Huawei EulerOS: Security Advisory for mariadb (EulerOS-SA-2018-1242) - Vulnerability in MySQL Server allowing unauthorized data acces
Reporter | Title | Published | Views | Family All 125 |
---|---|---|---|---|
![]() | CVE-2018-2562 | 18 Jan 201802:29 | – | osv |
![]() | mysql-5.5 - security update | 19 Jan 201800:00 | – | osv |
![]() | mysql-5.5 - security update | 18 Jan 201800:00 | – | osv |
![]() | Red Hat Security Advisory: rh-mysql56-mysql security update | 13 Sep 202415:07 | – | osv |
![]() | mariadb-10.0 - security update | 29 Jun 201800:00 | – | osv |
![]() | Red Hat Security Advisory: rh-mysql57-mysql security update | 13 Sep 202415:07 | – | osv |
![]() | Red Hat Security Advisory: mariadb security and bug fix update | 16 Sep 202401:21 | – | osv |
![]() | mariadb-10.1 - security update | 19 Nov 201800:00 | – | osv |
![]() | Red Hat Security Advisory: rh-mariadb102-mariadb and rh-mariadb102-galera security and bug fix update | 13 Sep 202418:08 | – | osv |
![]() | libmariadbd-devel-10.6.4-2.1 on GA media | 15 Jun 202400:00 | – | osv |
Source | Link |
---|---|
developer | www.developer.huaweicloud.com/intl/en-us/euleros/securitydetail.html |
# SPDX-FileCopyrightText: 2020 Greenbone AG
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only
if(description)
{
script_oid("1.3.6.1.4.1.25623.1.1.2.2018.1242");
script_cve_id("CVE-2018-2562");
script_tag(name:"creation_date", value:"2020-01-23 11:18:34 +0000 (Thu, 23 Jan 2020)");
script_version("2024-02-05T14:36:56+0000");
script_tag(name:"last_modification", value:"2024-02-05 14:36:56 +0000 (Mon, 05 Feb 2024)");
script_tag(name:"cvss_base", value:"7.5");
script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:S/C:N/I:P/A:C");
script_tag(name:"severity_vector", value:"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H");
script_tag(name:"severity_origin", value:"NVD");
script_tag(name:"severity_date", value:"2018-01-19 18:22:10 +0000 (Fri, 19 Jan 2018)");
script_name("Huawei EulerOS: Security Advisory for mariadb (EulerOS-SA-2018-1242)");
script_category(ACT_GATHER_INFO);
script_copyright("Copyright (C) 2020 Greenbone AG");
script_family("Huawei EulerOS Local Security Checks");
script_dependencies("gb_huawei_euleros_consolidation.nasl");
script_mandatory_keys("ssh/login/euleros", "ssh/login/rpms", re:"ssh/login/release=EULEROSVIRT\-2\.5\.0");
script_xref(name:"Advisory-ID", value:"EulerOS-SA-2018-1242");
script_xref(name:"URL", value:"https://developer.huaweicloud.com/intl/en-us/euleros/securitydetail.html?secId=EulerOS-SA-2018-1242");
script_tag(name:"summary", value:"The remote host is missing an update for the Huawei EulerOS 'mariadb' package(s) announced via the EulerOS-SA-2018-1242 advisory.");
script_tag(name:"vuldetect", value:"Checks if a vulnerable package version is present on the target host.");
script_tag(name:"insight", value:"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server : Partition). Supported versions that are affected are 5.5.58 and prior, 5.6.38 and prior and 5.7.19 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well as unauthorized update, insert or delete access to some of MySQL Server accessible data.(CVE-2018-2562)");
script_tag(name:"affected", value:"'mariadb' package(s) on Huawei EulerOS Virtualization 2.5.0.");
script_tag(name:"solution", value:"Please install the updated package(s).");
script_tag(name:"solution_type", value:"VendorFix");
script_tag(name:"qod_type", value:"package");
exit(0);
}
include("revisions-lib.inc");
include("pkg-lib-rpm.inc");
release = rpm_get_ssh_release();
if(!release)
exit(0);
res = "";
report = "";
if(release == "EULEROSVIRT-2.5.0") {
if(!isnull(res = isrpmvuln(pkg:"mariadb", rpm:"mariadb~5.5.56~2.h2", rls:"EULEROSVIRT-2.5.0"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"mariadb-libs", rpm:"mariadb-libs~5.5.56~2.h2", rls:"EULEROSVIRT-2.5.0"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"mariadb-server", rpm:"mariadb-server~5.5.56~2.h2", rls:"EULEROSVIRT-2.5.0"))) {
report += res;
}
if(report != "") {
security_message(data:report);
} else if(__pkg_match) {
exit(99);
}
exit(0);
}
exit(0);
Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo