Korean
<< Back
VID 25257
Severity 30
Port 3306
Protocol TCP
Class DB
Detailed Description The version of MariaDB running on the remote host is prior to 10.1.x prior to 10.1.27. It is, therefore, affected by multiple vulnerabilities.

- Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML) (CVE-2017-3308, CVE-2017-3456, CVE-2017-3641)

- Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer) (CVE-2017-3309, CVE-2017-3453)

- Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL) (CVE-2017-3464, CVE-2017-3653)

- Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Client programs) (CVE-2017-3636, CVE-2017-10379)
- Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: InnoDB) (CVE-2017-10286)

* references :
https://mariadb.com/kb/en/mariadb/mariadb-10127-changelog/
https://mariadb.com/kb/en/library/security/
Recommendation Upgrade to the latest version of MariaDB (10.1.27 or later), available from the MariaDB Web site at https://downloads.mariadb.org/
Related URL CVE-2017-3308,CVE-2017-3309,CVE-2017-3453,CVE-2017-3456,CVE-2017-3464,CVE-2017-3636,CVE-2017-3641,CVE-2017-3653,CVE-2017-10286,CVE-2017-10379 (CVE)
Related URL 97725,97742,97776,97818,97831,99736,99767,99810,101397,101415,101406 (SecurityFocus)
Related URL (ISS)