Ubuntu.comUB:CVE-2013-2391CVE-2013-2391
3 Low
CVSS2
Access Vector
LOCAL
Access Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:L/AC:M/Au:S/C:P/I:P/A:N
0.001 Low
EPSS
Percentile
25.3%
Unspecified vulnerability in Oracle MySQL 5.1.68 and earlier, 5.5.30 and
earlier, and 5.6.10 and earlier allows local users to affect
confidentiality and integrity via unknown vectors related to Server
Install.
Notes
| Author | Note |
|---|---|
| jdstrand | mysql-cluster-7.0 not supported per Ubuntu Server team As of 2012/01/09, Oracle no longer supports MySQL 5.0. Unfortunately, because of upstream update and commit policies it is not possible to backport patches from later releases. Ubuntu is regrettably unable to support MySQL 5.0 and users are encouraged to upgrade to Ubuntu 10.04 LTS or later. |
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| ubuntu | 11.10 | noarch | mysql-5.1 | < 5.1.69-0ubuntu0.11.10.1 | UNKNOWN |
| ubuntu | 12.04 | noarch | mysql-5.5 | < 5.5.31-0ubuntu0.12.04.1 | UNKNOWN |
| ubuntu | 12.10 | noarch | mysql-5.5 | < 5.5.31-0ubuntu0.12.10.1 | UNKNOWN |
| ubuntu | 13.04 | noarch | mysql-5.5 | < 5.5.31-0ubuntu0.13.04.1 | UNKNOWN |
| ubuntu | 10.04 | noarch | mysql-dfsg-5.1 | < 5.1.69-0ubuntu0.10.04.1 | UNKNOWN |
References
www.oracle.com/technetwork/topics/security/cpuapr2013-1899555.html
launchpad.net/bugs/cve/CVE-2013-2391
nvd.nist.gov/vuln/detail/CVE-2013-2391
security-tracker.debian.org/tracker/CVE-2013-2391
ubuntu.com/security/notices/USN-1807-1
ubuntu.com/security/notices/USN-1807-2
www.cve.org/CVERecord?id=CVE-2013-2391
Related
3 Low
CVSS2
Access Vector
LOCAL
Access Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:L/AC:M/Au:S/C:P/I:P/A:N
0.001 Low
EPSS
Percentile
25.3%