MiracleLinux 4 : rh-mysql57-mysql-5.7.19-6.AXS4 (AXSA:2017-2329:01)

The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2017-2329:01 advisory. An integer overflow flaw leading to a buffer overflow was found in the way MySQL parsed connection handshake packets. An unauthenticated remote...

MiracleLinux 4 : rh-mariadb101-galera-25.3.12-12.AXS4, rh-mariadb101-mariadb-10.1.29-3.AXS4 (AXSA:2018-2644:01)

The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2018-2644:01 advisory. mysql: insecure error log file handling in mysqldsafe CPU Oct 2016 CVE-2016-5617, CVE-2016-6664 mysql: Server: Optimizer unspecified vulnerability C...

MiracleLinux 4 : rh-mariadb100-mariadb-10.0.33-3.AXS4 (AXSA:2018-2584:01)

The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2018-2584:01 advisory. A flaw was found in the way the mysqldsafe script handled creation of error log file. The mysql operating system user could use this flaw to escalat...

SUSE CVE-2016-6664

mysqldsafe in Oracle MySQL through 5.5.51, 5.6.x through 5.6.32, and 5.7.x through 5.7.14; MariaDB; Percona Server before 5.5.51-38.2, 5.6.x before 5.6.32-78-1, and 5.7.x before 5.7.14-8; and Percona XtraDB Cluster before 5.5.41-37.0, 5.6.x before 5.6.32-25.17, and 5.7.x before 5.7.14-26.17, when...

CVE-2017-3291

It was discovered that the mysqldsafe script honored the ledir option value set in a MySQL configuration file. A user able to modify one of the MySQL configuration files could use this flaw to escalate their privileges to root...

Privilege Escalation

mysqldsafe is vulnerable to privilege escalation attacks. The flaw was found in the way the mysqldsafe script handled creation of error log file. A local authenticated user could use this flaw to escalate their privileges to root...

mysql: insecure error log file handling in mysqld_safe (CPU Oct 2016)

A flaw was found in the way the mysqldsafe script handled creation of error log file. The mysql operating system user could use this flaw to escalate their privileges to root...

mysql: insecure error log file handling in mysqld_safe, incomplete CVE-2016-6664 fix (CPU Jan 2017)

Multiple flaws were found in the way the mysqldsafe script handled creation of error log file. The mysql operating system user could use these flaws to escalate their privileges to root...

mysql: unrestricted mysqld_safe's ledir (CPU Jan 2017)

It was discovered that the mysqldsafe script honored the ledir option value set in a MySQL configuration file. A user able to modify one of the MySQL configuration files could use this flaw to escalate their privileges to root...

mysql: insecure error log file handling in mysqld_safe (CPU Oct 2016)

A flaw was found in the way the mysqldsafe script handled creation of error log file. The mysql operating system user could use this flaw to escalate their privileges to root...

mysql: unrestricted mysqld_safe's ledir (CPU Jan 2017)

It was discovered that the mysqldsafe script honored the ledir option value set in a MySQL configuration file. A user able to modify one of the MySQL configuration files could use this flaw to escalate their privileges to root...

mysql: insecure error log file handling in mysqld_safe, incomplete CVE-2016-6664 fix (CPU Jan 2017)

Multiple flaws were found in the way the mysqldsafe script handled creation of error log file. The mysql operating system user could use these flaws to escalate their privileges to root...

mysql: unrestricted mysqld_safe's ledir (CPU Jan 2017)

It was discovered that the mysqldsafe script honored the ledir option value set in a MySQL configuration file. A user able to modify one of the MySQL configuration files could use this flaw to escalate their privileges to root...

mysql: insecure error log file handling in mysqld_safe (CPU Oct 2016)

A flaw was found in the way the mysqldsafe script handled creation of error log file. The mysql operating system user could use this flaw to escalate their privileges to root...

mysql: insecure error log file handling in mysqld_safe (CPU Oct 2016)

A flaw was found in the way the mysqldsafe script handled creation of error log file. The mysql operating system user could use this flaw to escalate their privileges to root...

MGASA-2017-0054 Updated mariadb packages fix security vulnerability

Root Privilege Escalation CVE-2016-6664. Unspecified vulnerability affecting the Optimizer component CVE-2017-3238. Unspecified vulnerability affecting the Charsets component CVE-2017-3243. Unspecified vulnerability affecing the DML component CVE-2017-3244. Unspecified vulnerability affecting...

SUSE SLES12 Security Update : mariadb (SUSE-SU-2017:0411-1)

This mariadb version update to 10.0.29 fixes the following issues : - CVE-2017-3318: unspecified vulnerability affecting Error Handling bsc1020896 - CVE-2017-3317: unspecified vulnerability affecting Logging bsc1020894 - CVE-2017-3312: insecure error log file handling in mysqldsafe, incomplete...

SUSE-SU-2017:0411-1 Security update for mariadb

This mariadb version update to 10.0.29 fixes the following issues: - CVE-2017-3318: unspecified vulnerability affecting Error Handling bsc1020896 - CVE-2017-3317: unspecified vulnerability affecting Logging bsc1020894 - CVE-2017-3312: insecure error log file handling in mysqldsafe, incomplete...

Oracle MySQL 5.7.x < 5.7.17 Multiple Vulnerabilities

Binary data 9846.prm...

MySQL 5.5.x < 5.5.54 Multiple Vulnerabilities (January 2017 CPU)

The version of MySQL running on the remote host is 5.5.x prior to 5.5.54. It is, therefore, affected by multiple vulnerabilities : - An unspecified flaw exists in the Optimizer subcomponent that allows an authenticated, remote attacker to cause a denial of service condition. CVE-2017-3238 - An...