Lucene search
Copyright (C) 2015 Greenbone Networks GmbHOPENVAS:1361412562310120297HistorySep 08, 2015 - 12:00 a.m.
Amazon Linux: Security Advisory (ALAS-2012-92)
2015-09-0800:00:00
Copyright (C) 2015 Greenbone Networks GmbH
plugins.openvas.org
14
5.5 Medium
AI Score
Confidence
High
3.5 Low
CVSS2
Access Vector
Access Complexity
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:M/Au:S/C:N/I:N/A:P
0.029 Low
EPSS
Percentile
90.8%
The remote host is missing an update for the
# Copyright (C) 2015 Greenbone Networks GmbH
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-or-later
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 2
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
if(description)
{
script_oid("1.3.6.1.4.1.25623.1.0.120297");
script_cve_id("CVE-2012-2102");
script_tag(name:"creation_date", value:"2015-09-08 11:23:05 +0000 (Tue, 08 Sep 2015)");
script_version("2022-01-07T14:04:51+0000");
script_tag(name:"last_modification", value:"2022-01-07 14:04:51 +0000 (Fri, 07 Jan 2022)");
script_tag(name:"cvss_base", value:"3.5");
script_tag(name:"cvss_base_vector", value:"AV:N/AC:M/Au:S/C:N/I:N/A:P");
script_name("Amazon Linux: Security Advisory (ALAS-2012-92)");
script_category(ACT_GATHER_INFO);
script_copyright("Copyright (C) 2015 Greenbone Networks GmbH");
script_family("Amazon Linux Local Security Checks");
script_dependencies("gather-package-list.nasl");
script_mandatory_keys("ssh/login/amazon_linux", "ssh/login/release");
script_xref(name:"Advisory-ID", value:"ALAS-2012-92");
script_xref(name:"URL", value:"https://alas.aws.amazon.com/ALAS-2012-92.html");
script_tag(name:"summary", value:"The remote host is missing an update for the 'mysql51' package(s) announced via the ALAS-2012-92 advisory.");
script_tag(name:"vuldetect", value:"Checks if a vulnerable package version is present on the target host.");
script_tag(name:"insight", value:"A flaw was found in the way MySQL processed HANDLER READ NEXT statements after deleting a record. A remote, authenticated attacker could use this flaw to provide such requests, causing mysqld to crash. This issue only caused a temporary denial of service, as mysqld was automatically restarted after the crash. (CVE-2012-2102)");
script_tag(name:"affected", value:"'mysql51' package(s) on Amazon Linux.");
script_tag(name:"solution", value:"Please install the updated package(s).");
script_tag(name:"solution_type", value:"VendorFix");
script_tag(name:"qod_type", value:"package");
exit(0);
}
include("revisions-lib.inc");
include("pkg-lib-rpm.inc");
release = rpm_get_ssh_release();
if(!release)
exit(0);
res = "";
report = "";
if(release == "AMAZON") {
if(!isnull(res = isrpmvuln(pkg:"mysql51", rpm:"mysql51~5.1.61~4.54.amzn1", rls:"AMAZON"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"mysql51-bench", rpm:"mysql51-bench~5.1.61~4.54.amzn1", rls:"AMAZON"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"mysql51-common", rpm:"mysql51-common~5.1.61~4.54.amzn1", rls:"AMAZON"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"mysql51-debuginfo", rpm:"mysql51-debuginfo~5.1.61~4.54.amzn1", rls:"AMAZON"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"mysql51-devel", rpm:"mysql51-devel~5.1.61~4.54.amzn1", rls:"AMAZON"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"mysql51-embedded", rpm:"mysql51-embedded~5.1.61~4.54.amzn1", rls:"AMAZON"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"mysql51-embedded-devel", rpm:"mysql51-embedded-devel~5.1.61~4.54.amzn1", rls:"AMAZON"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"mysql51-libs", rpm:"mysql51-libs~5.1.61~4.54.amzn1", rls:"AMAZON"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"mysql51-server", rpm:"mysql51-server~5.1.61~4.54.amzn1", rls:"AMAZON"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"mysql51-test", rpm:"mysql51-test~5.1.61~4.54.amzn1", rls:"AMAZON"))) {
report += res;
}
if(report != "") {
security_message(data:report);
} else if(__pkg_match) {
exit(99);
}
exit(0);
}
exit(0);
Related
openvas
openvas
CentOS Update for mysql CESA-2012:0874 centos6
2012-07-30 00:00:00
Oracle: Security Advisory (ELSA-2012-0874)
2015-10-06 00:00:00
CentOS Update for mysql CESA-2012:0874 centos6
2012-07-30 00:00:00
amazon
amazon
Low: mysql51
2012-07-05 13:59:00
cve
cve
CVE-2012-2102
2012-08-17 00:55:03
nessus
nessus
RHEL 6 : mysql (RHSA-2012:0874)
2012-06-20 00:00:00
Scientific Linux Security Update : mysql on SL6.x i386/x86_64 (20120620)
2012-08-01 00:00:00
Amazon Linux AMI : mysql51 (ALAS-2012-92)
2013-09-04 00:00:00
cvelist
cvelist
CVE-2012-2102
2012-08-17 00:00:00
centos
centos
mysql security update
2012-07-10 17:24:18
oraclelinux
oraclelinux
mysql security and enhancement update
2012-06-27 00:00:00
ubuntucve
ubuntucve
CVE-2012-2102
2012-08-17 00:00:00
redhat
redhat
(RHSA-2012:0874) Low: mysql security and enhancement update
2012-06-20 00:00:00
veracode
veracode
Denial Of Service (DoS)
2019-01-15 08:52:35
nvd
nvd
CVE-2012-2102
2012-08-17 00:55:03
prion
prion
Design/Logic Flaw
2012-08-17 00:55:00
gentoo
gentoo
MySQL: Multiple vulnerabilities
2013-08-29 00:00:00
5.5 Medium
AI Score
Confidence
High
3.5 Low
CVSS2
Access Vector
Access Complexity
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:M/Au:S/C:N/I:N/A:P
0.029 Low
EPSS
Percentile
90.8%
Related for OPENVAS:1361412562310120297