Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
osvGoogleOSV:DLA-75-1
HistoryOct 22, 2014 - 12:00 a.m.

mysql-5.1 - security update

2014-10-2200:00:00
Google
osv.dev
5

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

JSON

This update fixes one important vulnerability (CVE-2014-4274) and batches
together two other minor fixes (CVE-2013-2162, CVE-2014-0001).

  • CVE-2014-4274
    Insecure handling of a temporary file that could lead to execution
    of arbitrary code through the creation of a mysql configuration file
    pointing to an attacker-controlled plugin_dir.
  • CVE-2013-2162
    Insecure creation of the debian.cnf credential file. Credentials could
    be stolen by a local user monitoring that file while the package gets
    installed.
  • CVE-2014-0001
    Buffer overrun in the MySQL client when the server sends a version
    string that is too big for the allocated buffer.

For Debian 6 Squeeze, these issues have been fixed in mysql-5.1 version 5.1.73-1+deb6u1

Related

debian 7
openvas 56
nessus 43
prion 3
mariadbunix 1
ubuntucve 3
cve 3
mageia 1
veracode 8
osv 3
slackware 1
checkpoint_advisories 1
ubuntu 3
oraclelinux 4
redhat 10
amazon 1
centos 6
fedora 9
f5 2
suse 3
gentoo 1
oracle 2
securityvulns 1
debian
debian
[SECURITY] [DLA 75-1] mysql-5.1 security update
2014-10-22 06:46:31
[SECURITY] [DSA 2919-1] mysql-5.5 security update
2014-05-03 08:06:27
[SECURITY] [DSA 2919-1] mysql-5.5 security update
2014-05-03 08:06:27
openvas
openvas
Debian: Security Advisory (DLA-75-1)
2023-03-08 00:00:00
Mageia: Security Advisory (MGASA-2014-0377)
2022-01-28 00:00:00
MariaDB Client Version Handling Remote Buffer Overflow Vulnerability - Windows
2014-02-03 00:00:00
nessus
nessus
Debian DLA-75-1 : mysql-5.1 security update
2015-03-26 00:00:00
MySQL debian.cnf Plaintext Credential Disclosure
2014-01-08 00:00:00
Slackware 13.0 / 13.1 / 13.37 / 14.0 / 14.1 / current : mariadb, mysql (SSA:2014-050-02)
2014-02-20 00:00:00
prion
prion
Design/Logic Flaw
2014-10-15 15:55:00
Race condition
2013-08-19 13:07:00
Buffer overflow
2014-01-31 23:55:00
mariadbunix
mariadbunix
CVE-2014-4274
2014-10-15 15:55:00
ubuntucve
ubuntucve
CVE-2014-4274
2014-09-10 00:00:00
CVE-2013-2162
2013-06-10 00:00:00
CVE-2014-0001
2014-01-31 00:00:00
cve
cve
CVE-2014-4274
2014-10-15 15:55:00
CVE-2013-2162
2013-08-19 13:07:00
CVE-2014-0001
2014-01-31 23:55:00
mageia
mageia
Updated mariadb packages fix CVE-2014-4274
2014-09-15 14:36:30
veracode
veracode
Privilege Escalation
2019-05-02 05:04:50
Denial Of Service (DoS)
2019-05-02 04:56:40
Denial Of Service (DoS)
2019-05-02 04:56:40
osv
osv
mysql-5.5 - several
2013-12-16 00:00:00
mysql-5.5 - security update
2014-05-03 00:00:00
mysql-5.5 - security update
2014-10-20 00:00:00
slackware
slackware
mariadb, mysql
2014-02-19 20:24:35
checkpoint_advisories
checkpoint_advisories
Oracle MySQL Client Heap Buffer Overflow (CVE-2014-0001)
2014-03-16 00:00:00
ubuntu
ubuntu
MySQL vulnerabilities
2013-07-25 00:00:00
MySQL vulnerabilities
2014-04-23 00:00:00
MySQL vulnerabilities
2014-10-15 00:00:00
oraclelinux
oraclelinux
mysql security and bug fix update
2014-02-12 00:00:00
mysql55-mysql security update
2014-02-18 00:00:00
mysql55-mysql security update
2014-11-17 00:00:00
redhat
redhat
(RHSA-2014:0164) Moderate: mysql security and bug fix update
2014-02-12 00:00:00
(RHSA-2014:0189) Moderate: mariadb55-mariadb security update
2014-02-19 00:00:00
(RHSA-2014:0173) Moderate: mysql55-mysql security update
2014-02-13 00:00:00
amazon
amazon
Medium: mysql51
2014-03-06 14:56:00
centos
centos
mysql security update
2014-02-12 19:48:34
mysql55 security update
2014-02-19 17:28:37
mariadb55 security update
2014-02-26 15:32:19
fedora
fedora
[SECURITY] Fedora 20 Update: community-mysql-5.5.37-1.fc20
2014-04-29 05:25:43
[SECURITY] Fedora 19 Update: community-mysql-5.5.37-1.fc19
2014-04-29 05:28:52
[SECURITY] Fedora 20 Update: mariadb-galera-5.5.40-2.fc20
2014-12-03 01:02:24
f5
f5
SOL15725 - Multiple 5.5.x and 5.6.x MySQL vulnerabilities
2014-10-23 00:00:00
K15725 : Multiple 5.5.x and 5.6.x MySQL vulnerabilities
2014-10-23 00:00:00
suse
suse
Security update for MySQL (important)
2015-03-28 01:04:56
Security update for MySQL (important)
2014-06-07 00:04:26
Security update for mariadb (important)
2015-04-21 19:05:04
gentoo
gentoo
MySQL: Multiple vulnerabilities
2014-09-04 00:00:00
oracle
oracle
Oracle Critical Patch Update - April 2014
2014-04-15 00:00:00
Oracle Critical Patch Update - October 2014
2014-10-14 00:00:00
securityvulns
securityvulns
Oracle / Sun / PeopleSoft / MySQL multiple security vulnerabilities
2014-11-03 00:00:00

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

JSON
Related for OSV:DLA-75-1
debian7openvas56nessus43prion3mariadbunix1ubuntucve3cve3mageia1veracode8osv3slackware1checkpoint_advisories1ubuntu3oraclelinux4redhat10amazon1centos6fedora9f52suse3gentoo1oracle2securityvulns1