Veracode Vulnerability DatabaseVERACODE:16851Denial Of Service (DoS)
3.5 Low
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:M/Au:S/C:N/I:N/A:P
Oracle MySQL Server is vulnerable to denial of service (DoS) attacks. An authenticated user is able to manipulate the component Replication with an unknown input which may crashes the application.
| CPE | Name | Operator | Version |
|---|---|---|---|
| rh-mysql56-mysql | eq | 5.6.26__1.el6 | |
| rh-mysql56-mysql | eq | 5.6.24__3.el6 | |
| rh-mysql56-mysql | eq | 5.6.26__1.el6 | |
| rh-mysql56-mysql | eq | 5.6.24__3.el6 |
References
rhn.redhat.com/errata/RHSA-2016-0705.html
rhn.redhat.com/errata/RHSA-2016-0705.html
www.oracle.com/technetwork/topics/security/cpuapr2016-2881694.html#AppendixMSQL
www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html#AppendixMSQL
www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html
www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html
www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html#AppendixMSQL
www.securityfocus.com/bid/77231
www.securityfocus.com/bid/77231
www.securitytracker.com/id/1033894
www.securitytracker.com/id/1033894
www.ubuntu.com/usn/USN-2781-1
www.ubuntu.com/usn/USN-2781-1
access.redhat.com/errata/RHSA-2016:0705
access.redhat.com/security/cve/CVE-2016-3452
access.redhat.com/security/cve/CVE-2016-3471
access.redhat.com/security/cve/CVE-2016-5444
access.redhat.com/security/updates/classification/#critical
dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-27.html
dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-28.html
dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-29.html
dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-30.html
Related
3.5 Low
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:M/Au:S/C:N/I:N/A:P