Executive Summary
Informations | |||
---|---|---|---|
Name | MDVSA-2013:250 | First vendor Publication | 2013-10-17 |
Vendor | Mandriva | Last vendor Modification | 2013-10-17 |
Severity (Vendor) | N/A | Revision | N/A |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:N/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 10 | Attack Range | Network |
Cvss Impact Score | 10 | Attack Complexity | Low |
Cvss Expoit Score | 10 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Multiple vulnerabilities has been discovered and corrected in mysql: Unspecified vulnerability in MySQL 5.5.x before 5.5.23 has unknown impact and attack vectors related to a Security Fix, aka Bug #59533. NOTE: this might be a duplicate of CVE-2012-1689, but as of 20120816, Oracle has not commented on this possibility (CVE-2012-2750). Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.70 and earlier, 5.5.32 and earlier, and 5.6.12 and earlier allows remote authenticated users to affect availability via unknown vectors related to Optimizer (CVE-2013-3839). The updated packages have been upgraded to the 5.1.72 version which is not vulnerable to these issues. |
Original Source
Url : http://www.mandriva.com/security/advisories?name=MDVSA-2013:250 |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:19679 | |||
Oval ID: | oval:org.mitre.oval:def:19679 | ||
Title: | DSA-2780-1 mysql-5.1 - several | ||
Description: | This DSA updates the MySQL database to 5.1.72. This fixes multiple unspecified security problems in the Optimizer component: <a href="http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html">http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html</a> | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-2780-1 CVE-2012-2750 CVE-2013-3839 | Version: | 5 |
Platform(s): | Debian GNU/Linux 6.0 Debian GNU/kFreeBSD 6.0 | Product(s): | mysql-5.1 |
Definition Synopsis: | |||
|
CPE : Common Platform Enumeration
OpenVAS Exploits
Date | Description |
---|---|
2012-11-15 | Name : CentOS Update for mysql CESA-2012:1462 centos6 File : nvt/gb_CESA-2012_1462_mysql_centos6.nasl |
2012-11-15 | Name : RedHat Update for mysql RHSA-2012:1462-01 File : nvt/gb_RHSA-2012_1462-01_mysql.nasl |
Information Assurance Vulnerability Management (IAVM)
Date | Description |
---|---|
2013-10-17 | IAVM : 2013-A-0201 - Multiple Vulnerabilities in Oracle MySQL Products Severity : Category I - VMSKEY : V0040782 |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2014-12-22 | Name : The remote device is affected by multiple vulnerabilities. File : juniper_space_jsa10627.nasl - Type : ACT_GATHER_INFO |
2014-09-05 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201409-04.nasl - Type : ACT_GATHER_INFO |
2014-03-07 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2014-0189.nasl - Type : ACT_GATHER_INFO |
2014-03-07 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2014-0173.nasl - Type : ACT_GATHER_INFO |
2014-02-20 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2014-0186.nasl - Type : ACT_GATHER_INFO |
2014-02-19 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20140218_mysql55_mysql_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
2014-02-19 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2014-0186.nasl - Type : ACT_GATHER_INFO |
2014-02-19 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2014-0186.nasl - Type : ACT_GATHER_INFO |
2013-12-17 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2818.nasl - Type : ACT_GATHER_INFO |
2013-11-14 | Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2013-240.nasl - Type : ACT_GATHER_INFO |
2013-11-11 | Name : The remote Fedora host is missing a security update. File : fedora_2013-19601.nasl - Type : ACT_GATHER_INFO |
2013-11-02 | Name : The remote Fedora host is missing a security update. File : fedora_2013-19648.nasl - Type : ACT_GATHER_INFO |
2013-11-02 | Name : The remote Fedora host is missing a security update. File : fedora_2013-19654.nasl - Type : ACT_GATHER_INFO |
2013-10-25 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-2006-1.nasl - Type : ACT_GATHER_INFO |
2013-10-20 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2780.nasl - Type : ACT_GATHER_INFO |
2013-10-16 | Name : The remote database server may be affected by multiple vulnerabilities. File : mysql_5_6_13.nasl - Type : ACT_GATHER_INFO |
2013-10-16 | Name : The remote database server may be affected by multiple vulnerabilities. File : mysql_5_5_33.nasl - Type : ACT_GATHER_INFO |
2013-10-16 | Name : The remote database server may be affected by a denial of service vulnerability. File : mysql_5_1_71.nasl - Type : ACT_GATHER_INFO |
2013-08-30 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201308-06.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2012-1462.nasl - Type : ACT_GATHER_INFO |
2012-11-16 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20121114_mysql_on_SL6_x.nasl - Type : ACT_GATHER_INFO |
2012-11-15 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-1462.nasl - Type : ACT_GATHER_INFO |
2012-11-15 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2012-1462.nasl - Type : ACT_GATHER_INFO |
2012-07-13 | Name : The remote database server is affected by multiple unspecified vulnerabilities. File : mysql_5_5_23.nasl - Type : ACT_GATHER_INFO |
2012-06-29 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2496.nasl - Type : ACT_GATHER_INFO |
2012-06-11 | Name : The remote database server is affected by multiple vulnerabilities. File : mysql_5_1_63.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2013-10-17 13:19:58 |
|