| VID |
25190 |
| Severity |
40 |
| Port |
3306 |
| Protocol |
TCP |
| Class |
DB |
| Detailed Description |
The version of MySQL running on the remote host is 5.5.x prior to 5.5.52. It is, therefore, affected by multiple vulnerabilities :
- An unspecified flaw exists that allows an authenticated, remote attacker to bypass restrictions and create the /var/lib/mysql/my.cnf file with custom contents without the FILE privilege requirement. (CVE-2016-6663)
- A flaw exists that is related to the use of temporary files by REPAIR TABLE. An authenticated, remote attacker can exploit this to gain elevated privileges.
- A buffer overflow condition exists when handling long integer values in MEDIUMINT columns due to the improper validation of certain input. An authenticated, remote attacker can exploit this to cause a denial of service condition or the execution of arbitrary code.
- An unspecified flaw exists due to how a prepared statement uses a parameter in the select list of a derived table that was part of a join. An authenticated, remote attacker can exploit this to cause a server exit, resulting in a denial of service condition.
* Note: This check solely relied on the banner of the remote MySQL server to assess this vulnerability, so this might be a false positive.
* References:
http://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-52.html
* Platforms Affected:
MariaDB versions 5.5.x prior to 5.5.52
Any operating system Any version |
| Recommendation |
Upgrade to the latest version of MySQL (5.5.52 or later), available from the MySQL Web site at http://www.mysql.com/ |
| Related URL |
CVE-2016-6663 (CVE) |
| Related URL |
92911 (SecurityFocus) |
| Related URL |
(ISS) |
|
