| VID |
25258 |
| Severity |
30 |
| Port |
3306 |
| Protocol |
TCP |
| Class |
DB |
| Detailed Description |
The version of MariaDB running on the remote host is 10.2.x prior to 10.2.10. It is, therefore, affected by multiple vulnerabilities.
- Crash in libmysqlclient.so in Oracle MySQL (CVE-2017-3302)
- Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: MyISAM) (CVE-2017-3313)
- Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer) (CVE-2017-3453)
- Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML) (CVE-2017-3456)
- Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL) (CVE-2017-3464)
- Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Client programs) (CVE-2017-3636)
* references :
https://mariadb.com/kb/en/mariadb/mariadb-10210-changelog/
https://mariadb.com/kb/en/library/security/ |
| Recommendation |
Upgrade to the latest version of MariaDB (10.2.10 or later), available from the MariaDB Web site at https://downloads.mariadb.org/ |
| Related URL |
CVE-2017-3302,CVE-2017-3308,CVE-2017-3309,CVE-2017-3313,CVE-2017-3453,CVE-2017-3456,CVE-2017-3464,CVE-2017-3636,CVE-2017-3641,CVE-2017-3653 (CVE) |
| Related URL |
95527,96162,97725,97742,97776,97831,99736,99767,99810,101390,101375,101415,101406 (SecurityFocus) |
| Related URL |
(ISS) |
|
