Download
| Alert*
oval:org.secpod.oval:def:1600088
mysql55 is installed oval:org.secpod.oval:def:1600261 This update fixes several vulnerabilities in the MySQL database server. Information about these flaws can be found in the References section. oval:org.secpod.oval:def:1600887 Vulnerability in the MySQL Server component of Oracle MySQL . Supported versions that are affected are 5.5.59 and prior, 5.6.39 and prior and 5.7.21 and prior. Difficult to exploit vulnerability allows unauthenticated attacker with logon to the infrastructure where MySQL Server executes to compromis ... oval:org.secpod.oval:def:1600914 Vulnerability in the MySQL Server component of Oracle MySQL . Supported versions that are affected are 5.5.60 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability ... oval:org.secpod.oval:def:1600814 Vulnerability in the MySQL Server component of Oracle MySQL . Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete ... oval:org.secpod.oval:def:1600845 Vulnerability in the MySQL Server component of Oracle MySQL . Supported versions that are affected are 5.5.58 and prior, 5.6.38 and prior and 5.7.20 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Succe ... oval:org.secpod.oval:def:1601254 A stack-based buffer overflow flaw was found in the user permission checking code in MySQL. An authenticated database user could use this flaw to crash the mysqld daemon or, potentially, execute arbitrary code with the privileges of the user running the mysqld daemon oval:org.secpod.oval:def:1601361 sql/password.c in Oracle MySQL 5.1.x before 5.1.63, 5.5.x before 5.5.24, and 5.6.x before 5.6.6, and MariaDB 5.1.x before 5.1.62, 5.2.x before 5.2.12, 5.3.x before 5.3.6, and 5.5.x before 5.5.23, when running in certain environments with certain implementations of the memcmp function, allows remote ... oval:org.secpod.oval:def:1600087 Vulnerability in the MySQL Server component of Oracle MySQL . Supported versions that are affected are 5.5.39 and earlier and 5.6.20 and earlier. Easily exploitable vulnerability allows successful unauthenticated network attacks via multiple protocols. Successful attack of this vulnerability can res ... oval:org.secpod.oval:def:1600136 This update fixes numerous unspecified vulnerabilities in the MySQL Server component 5.5.35 and earlier and 5.6.15 and earlier. oval:org.secpod.oval:def:1600496 The following security-related issues were fixed:CVE-2017-3238 Server: Optimizer unspecified vulnerability CVE-2017-3243 Server: Charsets unspecified vulnerability CVE-2017-3244 Server: DML unspecified vulnerability CVE-2017-3258 Server: DDL unspecified vulnerability CVE-2017-3313 Server: MyISAM uns ... oval:org.secpod.oval:def:1600461 It was discovered that the MySQL logging functionality allowed writing to MySQL configuration files. An administrative database user, or a database user with FILE privileges, could possibly use this flaw to run arbitrary commands with root privileges on the system running the database server. oval:org.secpod.oval:def:1600699 Server: Security: Privileges unspecified vulnerability :Vulnerability in the MySQL Server component of Oracle MySQL . Supported versions that are affected are 5.5.54 and earlier, 5.6.35 and earlier and 5.7.17 and earlier. Easily "exploitable" vulnerability allows high privileged attacker with networ ... oval:org.secpod.oval:def:1600760 Server: Charsets unspecified vulnerability Vulnerability in the MySQL Server component of Oracle MySQL . Supported versions that are affected are 5.5.56 and earlier, 5.6.36 and earlier and 5.7.18 and earlier. Difficult to exploit vulnerability allows high privileged attacker with network access via ... oval:org.secpod.oval:def:1600443 It was found that the MariaDB client library did not properly check host names against server identities noted in the X.509 certificates when establishing secure connections using TLS/SSL. A man-in-the-middle attacker could possibly use this flaw to impersonate a server to a client. Unspecified vuln ... oval:org.secpod.oval:def:1600958 Vulnerability in the MySQL Server component of Oracle MySQL . Supported versions that are affected are 5.5.61 and prior, 5.6.41 and prior, 5.7.23 and prior and 8.0.12 and prior. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Server exe ... |