Executive Summary
Summary | |
---|---|
Title | mysql-5.5 security update |
Informations | |||
---|---|---|---|
Name | DSA-2985 | First vendor Publication | 2014-07-22 |
Vendor | Debian | Last vendor Modification | 2014-07-22 |
Severity (Vendor) | N/A | Revision | 1 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:S/C:P/I:P/A:P) | |||
---|---|---|---|
Cvss Base Score | 6.5 | Attack Range | Network |
Cvss Impact Score | 6.4 | Attack Complexity | Low |
Cvss Expoit Score | 8 | Authentication | Requires single instance |
Calculate full CVSS 2.0 Vectors scores |
Detail
Several issues have been discovered in the MySQL database server. The vulnerabilities are addressed by upgrading MySQL to the new upstream version 5.5.38. Please see the MySQL 5.5 Release Notes and Oracle's Critical Patch Update advisory for further details: http://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-38.html http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html For the stable distribution (wheezy), these problems have been fixed in version 5.5.38-0+wheezy1. For the unstable distribution (sid), these problems will be fixed soon. We recommend that you upgrade your mysql-5.5 packages. |
Original Source
Url : http://www.debian.org/security/2014/dsa-2985 |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:25101 | |||
Oval ID: | oval:org.mitre.oval:def:25101 | ||
Title: | USN-2291-1 -- mysql-5.5 vulnerabilities | ||
Description: | Several security issues were fixed in MySQL. | ||
Family: | unix | Class: | patch |
Reference(s): | USN-2291-1 CVE-2014-2494 CVE-2014-4207 CVE-2014-4258 CVE-2014-4260 | Version: | 3 |
Platform(s): | Ubuntu 14.04 Ubuntu 12.04 | Product(s): | mysql-5.5 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:26099 | |||
Oval ID: | oval:org.mitre.oval:def:26099 | ||
Title: | DSA-2985-1 -- mysql-5.5 - security update | ||
Description: | Several issues have been discovered in the MySQL database server. The vulnerabilities are addressed by upgrading MySQL to the new upstream version 5.5.38. Please see the MySQL 5.5 Release Notes and Oracle's Critical Patch Update advisory for further details. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-2985-1 CVE-2014-2494 CVE-2014-4207 CVE-2014-4258 CVE-2014-4260 | Version: | 5 |
Platform(s): | Debian GNU/Linux 7 Debian GNU/kFreeBSD 7 | Product(s): | mysql-5.5 |
Definition Synopsis: | |||
|
CPE : Common Platform Enumeration
Information Assurance Vulnerability Management (IAVM)
Date | Description |
---|---|
2014-07-17 | IAVM : 2014-A-0106 - Multiple Vulnerabilities in Oracle MySQL Product Suite Severity : Category I - VMSKEY : V0053189 |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2015-05-20 | Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2015-0743-1.nasl - Type : ACT_GATHER_INFO |
2015-03-30 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2015-091.nasl - Type : ACT_GATHER_INFO |
2014-11-21 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2014-1859.nasl - Type : ACT_GATHER_INFO |
2014-11-21 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2014-1861.nasl - Type : ACT_GATHER_INFO |
2014-11-18 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2014-1859.nasl - Type : ACT_GATHER_INFO |
2014-11-18 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2014-1861.nasl - Type : ACT_GATHER_INFO |
2014-11-18 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2014-1859.nasl - Type : ACT_GATHER_INFO |
2014-11-18 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2014-1861.nasl - Type : ACT_GATHER_INFO |
2014-11-18 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20141117_mariadb_on_SL7_x.nasl - Type : ACT_GATHER_INFO |
2014-11-18 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20141117_mysql55_mysql_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
2014-08-29 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_libmysql55client18-140819.nasl - Type : ACT_GATHER_INFO |
2014-08-29 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_libmysql55client18-140820.nasl - Type : ACT_GATHER_INFO |
2014-07-23 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2985.nasl - Type : ACT_GATHER_INFO |
2014-07-18 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-2291-1.nasl - Type : ACT_GATHER_INFO |
2014-07-16 | Name : The remote database server is affected by multiple vulnerabilities. File : mysql_5_5_38.nasl - Type : ACT_GATHER_INFO |
2014-07-16 | Name : The remote database server is affected by multiple vulnerabilities. File : mysql_5_6_19.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2014-07-24 13:25:34 |
|
2014-07-22 21:22:04 |
|