RHEL 5 : perl-dbd-mysql (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - perl-DBD-MySQL: Use-after-free when calling mysqlstmterror after mysqlstmtclose CVE-2017-10788 - Buffer...

EulerOS 2.0 SP3 : perl-DBD-MySQL (EulerOS-SA-2021-1828)

According to the versions of the perl-DBD-MySQL package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - The DBD::mysql module before 4.039 for Perl, when using server-side prepared statement support, allows attackers to cause a denial of...

EulerOS Virtualization 3.0.2.6 : perl-DBD-MySQL (EulerOS-SA-2021-1447)

According to the versions of the perl-DBD-MySQL package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - Buffer overflow in the DBD::mysql module before 4.037 for Perl allows context-dependent attackers to cause a denial of...

Updated perl-DBD-mysql packages fix security vulnerabilities

Updated perl-DBD-mysql package fixes security vulnerabilities: The DBD::mysql Perl module through 4.043 for Perl allows remote attackers to cause a denial of service use-after-free and application crash or possibly have unspecified other impact by triggering certain error responses from a MySQL...

Buffer overflow

Oracle MySQL before 5.7.3, Oracle MySQL Connector/C aka libmysqlclient before 6.1.3, and MariaDB before 5.5.44 use the --ssl option to mean that SSL is optional, which allows man-in-the-middle attackers to spoof servers via a cleartext-downgrade attack, aka a "BACKRONYM" attack...

CVE-2015-8838

ext/mysqlnd/mysqlnd.c in PHP before 5.4.43, 5.5.x before 5.5.27, and 5.6.x before 5.6.11 uses a client SSL option to mean that SSL is optional, which allows man-in-the-middle attackers to spoof servers via a cleartext-downgrade attack, a related issue to CVE-2015-3152...