Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
openvasCopyright (C) 2013 Greenbone AGOPENVAS:1361412562310870990
HistoryMay 02, 2013 - 12:00 a.m.

RedHat Update for mysql RHSA-2013:0772-01

2013-05-0200:00:00
Copyright (C) 2013 Greenbone AG
plugins.openvas.org
10

5.8 Medium

AI Score

Confidence

High

6.5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:P/I:P/A:P

0.029 Low

EPSS

Percentile

90.7%

JSON

The remote host is missing an update for the

# SPDX-FileCopyrightText: 2013 Greenbone AG
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only

if(description)
{
  script_oid("1.3.6.1.4.1.25623.1.0.870990");
  script_version("2024-03-21T05:06:54+0000");
  script_tag(name:"last_modification", value:"2024-03-21 05:06:54 +0000 (Thu, 21 Mar 2024)");
  script_tag(name:"creation_date", value:"2013-05-02 11:03:01 +0530 (Thu, 02 May 2013)");
  script_cve_id("CVE-2012-5614", "CVE-2013-1506", "CVE-2013-1521", "CVE-2013-1531",
                "CVE-2013-1532", "CVE-2013-1544", "CVE-2013-1548", "CVE-2013-1552",
                "CVE-2013-1555", "CVE-2013-2375", "CVE-2013-2378", "CVE-2013-2389",
                "CVE-2013-2391", "CVE-2013-2392");
  script_tag(name:"cvss_base", value:"6.5");
  script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:S/C:P/I:P/A:P");
  script_name("RedHat Update for mysql RHSA-2013:0772-01");

  script_xref(name:"RHSA", value:"2013:0772-01");
  script_xref(name:"URL", value:"https://www.redhat.com/archives/rhsa-announce/2013-April/msg00037.html");
  script_tag(name:"summary", value:"The remote host is missing an update for the 'mysql'
  package(s) announced via the referenced advisory.");
  script_category(ACT_GATHER_INFO);
  script_copyright("Copyright (C) 2013 Greenbone AG");
  script_family("Red Hat Local Security Checks");
  script_dependencies("gather-package-list.nasl");
  script_mandatory_keys("ssh/login/rhel", "ssh/login/rpms", re:"ssh/login/release=RHENT_6");
  script_tag(name:"affected", value:"mysql on Red Hat Enterprise Linux Desktop (v. 6),
  Red Hat Enterprise Linux Server (v. 6),
  Red Hat Enterprise Linux Workstation (v. 6)");
  script_tag(name:"solution", value:"Please Install the Updated Packages.");
  script_tag(name:"insight", value:"MySQL is a multi-user, multi-threaded SQL database server. It consists of
  the MySQL server daemon (mysqld) and many client programs and libraries.

  This update fixes several vulnerabilities in the MySQL database server.
  Information about these flaws can be found on the Oracle Critical Patch
  Update Advisory page, listed in the References section. (CVE-2012-5614,
  CVE-2013-1506, CVE-2013-1521, CVE-2013-1531, CVE-2013-1532, CVE-2013-1544,
  CVE-2013-1548, CVE-2013-1552, CVE-2013-1555, CVE-2013-2375, CVE-2013-2378,
  CVE-2013-2389, CVE-2013-2391, CVE-2013-2392)

  These updated packages upgrade MySQL to version 5.1.69. Refer to the MySQL
  release notes listed in the References section for a full list of changes.

  All MySQL users should upgrade to these updated packages, which correct
  these issues. After installing this update, the MySQL server daemon
  (mysqld) will be restarted automatically.");
  script_tag(name:"qod_type", value:"package");
  script_tag(name:"solution_type", value:"VendorFix");

  exit(0);
}

include("revisions-lib.inc");
include("pkg-lib-rpm.inc");

release = rpm_get_ssh_release();
if(!release) exit(0);

res = "";

if(release == "RHENT_6")
{

  if ((res = isrpmvuln(pkg:"mysql", rpm:"mysql~5.1.69~1.el6_4", rls:"RHENT_6")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"mysql-bench", rpm:"mysql-bench~5.1.69~1.el6_4", rls:"RHENT_6")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"mysql-debuginfo", rpm:"mysql-debuginfo~5.1.69~1.el6_4", rls:"RHENT_6")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"mysql-devel", rpm:"mysql-devel~5.1.69~1.el6_4", rls:"RHENT_6")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"mysql-libs", rpm:"mysql-libs~5.1.69~1.el6_4", rls:"RHENT_6")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"mysql-server", rpm:"mysql-server~5.1.69~1.el6_4", rls:"RHENT_6")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"mysql-test", rpm:"mysql-test~5.1.69~1.el6_4", rls:"RHENT_6")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if (__pkg_match) exit(99);
  exit(0);
}

Related

veracode 15
openvas 24
nessus 25
oraclelinux 1
amazon 2
redhat 1
centos 1
debian 1
ubuntu 2
mariadbunix 13
cve 14
packetstorm 1
ubuntucve 14
prion 14
gentoo 1
thn 1
securityvulns 2
oracle 1
threatpost 1
veracode
veracode
Improper Access Control
2019-05-02 04:44:49
Improper Access Control
2019-05-02 04:44:49
Improper Access Control
2019-05-02 04:44:49
openvas
openvas
Amazon Linux: Security Advisory (ALAS-2013-187)
2015-09-08 00:00:00
RedHat Update for mysql RHSA-2013:0772-01
2013-05-02 00:00:00
CentOS Update for mysql CESA-2013:0772 centos6
2013-05-02 00:00:00
nessus
nessus
Amazon Linux AMI : mysql55 (ALAS-2013-187)
2013-09-04 00:00:00
Amazon Linux AMI : mysql51 (ALAS-2013-186)
2013-09-04 00:00:00
Scientific Linux Security Update : mysql on SL6.x i386/x86_64 (20130425)
2013-04-26 00:00:00
oraclelinux
oraclelinux
mysql security update
2013-04-25 00:00:00
amazon
amazon
Important: mysql55
2013-04-25 20:40:00
Important: mysql51
2013-04-25 20:40:00
redhat
redhat
(RHSA-2013:0772) Important: mysql security update
2013-04-25 00:00:00
centos
centos
mysql security update
2013-04-25 20:16:01
debian
debian
[SECURITY] [DSA 2667-1] mysql-5.5 security update
2013-05-12 19:35:40
ubuntu
ubuntu
MySQL vulnerabilities
2013-04-25 00:00:00
MySQL vulnerabilities
2013-04-25 00:00:00
mariadbunix
mariadbunix
CVE-2012-5614
2012-12-03 12:49:00
CVE-2013-1506
2013-04-17 12:14:00
CVE-2013-2378
2013-04-17 17:55:00
cve
cve
CVE-2012-5614
2012-12-03 12:49:00
CVE-2013-2391
2013-04-17 17:55:00
CVE-2013-1506
2013-04-17 12:14:00
packetstorm
packetstorm
Oracle MySQL 5.5.19-log Denial Of Service
2012-12-03 00:00:00
ubuntucve
ubuntucve
CVE-2013-1506
2013-04-17 00:00:00
CVE-2012-5614
2012-12-03 00:00:00
CVE-2013-2391
2013-04-17 00:00:00
prion
prion
Design/Logic Flaw
2013-04-17 12:14:00
Command injection
2012-12-03 12:49:00
Design/Logic Flaw
2013-04-17 17:55:00
gentoo
gentoo
MySQL: Multiple vulnerabilities
2013-08-29 00:00:00
thn
thn
Multiple MySQL database Zero-day vulnerabilities published
2012-12-03 13:54:00
securityvulns
securityvulns
MySQL multiple security vulnerabilities
2012-12-07 00:00:00
Oracle / Sun / MySQL / PeopleSoft multiple applications security vulnerabilities
2013-05-04 00:00:00
oracle
oracle
Oracle Critical Patch Update - April 2013
2013-04-16 00:00:00
threatpost
threatpost
Experts Downplay MySQL Database Zero-Days
2012-12-03 19:31:06

5.8 Medium

AI Score

Confidence

High

6.5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:P/I:P/A:P

0.029 Low

EPSS

Percentile

90.7%

JSON
Related for OPENVAS:1361412562310870990
veracode15openvas24nessus25oraclelinux1amazon2redhat1centos1debian1ubuntu2mariadbunix13cve14packetstorm1ubuntucve14prion14gentoo1thn1securityvulns2oracle1threatpost1