818.NASL", "href": "https://www.tenable.com/plugins/nessus/71474", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-2818. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(71474);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2013-1861\", \"CVE-2013-2162\", \"CVE-2013-3783\", \"CVE-2013-3793\", \"CVE-2013-3802\", \"CVE-2013-3804\", \"CVE-2013-3809\", \"CVE-2013-3812\", \"CVE-2013-3839\", \"CVE-2013-5807\");\n script_bugtraq_id(58511, 60424, 61210, 61244, 61249, 61260, 61264, 61272, 63105, 63109);\n script_xref(name:\"DSA\", value:\"2818\");\n\n script_name(english:\"Debian DSA-2818-1 : mysql-5.5 - several vulnerabilities\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several issues have been discovered in the MySQL database server. The\nvulnerabilities are addressed by upgrading MySQL to a new upstream\nversion, 5.5.33, which includes additional changes, such as\nperformance improvements, bug fixes, new features, and possibly\nincompatible changes. Please see the MySQL 5.5 Release Notes for\nfurther details :\n\n -\n http://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-\n 32.html\n -\n http://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-\n 33.html\n\nIn addition this update fixes two issues affecting specifically the\nmysql-5.5 Debian package :\n\nA race condition in the post-installation script of the\nmysql-server-5.5 package creates the configuration file\n'/etc/mysql/debian.cnf' with world-readable permissions before\nrestricting the permissions, which allows local users to read the file\nand obtain sensitive information such as credentials for the\ndebian-sys-maint to perform administration tasks. (CVE-2013-2162 )\n\nMatthias Reichl reported that the mysql-5.5 package misses the patches\napplied previous in Debian's mysql-5.1 to drop the database 'test' and\nthe permissions that allow anonymous access, without a password, from\nlocalhost to the 'test' database and any databases starting\nwith'test_'. This update reintroduces these patches for the mysql-5.5\npackage.\n\nExisting databases and permissions are not touched. Please refer to\nthe NEWS file provided with this update for further information.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=711600\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=732306\"\n );\n # http://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-32.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-32.html\"\n );\n # http://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-33.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-33.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2013-2162\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/wheezy/mysql-5.5\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2013/dsa-2818\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the mysql-5.5 packages.\n\nFor the stable distribution (wheezy), these problems have been fixed\nin version 5.5.33+dfsg-0+wheezy1.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:mysql-5.5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:7.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/12/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/12/17\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"7.0\", prefix:\"libmysqlclient-dev\", reference:\"5.5.33+dfsg-0+wheezy1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libmysqlclient18\", reference:\"5.5.33+dfsg-0+wheezy1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libmysqld-dev\", reference:\"5.5.33+dfsg-0+wheezy1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libmysqld-pic\", reference:\"5.5.33+dfsg-0+wheezy1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"mysql-client\", reference:\"5.5.33+dfsg-0+wheezy1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"mysql-client-5.5\", reference:\"5.5.33+dfsg-0+wheezy1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"mysql-common\", reference:\"5.5.33+dfsg-0+wheezy1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"mysql-server\", reference:\"5.5.33+dfsg-0+wheezy1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"mysql-server-5.5\", reference:\"5.5.33+dfsg-0+wheezy1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"mysql-server-core-5.5\", reference:\"5.5.33+dfsg-0+wheezy1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"mysql-source-5.5\", reference:\"5.5.33+dfsg-0+wheezy1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"mysql-testsuite-5.5\", reference:\"5.5.33+dfsg-0+wheezy1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "debian": [{"lastseen": "2020-11-11T13:19:23", "bulletinFamily": "unix", "cvelist": ["CVE-2013-2162", "CVE-2014-4274", "CVE-2014-0001"], "description": "Package : mysql-5.1\nVersion : 5.1.73-1+deb6u1\nCVE ID : CVE-2013-2162 CVE-2014-0001 CVE-2014-4274\n\nThis update fixes one important vulnerability (CVE-2014-4274) and batches\ntogether two other minor fixes (CVE-2013-2162, CVE-2014-0001).\n\nCVE-2014-4274\n\n Insecure handling of a temporary file that could lead to abritrary\n execution of code through the creation of a mysql configuration file\n pointing to an attacker-controlled plugin_dir.\n\nCVE-2013-2162\n\n Insecure creation of the debian.cnf credential file. Credentials could\n be stolen by a local user monitoring that file while the package gets\n installed.\n\nCVE-2014-0001\n\n Buffer overrun in the MySQL client when the server sends a version\n string that is too big for the allocated buffer.\n\n-- \nRapha\u00ebl Hertzog \u25c8 Debian Developer\n\nSupport Debian LTS: http://www.freexian.com/services/debian-lts.html\nLearn to master Debian: http://debian-handbook.info/get/\n", "edition": 7, "modified": "2014-10-22T06:46:51", "published": "2014-10-22T06:46:51", "id": "DEBIAN:DLA-75-1:76BDC", "href": "https://lists.debian.org/debian-lts-announce/2014/debian-lts-announce-201410/msg00008.html", "title": "[SECURITY] [DLA 75-1] mysql-5.1 security update", "type": "debian", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-30T02:22:18", "bulletinFamily": "unix", "cvelist": ["CVE-2013-3839", "CVE-2013-5807", "CVE-2013-3809", "CVE-2013-3783", "CVE-2013-1861", "CVE-2013-2162", "CVE-2013-3812", "CVE-2013-3804", "CVE-2013-3802", "CVE-2013-3793"], "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-2818-1 security@debian.org\nhttp://www.debian.org/security/ Salvatore Bonaccorso\nDecember 16, 2013 http://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : mysql-5.5\nVulnerability : several\nProblem type : remote\nDebian-specific: no\nCVE ID : CVE-2013-1861 CVE-2013-2162 CVE-2013-3783 CVE-2013-3793 \n CVE-2013-3802 CVE-2013-3804 CVE-2013-3809 CVE-2013-3812\n CVE-2013-3839 CVE-2013-5807\nDebian Bug : 711600 732306\n\nSeveral issues have been discovered in the MySQL database server. The\nvulnerabilities are addressed by upgrading MySQL to a new upstream\nversion, 5.5.33, which includes additional changes, such as performance\nimprovements, bug fixes, new features, and possibly incompatible\nchanges. Please see the MySQL 5.5 Release Notes for further details:\n\n http://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-32.html\nhttp://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-33.html\n\nIn addition this update fixes two issues affecting specifically the\nmysql-5.5 Debian package:\n\nA race condition in the post-installation script of the mysql-server-5.5\npackage creates the configuration file "/etc/mysql/debian.cnf" with\nworld-readable permissions before restricting the permissions, which\nallows local users to read the file and obtain sensitive information\nsuch as credentials for the debian-sys-maint to perform\nadministration tasks. (CVE-2013-2162)\n\nMatthias Reichl reported that the mysql-5.5 package misses the patches\napplied previous in Debian's mysql-5.1 to drop the database "test" and\nthe permissions that allow anonymous access, without a password, from\nlocalhost to the "test" database and any databases starting with\n"test_". This update reintroduces these patches for the mysql-5.5\npackage.\n\nExisting databases and permissions are not touched. Please refer to the\nNEWS file provided with this update for further information.\n\nFor the stable distribution (wheezy), these problems have been fixed in\nversion 5.5.33+dfsg-0+wheezy1.\n\nFor the unstable distribution (sid), the Debian specific problems will\nbe fixed soon.\n\nWe recommend that you upgrade your mysql-5.5 packages.\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: http://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n", "edition": 3, "modified": "2013-12-16T15:57:48", "published": "2013-12-16T15:57:48", "id": "DEBIAN:DSA-2818-1:46F35", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2013/msg00232.html", "title": "[SECURITY] [DSA 2818-1] mysql-5.5 security update", "type": "debian", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "ubuntu": [{"lastseen": "2020-07-02T11:34:21", "bulletinFamily": "unix", "cvelist": ["CVE-2013-3809", "CVE-2013-3783", "CVE-2013-1861", "CVE-2013-2162", "CVE-2013-3812", "CVE-2013-3804", "CVE-2013-3802", "CVE-2013-3793"], "description": "Multiple security issues were discovered in MySQL and this update includes \nnew upstream MySQL versions to fix these issues.\n\nMySQL has been updated to 5.1.70 in Ubuntu 10.04 LTS. Ubuntu 12.04 LTS, \nUbuntu 12.10 and Ubuntu 13.04 have been updated to MySQL 5.5.32.\n\nIn addition to security fixes, the updated packages contain bug fixes, \nnew features, and possibly incompatible changes.\n\nPlease see the following for more information: \n<http://dev.mysql.com/doc/relnotes/mysql/5.1/en/news-5-1-70.html> \n<http://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-32.html> \n<http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html>", "edition": 5, "modified": "2013-07-25T00:00:00", "published": "2013-07-25T00:00:00", "id": "USN-1909-1", "href": "https://ubuntu.com/security/notices/USN-1909-1", "title": "MySQL vulnerabilities", "type": "ubuntu", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "openvas": [{"lastseen": "2018-01-24T11:09:32", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-3809", "CVE-2013-3783", "CVE-2013-1861", "CVE-2013-2162", "CVE-2013-3812", "CVE-2013-3804", "CVE-2013-3802", "CVE-2013-3793"], "description": "Check for the Version of mysql-5.5", "modified": "2018-01-24T00:00:00", "published": "2013-08-08T00:00:00", "id": "OPENVAS:841524", "href": "http://plugins.openvas.org/nasl.php?oid=841524", "type": "openvas", "title": "Ubuntu Update for mysql-5.5 USN-1909-1", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1909_1.nasl 8509 2018-01-24 06:57:46Z teissa $\n#\n# Ubuntu Update for mysql-5.5 USN-1909-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\n\nif(description)\n{\n script_id(841524);\n script_version(\"$Revision: 8509 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-24 07:57:46 +0100 (Wed, 24 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2013-08-08 11:47:45 +0530 (Thu, 08 Aug 2013)\");\n script_cve_id(\"CVE-2013-1861\", \"CVE-2013-2162\", \"CVE-2013-3783\", \"CVE-2013-3793\",\n \"CVE-2013-3802\", \"CVE-2013-3804\", \"CVE-2013-3809\", \"CVE-2013-3812\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_name(\"Ubuntu Update for mysql-5.5 USN-1909-1\");\n\n tag_insight = \"Multiple security issues were discovered in MySQL and this update includes\nnew upstream MySQL versions to fix these issues.\n\nMySQL has been updated to 5.1.70 in Ubuntu 10.04 LTS. Ubuntu 12.04 LTS,\nUbuntu 12.10 and Ubuntu 13.04 have been updated to MySQL 5.5.32.\n\nIn addition to security fixes, the updated packages contain bug fixes,\nnew features, and possibly incompatible changes.\n\nPlease see the following for more information:\nhttp://dev.mysql.com/doc/relnotes/mysql/5.1/en/news-5-1-70.html\nhttp://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-32.html\nhttp://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html\";\n\n tag_affected = \"mysql-5.5 on Ubuntu 13.04 ,\n Ubuntu 12.10 ,\n Ubuntu 12.04 LTS ,\n Ubuntu 10.04 LTS\";\n\n tag_solution = \"Please Install the Updated Packages.\";\n\n\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name: \"USN\", value: \"1909-1\");\n script_xref(name: \"URL\" , value: \"http://www.ubuntu.com/usn/usn-1909-1/\");\n script_tag(name: \"summary\" , value: \"Check for the Version of mysql-5.5\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU12.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"mysql-server-5.5\", ver:\"5.5.32-0ubuntu0.12.04.1\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU10.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"mysql-server-5.1\", ver:\"5.1.70-0ubuntu0.10.04.1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU12.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"mysql-server-5.5\", ver:\"5.5.32-0ubuntu0.12.10.1\", rls:\"UBUNTU12.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU13.04\")\n{\n\n if ((res = isdpkgvuln(pkg:\"mysql-server-5.5\", ver:\"5.5.32-0ubuntu0.13.04.1\", rls:\"UBUNTU13.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:38:12", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-3809", "CVE-2013-3783", "CVE-2013-1861", "CVE-2013-2162", "CVE-2013-3812", "CVE-2013-3804", "CVE-2013-3802", "CVE-2013-3793"], "description": "The remote host is missing an update for the ", "modified": "2019-03-13T00:00:00", "published": "2013-08-08T00:00:00", "id": "OPENVAS:1361412562310841524", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310841524", "type": "openvas", "title": "Ubuntu Update for mysql-5.5 USN-1909-1", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1909_1.nasl 14132 2019-03-13 09:25:59Z cfischer $\n#\n# Ubuntu Update for mysql-5.5 USN-1909-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.841524\");\n script_version(\"$Revision: 14132 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 10:25:59 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2013-08-08 11:47:45 +0530 (Thu, 08 Aug 2013)\");\n script_cve_id(\"CVE-2013-1861\", \"CVE-2013-2162\", \"CVE-2013-3783\", \"CVE-2013-3793\",\n \"CVE-2013-3802\", \"CVE-2013-3804\", \"CVE-2013-3809\", \"CVE-2013-3812\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_name(\"Ubuntu Update for mysql-5.5 USN-1909-1\");\n\n script_tag(name:\"affected\", value:\"mysql-5.5 on Ubuntu 13.04,\n Ubuntu 12.10,\n Ubuntu 12.04 LTS,\n Ubuntu 10.04 LTS\");\n script_tag(name:\"insight\", value:\"Multiple security issues were discovered in MySQL and this update includes\nnew upstream MySQL versions to fix these issues.\n\nMySQL has been updated to 5.1.70 in Ubuntu 10.04 LTS. Ubuntu 12.04 LTS,\nUbuntu 12.10 and Ubuntu 13.04 have been updated to MySQL 5.5.32.\n\nIn addition to security fixes, the updated packages contain bug fixes,\nnew features, and possibly incompatible changes.\n\nPlease see the references for more information.\");\n\n script_xref(name:\"URL\", value:\"http://dev.mysql.com/doc/relnotes/mysql/5.1/en/news-5-1-70.html\");\n script_xref(name:\"URL\", value:\"http://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-32.html\");\n script_xref(name:\"URL\", value:\"http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html\");\n\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"USN\", value:\"1909-1\");\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-1909-1/\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'mysql-5.5'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU(12\\.04 LTS|10\\.04 LTS|12\\.10|13\\.04)\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU12.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"mysql-server-5.5\", ver:\"5.5.32-0ubuntu0.12.04.1\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU10.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"mysql-server-5.1\", ver:\"5.1.70-0ubuntu0.10.04.1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU12.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"mysql-server-5.5\", ver:\"5.5.32-0ubuntu0.12.10.1\", rls:\"UBUNTU12.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU13.04\")\n{\n\n if ((res = isdpkgvuln(pkg:\"mysql-server-5.5\", ver:\"5.5.32-0ubuntu0.13.04.1\", rls:\"UBUNTU13.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:38:30", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-3839", "CVE-2013-5807", "CVE-2013-3809", "CVE-2013-3783", "CVE-2013-1861", "CVE-2013-2162", "CVE-2013-3812", "CVE-2013-3804", "CVE-2013-3802", "CVE-2013-3793"], "description": "Several issues have been discovered in the MySQL database server. The\nvulnerabilities are addressed by upgrading MySQL to a new upstream\nversion, 5.5.33, which includes additional changes, such as performance\nimprovements, bug fixes, new features, and possibly incompatible\nchanges.\n\nIn addition this update fixes two issues affecting specifically the\nmysql-5.5 Debian package:\n\nA race condition in the post-installation script of the mysql-server-5.5\npackage creates the configuration file /etc/mysql/debian.cnf with\nworld-readable permissions before restricting the permissions, which\nallows local users to read the file and obtain sensitive information\nsuch as credentials for the debian-sys-maint to perform\nadministration tasks.\n(CVE-2013-2162\n)\n\nMatthias Reichl reported that the mysql-5.5 package misses the patches\napplied previous in Debian", "modified": "2019-03-18T00:00:00", "published": "2013-12-16T00:00:00", "id": "OPENVAS:1361412562310702818", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310702818", "type": "openvas", "title": "Debian Security Advisory DSA 2818-1 (mysql-5.5 - several vulnerabilities)", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_2818.nasl 14276 2019-03-18 14:43:56Z cfischer $\n# Auto-generated from advisory DSA 2818-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.702818\");\n script_version(\"$Revision: 14276 $\");\n script_cve_id(\"CVE-2013-1861\", \"CVE-2013-2162\", \"CVE-2013-3783\", \"CVE-2013-3793\", \"CVE-2013-3802\", \"CVE-2013-3804\", \"CVE-2013-3809\", \"CVE-2013-3812\", \"CVE-2013-3839\", \"CVE-2013-5807\");\n script_name(\"Debian Security Advisory DSA 2818-1 (mysql-5.5 - several vulnerabilities)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-18 15:43:56 +0100 (Mon, 18 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2013-12-16 00:00:00 +0100 (Mon, 16 Dec 2013)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n\n script_xref(name:\"URL\", value:\"http://www.debian.org/security/2013/dsa-2818.html\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB7\");\n script_tag(name:\"affected\", value:\"mysql-5.5 on Debian Linux\");\n script_tag(name:\"solution\", value:\"For the stable distribution (wheezy), these problems have been fixed in\nversion 5.5.33+dfsg-0+wheezy1.\n\nFor the unstable distribution (sid), the Debian specific problems will\nbe fixed soon.\n\nWe recommend that you upgrade your mysql-5.5 packages.\");\n script_tag(name:\"summary\", value:\"Several issues have been discovered in the MySQL database server. The\nvulnerabilities are addressed by upgrading MySQL to a new upstream\nversion, 5.5.33, which includes additional changes, such as performance\nimprovements, bug fixes, new features, and possibly incompatible\nchanges.\n\nIn addition this update fixes two issues affecting specifically the\nmysql-5.5 Debian package:\n\nA race condition in the post-installation script of the mysql-server-5.5\npackage creates the configuration file /etc/mysql/debian.cnf with\nworld-readable permissions before restricting the permissions, which\nallows local users to read the file and obtain sensitive information\nsuch as credentials for the debian-sys-maint to perform\nadministration tasks.\n(CVE-2013-2162\n)\n\nMatthias Reichl reported that the mysql-5.5 package misses the patches\napplied previous in Debian's mysql-5.1 to drop the database test and\nthe permissions that allow anonymous access, without a password, from\nlocalhost to the test database and any databases starting with\ntest_\n. This update reintroduces these patches for the mysql-5.5\npackage.\n\nExisting databases and permissions are not touched. Please refer to the\nNEWS file provided with this update for further information.\");\n script_tag(name:\"vuldetect\", value:\"This check tests the installed software version using the apt package manager.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif((res = isdpkgvuln(pkg:\"libmysqlclient-dev\", ver:\"5.5.33+dfsg-0+wheezy1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libmysqlclient18\", ver:\"5.5.33+dfsg-0+wheezy1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libmysqld-dev\", ver:\"5.5.33+dfsg-0+wheezy1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libmysqld-pic\", ver:\"5.5.33+dfsg-0+wheezy1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"mysql-client\", ver:\"5.5.33+dfsg-0+wheezy1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"mysql-client-5.5\", ver:\"5.5.33+dfsg-0+wheezy1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"mysql-common\", ver:\"5.5.33+dfsg-0+wheezy1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"mysql-server\", ver:\"5.5.33+dfsg-0+wheezy1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"mysql-server-5.5\", ver:\"5.5.33+dfsg-0+wheezy1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"mysql-server-core-5.5\", ver:\"5.5.33+dfsg-0+wheezy1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"mysql-source-5.5\", ver:\"5.5.33+dfsg-0+wheezy1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"mysql-testsuite-5.5\", ver:\"5.5.33+dfsg-0+wheezy1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if(__pkg_match) {\n exit(99);\n}", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2017-07-24T12:51:22", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-3839", "CVE-2013-5807", "CVE-2013-3809", "CVE-2013-3783", "CVE-2013-1861", "CVE-2013-2162", "CVE-2013-3812", "CVE-2013-3804", "CVE-2013-3802", "CVE-2013-3793"], "description": "Several issues have been discovered in the MySQL database server. The\nvulnerabilities are addressed by upgrading MySQL to a new upstream\nversion, 5.5.33, which includes additional changes, such as performance\nimprovements, bug fixes, new features, and possibly incompatible\nchanges. Please see the MySQL 5.5 Release Notes for further details:\n\nhttp://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-32.htmlhttp://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-33.html \nIn addition this update fixes two issues affecting specifically the\nmysql-5.5 Debian package:\n\nA race condition in the post-installation script of the mysql-server-5.5\npackage creates the configuration file /etc/mysql/debian.cnf with\nworld-readable permissions before restricting the permissions, which\nallows local users to read the file and obtain sensitive information\nsuch as credentials for the debian-sys-maint to perform\nadministration tasks.\n(CVE-2013-2162 \n)\n\nMatthias Reichl reported that the mysql-5.5 package misses the patches\napplied previous in Debian's mysql-5.1 to drop the database test and\nthe permissions that allow anonymous access, without a password, from\nlocalhost to the test database and any databases starting with\ntest_ \n. This update reintroduces these patches for the mysql-5.5\npackage.\n\nExisting databases and permissions are not touched. Please refer to the\nNEWS file provided with this update for further information.", "modified": "2017-07-07T00:00:00", "published": "2013-12-16T00:00:00", "id": "OPENVAS:702818", "href": "http://plugins.openvas.org/nasl.php?oid=702818", "type": "openvas", "title": "Debian Security Advisory DSA 2818-1 (mysql-5.5 - several vulnerabilities)", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_2818.nasl 6611 2017-07-07 12:07:20Z cfischer $\n# Auto-generated from advisory DSA 2818-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\n\ntag_affected = \"mysql-5.5 on Debian Linux\";\ntag_insight = \"MySQL is a fast, stable and true multi-user, multi-threaded SQL database\nserver.\";\ntag_solution = \"For the stable distribution (wheezy), these problems have been fixed in\nversion 5.5.33+dfsg-0+wheezy1.\n\nFor the unstable distribution (sid), the Debian specific problems will\nbe fixed soon.\n\nWe recommend that you upgrade your mysql-5.5 packages.\";\ntag_summary = \"Several issues have been discovered in the MySQL database server. The\nvulnerabilities are addressed by upgrading MySQL to a new upstream\nversion, 5.5.33, which includes additional changes, such as performance\nimprovements, bug fixes, new features, and possibly incompatible\nchanges. Please see the MySQL 5.5 Release Notes for further details:\n\nhttp://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-32.htmlhttp://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-33.html \nIn addition this update fixes two issues affecting specifically the\nmysql-5.5 Debian package:\n\nA race condition in the post-installation script of the mysql-server-5.5\npackage creates the configuration file /etc/mysql/debian.cnf with\nworld-readable permissions before restricting the permissions, which\nallows local users to read the file and obtain sensitive information\nsuch as credentials for the debian-sys-maint to perform\nadministration tasks.\n(CVE-2013-2162 \n)\n\nMatthias Reichl reported that the mysql-5.5 package misses the patches\napplied previous in Debian's mysql-5.1 to drop the database test and\nthe permissions that allow anonymous access, without a password, from\nlocalhost to the test database and any databases starting with\ntest_ \n. This update reintroduces these patches for the mysql-5.5\npackage.\n\nExisting databases and permissions are not touched. Please refer to the\nNEWS file provided with this update for further information.\";\ntag_vuldetect = \"This check tests the installed software version using the apt package manager.\";\n\nif(description)\n{\n script_id(702818);\n script_version(\"$Revision: 6611 $\");\n script_cve_id(\"CVE-2013-1861\", \"CVE-2013-2162\", \"CVE-2013-3783\", \"CVE-2013-3793\", \"CVE-2013-3802\", \"CVE-2013-3804\", \"CVE-2013-3809\", \"CVE-2013-3812\", \"CVE-2013-3839\", \"CVE-2013-5807\");\n script_name(\"Debian Security Advisory DSA 2818-1 (mysql-5.5 - several vulnerabilities)\");\n script_tag(name: \"last_modification\", value:\"$Date: 2017-07-07 14:07:20 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name: \"creation_date\", value:\"2013-12-16 00:00:00 +0100 (Mon, 16 Dec 2013)\");\n script_tag(name: \"cvss_base\", value:\"5.0\");\n script_tag(name: \"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n\n script_xref(name: \"URL\", value: \"http://www.debian.org/security/2013/dsa-2818.html\");\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name: \"affected\", value: tag_affected);\n script_tag(name: \"insight\", value: tag_insight);\n# script_tag(name: \"impact\", value: tag_impact);\n script_tag(name: \"solution\", value: tag_solution);\n script_tag(name: \"summary\", value: tag_summary);\n script_tag(name: \"vuldetect\", value: tag_vuldetect);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"libmysqlclient-dev\", ver:\"5.5.33+dfsg-0+wheezy1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libmysqlclient18\", ver:\"5.5.33+dfsg-0+wheezy1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libmysqld-dev\", ver:\"5.5.33+dfsg-0+wheezy1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libmysqld-pic\", ver:\"5.5.33+dfsg-0+wheezy1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"mysql-client\", ver:\"5.5.33+dfsg-0+wheezy1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"mysql-client-5.5\", ver:\"5.5.33+dfsg-0+wheezy1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"mysql-common\", ver:\"5.5.33+dfsg-0+wheezy1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"mysql-server\", ver:\"5.5.33+dfsg-0+wheezy1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"mysql-server-5.5\", ver:\"5.5.33+dfsg-0+wheezy1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"mysql-server-core-5.5\", ver:\"5.5.33+dfsg-0+wheezy1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"mysql-source-5.5\", ver:\"5.5.33+dfsg-0+wheezy1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"mysql-testsuite-5.5\", ver:\"5.5.33+dfsg-0+wheezy1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}]}