Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
openvasCopyright (C) 2018 Greenbone Networks GmbHOPENVAS:1361412562310814261
HistoryOct 17, 2018 - 12:00 a.m.

Oracle Mysql Security Update (cpuoct2018 - 03) - Linux

2018-10-1700:00:00
Copyright (C) 2018 Greenbone Networks GmbH
plugins.openvas.org
16

5.5 Medium

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

51.6%

JSON

Oracle MySQL is prone to multiple vulnerabilities.

# Copyright (C) 2018 Greenbone Networks GmbH
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-or-later
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 2
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.

CPE = "cpe:/a:oracle:mysql";

if(description)
{
  script_oid("1.3.6.1.4.1.25623.1.0.814261");
  script_version("2023-11-03T16:10:08+0000");
  script_cve_id("CVE-2018-3186", "CVE-2018-3195", "CVE-2018-3170", "CVE-2018-3279",
                "CVE-2018-3137", "CVE-2018-3286", "CVE-2018-3285", "CVE-2018-3280",
                "CVE-2018-3182", "CVE-2018-3203", "CVE-2018-3145", "CVE-2018-3212");
  script_tag(name:"cvss_base", value:"5.5");
  script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:S/C:N/I:P/A:P");
  script_tag(name:"last_modification", value:"2023-11-03 16:10:08 +0000 (Fri, 03 Nov 2023)");
  script_tag(name:"severity_vector", value:"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H");
  script_tag(name:"severity_origin", value:"NVD");
  script_tag(name:"severity_date", value:"2023-05-31 13:24:00 +0000 (Wed, 31 May 2023)");
  script_tag(name:"creation_date", value:"2018-10-17 11:12:23 +0530 (Wed, 17 Oct 2018)");
  script_name("Oracle Mysql Security Update (cpuoct2018 - 03) - Linux");

  script_tag(name:"summary", value:"Oracle MySQL is prone to multiple vulnerabilities.");

  script_tag(name:"vuldetect", value:"Checks if a vulnerable version is present
  on the target host.");

  script_tag(name:"insight", value:"Multiple flaws exist due to:

  - An unspecified error within 'Server: DML' component of MySQL Server.

  - Multiple unspecified errors within 'Server: Optimizer' component of MySQL
    Server.

  - An unspecified error within 'Server: Parser' component of MySQL Server.

  - Multiple unspecified errors within 'Server: DDL' component of MySQL Server.

  - An unspecified error within 'Server: Information Schema' component of MySQL
    Server.

  - An unspecified error within 'Server: JSON' component of MySQL Server.

  - An unspecified error within 'Server: Security: Roles' component of MySQL Server.

  - An unspecified error within 'Server: Windows' component of MySQL Server.

  - An unspecified error within 'Server: Security: Privileges' component of MySQL
    Server.");

  script_tag(name:"impact", value:"Successful exploitation will allow remote
  attackers to have an impact on integrity and availability.");

  script_tag(name:"affected", value:"Oracle MySQL version 8.x through 8.0.12.");

  script_tag(name:"solution", value:"The vendor has released updates. Please see the references for
  more information.");
  script_tag(name:"solution_type", value:"VendorFix");
  script_tag(name:"qod_type", value:"remote_banner_unreliable");
  script_xref(name:"URL", value:"https://www.oracle.com/security-alerts/cpuoct2018.html#AppendixMSQL");
  script_xref(name:"Advisory-ID", value:"cpuoct2018");

  script_category(ACT_GATHER_INFO);
  script_copyright("Copyright (C) 2018 Greenbone Networks GmbH");
  script_family("Databases");
  script_dependencies("mysql_version.nasl", "os_detection.nasl");
  script_mandatory_keys("MySQL/installed", "Host/runs_unixoide");
  exit(0);
}

include("version_func.inc");
include("host_details.inc");

if(!port = get_app_port(cpe:CPE))
  exit(0);

if(!infos = get_app_version_and_location(cpe:CPE, port:port, exit_no_version:TRUE))
  exit(0);

vers = infos["version"];
path = infos["location"];

if(version_in_range(version:vers, test_version:"8.0", test_version2:"8.0.12")) {
  report = report_fixed_ver(installed_version:vers, fixed_version:"See reference", install_path:path);
  security_message(data:report, port:port);
  exit(0);
}

exit(99);

Related

openvas 6
nessus 4
fedora 5
freebsd 1
ibm 1
prion 12
ubuntucve 12
cve 12
cvelist 12
f5 7
redhatcve 12
osv 12
photon 4
oracle 1
openvas
openvas
Oracle Mysql Security Update (cpuoct2018 - 03) - Windows
2018-10-17 00:00:00
Fedora Update for community-mysql FEDORA-2018-c82fc3e109
2019-05-07 00:00:00
Fedora Update for community-mysql FEDORA-2019-614f1cd5a8
2019-05-07 00:00:00
nessus
nessus
Fedora 29 : community-mysql (2018-c82fc3e109)
2019-01-03 00:00:00
MySQL 8.0.x < 8.0.13 Multiple Vulnerabilities (Oct 2018 CPU) (Jul 2019 CPU)
2018-10-19 00:00:00
FreeBSD : MySQL -- multiple vulnerabilities (ec5072b0-d43a-11e8-a6d2-b499baebfeaf)
2018-10-22 00:00:00
fedora
fedora
[SECURITY] Fedora 29 Update: community-mysql-8.0.13-1.fc29
2018-11-10 03:21:10
[SECURITY] Fedora 29 Update: community-mysql-8.0.15-1.fc29
2019-02-28 20:28:46
[SECURITY] Fedora 29 Update: community-mysql-8.0.16-1.fc29
2019-05-29 02:59:34
freebsd
freebsd
MySQL -- multiple vulnerabilities
2018-10-16 00:00:00
ibm
ibm
Security Bulletin: IBM Security Guardium is affected by a publicly disclosed vulnerability from Oracle MySQL
2019-03-06 20:10:01
prion
prion
Code injection
2018-10-17 01:31:00
Code injection
2018-10-17 01:31:00
Code injection
2018-10-17 01:31:00
ubuntucve
ubuntucve
CVE-2018-3203
2018-10-17 00:00:00
CVE-2018-3285
2018-10-17 00:00:00
CVE-2018-3280
2018-10-17 00:00:00
cve
cve
CVE-2018-3203
2018-10-17 01:31:00
CVE-2018-3285
2018-10-17 01:31:00
CVE-2018-3280
2018-10-17 01:31:00
cvelist
cvelist
CVE-2018-3203
2018-10-17 01:00:00
CVE-2018-3285
2018-10-17 01:00:00
CVE-2018-3279
2018-10-17 01:00:00
f5
f5
K04320238 : MySQL vulnerabilities CVE-2018-3276, CVE-2018-3277, CVE-2018-3278, CVE-2018-3279, and CVE-2018-3280
2018-11-16 00:00:00
K50148721 : MySQL vulnerabilities CVE-2018-3282, CVE-2018-3283, CVE-2018-3284, CVE-2018-3285, and CVE-2018-3286
2018-11-16 00:00:00
K63470526 : MySQL vulnerabilities CVE-2018-3203, CVE-2018-3212, CVE-2018-3247, CVE-2018-3251, and CVE-2018-3258
2018-11-16 00:00:00
redhatcve
redhatcve
CVE-2018-3203
2018-10-17 21:00:51
CVE-2018-3286
2020-01-10 09:25:52
CVE-2018-3285
2020-01-08 21:24:18
osv
osv
CVE-2018-3285
2018-10-17 01:31:29
CVE-2018-3203
2018-10-17 01:31:22
CVE-2018-3280
2018-10-17 01:31:29
photon
photon
Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2019-2.0-0152
2019-04-23 00:00:00
Critical Photon OS Security Update - PHSA-2019-0152
2019-04-23 00:00:00
Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2019-1.0-0212
2019-03-05 00:00:00
oracle
oracle
Oracle Critical Patch Update - October 2018
2018-12-18 00:00:00

5.5 Medium

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

51.6%

JSON
Related for OPENVAS:1361412562310814261
openvas6nessus4fedora5freebsd1ibm1prion12ubuntucve12cve12cvelist12f57redhatcve12osv12photon4oracle1