176 matches found
SUSE-SU-2018:1450-1 Security update for perl-DBD-mysql
This update for perl-DBD-mysql fixes the following issues: - CVE-2017-10789: The DBD::mysql module when with mysqlssl=1 setting enabled, means that SSL is optional even though this setting's documentation has a 'your communication with the server will be encrypted' statement, which could lead...
Fedora 27 : perl-DBD-MySQL (2017-874bd165c0)
Security fix for CVE-2017-10789 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 7030...
MGASA-2018-0031 Updated perl-DBD-mysql packages fix security vulnerability
Pali Rohar discovered that DBD::mysql constructed an error message in a fixed-length buffer, leading to a crash FORTIFYSOURCE failure and, potentially, to denial of service CVE-2016-1246. A vulnerability was discovered in perl-DBD-MySQL that can lead to an out-of-bounds read when using server sid...
Updated perl-DBD-mysql packages fix security vulnerability
Pali Rohar discovered that DBD::mysql constructed an error message in a fixed-length buffer, leading to a crash FORTIFYSOURCE failure and, potentially, to denial of service CVE-2016-1246. A vulnerability was discovered in perl-DBD-MySQL that can lead to an out-of-bounds read when using server sid...
Fedora Update for perl-DBD-MySQL FEDORA-2017-874bd165c0
The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] Fedora 27 Update: perl-DBD-MySQL-4.043-6.fc27
DBD::mysql is the Perl5 Database Interface driver for the MySQL database. In other words: DBD::mysql is an interface between the Perl programming langua ge and the MySQL programming API that comes with the MySQL relational database management system...
Fedora 26 : perl-DBD-MySQL (2017-42e41e9d25)
Updated to the latest version; Security fix for CVE-2017-10788 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing...
Fedora 25 : perl-DBD-MySQL (2017-486371ff24)
Updated to the latest version; Security fix for CVE-2017-10788 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing...
Fedora Update for perl-DBD-MySQL FEDORA-2017-486371ff24
The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] Fedora 25 Update: perl-DBD-MySQL-4.043-1.fc25
DBD::mysql is the Perl5 Database Interface driver for the MySQL database. In other words: DBD::mysql is an interface between the Perl programming langua ge and the MySQL programming API that comes with the MySQL relational database management system...
[SECURITY] Fedora 26 Update: perl-DBD-MySQL-4.043-1.fc26
DBD::mysql is the Perl5 Database Interface driver for the MySQL database. In other words: DBD::mysql is an interface between the Perl programming langua ge and the MySQL programming API that comes with the MySQL relational database management system...
CVE-2017-10789
The DBD::mysql module through 4.043 for Perl uses the mysqlssl=1 setting to mean that SSL is optional even though this setting's documentation has a "your communication with the server will be encrypted" statement, which allows man-in-the-middle attackers to spoof servers via a cleartext-downgrad...
CVE-2017-10788
The DBD::mysql module through 4.043 for Perl allows remote attackers to cause a denial of service use-after-free and application crash or possibly have unspecified other impact by triggering 1 certain error responses from a MySQL server or 2 a loss of a network connection to a MySQL server. The...
Perl DBD::mysql Module Man-in-the-Middle Security Bypass Vulnerability Vulnerability
Perl is a programming language.DBD::mysql is a Perl5 Database Interface DBI driver module for one of the MySQL... A security vulnerability exists in the Perl DBD::mysql module version 4.043 and earlier. An attacker can exploit this vulnerability to conduct a man-in-the-middle attack and impersona...
CVE-2017-10789
The DBD::mysql module through 4.043 for Perl uses the mysqlssl=1 setting to mean that SSL is optional even though this setting's documentation has a "your communication with the server will be encrypted" statement, which allows man-in-the-middle attackers to spoof servers via a cleartext-downgrad...
CVE-2017-10788
The DBD::mysql module through 4.043 for Perl allows remote attackers to cause a denial of service use-after-free and application crash or possibly have unspecified other impact by triggering 1 certain error responses from a MySQL server or 2 a loss of a network connection to a MySQL server. The...
CVE-2017-10789
The DBD::mysql module through 4.043 for Perl uses the mysqlssl=1 setting to mean that SSL is optional even though this setting's documentation has a "your communication with the server will be encrypted" statement, which allows man-in-the-middle attackers to spoof servers via a cleartext-downgrad...
CVE-2017-10788
The DBD::mysql module through 4.043 for Perl allows remote attackers to cause a denial of service use-after-free and application crash or possibly have unspecified other impact by triggering 1 certain error responses from a MySQL server or 2 a loss of a network connection to a MySQL server. The...
Sql injection
The DBD::mysql module through 4.043 for Perl uses the mysqlssl=1 setting to mean that SSL is optional even though this setting's documentation has a "your communication with the server will be encrypted" statement, which allows man-in-the-middle attackers to spoof servers via a cleartext-downgrad...
CVE-2017-10789
The DBD::mysql module through 4.043 for Perl uses the mysqlssl=1 setting to mean that SSL is optional even though this setting's documentation has a "your communication with the server will be encrypted" statement, which allows man-in-the-middle attackers to spoof servers via a cleartext-downgrad...