Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2008-2021 Tenable Network Security, Inc.SUSE_MYSQL-4879.NASL
HistoryFeb 05, 2008 - 12:00 a.m.

SuSE 10 Security Update : MySQL (ZYPP Patch Number 4879)

2008-02-0500:00:00
This script is Copyright (C) 2008-2021 Tenable Network Security, Inc.
www.tenable.com
20

7.1 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:H/Au:S/C:C/I:C/A:C

0.067 Low

EPSS

Percentile

93.9%

JSON

This update fixes several security vulnerabilities (note: not all versions are affected by every bug) :

  • CVE-2007-2583

  • CVE-2007-2691

  • CVE-2007-2692

  • CVE-2007-5925

  • CVE-2007-5969

  • CVE-2007-6303

  • CVE-2007-6304

#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The text description of this plugin is (C) Novell, Inc.
#

if (NASL_LEVEL < 3000) exit(0);

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(30182);
  script_version("1.19");
  script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/14");

  script_cve_id("CVE-2007-2583", "CVE-2007-2691", "CVE-2007-2692", "CVE-2007-5925", "CVE-2007-5969", "CVE-2007-6303", "CVE-2007-6304");

  script_name(english:"SuSE 10 Security Update : MySQL (ZYPP Patch Number 4879)");
  script_summary(english:"Checks rpm output for the updated packages");

  script_set_attribute(
    attribute:"synopsis", 
    value:"The remote SuSE 10 host is missing a security-related patch."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"This update fixes several security vulnerabilities (note: not all
versions are affected by every bug) :

  - CVE-2007-2583

  - CVE-2007-2691

  - CVE-2007-2692

  - CVE-2007-5925

  - CVE-2007-5969

  - CVE-2007-6303

  - CVE-2007-6304"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"http://support.novell.com/security/cve/CVE-2007-2583.html"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"http://support.novell.com/security/cve/CVE-2007-2691.html"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"http://support.novell.com/security/cve/CVE-2007-2692.html"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"http://support.novell.com/security/cve/CVE-2007-5925.html"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"http://support.novell.com/security/cve/CVE-2007-5969.html"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"http://support.novell.com/security/cve/CVE-2007-6303.html"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"http://support.novell.com/security/cve/CVE-2007-6304.html"
  );
  script_set_attribute(attribute:"solution", value:"Apply ZYPP patch number 4879.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:H/Au:S/C:C/I:C/A:C");
  script_cwe_id(20, 189, 264);

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:suse:suse_linux");

  script_set_attribute(attribute:"patch_publication_date", value:"2008/01/07");
  script_set_attribute(attribute:"plugin_publication_date", value:"2008/02/05");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2008-2021 Tenable Network Security, Inc.");
  script_family(english:"SuSE Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list");

  exit(0);
}


include("global_settings.inc");
include("rpm.inc");


if (!get_kb_item("Host/local_checks_enabled")) exit(0, "Local checks are not enabled.");
if (!get_kb_item("Host/SuSE/release")) exit(0, "The host is not running SuSE.");
if (!get_kb_item("Host/SuSE/rpm-list")) exit(1, "Could not obtain the list of installed packages.");

cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) exit(1, "Failed to determine the architecture type.");
if (cpu >!< "x86_64" && cpu !~ "^i[3-6]86$") exit(1, "Local checks for SuSE 10 on the '"+cpu+"' architecture have not been implemented.");


flag = 0;
if (rpm_check(release:"SLED10", sp:1, reference:"mysql-5.0.26-12.16")) flag++;
if (rpm_check(release:"SLED10", sp:1, reference:"mysql-client-5.0.26-12.16")) flag++;
if (rpm_check(release:"SLED10", sp:1, reference:"mysql-devel-5.0.26-12.16")) flag++;
if (rpm_check(release:"SLED10", sp:1, reference:"mysql-shared-5.0.26-12.16")) flag++;
if (rpm_check(release:"SLED10", sp:1, cpu:"x86_64", reference:"mysql-shared-32bit-5.0.26-12.16")) flag++;
if (rpm_check(release:"SLES10", sp:1, reference:"mysql-5.0.26-12.16")) flag++;
if (rpm_check(release:"SLES10", sp:1, reference:"mysql-Max-5.0.26-12.16")) flag++;
if (rpm_check(release:"SLES10", sp:1, reference:"mysql-client-5.0.26-12.16")) flag++;
if (rpm_check(release:"SLES10", sp:1, reference:"mysql-devel-5.0.26-12.16")) flag++;
if (rpm_check(release:"SLES10", sp:1, reference:"mysql-shared-5.0.26-12.16")) flag++;
if (rpm_check(release:"SLES10", sp:1, cpu:"x86_64", reference:"mysql-shared-32bit-5.0.26-12.16")) flag++;


if (flag)
{
  if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
  else security_hole(0);
  exit(0);
}
else exit(0, "The host is not affected.");
VendorProductVersionCPE
susesuse_linuxcpe:/o:suse:suse_linux

Related

nessus 43
openvas 52
f5 2
gentoo 2
fedora 2
redhat 5
centos 2
altlinux 2
debian 3
ubuntu 5
osv 2
oraclelinux 3
seebug 2
slackware 1
securityvulns 7
veracode 6
cve 9
ubuntucve 7
cvelist 7
prion 9
nvd 9
freebsd 2
zdt 1
packetstorm 1
photon 1
nessus
nessus
openSUSE 10 Security Update : libmysqlclient-devel (libmysqlclient-devel-4873)
2008-02-05 00:00:00
SuSE9 Security Update : MySQL (YOU Patch Number 12044)
2009-09-24 00:00:00
Fedora 7 : mysql-5.0.45-6.fc7 (2007-4471)
2007-12-17 00:00:00
openvas
openvas
SLES9: Security update for MySQL
2009-10-10 00:00:00
SLES9: Security update for MySQL
2009-10-10 00:00:00
Fedora Update for mysql FEDORA-2007-4465
2009-02-27 00:00:00
f5
f5
K8178 : MySQL vulnerabilities CVE-2007-5925, CVE-2007-5969, and CVE-2007-6303
2013-03-18 00:00:00
SOL8178 - MySQL vulnerabilities CVE-2007-5925, CVE-2007-5969, and CVE-2007-6303
2008-01-13 00:00:00
gentoo
gentoo
MySQL: Multiple vulnerabilities
2008-04-06 00:00:00
MySQL: Denial of service
2007-11-18 00:00:00
fedora
fedora
[SECURITY] Fedora 8 Update: mysql-5.0.45-6.fc8
2007-12-15 19:25:11
[SECURITY] Fedora 7 Update: mysql-5.0.45-6.fc7
2007-12-15 19:25:51
redhat
redhat
(RHSA-2007:1157) Important: mysql security update
2007-12-19 00:00:00
(RHSA-2007:1155) Important: mysql security update
2007-12-18 00:00:00
(RHSA-2007:0894) Important: mysql security update
2007-09-10 00:00:00
centos
centos
mysql security update
2007-12-22 14:26:47
mysql security update
2007-12-18 20:47:57
altlinux
altlinux
Security fix for the ALT Linux 5 package MySQL version 5.0.51-alt1
2008-01-01 00:00:00
Security fix for the ALT Linux 5 package MySQL version 5.0.41-alt1
2007-05-28 00:00:00
debian
debian
[SECURITY] [DSA 1413-1] New mysql packages fix multiple vulnerabilities
2007-11-26 17:20:12
[SECURITY] [DSA 1413-1] New mysql packages fix multiple vulnerabilities
2007-11-26 17:20:12
[SECURITY] [DSA 1451-1] New mysql-dfsg-5.0 packages fix several vulnerabilities
2008-01-06 18:04:18
ubuntu
ubuntu
MySQL vulnerabilities
2007-12-21 00:00:00
MySQL vulnerabilities
2007-10-11 00:00:00
MySQL regression
2008-04-02 00:00:00
osv
osv
mysql - multiple
2007-11-26 00:00:00
mysql-dfsg-5.0 several vulnerabilities
2008-01-06 00:00:00
oraclelinux
oraclelinux
Important: mysql security update
2007-12-18 00:00:00
mysql security and bug fix update
2008-05-30 00:00:00
mysql security, bug fix, and enhancement update
2008-08-01 00:00:00
seebug
seebug
MySQL Server权限提升及拒绝服务漏洞
2007-12-14 00:00:00
MySQL服务器RENAME TABLE系统表格覆盖漏洞
2007-12-13 00:00:00
slackware
slackware
[slackware-security] mysql
2007-12-15 02:03:51
securityvulns
securityvulns
MySQL multiple security vulnerabilities
2007-10-13 00:00:00
[email protected], [email protected]
2007-10-13 00:00:00
MySQL DoS
2007-11-19 00:00:00
veracode
veracode
Privilege Escalation
2020-04-10 00:22:25
Denial Of Service (DoS)
2020-04-10 00:22:25
Privilege Escalation
2020-04-10 00:25:17
cve
cve
CVE-2007-5925
2007-11-10 02:46:00
CVE-2007-2691
2007-05-16 01:19:00
CVE-2007-5969
2007-12-10 19:46:00
ubuntucve
ubuntucve
CVE-2007-5925
2007-11-10 00:00:00
CVE-2007-5969
2007-12-10 00:00:00
CVE-2007-6304
2007-12-10 00:00:00
cvelist
cvelist
CVE-2007-5925
2007-11-10 02:00:00
CVE-2007-5969
2007-12-10 19:00:00
CVE-2007-2691
2007-05-16 01:00:00
prion
prion
Design/Logic Flaw
2007-11-10 02:46:00
Code injection
2007-05-16 01:19:00
Design/Logic Flaw
2007-12-10 19:46:00
nvd
nvd
CVE-2007-5925
2007-11-10 02:46:00
CVE-2007-5969
2007-12-10 19:46:00
CVE-2007-2691
2007-05-16 01:19:00
freebsd
freebsd
mysql -- renaming of arbitrary tables by authenticated users
2007-05-14 00:00:00
mysql -- privilege escalation and overwrite of the system table information
2007-11-14 00:00:00
zdt
zdt
MySQL 5.0.x IF Query Handling Remote Denial Of Service Vulnerability
2013-12-05 00:00:00
packetstorm
packetstorm
MySQL 5.0.x Denial Of Service
2013-12-05 00:00:00
photon
photon
Critical Photon OS Security Update - PHSA-2019-0212
2019-03-05 00:00:00

7.1 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:H/Au:S/C:C/I:C/A:C

0.067 Low

EPSS

Percentile

93.9%

JSON
Related for SUSE_MYSQL-4879.NASL
nessus43openvas52f52gentoo2fedora2redhat5centos2altlinux2debian3ubuntu5osv2oraclelinux3seebug2slackware1securityvulns7veracode6cve9ubuntucve7cvelist7prion9nvd9freebsd2zdt1packetstorm1photon1