Lucene search

[email protected]CVE-2014-0001

HistoryJan 31, 2014 - 11:55 p.m.

CVE-2014-0001

2014-01-3123:55:04

CWE-119

[email protected]

web.nvd.nist.gov

110

mysql

mariadb

buffer overflow

cve-2014-0001

security vulnerability

remote exploitation

denial of service

code execution

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.2 High

AI Score

Confidence

High

0.952 High

EPSS

Percentile

99.4%

JSON

Buffer overflow in client/mysql.cc in Oracle MySQL and MariaDB before 5.5.35 allows remote database servers to cause a denial of service (crash) and possibly execute arbitrary code via a long server version string.

Affected configurations

NVD

Node

mariadbmariadbRange≤5.5.34

Node

redhatenterprise_linuxMatch5

redhatenterprise_linuxMatch5client_workstation

redhatenterprise_linuxMatch5server

redhatenterprise_linuxMatch6.0

redhatenterprise_linux_desktopMatch5.0

redhatenterprise_linux_desktopMatch6.0

redhatenterprise_linux_serverMatch6.0

redhatenterprise_linux_workstationMatch6.0

Node

oraclemysqlMatch5.5.0

oraclemysqlMatch5.5.1

oraclemysqlMatch5.5.2

oraclemysqlMatch5.5.3

oraclemysqlMatch5.5.4

oraclemysqlMatch5.5.5

oraclemysqlMatch5.5.6

oraclemysqlMatch5.5.7

oraclemysqlMatch5.5.9

oraclemysqlMatch5.5.10

oraclemysqlMatch5.5.11

oraclemysqlMatch5.5.12

oraclemysqlMatch5.5.13

oraclemysqlMatch5.5.14

oraclemysqlMatch5.5.15

oraclemysqlMatch5.5.16

oraclemysqlMatch5.5.17

oraclemysqlMatch5.5.18

oraclemysqlMatch5.5.19

oraclemysqlMatch5.5.20

oraclemysqlMatch5.5.21

oraclemysqlMatch5.5.22

oraclemysqlMatch5.5.23

oraclemysqlMatch5.5.24

oraclemysqlMatch5.5.25

oraclemysqlMatch5.5.25a

oraclemysqlMatch5.5.26

oraclemysqlMatch5.5.27

oraclemysqlMatch5.5.28

oraclemysqlMatch5.5.29

oraclemysqlMatch5.5.30

oraclemysqlMatch5.5.31

oraclemysqlMatch5.5.32

oraclemysqlMatch5.5.33

oraclemysqlMatch5.5.34

oraclemysqlMatch5.5.35

oraclemysqlMatch5.5.36

Node

oraclemysqlMatch5.6.0

oraclemysqlMatch5.6.1

oraclemysqlMatch5.6.2

oraclemysqlMatch5.6.3

oraclemysqlMatch5.6.4

oraclemysqlMatch5.6.5

oraclemysqlMatch5.6.6

oraclemysqlMatch5.6.7

oraclemysqlMatch5.6.8

oraclemysqlMatch5.6.9

oraclemysqlMatch5.6.10

oraclemysqlMatch5.6.11

oraclemysqlMatch5.6.12

oraclemysqlMatch5.6.13

oraclemysqlMatch5.6.14

oraclemysqlMatch5.6.15

oraclemysqlMatch5.6.16

CPENameOperatorVersion
mariadb:mariadbmariadble5.5.34

CPE	Name	Operator	Version
mariadb:mariadb	mariadb	le	5.5.34

References

bazaar.launchpad.net/~maria-captains/maria/5.5/revision/2502.565.64

osvdb.org/102713

rhn.redhat.com/errata/RHSA-2014-0164.html

rhn.redhat.com/errata/RHSA-2014-0173.html

rhn.redhat.com/errata/RHSA-2014-0186.html

rhn.redhat.com/errata/RHSA-2014-0189.html

secunia.com/advisories/52161

security.gentoo.org/glsa/glsa-201409-04.xml

www.mandriva.com/security/advisories?name=MDVSA-2014:029

www.osvdb.org/102714

www.securityfocus.com/bid/65298

www.securitytracker.com/id/1029708

bugzilla.redhat.com/show_bug.cgi?id=1054592

exchange.xforce.ibmcloud.com/vulnerabilities/90901

mariadb.com/kb/en/mariadb-5535-changelog/

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.2 High

AI Score

Confidence

High

0.952 High

EPSS

Percentile

99.4%

JSON

Related for CVE-2014-0001

nessus22 openvas35 slackware1 ubuntucve1 checkpoint_advisories1 prion1 nvd1 cvelist1 debian3 osv2 oraclelinux2 veracode7 centos4 amazon1 redhat4 fedora8 ubuntu1 suse1 gentoo1 oracle1