The remote host is missing an update for the Debian 'mysql-5.5' package(s) announced via the DSA-3834-1 advisory
Reporter | Title | Published | Views | Family All 199 |
---|---|---|---|---|
OpenVAS | Debian: Security Advisory (DLA-916-1) | 16 Jan 201800:00 | – | openvas |
OpenVAS | Debian Security Advisory DSA 3834-1 (mysql-5.5 - security update) | 25 Apr 201700:00 | – | openvas |
OpenVAS | Oracle Mysql Security Updates (apr2017-3236618) 02 - Windows | 19 Apr 201700:00 | – | openvas |
OpenVAS | SUSE: Security Advisory (SUSE-SU-2017:1137-1) | 9 Jun 202100:00 | – | openvas |
OpenVAS | Oracle Mysql Security Updates (apr2017-3236618) 02 - Linux | 19 Apr 201700:00 | – | openvas |
OpenVAS | openSUSE: Security Advisory for mysql-community-server (openSUSE-SU-2017:1209-1) | 9 May 201700:00 | – | openvas |
OpenVAS | SUSE: Security Advisory (SUSE-SU-2017:2035-1) | 19 Apr 202100:00 | – | openvas |
OpenVAS | openSUSE: Security Advisory for mariadb (openSUSE-SU-2017:2119-1) | 10 Aug 201700:00 | – | openvas |
OpenVAS | Slackware: Security Advisory (SSA:2017-195-01) | 21 Apr 202200:00 | – | openvas |
OpenVAS | SUSE: Security Advisory (SUSE-SU-2017:2034-1) | 19 Apr 202100:00 | – | openvas |
# SPDX-FileCopyrightText: 2017 Greenbone AG
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only
if(description)
{
script_oid("1.3.6.1.4.1.25623.1.0.703834");
script_cve_id("CVE-2017-3302", "CVE-2017-3305", "CVE-2017-3308", "CVE-2017-3309", "CVE-2017-3329", "CVE-2017-3453", "CVE-2017-3456", "CVE-2017-3461", "CVE-2017-3462", "CVE-2017-3463", "CVE-2017-3464", "CVE-2017-3600");
script_tag(name:"creation_date", value:"2017-04-24 22:00:00 +0000 (Mon, 24 Apr 2017)");
script_version("2024-02-02T05:06:06+0000");
script_tag(name:"last_modification", value:"2024-02-02 05:06:06 +0000 (Fri, 02 Feb 2024)");
script_tag(name:"cvss_base", value:"6.3");
script_tag(name:"cvss_base_vector", value:"AV:N/AC:M/Au:S/C:C/I:N/A:N");
script_tag(name:"severity_vector", value:"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H");
script_tag(name:"severity_origin", value:"NVD");
script_tag(name:"severity_date", value:"2017-05-04 13:06:46 +0000 (Thu, 04 May 2017)");
script_name("Debian: Security Advisory (DSA-3834-1)");
script_category(ACT_GATHER_INFO);
script_copyright("Copyright (C) 2017 Greenbone AG");
script_family("Debian Local Security Checks");
script_dependencies("gather-package-list.nasl");
script_mandatory_keys("ssh/login/debian_linux", "ssh/login/packages", re:"ssh/login/release=DEB8");
script_xref(name:"Advisory-ID", value:"DSA-3834-1");
script_xref(name:"URL", value:"https://www.debian.org/security/2017/DSA-3834-1");
script_xref(name:"URL", value:"https://security-tracker.debian.org/tracker/DSA-3834");
script_xref(name:"URL", value:"https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-55.html");
script_xref(name:"URL", value:"http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html");
script_tag(name:"summary", value:"The remote host is missing an update for the Debian 'mysql-5.5' package(s) announced via the DSA-3834-1 advisory.");
script_tag(name:"vuldetect", value:"Checks if a vulnerable package version is present on the target host.");
script_tag(name:"insight", value:"Several issues have been discovered in the MySQL database server. The vulnerabilities are addressed by upgrading MySQL to the new upstream version 5.5.55, which includes additional changes, such as performance improvements, bug fixes, new features, and possibly incompatible changes. Please see the MySQL 5.5 Release Notes and Oracle's Critical Patch Update advisory for further details:
[link moved to references]
[link moved to references]
For the stable distribution (jessie), these problems have been fixed in version 5.5.55-0+deb8u1.
We recommend that you upgrade your mysql-5.5 packages.");
script_tag(name:"affected", value:"'mysql-5.5' package(s) on Debian 8.");
script_tag(name:"solution", value:"Please install the updated package(s).");
script_tag(name:"solution_type", value:"VendorFix");
script_tag(name:"qod_type", value:"package");
exit(0);
}
include("revisions-lib.inc");
include("pkg-lib-deb.inc");
release = dpkg_get_ssh_release();
if(!release)
exit(0);
res = "";
report = "";
if(release == "DEB8") {
if(!isnull(res = isdpkgvuln(pkg:"libmysqlclient-dev", ver:"5.5.55-0+deb8u1", rls:"DEB8"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"libmysqlclient18", ver:"5.5.55-0+deb8u1", rls:"DEB8"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"libmysqld-dev", ver:"5.5.55-0+deb8u1", rls:"DEB8"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"libmysqld-pic", ver:"5.5.55-0+deb8u1", rls:"DEB8"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"mysql-client", ver:"5.5.55-0+deb8u1", rls:"DEB8"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"mysql-client-5.5", ver:"5.5.55-0+deb8u1", rls:"DEB8"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"mysql-common", ver:"5.5.55-0+deb8u1", rls:"DEB8"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"mysql-server", ver:"5.5.55-0+deb8u1", rls:"DEB8"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"mysql-server-5.5", ver:"5.5.55-0+deb8u1", rls:"DEB8"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"mysql-server-core-5.5", ver:"5.5.55-0+deb8u1", rls:"DEB8"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"mysql-source-5.5", ver:"5.5.55-0+deb8u1", rls:"DEB8"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"mysql-testsuite", ver:"5.5.55-0+deb8u1", rls:"DEB8"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"mysql-testsuite-5.5", ver:"5.5.55-0+deb8u1", rls:"DEB8"))) {
report += res;
}
if(report != "") {
security_message(data:report);
} else if(__pkg_match) {
exit(99);
}
exit(0);
}
exit(0);
Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo