Executive Summary
Summary | |
---|---|
Title | mysql-5.1 security update |
Informations | |||
---|---|---|---|
Name | DSA-2429 | First vendor Publication | 2012-03-07 |
Vendor | Debian | Last vendor Modification | 2012-03-07 |
Severity (Vendor) | N/A | Revision | 1 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:S/C:P/I:N/A:P) | |||
---|---|---|---|
Cvss Base Score | 5.5 | Attack Range | Network |
Cvss Impact Score | 4.9 | Attack Complexity | Low |
Cvss Expoit Score | 8 | Authentication | Requires single instance |
Calculate full CVSS 2.0 Vectors scores |
Detail
Several security vulnerabilities were discovered in MySQL, a database management system. The vulnerabilities are addressed by upgrading MySQL to a new upstream version, 5.1.61, which includes additional changes, such as performance improvements and corrections for data loss defects. These changes are described in the MySQL release notes at: http://dev.mysql.com/doc/refman/5.1/en/news-5-1-x.html For the stable distribution (squeeze), these problems have been fixed in version 5.1.61-0+squeeze1. For the unstable distribution (sid), these problems have been fixed in version 5.1.61-2. We recommend that you upgrade your mysql-5.1 packages. |
Original Source
Url : http://www.debian.org/security/2012/dsa-2429 |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:15023 | |||
Oval ID: | oval:org.mitre.oval:def:15023 | ||
Title: | DSA-2429-1 mysql-5.1 -- several | ||
Description: | Several security vulnerabilities were discovered in MySQL, a database management system. The vulnerabilities are addressed by upgrading MySQL to a new upstream version, 5.1.61, which includes additional changes, such as performance improvements and corrections for data loss defects | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-2429-1 CVE-2011-2262 CVE-2012-0075 CVE-2012-0087 CVE-2012-0101 CVE-2012-0102 CVE-2012-0112 CVE-2012-0113 CVE-2012-0114 CVE-2012-0115 CVE-2012-0116 CVE-2012-0118 CVE-2012-0119 CVE-2012-0120 CVE-2012-0484 CVE-2012-0485 CVE-2012-0490 CVE-2012-0492 | Version: | 5 |
Platform(s): | Debian GNU/Linux 6.0 Debian GNU/kFreeBSD 6.0 | Product(s): | mysql-5.1 |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:20957 | |||
Oval ID: | oval:org.mitre.oval:def:20957 | ||
Title: | RHSA-2012:0127: mysql security update (Moderate) | ||
Description: | Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.0.x, 5.1.x, and 5.5.x allows remote authenticated users to affect availability via unknown vectors. | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2012:0127-01 CESA-2012:0127 CVE-2010-1849 CVE-2012-0075 CVE-2012-0087 CVE-2012-0101 CVE-2012-0102 CVE-2012-0114 CVE-2012-0484 CVE-2012-0490 | Version: | 107 |
Platform(s): | Red Hat Enterprise Linux 5 CentOS Linux 5 | Product(s): | mysql |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:23295 | |||
Oval ID: | oval:org.mitre.oval:def:23295 | ||
Title: | ELSA-2012:0127: mysql security update (Moderate) | ||
Description: | Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.0.x, 5.1.x, and 5.5.x allows remote authenticated users to affect availability via unknown vectors. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2012:0127-01 CVE-2010-1849 CVE-2012-0075 CVE-2012-0087 CVE-2012-0101 CVE-2012-0102 CVE-2012-0114 CVE-2012-0484 CVE-2012-0490 | Version: | 37 |
Platform(s): | Oracle Linux 5 | Product(s): | mysql |
Definition Synopsis: | |||
CPE : Common Platform Enumeration
OpenVAS Exploits
Date | Description |
---|---|
2012-07-30 | Name : CentOS Update for mysql CESA-2012:0105 centos6 File : nvt/gb_CESA-2012_0105_mysql_centos6.nasl |
2012-07-30 | Name : CentOS Update for mysql CESA-2012:0127 centos5 File : nvt/gb_CESA-2012_0127_mysql_centos5.nasl |
2012-07-09 | Name : RedHat Update for mysql RHSA-2012:0105-01 File : nvt/gb_RHSA-2012_0105-01_mysql.nasl |
2012-04-30 | Name : Debian Security Advisory DSA 2429-1 (mysql-5.1) File : nvt/deb_2429_1.nasl |
2012-04-02 | Name : Fedora Update for mysql FEDORA-2012-0972 File : nvt/gb_fedora_2012_0972_mysql_fc16.nasl |
2012-03-16 | Name : Ubuntu Update for mysql-5.1 USN-1397-1 File : nvt/gb_ubuntu_USN_1397_1.nasl |
2012-02-21 | Name : RedHat Update for mysql RHSA-2012:0127-01 File : nvt/gb_RHSA-2012_0127-01_mysql.nasl |
2012-02-13 | Name : Fedora Update for mysql FEDORA-2012-0987 File : nvt/gb_fedora_2012_0987_mysql_fc15.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
78393 | Oracle MySQL Server Unspecified Remote DoS (2012-0492) Oracle MySQL Server contains an unspecified flaw related to the MySQL Protocol that may allow a remote denial of service, resulting in a loss of availability. |
78391 | Oracle MySQL Server Unspecified Remote DoS (2012-0112) Oracle MySQL Server contains an unspecified flaw related to the MySQL Protocol that may allow a remote denial of service, resulting in a loss of availability. |
78388 | Oracle MySQL Server Unspecified Remote DoS (2012-0490) Oracle MySQL Server contains an unspecified flaw related to the MySQL Protocol that may allow a remote denial of service, resulting in a loss of availability. |
78383 | Oracle MySQL Server Unspecified Remote DoS (2012-0485) Oracle MySQL Server contains an unspecified flaw related to the MySQL Protocol that may allow a remote denial of service, resulting in a loss of availability. |
78382 | Oracle MySQL Server Unspecified Remote DoS (2012-0120) Oracle MySQL Server contains an unspecified flaw related to the MySQL Protocol that may allow a remote denial of service, resulting in a loss of availability. |
78381 | Oracle MySQL Server Unspecified Remote DoS (2012-0119) Oracle MySQL Server contains an unspecified flaw related to the MySQL Protocol that may allow a remote denial of service, resulting in a loss of availability. |
78380 | Oracle MySQL Server Unspecified Remote DoS (2012-0115) Oracle MySQL Server contains an unspecified flaw related to the MySQL Protocol that may allow a remote denial of service, resulting in a loss of availability. |
78379 | Oracle MySQL Server Unspecified Remote DoS (2012-0102) Oracle MySQL Server contains an unspecified flaw related to the MySQL Protocol that may allow a remote denial of service, resulting in a loss of availability. |
78378 | Oracle MySQL Server Unspecified Remote DoS (2012-0101) Oracle MySQL Server contains an unspecified flaw related to the MySQL Protocol that may allow a remote denial of service, resulting in a loss of availability. |
78377 | Oracle MySQL Server Unspecified Remote DoS (2012-0087) Oracle MySQL Server contains an unspecified flaw related to the MySQL Protocol that may allow a remote denial of service, resulting in a loss of availability. |
78376 | Oracle MySQL Server Unspecified Remote DoS (2011-2262) Oracle MySQL Server contains an unspecified flaw related to the MySQL Protocol that may allow a remote denial of service, resulting in a loss of availability. |
78374 | Oracle MySQL Server Unspecified Remote Issue (2012-0075) Oracle MySQL Server contains an unspecified flaw related to the MySQL Protocol that may allow a remote attacker to cause a loss of integrity. |
78373 | Oracle MySQL Server Unspecified Local Issue Oracle MySQL Server contains an unspecified flaw related to the MySQL Protocol that may allow a local attacker to cause a loss in confidentiality and integrity. |
78372 | Oracle MySQL Server Unspecified Remote Information Disclosure Oracle MySQL Server contains an unspecified flaw related to the MySQL Protocol that may allow a remote information disclosure, resulting in a loss of confidentiality. |
78370 | Oracle MySQL Server Unspecified Remote Issue (2012-0118) Oracle MySQL Server contains an unspecified flaw related to the MySQL Protocol that may allow a remote denial of service or information disclosure, resulting in a loss of availability and confidentiality. |
78369 | Oracle MySQL Server Unspecified Remote Issue (2012-0116) Oracle MySQL Server contains an unspecified flaw related to the MySQL Protocol that may allow a remote authenticated attacker to cause a loss of confidentiality and integrity. |
78368 | Oracle MySQL Server Unspecified Remote Issue (2012-0113) Oracle MySQL Server contains an unspecified flaw related to the MySQL Protocol that may allow a remote denial of service or information disclosure, resulting in a loss of availability and confidentiality. |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2014-12-22 | Name : The remote device is affected by multiple vulnerabilities. File : juniper_space_jsa10601.nasl - Type : ACT_GATHER_INFO |
2014-10-10 | Name : The remote device is missing a vendor-supplied security patch. File : f5_bigip_SOL14410.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2012-274.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2012-273.nasl - Type : ACT_GATHER_INFO |
2013-09-04 | Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2012-44.nasl - Type : ACT_GATHER_INFO |
2013-08-30 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201308-06.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2012-0127.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2012-0105.nasl - Type : ACT_GATHER_INFO |
2013-01-25 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_libmysqlclient-devel-120731.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20120208_mysql_on_SL6_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20120213_mysql_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
2012-03-13 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1397-1.nasl - Type : ACT_GATHER_INFO |
2012-03-08 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2429.nasl - Type : ACT_GATHER_INFO |
2012-02-15 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2012-0127.nasl - Type : ACT_GATHER_INFO |
2012-02-14 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-0127.nasl - Type : ACT_GATHER_INFO |
2012-02-13 | Name : The remote Fedora host is missing a security update. File : fedora_2012-0987.nasl - Type : ACT_GATHER_INFO |
2012-02-10 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2012-0105.nasl - Type : ACT_GATHER_INFO |
2012-02-09 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-0105.nasl - Type : ACT_GATHER_INFO |
2012-02-09 | Name : The remote Fedora host is missing a security update. File : fedora_2012-0972.nasl - Type : ACT_GATHER_INFO |
2012-01-19 | Name : The remote database server is affected by multiple vulnerabilities. File : mysql_5_1_61.nasl - Type : ACT_GATHER_INFO |
2012-01-19 | Name : The remote database server is affected by multiple vulnerabilities. File : mysql_5_5_20.nasl - Type : ACT_GATHER_INFO |
2012-01-19 | Name : The remote database server is affected by multiple vulnerabilities. File : mysql_5_0_95.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2018-07-21 09:21:30 |
|
2016-04-26 21:50:33 |
|
2014-02-17 11:30:55 |
|
2013-05-11 00:44:20 |
|
2012-12-21 21:22:05 |
|