A stack-based buffer overflow flaw was found in the user permission checking code in MySQL. An authenticated database user could use this flaw to crash the mysqld daemon or, potentially, execute arbitrary code with the privileges of the user running the mysqld daemon.
(CVE-2012-5611)
After installing this update, the MySQL server daemon (mysqld) will be restarted automatically.
#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text is (C) Scientific Linux.
#
include('deprecated_nasl_level.inc');
include('compat.inc');
if (description)
{
script_id(63192);
script_version("1.5");
script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/14");
script_cve_id("CVE-2012-5611");
script_name(english:"Scientific Linux Security Update : mysql on SL6.x i386/x86_64 (20121207)");
script_summary(english:"Checks rpm output for the updated packages");
script_set_attribute(
attribute:"synopsis",
value:
"The remote Scientific Linux host is missing one or more security
updates."
);
script_set_attribute(
attribute:"description",
value:
"A stack-based buffer overflow flaw was found in the user permission
checking code in MySQL. An authenticated database user could use this
flaw to crash the mysqld daemon or, potentially, execute arbitrary
code with the privileges of the user running the mysqld daemon.
(CVE-2012-5611)
After installing this update, the MySQL server daemon (mysqld) will be
restarted automatically."
);
# https://listserv.fnal.gov/scripts/wa.exe?A2=ind1212&L=scientific-linux-errata&T=0&P=557
script_set_attribute(
attribute:"see_also",
value:"http://www.nessus.org/u?4b1dc346"
);
script_set_attribute(attribute:"solution", value:"Update the affected packages.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:mysql");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:mysql-bench");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:mysql-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:mysql-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:mysql-embedded");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:mysql-embedded-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:mysql-libs");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:mysql-server");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:mysql-test");
script_set_attribute(attribute:"cpe", value:"x-cpe:/o:fermilab:scientific_linux");
script_set_attribute(attribute:"vuln_publication_date", value:"2012/12/03");
script_set_attribute(attribute:"patch_publication_date", value:"2012/12/07");
script_set_attribute(attribute:"plugin_publication_date", value:"2012/12/09");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_copyright(english:"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_family(english:"Scientific Linux Local Security Checks");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/RedHat/release", "Host/RedHat/rpm-list");
exit(0);
}
include("audit.inc");
include("global_settings.inc");
include("misc_func.inc");
include("rpm.inc");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/RedHat/release");
if (isnull(release) || "Scientific Linux " >!< release) audit(AUDIT_HOST_NOT, "running Scientific Linux");
os_ver = pregmatch(pattern: "Scientific Linux.*release ([0-9]+(\.[0-9]+)?)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Scientific Linux");
os_ver = os_ver[1];
if (! preg(pattern:"^6([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Scientific Linux 6.x", "Scientific Linux " + os_ver);
if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if (cpu >!< "x86_64" && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Scientific Linux", cpu);
flag = 0;
if (rpm_check(release:"SL6", reference:"mysql-5.1.66-2.el6_3")) flag++;
if (rpm_check(release:"SL6", reference:"mysql-bench-5.1.66-2.el6_3")) flag++;
if (rpm_check(release:"SL6", reference:"mysql-debuginfo-5.1.66-2.el6_3")) flag++;
if (rpm_check(release:"SL6", reference:"mysql-devel-5.1.66-2.el6_3")) flag++;
if (rpm_check(release:"SL6", reference:"mysql-embedded-5.1.66-2.el6_3")) flag++;
if (rpm_check(release:"SL6", reference:"mysql-embedded-devel-5.1.66-2.el6_3")) flag++;
if (rpm_check(release:"SL6", reference:"mysql-libs-5.1.66-2.el6_3")) flag++;
if (rpm_check(release:"SL6", reference:"mysql-server-5.1.66-2.el6_3")) flag++;
if (rpm_check(release:"SL6", reference:"mysql-test-5.1.66-2.el6_3")) flag++;
if (flag)
{
security_report_v4(
port : 0,
severity : SECURITY_WARNING,
extra : rpm_report_get()
);
exit(0);
}
else
{
tested = pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, "mysql / mysql-bench / mysql-debuginfo / mysql-devel / etc");
}
Vendor | Product | Version | CPE |
---|---|---|---|
fermilab | scientific_linux | mysql | p-cpe:/a:fermilab:scientific_linux:mysql |
fermilab | scientific_linux | mysql-bench | p-cpe:/a:fermilab:scientific_linux:mysql-bench |
fermilab | scientific_linux | mysql-debuginfo | p-cpe:/a:fermilab:scientific_linux:mysql-debuginfo |
fermilab | scientific_linux | mysql-devel | p-cpe:/a:fermilab:scientific_linux:mysql-devel |
fermilab | scientific_linux | mysql-embedded | p-cpe:/a:fermilab:scientific_linux:mysql-embedded |
fermilab | scientific_linux | mysql-embedded-devel | p-cpe:/a:fermilab:scientific_linux:mysql-embedded-devel |
fermilab | scientific_linux | mysql-libs | p-cpe:/a:fermilab:scientific_linux:mysql-libs |
fermilab | scientific_linux | mysql-server | p-cpe:/a:fermilab:scientific_linux:mysql-server |
fermilab | scientific_linux | mysql-test | p-cpe:/a:fermilab:scientific_linux:mysql-test |
fermilab | scientific_linux | x-cpe:/o:fermilab:scientific_linux |