Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.SL_20160404_MARIADB_ON_SL7_X.NASL
HistoryApr 05, 2016 - 12:00 a.m.

Scientific Linux Security Update : mariadb on SL7.x x86_64 (20160404)

2016-04-0500:00:00
This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
15
JSON

Security Fix(es) :

  • It was found that the MariaDB client library did not properly check host names against server identities noted in the X.509 certificates when establishing secure connections using TLS/SSL. A man-in-the-middle attacker could possibly use this flaw to impersonate a server to a client. (CVE-2016-2047)

(CVE-2015-4792, CVE-2015-4802, CVE-2015-4815, CVE-2015-4816, CVE-2015-4819, CVE-2015-4826, CVE-2015-4830, CVE-2015-4836, CVE-2015-4858, CVE-2015-4861, CVE-2015-4870, CVE-2015-4879, CVE-2015-4913, CVE-2016-0505, CVE-2016-0546, CVE-2016-0596, CVE-2016-0597, CVE-2016-0598, CVE-2016-0600, CVE-2016-0606, CVE-2016-0608, CVE-2016-0609, CVE-2016-0616)

Bug Fix(es) :

  • When more than one INSERT operation was executed concurrently on a non- empty InnoDB table with an AUTO_INCREMENT column defined as a primary key immediately after starting MariaDB, a race condition could occur. As a consequence, one of the concurrent INSERT operations failed with a ‘Duplicate key’ error message. A patch has been applied to prevent the race condition. Now, each row inserted as a result of the concurrent INSERT operations receives a unique primary key, and the operations no longer fail in this scenario.
#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text is (C) Scientific Linux.
#

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(90345);
  script_version("2.10");
  script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/14");

  script_cve_id("CVE-2015-4792", "CVE-2015-4802", "CVE-2015-4815", "CVE-2015-4816", "CVE-2015-4819", "CVE-2015-4826", "CVE-2015-4830", "CVE-2015-4836", "CVE-2015-4858", "CVE-2015-4861", "CVE-2015-4870", "CVE-2015-4879", "CVE-2015-4913", "CVE-2016-0505", "CVE-2016-0546", "CVE-2016-0596", "CVE-2016-0597", "CVE-2016-0598", "CVE-2016-0600", "CVE-2016-0606", "CVE-2016-0608", "CVE-2016-0609", "CVE-2016-0616", "CVE-2016-2047");

  script_name(english:"Scientific Linux Security Update : mariadb on SL7.x x86_64 (20160404)");
  script_summary(english:"Checks rpm output for the updated packages");

  script_set_attribute(
    attribute:"synopsis", 
    value:
"The remote Scientific Linux host is missing one or more security
updates."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"Security Fix(es) :

  - It was found that the MariaDB client library did not
    properly check host names against server identities
    noted in the X.509 certificates when establishing secure
    connections using TLS/SSL. A man-in-the-middle attacker
    could possibly use this flaw to impersonate a server to
    a client. (CVE-2016-2047)

(CVE-2015-4792, CVE-2015-4802, CVE-2015-4815, CVE-2015-4816,
CVE-2015-4819, CVE-2015-4826, CVE-2015-4830, CVE-2015-4836,
CVE-2015-4858, CVE-2015-4861, CVE-2015-4870, CVE-2015-4879,
CVE-2015-4913, CVE-2016-0505, CVE-2016-0546, CVE-2016-0596,
CVE-2016-0597, CVE-2016-0598, CVE-2016-0600, CVE-2016-0606,
CVE-2016-0608, CVE-2016-0609, CVE-2016-0616)

Bug Fix(es) :

  - When more than one INSERT operation was executed
    concurrently on a non- empty InnoDB table with an
    AUTO_INCREMENT column defined as a primary key
    immediately after starting MariaDB, a race condition
    could occur. As a consequence, one of the concurrent
    INSERT operations failed with a 'Duplicate key' error
    message. A patch has been applied to prevent the race
    condition. Now, each row inserted as a result of the
    concurrent INSERT operations receives a unique primary
    key, and the operations no longer fail in this scenario."
  );
  # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1604&L=scientific-linux-errata&F=&S=&P=426
  script_set_attribute(
    attribute:"see_also",
    value:"http://www.nessus.org/u?2618662d"
  );
  script_set_attribute(attribute:"solution", value:"Update the affected packages.");
  script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C");
  script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:O/RC:C");
  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:mariadb");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:mariadb-bench");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:mariadb-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:mariadb-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:mariadb-embedded");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:mariadb-embedded-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:mariadb-libs");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:mariadb-server");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:mariadb-test");
  script_set_attribute(attribute:"cpe", value:"x-cpe:/o:fermilab:scientific_linux");

  script_set_attribute(attribute:"vuln_publication_date", value:"2015/10/21");
  script_set_attribute(attribute:"patch_publication_date", value:"2016/04/04");
  script_set_attribute(attribute:"plugin_publication_date", value:"2016/04/05");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.");
  script_family(english:"Scientific Linux Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/RedHat/release", "Host/RedHat/rpm-list");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("misc_func.inc");
include("rpm.inc");

if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/RedHat/release");
if (isnull(release) || "Scientific Linux " >!< release) audit(AUDIT_HOST_NOT, "running Scientific Linux");
os_ver = pregmatch(pattern: "Scientific Linux.*release ([0-9]+(\.[0-9]+)?)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Scientific Linux");
os_ver = os_ver[1];
if (! preg(pattern:"^7([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Scientific Linux 7.x", "Scientific Linux " + os_ver);
if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if (cpu >!< "x86_64" && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Scientific Linux", cpu);
if ("x86_64" >!< cpu) audit(AUDIT_ARCH_NOT, "x86_64", cpu);


flag = 0;
if (rpm_check(release:"SL7", cpu:"x86_64", reference:"mariadb-5.5.47-1.el7_2")) flag++;
if (rpm_check(release:"SL7", cpu:"x86_64", reference:"mariadb-bench-5.5.47-1.el7_2")) flag++;
if (rpm_check(release:"SL7", cpu:"x86_64", reference:"mariadb-debuginfo-5.5.47-1.el7_2")) flag++;
if (rpm_check(release:"SL7", cpu:"x86_64", reference:"mariadb-devel-5.5.47-1.el7_2")) flag++;
if (rpm_check(release:"SL7", cpu:"x86_64", reference:"mariadb-embedded-5.5.47-1.el7_2")) flag++;
if (rpm_check(release:"SL7", cpu:"x86_64", reference:"mariadb-embedded-devel-5.5.47-1.el7_2")) flag++;
if (rpm_check(release:"SL7", cpu:"x86_64", reference:"mariadb-libs-5.5.47-1.el7_2")) flag++;
if (rpm_check(release:"SL7", cpu:"x86_64", reference:"mariadb-server-5.5.47-1.el7_2")) flag++;
if (rpm_check(release:"SL7", cpu:"x86_64", reference:"mariadb-test-5.5.47-1.el7_2")) flag++;


if (flag)
{
  security_report_v4(
    port       : 0,
    severity   : SECURITY_HOLE,
    extra      : rpm_report_get()
  );
  exit(0);
}
else
{
  tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, "mariadb / mariadb-bench / mariadb-debuginfo / mariadb-devel / etc");
}
VendorProductVersionCPE
fermilabscientific_linuxmariadbp-cpe:/a:fermilab:scientific_linux:mariadb
fermilabscientific_linuxmariadb-benchp-cpe:/a:fermilab:scientific_linux:mariadb-bench
fermilabscientific_linuxmariadb-debuginfop-cpe:/a:fermilab:scientific_linux:mariadb-debuginfo
fermilabscientific_linuxmariadb-develp-cpe:/a:fermilab:scientific_linux:mariadb-devel
fermilabscientific_linuxmariadb-embeddedp-cpe:/a:fermilab:scientific_linux:mariadb-embedded
fermilabscientific_linuxmariadb-embedded-develp-cpe:/a:fermilab:scientific_linux:mariadb-embedded-devel
fermilabscientific_linuxmariadb-libsp-cpe:/a:fermilab:scientific_linux:mariadb-libs
fermilabscientific_linuxmariadb-serverp-cpe:/a:fermilab:scientific_linux:mariadb-server
fermilabscientific_linuxmariadb-testp-cpe:/a:fermilab:scientific_linux:mariadb-test
fermilabscientific_linuxx-cpe:/o:fermilab:scientific_linux

References

Related

oraclelinux 1
openvas 43
redhat 6
nessus 56
debian 9
centos 1
archlinux 1
mageia 1
kaspersky 1
suse 9
freebsd 1
f5 3
fedora 4
ubuntu 2
ibm 2
osv 1
symantec 1
amazon 2
cvelist 9
prion 7
ubuntucve 9
cve 10
mariadbunix 9
veracode 7
zdt 1
exploitpack 1
checkpoint_advisories 1
packetstorm 1
oraclelinux
oraclelinux
mariadb security and bug fix update
2016-03-31 00:00:00
openvas
openvas
RedHat Update for mariadb RHSA-2016:0534-01
2016-04-02 00:00:00
CentOS Update for mariadb CESA-2016:0534 centos7
2016-04-11 00:00:00
Huawei EulerOS: Security Advisory for mariadb (EulerOS-SA-2016-1011)
2020-01-23 00:00:00
redhat
redhat
(RHSA-2016:22610) Moderate: mariadb security and bug fix update
2016-02-03 05:00:00
(RHSA-2016:0534) Moderate: mariadb security and bug fix update
2016-03-31 14:15:24
(RHSA-2016:1481) Moderate: mariadb55-mariadb security update
2016-07-25 07:45:27
nessus
nessus
EulerOS 2.0 SP1 : mariadb (EulerOS-SA-2016-1011)
2017-05-01 00:00:00
Oracle Linux 7 : mariadb (ELSA-2016-0534)
2016-04-01 00:00:00
Debian DSA-3377-1 : mysql-5.5 - security update
2015-10-26 00:00:00
debian
debian
[SECURITY] [DSA 3377-1] mysql-5.5 security update
2015-10-24 08:06:52
[SECURITY] [DSA 3377-1] mysql-5.5 security update
2015-10-24 08:07:10
[SECURITY] [DSA 3385-1] mariadb-10.0 security update
2015-10-31 08:23:38
centos
centos
mariadb security update
2016-03-31 20:53:35
archlinux
archlinux
mariadb: denial of service
2015-10-30 00:00:00
mageia
mageia
Updated mariadb packages fix security vulnerabilities
2015-11-17 00:36:58
kaspersky
kaspersky
KLA10749 Multiple vulnerabilities in MariaDB
2016-01-27 00:00:00
suse
suse
Security update to MariaDB 10.0.22 (important)
2015-12-10 12:13:12
Security update to MariaDB 5.5.46 (important)
2015-12-10 13:10:14
Security update to MySQL 5.6.27 (important)
2015-12-10 12:12:21
freebsd
freebsd
MySQL - Multiple vulnerabilities
2015-11-10 00:00:00
f5
f5
K77508618 : Multiple Oracle MySQL vulnerabilities
2017-05-06 00:00:00
SOL59010802 - Multiple MySQL vulnerabilities
2015-12-15 00:00:00
K59010802 : Multiple MySQL vulnerabilities
2015-12-15 00:00:00
fedora
fedora
[SECURITY] Fedora 22 Update: mariadb-10.0.23-1.fc22
2016-03-05 22:51:47
[SECURITY] Fedora 23 Update: mariadb-10.0.23-1.fc23
2016-02-21 16:34:44
[SECURITY] Fedora 22 Update: community-mysql-5.6.29-1.fc22
2016-03-09 20:17:15
ubuntu
ubuntu
MySQL vulnerabilities
2016-01-26 00:00:00
MySQL vulnerabilities
2015-10-26 00:00:00
ibm
ibm
Security Bulletin: IBM Security Guardium is affected by OpenSource Oracle MySQL Vulnerability (multiple CVEs)
2018-06-16 21:40:13
Security Bulletin: Multiple vulnerabilities in OpenSource Oracle Mysql affect IBM Security Guardium Database Activity Monitor
2018-06-16 21:38:45
osv
osv
mysql-5.5 packages as an option announcement
2015-12-16 00:00:00
symantec
symantec
SA106 : MySQL Vulnerabilities October 2015
2015-12-17 08:00:00
amazon
amazon
Important: mysql56
2016-04-06 14:40:00
Important: mysql55
2016-08-17 13:30:00
cvelist
cvelist
CVE-2015-4792
2015-10-21 21:00:00
CVE-2015-4802
2015-10-21 21:00:00
CVE-2015-4858
2015-10-21 23:00:00
prion
prion
Design/Logic Flaw
2015-10-21 21:59:00
Design/Logic Flaw
2015-10-22 00:00:00
Design/Logic Flaw
2015-10-21 21:59:00
ubuntucve
ubuntucve
CVE-2015-4802
2015-10-21 00:00:00
CVE-2015-4792
2015-10-21 00:00:00
CVE-2015-4858
2015-10-21 00:00:00
cve
cve
CVE-2015-4802
2015-10-21 21:59:00
CVE-2015-4792
2015-10-21 21:59:00
CVE-2015-4858
2015-10-21 23:59:00
mariadbunix
mariadbunix
CVE-2015-4802
2015-10-21 21:59:00
CVE-2015-4792
2015-10-21 21:59:00
CVE-2015-4858
2015-10-21 23:59:00
veracode
veracode
Denial Of Service (DoS)
2019-05-02 05:29:17
Denial Of Service (DoS)
2019-05-02 05:34:17
Privilege Escalation
2019-05-02 05:29:17
zdt
zdt
MySQL 5.5.45 - procedure analyse Function Denial of Service
2016-05-30 00:00:00
exploitpack
exploitpack
MySQL 5.5.45 - procedure analyse Function Denial of Service
2016-05-30 00:00:00
checkpoint_advisories
checkpoint_advisories
MySQL Failed Memory Allocation Denial of Service (CVE-2015-4870)
2016-06-08 00:00:00
packetstorm
packetstorm
MySQL Procedure Analyse Denial Of Service
2016-05-28 00:00:00
JSON
Related for SL_20160404_MARIADB_ON_SL7_X.NASL
oraclelinux1openvas43redhat6nessus56debian9centos1archlinux1mageia1kaspersky1suse9freebsd1f53fedora4ubuntu2ibm2osv1symantec1amazon2cvelist9prion7ubuntucve9cve10mariadbunix9veracode7zdt1exploitpack1checkpoint_advisories1packetstorm1