Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
openvasCopyright (C) 2016 Greenbone AGOPENVAS:1361412562310842616
HistoryJan 27, 2016 - 12:00 a.m.

Ubuntu: Security Advisory (USN-2881-1)

2016-01-2700:00:00
Copyright (C) 2016 Greenbone AG
plugins.openvas.org
17

6.9 Medium

AI Score

Confidence

High

0.006 Low

EPSS

Percentile

78.4%

JSON

The remote host is missing an update for the

# SPDX-FileCopyrightText: 2016 Greenbone AG
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only

if(description)
{
  script_oid("1.3.6.1.4.1.25623.1.0.842616");
  script_cve_id("CVE-2016-0503", "CVE-2016-0504", "CVE-2016-0505", "CVE-2016-0546", "CVE-2016-0595", "CVE-2016-0596", "CVE-2016-0597", "CVE-2016-0598", "CVE-2016-0600", "CVE-2016-0606", "CVE-2016-0607", "CVE-2016-0608", "CVE-2016-0609", "CVE-2016-0610", "CVE-2016-0611", "CVE-2016-0616");
  script_tag(name:"creation_date", value:"2016-01-27 04:12:51 +0000 (Wed, 27 Jan 2016)");
  script_version("2024-02-02T05:06:05+0000");
  script_tag(name:"last_modification", value:"2024-02-02 05:06:05 +0000 (Fri, 02 Feb 2024)");
  script_tag(name:"cvss_base", value:"7.2");
  script_tag(name:"cvss_base_vector", value:"AV:L/AC:L/Au:N/C:C/I:C/A:C");

  script_name("Ubuntu: Security Advisory (USN-2881-1)");
  script_category(ACT_GATHER_INFO);
  script_copyright("Copyright (C) 2016 Greenbone AG");
  script_family("Ubuntu Local Security Checks");
  script_dependencies("gather-package-list.nasl");
  script_mandatory_keys("ssh/login/ubuntu_linux", "ssh/login/packages", re:"ssh/login/release=UBUNTU(12\.04\ LTS|14\.04\ LTS|15\.04|15\.10)");

  script_xref(name:"Advisory-ID", value:"USN-2881-1");
  script_xref(name:"URL", value:"https://ubuntu.com/security/notices/USN-2881-1");
  script_xref(name:"URL", value:"http://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-47.html");
  script_xref(name:"URL", value:"http://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-28.html");
  script_xref(name:"URL", value:"http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html");

  script_tag(name:"summary", value:"The remote host is missing an update for the 'mysql-5.5, mysql-5.6' package(s) announced via the USN-2881-1 advisory.");

  script_tag(name:"vuldetect", value:"Checks if a vulnerable package version is present on the target host.");

  script_tag(name:"insight", value:"Multiple security issues were discovered in MySQL and this update includes
new upstream MySQL versions to fix these issues.

MySQL has been updated to 5.5.47 in Ubuntu 12.04 LTS and Ubuntu 14.04 LTS.
Ubuntu 15.04 and Ubuntu 15.10 have been updated to MySQL 5.6.28.

In addition to security fixes, the updated packages contain bug fixes,
new features, and possibly incompatible changes.

Please see the following for more information:
[link moved to references]
[link moved to references]
[link moved to references]");

  script_tag(name:"affected", value:"'mysql-5.5, mysql-5.6' package(s) on Ubuntu 12.04, Ubuntu 14.04, Ubuntu 15.04, Ubuntu 15.10.");

  script_tag(name:"solution", value:"Please install the updated package(s).");

  script_tag(name:"solution_type", value:"VendorFix");
  script_tag(name:"qod_type", value:"package");

  exit(0);
}

include("revisions-lib.inc");
include("pkg-lib-deb.inc");

release = dpkg_get_ssh_release();
if(!release)
  exit(0);

res = "";
report = "";

if(release == "UBUNTU12.04 LTS") {

  if(!isnull(res = isdpkgvuln(pkg:"mysql-server-5.5", ver:"5.5.47-0ubuntu0.12.04.1", rls:"UBUNTU12.04 LTS"))) {
    report += res;
  }

  if(report != "") {
    security_message(data:report);
  } else if(__pkg_match) {
    exit(99);
  }
  exit(0);
}

if(release == "UBUNTU14.04 LTS") {

  if(!isnull(res = isdpkgvuln(pkg:"mysql-server-5.5", ver:"5.5.47-0ubuntu0.14.04.1", rls:"UBUNTU14.04 LTS"))) {
    report += res;
  }

  if(report != "") {
    security_message(data:report);
  } else if(__pkg_match) {
    exit(99);
  }
  exit(0);
}

if(release == "UBUNTU15.04") {

  if(!isnull(res = isdpkgvuln(pkg:"mysql-server-5.6", ver:"5.6.28-0ubuntu0.15.04.1", rls:"UBUNTU15.04"))) {
    report += res;
  }

  if(report != "") {
    security_message(data:report);
  } else if(__pkg_match) {
    exit(99);
  }
  exit(0);
}

if(release == "UBUNTU15.10") {

  if(!isnull(res = isdpkgvuln(pkg:"mysql-server-5.6", ver:"5.6.28-0ubuntu0.15.10.1", rls:"UBUNTU15.10"))) {
    report += res;
  }

  if(report != "") {
    security_message(data:report);
  } else if(__pkg_match) {
    exit(99);
  }
  exit(0);
}

exit(0);

Related

nessus 34
ibm 1
openvas 34
kaspersky 1
f5 2
fedora 4
ubuntucve 16
cvelist 16
prion 16
oraclelinux 1
redhat 6
centos 1
amazon 2
mariadbunix 11
cve 16
veracode 16
oracle 1
nessus
nessus
Oracle MySQL 5.6.x < 5.6.28 Multiple Vulnerabilities
2016-04-15 00:00:00
Oracle MySQL 5.6.x < 5.6.28 Multiple Vulnerabilities (January 2016 CPU)
2016-01-26 00:00:00
MySQL 5.6.x < 5.6.28 Multiple Vulnerabilities
2015-12-16 00:00:00
ibm
ibm
Security Bulletin: IBM Security Guardium is affected by OpenSource Oracle MySQL Vulnerability (multiple CVEs)
2018-06-16 21:40:13
openvas
openvas
Debian Security Advisory DSA 3459-1 (mysql-5.5 - security update)
2016-01-28 00:00:00
Debian: Security Advisory (DLA-409-1)
2023-03-08 00:00:00
Debian: Security Advisory (DSA-3459-1)
2016-01-27 00:00:00
kaspersky
kaspersky
KLA10749 Multiple vulnerabilities in MariaDB
2016-01-27 00:00:00
f5
f5
K77508618 : Multiple Oracle MySQL vulnerabilities
2017-05-06 00:00:00
K85298305 : Multiple MySQL vulnerabilities
2017-05-08 00:00:00
fedora
fedora
[SECURITY] Fedora 23 Update: mariadb-10.0.23-1.fc23
2016-02-21 16:34:44
[SECURITY] Fedora 22 Update: mariadb-10.0.23-1.fc22
2016-03-05 22:51:47
[SECURITY] Fedora 23 Update: community-mysql-5.6.29-1.fc23
2016-03-09 20:22:00
ubuntucve
ubuntucve
CVE-2016-0504
2016-01-20 00:00:00
CVE-2016-0503
2016-01-20 00:00:00
CVE-2016-0546
2016-01-20 00:00:00
cvelist
cvelist
CVE-2016-0504
2016-01-21 02:00:00
CVE-2016-0503
2016-01-21 02:00:00
CVE-2016-0611
2016-01-21 02:00:00
prion
prion
Design/Logic Flaw
2016-01-21 03:00:00
Design/Logic Flaw
2016-01-21 03:00:00
Design/Logic Flaw
2016-01-21 03:02:00
oraclelinux
oraclelinux
mariadb security and bug fix update
2016-03-31 00:00:00
redhat
redhat
(RHSA-2016:22610) Moderate: mariadb security and bug fix update
2016-02-03 05:00:00
(RHSA-2016:0534) Moderate: mariadb security and bug fix update
2016-03-31 14:15:24
(RHSA-2016:0705) Critical: rh-mysql56-mysql security update
2016-05-02 12:15:44
centos
centos
mariadb security update
2016-03-31 20:53:35
amazon
amazon
Important: mysql56
2016-04-06 14:40:00
Important: mysql55
2016-08-17 13:30:00
mariadbunix
mariadbunix
CVE-2016-0546
2016-01-21 03:01:00
CVE-2016-0610
2016-01-21 03:02:00
CVE-2016-0596
2016-01-21 03:02:00
cve
cve
CVE-2016-0546
2016-01-21 03:01:33
CVE-2016-0595
2016-01-21 03:02:23
CVE-2016-0504
2016-01-21 03:00:52
veracode
veracode
Memory Corruption
2019-05-02 05:29:18
Denial Of Service (DoS)
2019-05-02 05:29:18
Denial Of Service (DoS)
2019-05-02 05:29:18
oracle
oracle
Oracle Critical Patch Update - January 2016
2016-01-19 00:00:00

6.9 Medium

AI Score

Confidence

High

0.006 Low

EPSS

Percentile

78.4%

JSON
Related for OPENVAS:1361412562310842616
nessus34ibm1openvas34kaspersky1f52fedora4ubuntucve16cvelist16prion16oraclelinux1redhat6centos1amazon2mariadbunix11cve16veracode16oracle1