Linux Distros Unpatched Vulnerability : CVE-2017-3305

🗓️ 18 Aug 2025 00:00:00Reported by TenableType

CVE-2017-3305 unpatched Linux MySQL Server C API; affected 5.5.55, 5.6.35; remote access to data.

Reporter	Title	Published	Views	Family All 55
CNVD	MySQL Man-in-the-Middle Security Bypass Vulnerability	27 Mar 201700:00	–	cnvd
CVE	CVE-2017-3305	24 Apr 201719:00	–	cve
Cvelist	CVE-2017-3305	24 Apr 201719:00	–	cvelist
FreeBSD	MySQL -- multiple vulnerabilities	19 Apr 201700:00	–	freebsd
Debian	[SECURITY] [DLA 916-1] mysql-5.5 security update	25 Apr 201720:47	–	debian
Debian	[SECURITY] [DSA 3834-1] mysql-5.5 security update	25 Apr 201715:15	–	debian
Debian	[SECURITY] [DSA 3834-1] mysql-5.5 security update	25 Apr 201715:15	–	debian
Tenable Nessus	Debian DLA-916-1 : mysql-5.5 security update (Riddle)	26 Apr 201700:00	–	nessus
Tenable Nessus	Debian DSA-3834-1 : mysql-5.5 - security update (Riddle)	26 Apr 201700:00	–	nessus
Tenable Nessus	FreeBSD : MySQL -- multiple vulnerabilities (d9e01c35-2531-11e7-b291-b499baebfeaf) (Riddle)	20 Apr 201700:00	–	nessus

Source	Link
ubuntu	www.ubuntu.com/security/CVE-2017-3305
cve	www.cve.mitre.org/cgi-bin/cvename.cgi

#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
##

include('compat.inc');

if (description)
{
  script_id(251439);
  script_version("1.1");
  script_set_attribute(attribute:"plugin_modification_date", value:"2025/08/18");

  script_cve_id("CVE-2017-3305");

  script_name(english:"Linux Distros Unpatched Vulnerability : CVE-2017-3305");

  script_set_attribute(attribute:"synopsis", value:
"The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be
patched.");
  script_set_attribute(attribute:"description", value:
"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied
patch available.

  - Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: C API). Supported
    versions that are affected are 5.5.55 and earlier and 5.6.35 and earlier. Difficult to exploit
    vulnerability allows low privileged attacker with network access via multiple protocols to compromise
    MySQL Server. Successful attacks of this vulnerability can result in unauthorized access to critical data
    or complete access to all MySQL Server accessible data. CVSS 3.0 Base Score 5.3 (Confidentiality impacts).
    CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N). NOTE: the previous information is from the
    April 2017 CPU. Oracle has not commented on third-party claims that this issue allows man-in-the-middle
    attackers to hijack the authentication of users by leveraging incorrect ordering of security parameter
    verification in a client, aka, The Riddle. (CVE-2017-3305)

Note that Nessus relies on the presence of the package as reported by the vendor.");
  script_set_attribute(attribute:"see_also", value:"https://ubuntu.com/security/CVE-2017-3305");
  script_set_attribute(attribute:"solution", value:
"There is no known solution at this time.");
  script_set_attribute(attribute:"agent", value:"unix");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:S/C:C/I:N/A:N");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2017-3305");

  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");
  script_set_attribute(attribute:"vendor_unpatched", value:"true");

  script_set_attribute(attribute:"vuln_publication_date", value:"2017/03/13");
  script_set_attribute(attribute:"plugin_publication_date", value:"2025/08/18");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:16.04:-:lts");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:percona-server-5.6");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:percona-xtradb-cluster-5.6");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Misc.");

  script_copyright(english:"This script is Copyright (C) 2025 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("ssh_get_info2.nasl", "set_linux_os_id.nasl");
  script_require_keys("Host/cpu", "Host/local_checks_enabled", "global_settings/vendor_unpatched", "Host/OS/identifier");
  script_require_ports("Host/OS/Ubuntu Linux-16.04");

  exit(0);
}

if (!get_kb_item("global_settings/vendor_unpatched")) exit(0, "Unpatched Vulnerabilities Detection not active.");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (empty_or_null(get_one_kb_item("Host/Debian/dpkg-l"))) audit(AUDIT_PACKAGE_LIST_MISSING);

include('linux_unpatched.inc');

var distro_constraints_array = {
  "Ubuntu Linux-16.04": {
    "package_manager": "dpkg-l",
    "constraints": [
      {
        "release": "16.04",
        "pkgs": [
          {"reference": "percona-server-5.6"},
          {"reference": "percona-xtradb-cluster-5.6"}
        ]
      }
    ]
  }
};

var distro_constraints_values = linux_unpatched::get_distro_constraints(distro_constraints_arr:distro_constraints_array);
if (empty_or_null(distro_constraints_values)) audit(AUDIT_HOST_NOT, 'affected');
var report = linux_unpatched::check_unpatched_constraints(distro_constraints_values:distro_constraints_values);

if (!empty_or_null(report))
{
  security_report_v4(
      port       : 0,
      severity   : SECURITY_WARNING,
      extra      : report
  );
  exit(0);
}
else
{
  audit(AUDIT_HOST_NOT, 'affected');
}

18 Aug 2025 00:00Current

5.9Medium risk

Vulners AI Score5.9

CVSS 35.3

CVSS 26.3

EPSS0.00105

SSVC