SA106 : MySQL Vulnerabilities October 2015

SUMMARY

Blue Coat products using affected versions of MySQL 5.5 and 5.6 are susceptible to multiple vulnerabilities. An attacker can exploit these vulnerabilities to execute arbitrary code and gain unauthorized read, insert, update, or delete access to subsets of MySQL Server accessible data. The attacker can also cause denial of service through application crashes.

AFFECTED PRODUCTS

Malware Analysis Appliance

CVE |Affected Version(s)|Remediation
CVE-2015-4792, CVE-2015-4800,
CVE-2015-4802, CVE-2015-4815,
CVE-2015-4816, CVE-2015-4819,
CVE-2015-4826, CVE-2015-4830,
CVE-2015-4836, CVE-2015-4858,
CVE-2015-4861, CVE-2015-4864,
CVE-2015-4870, CVE-2015-4879,
CVE-2015-4913 | 4.2 | Upgrade to 4.2.8.

ADDITIONAL PRODUCT INFORMATION

DLP
Please, contact Digital Guardian technical support regarding vulnerability information for DLP.

The following products are not vulnerable:
Advanced Secure Gateway
Android Mobile Agent
AuthConnector
BCAAA
Blue Coat HSM Agent for the Luna SP
CacheFlow
Client Connector
Cloud Data Protection for Salesforce
Cloud Data Protection for Salesforce Analytics
Cloud Data Protection for ServiceNow
Cloud Data Protection for Oracle CRM On Demand
Cloud Data Protection for Oracle Sales Cloud
Cloud Data Protection Integration Server
Cloud Data Protection Communication Server
Cloud Data Protection Policy Builder
Content Analysis System
Director
General Auth Connector Login Application
IntelligenceCenter
IntelligenceCenter Data Collector
K9
Mail Threat Defense
Management Center
Norman Shark Industrial Control System Protection
Norman Shark Network Protection
Norman Shark SCADA Protection
PacketShaper
PacketShaper S-Series
PolicyCenter
PolicyCenter S-Series
ProxyClient
ProxyAV
ProxyAV ConLog and ConLogXP
ProxySG
Reporter
Security Analytics
SSL Visibility
Unified Agent
X-Series XOS

ISSUES

CVE-2015-4730

Severity / CVSSv2 | Medium / 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P) References| SecurityFocus: BID 77199 / NVD: CVE-2015-4730 Impact| Denial of service Description | A flaw in the Server: Types sub-component allows a remote authenticated attacker to cause the server application to hang or repeatedly crash, resulting in denial of service.

CVE-2015-4766

Severity / CVSSv2 | Low / 1.9 (AV:L/AC:M/Au:N/C:N/I:N/A:P) References| SecurityFocus: BID 77232 / NVD: CVE-2015-4766 Impact| Denial of service Description | A flaw in the Server: Security: Firewall sub-component allows a local attacker to cause the server application to hang or repeatedly crash, resulting in denial of service.

CVE-2015-4791

Severity / CVSSv2 | Low / 3.5 (AV:N/AC:M/Au:S/C:N/I:N/A:P) References| SecurityFocus: BID 77213 / NVD: CVE-2015-4791 Impact| Denial of service Description | A flaw in the Server: Security: Privileges sub-component allows a remote authenticated attacker to cause the server application to hang or repeatedly crash, resulting in denial of service.

CVE-2015-4792

Severity / CVSSv2 | Low / 1.7 (AV:N/AC:H/Au:M/C:N/I:N/A:P) References| SecurityFocus: BID 77171 / NVD: CVE-2015-4792 Impact| Denial of service Description | A flaw in the Server: Partition sub-component allows a remote authenticated attacker to cause the server application to hang or repeatedly crash, resulting in denial of service.

CVE-2015-4800

Severity / CVSSv2 | Medium / 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P) References| SecurityFocus: BID 77216 / NVD: CVE-2015-4800 Impact| Denial of service Description | A flaw in the Server: Optimizer sub-component allows a remote authenticated attacker to cause the server application to hang or repeatedly crash, resulting in denial of service.

CVE-2015-4802

Severity / CVSSv2 | Medium / 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P) References| SecurityFocus: BID 77165 / NVD: CVE-2015-4802 Impact| Denial of service Description | A flaw in the Server: Partition sub-component allows a remote authenticated attacker to cause the server application to hang to repeatedly crash, resulting in denial of service.

CVE-2015-4807

Severity / CVSSv2 | Low / 3.5 (AV:N/AC:M/Au:S/C:N/I:N/A:P) References| SecurityFocus: BID 77205 / NVD: CVE-2015-4807 Impact| Denial of service Description | A flaw in the Server: Query Cache sub-component allows a remote authenticated attacker to cause the server application to hang or repeatedly crash, resulting in denial of service.

CVE-2015-4815

Severity / CVSSv2 | Medium / 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P) References| SecurityFocus: BID 77222 / NVD: CVE-2015-4815 Impact| Denial of service Description | A flaw in the Server: DDL sub-component allows a remote authenticated attacker to cause the server application to hang or repeatedly crash, resulting in denial of service.

CVE-2015-4816

Severity / CVSSv2 | Medium / 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P) References| SecurityFocus: BID 77134 / NVD: CVE-2015-4816 Impact| Denial of service Description | A flaw in the Server: InnoDB sub-component allows a remote authenticated attacker to cause the server application to hang or repeatedly crash, resulting in denial of service.

CVE-2015-4819

Severity / CVSSv2 | High / 7.2 (AV:L/AC:L/Au:N/C:C/I:C/A:C) References| SecurityFocus: BID 77196 / NVD: CVE-2015-4819 Impact| Code execution Description | A flaw in the Client programs sub-component allows a local attacker to execute arbitrary code.

CVE-2015-4826

Severity / CVSSv2 | Medium / 4.0 (AV:N/AC:L/Au:S/C:P/I:N/A:N) References| SecurityFocus: BID 77237 / NVD: CVE-2015-4826 Impact| Information disclosure Description | A flaw in the Server: Types sub-component allows a remote authenticated attacker to gain unauthorized read access to a subset of data.

CVE-2015-4830

Severity / CVSSv2 | Medium / 4.0 (AV:N/AC:L/Au:S/C:N/I:P/A:N) References| SecurityFocus: BID 77228 / NVD: CVE-2015-4830 Impact| Unauthorized modification of data Description | A flaw in the Server: Security: Privileges sub-component allows a remote authenticated attacker to gain unauthorized update, insert, or delete access to a subset of data.

CVE-2015-4833

Severity / CVSSv2 | Medium / 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P) References| SecurityFocus: BID 77170 / NVD: CVE-2015-4833 Impact| Denial of service Description | A flaw in the Server: Partition sub-component allows a remote authenticated attacker to cause the server application to hang to repeatedly crash, resulting in denial of service.

CVE-2015-4836

Severity / CVSSv2 | Low / 2.8 (AV:N/AC:M/Au:M/C:N/I:N/A:P) References| SecurityFocus: BID 77190 / NVD: CVE-2015-4836 Impact| Denial of service Description | A flaw in the Server: SP sub-component allows a remote authenticated attacker to cause the server application to hang or repeatedly crash, resulting in denial of service.

CVE-2015-4858

Severity / CVSSv2 | Medium / 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P) References| SecurityFocus: BID 77145 / NVD: CVE-2015-4858 Impact| Denial of service Description | A flaw in the Server: DML sub-component allows a remote authenticated attacker to cause the server application to hang or repeatedly crash, resulting in denial of service.

CVE-2015-4861

Severity / CVSSv2 | Low / 3.5 (AV:N/AC:M/Au:S/C:N/I:N/A:P) References| SecurityFocus: BID 77137 / NVD: CVE-2015-4861 Impact| Denial of service Description | A flaw in the Server: InnoDB sub-component allows a remote authenticated attacker to cause the server application to hang or repeatedly crash, resulting in denial of service.

CVE-2015-4862

Severity / CVSSv2 | Medium / 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P) References| SecurityFocus: BID 77147 / NVD: CVE-2015-4862 Impact| Denial of service Description | A flaw in the Server: DML sub-component allows a remote authenticated attacker to cause the server application to hang or repeatedly crash, resulting in denial of service.

CVE-2015-4864

Severity / CVSSv2 | Low / 3.5 (AV:N/AC:M/Au:S/C:N/I:P/A:N) References| SecurityFocus: BID 77187 / NVD: CVE-2015-4864 Impact| Unauthorized modification of data Description | A flaw in the Server: Security:Privileges sub-component allows a remote authenticated attacker to gain unauthorized update, insert, or delete access to a subset of data.

CVE-2015-4866

Severity / CVSSv2 | Medium / 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P) References| SecurityFocus: BID 77132 / NVD: CVE-2015-4866 Impact| Denial of service Description | A flaw in the Server: InnoDB sub-component allows a remote authenticated attacker to cause the server to hang or repeatedly crash, resulting in denial of service.

CVE-2015-4870

Severity / CVSSv2 | Medium / 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P) References| SecurityFocus: BID 77208 / NVD: CVE-2015-4870 Impact| Denial of service Description | A flaw in the Server: Parser sub-component allows a remote authenticated attacker to cause the server application to hang or repeatedly crash, resulting in denial of service.

CVE-2015-4879

Severity / CVSSv2 | Medium / 4.6 (AV:N/AC:H/Au:S/C:P/I:P/A:P) References| SecurityFocus: BID 77140 / NVD: CVE-2015-4879 Impact| Code execution Description | A flaw in the Server: DML sub-component allows a remote authenticated attacker to take over MySQL Server and possibly execute arbitrary code.

CVE-2015-4890

Severity / CVSSv2 | Low / 3.5 (AV:N/AC:M/Au:S/C:N/I:N/A:P) References| SecurityFocus: BID 77231 / NVD: CVE-2015-4890 Impact| Denial of service Description | A flaw in the Server: Replication sub-component allows a remote authenticated attacker to cause the server application to hang or repeatedly crash, resulting in denial of service.

CVE-2015-4895

Severity / CVSSv2 | Low / 3.5 (AV:N/AC:M/Au:S/C:N/I:N/A:P) References| SecurityFocus: BID 77136 / NVD: CVE-2015-4895 Impact| Denial of service Description | A flaw in the Server: InnoDB sub-component allows a remote authenticated attacker to cause the server application to hang or repeatedly crash, resulting in denial of service.

CVE-2015-4904

Severity / CVSSv2 | Medium / 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P) References| SecurityFocus: BID 77219 / NVD: CVE-2015-4904 Impact| Denial of service Description | A flaw in the libmysqld sub-component allows a remote authenticated attacker to cause the server application to hang or repeatedly crash, resulting in denial of service.

CVE-2015-4905

Severity / CVSSv2 | Medium / 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P) References| SecurityFocus: BID 77143 / NVD: CVE-2015-4905 Impact| Denial of service Description | A flaw in the Server: DML sub-component allows a remote authenticated attacker to cause the server application to hang or repeatedly crash, resulting in denial of service.

CVE-2015-4910

Severity / CVSSv2 | Low / 2.1 (AV:N/AC:H/Au:S/C:N/I:N/A:P) References| SecurityFocus: BID 77234 / NVD: CVE-2015-4910 Impact| Denial of service Description | A flaw in the Server: Memcached sub-component allows a remote authenticated attacker to cause the server application to hang or repeatedly crash, resulting in denial of service.

CVE-2015-4913

Severity / CVSSv2 | Low / 3.5 (AV:N/AC:M/Au:S/C:N/I:N/A:P) References| SecurityFocus: BID 77153 / NVD: CVE-2015-4913 Impact| Denial of service Description | A flaw in the Server: DML sub-component allows a remote authenticated attacker to cause the server application to hang or repeatedly crash, resulting in denial of service.

REFERENCES

Oracle Critical Patch Update Advisory (October 2015) - <https://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html#AppendixMSQL&gt;

REVISION

2016-11-01 Vulnerability inquiries for DLP should be addressed to Digital Guardian technical support. SA status moved to Final.
2016-06-11 PolicyCenter S-Series is not vulnerable.
2016-05-11 No Cloud Data Protection products are vulnerable.
2016-04-24 Mail Threat Defense is not vulnerable.
2016-03-10 A fix for MAA 4.2 is available in 4.2.8. It was previously reported that MAA 4.2 is vulnerable to CVE-2015-4730, CVE-2015-4766, CVE-2015-4791, CVE-2015-4807, CVE-2015-4833, CVE-2015-4862, CVE-2015-4866, CVE-2015-4890, CVE-2015-4895, CVE-2015-4904, CVE-2015-4905, and CVE-2015-4910. Further investigation has shown that MAA 4.2 is not vulnerable to those CVEs.
2015-12-17 initial public release