Executive Summary

Summary
Titlemysql-5.1 security update
Informations
NameDSA-2429First vendor Publication2012-03-07
VendorDebianLast vendor Modification2012-03-07
Severity (Vendor) N/ARevision1

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:S/C:P/I:N/A:P)
Cvss Base Score5.5Attack RangeNetwork
Cvss Impact Score4.9Attack ComplexityLow
Cvss Expoit Score8AuthenticationRequires single instance
Calculate full CVSS 2.0 Vectors scores

Detail

Several security vulnerabilities were discovered in MySQL, a database management system. The vulnerabilities are addressed by upgrading MySQL to a new upstream version, 5.1.61, which includes additional changes, such as performance improvements and corrections for data loss defects. These changes are described in the MySQL release notes at: http://dev.mysql.com/doc/refman/5.1/en/news-5-1-x.html

For the stable distribution (squeeze), these problems have been fixed in version 5.1.61-0+squeeze1.

For the unstable distribution (sid), these problems have been fixed in version 5.1.61-2.

We recommend that you upgrade your mysql-5.1 packages.

Original Source

Url : http://www.debian.org/security/2012/dsa-2429

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:20957
 
Oval ID: oval:org.mitre.oval:def:20957
Title: RHSA-2012:0127: mysql security update (Moderate)
Description: Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.0.x, 5.1.x, and 5.5.x allows remote authenticated users to affect availability via unknown vectors.
Family: unix Class: patch
Reference(s): RHSA-2012:0127-01
CESA-2012:0127
CVE-2010-1849
CVE-2012-0075
CVE-2012-0087
CVE-2012-0101
CVE-2012-0102
CVE-2012-0114
CVE-2012-0484
CVE-2012-0490
Version: 107
Platform(s): Red Hat Enterprise Linux 5
CentOS Linux 5
Product(s): mysql
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:23295
 
Oval ID: oval:org.mitre.oval:def:23295
Title: ELSA-2012:0127: mysql security update (Moderate)
Description: Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.0.x, 5.1.x, and 5.5.x allows remote authenticated users to affect availability via unknown vectors.
Family: unix Class: patch
Reference(s): ELSA-2012:0127-01
CVE-2010-1849
CVE-2012-0075
CVE-2012-0087
CVE-2012-0101
CVE-2012-0102
CVE-2012-0114
CVE-2012-0484
CVE-2012-0490
Version: 34
Platform(s): Oracle Linux 5
Product(s):
Definition Synopsis:

CPE : Common Platform Enumeration

TypeDescriptionCount
Application155
Application45

OpenVAS Exploits

DateDescription
2012-07-30Name : CentOS Update for mysql CESA-2012:0105 centos6
File : nvt/gb_CESA-2012_0105_mysql_centos6.nasl
2012-07-30Name : CentOS Update for mysql CESA-2012:0127 centos5
File : nvt/gb_CESA-2012_0127_mysql_centos5.nasl
2012-07-09Name : RedHat Update for mysql RHSA-2012:0105-01
File : nvt/gb_RHSA-2012_0105-01_mysql.nasl
2012-04-30Name : Debian Security Advisory DSA 2429-1 (mysql-5.1)
File : nvt/deb_2429_1.nasl
2012-04-02Name : Fedora Update for mysql FEDORA-2012-0972
File : nvt/gb_fedora_2012_0972_mysql_fc16.nasl
2012-03-16Name : Ubuntu Update for mysql-5.1 USN-1397-1
File : nvt/gb_ubuntu_USN_1397_1.nasl
2012-02-21Name : RedHat Update for mysql RHSA-2012:0127-01
File : nvt/gb_RHSA-2012_0127-01_mysql.nasl
2012-02-13Name : Fedora Update for mysql FEDORA-2012-0987
File : nvt/gb_fedora_2012_0987_mysql_fc15.nasl

Open Source Vulnerability Database (OSVDB)

idDescription
78393Oracle MySQL Server Unspecified Remote DoS (2012-0492)
78391Oracle MySQL Server Unspecified Remote DoS (2012-0112)
78388Oracle MySQL Server Unspecified Remote DoS (2012-0490)
78383Oracle MySQL Server Unspecified Remote DoS (2012-0485)
78382Oracle MySQL Server Unspecified Remote DoS (2012-0120)
78381Oracle MySQL Server Unspecified Remote DoS (2012-0119)
78380Oracle MySQL Server Unspecified Remote DoS (2012-0115)
78379Oracle MySQL Server Unspecified Remote DoS (2012-0102)
78378Oracle MySQL Server Unspecified Remote DoS (2012-0101)
78377Oracle MySQL Server Unspecified Remote DoS (2012-0087)
78376Oracle MySQL Server Unspecified Remote DoS (2011-2262)
78374Oracle MySQL Server Unspecified Remote Issue (2012-0075)
78373Oracle MySQL Server Unspecified Local Issue
78372Oracle MySQL Server Unspecified Remote Information Disclosure
78370Oracle MySQL Server Unspecified Remote Issue (2012-0118)
78369Oracle MySQL Server Unspecified Remote Issue (2012-0116)
78368Oracle MySQL Server Unspecified Remote Issue (2012-0113)

Nessus® Vulnerability Scanner

DateDescription
2013-09-04Name : The remote Amazon Linux AMI host is missing a security update.
File : ala_ALAS-2012-44.nasl - Type : ACT_GATHER_INFO
2013-08-30Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-201308-06.nasl - Type : ACT_GATHER_INFO
2013-07-12Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2012-0105.nasl - Type : ACT_GATHER_INFO
2013-07-12Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2012-0127.nasl - Type : ACT_GATHER_INFO
2013-01-25Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_libmysqlclient-devel-120731.nasl - Type : ACT_GATHER_INFO
2012-08-01Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20120208_mysql_on_SL6_x.nasl - Type : ACT_GATHER_INFO
2012-08-01Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20120213_mysql_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2012-03-13Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1397-1.nasl - Type : ACT_GATHER_INFO
2012-03-08Name : The remote Debian host is missing a security-related update.
File : debian_DSA-2429.nasl - Type : ACT_GATHER_INFO
2012-02-15Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2012-0127.nasl - Type : ACT_GATHER_INFO
2012-02-14Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2012-0127.nasl - Type : ACT_GATHER_INFO
2012-02-13Name : The remote Fedora host is missing a security update.
File : fedora_2012-0987.nasl - Type : ACT_GATHER_INFO
2012-02-10Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2012-0105.nasl - Type : ACT_GATHER_INFO
2012-02-09Name : The remote Fedora host is missing a security update.
File : fedora_2012-0972.nasl - Type : ACT_GATHER_INFO
2012-02-09Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2012-0105.nasl - Type : ACT_GATHER_INFO
2012-01-19Name : The remote database server is affected by multiple vulnerabilities.
File : mysql_5_0_95.nasl - Type : ACT_GATHER_INFO
2012-01-19Name : The remote database server is affected by multiple vulnerabilities.
File : mysql_5_1_61.nasl - Type : ACT_GATHER_INFO
2012-01-19Name : The remote database server is affected by multiple vulnerabilities.
File : mysql_5_5_20.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.
0
1
2
DateInformations
2014-02-17 11:30:55
  • Multiple Updates
2013-05-11 00:44:20
  • Multiple Updates
2012-12-21 21:22:05
  • Multiple Updates