Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
kasperskyKaspersky LabKLA10553
HistoryApr 16, 2015 - 12:00 a.m.

KLA10553 Denial of service vulnerabilities in Oracle MySQL

2015-04-1600:00:00
Kaspersky Lab
threats.kaspersky.com
29

5.7 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

MULTIPLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:M/Au:M/C:N/I:N/A:C

5.8 Medium

AI Score

Confidence

Low

0.892 High

EPSS

Percentile

98.8%

JSON

An unspecified vulnerabilities were found in Oracle MySQL. By exploiting these vulnerabilities malicious users can affect availability. These vulnerabilities can be exploited remotely via an unknown vectors related to InnoDB, Federated, DDL, Partition, SP, XA, Encryption and other unknown vectors.

Original advisories

Oracle bulletin

Exploitation

Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.

Related products

Oracle-MySQL

CVE list

CVE-2014-3569 warning

CVE-2015-0508 warning

CVE-2015-0498 warning

CVE-2015-0499 warning

CVE-2015-0433 warning

CVE-2015-0438 warning

CVE-2015-0439 warning

CVE-2015-0506 warning

CVE-2015-0507 warning

CVE-2015-0505 warning

CVE-2015-0503 warning

CVE-2015-0500 warning

CVE-2015-0501 high

CVE-2015-0405 warning

CVE-2015-0423 warning

CVE-2015-0441 warning

CVE-2015-2573 warning

CVE-2015-2571 warning

CVE-2015-2568 warning

CVE-2015-2567 warning

CVE-2015-2566 warning

CVE-2015-0511 warning

Solution

Update to the latest version

Get MySQL

Impacts

  • DoS

Denial of service. Exploitation of vulnerabilities with this impact can lead to loss of system availability or critical functional fault.

  • SB

Security bypass. Exploitation of vulnerabilities with this impact can lead to performing actions restricted by current security settings.

  • LoI

Loss of integrity. Exploitation of vulnerabilities with this impact can lead to partial system fault or system components connection disruption.

Affected Products

  • Oracle MySQL Server 5.6 versions earlier than 5.6.24Oracle MySQL Server versions earlier than 5.5.43

Related

openvas 28
gentoo 1
f5 2
nessus 28
ibm 1
slackware 2
osv 3
debian 4
ubuntu 1
suse 3
securityvulns 2
mageia 1
archlinux 1
veracode 12
redhat 4
nvd 18
cvelist 19
prion 18
cve 19
ubuntucve 19
oraclelinux 2
centos 2
openssl 1
mariadbunix 6
checkpoint_advisories 1
oracle 1
openvas
openvas
Gentoo Security Advisory GLSA 201507-19
2015-09-29 00:00:00
Oracle MySQL Multiple Unspecified vulnerabilities-04 (Apr 2015) - Windows
2015-04-22 00:00:00
Oracle MySQL Multiple Unspecified Vulnerabilities-04 (Jun 2016) - Linux
2016-06-03 00:00:00
gentoo
gentoo
MySQL: Multiple vulnerabilities
2015-07-10 00:00:00
f5
f5
SOL17115 - Multiple MySQL vulnerabilities
2015-08-14 00:00:00
K17115 : Multiple MySQL vulnerabilities
2015-10-20 00:00:00
nessus
nessus
GLSA-201507-19 : MySQL: Multiple vulnerabilities
2015-09-23 00:00:00
MySQL 5.5.x < 5.5.43 / 5.6.x < 5.6.24 Multiple DoS Vulnerabilities (April 2015 CPU)
2015-04-15 00:00:00
MySQL 5.5.x < 5.5.42 / 5.6.x < 5.6.23 Multiple DoS Vulnerabilities (April 2015 CPU)
2015-04-15 00:00:00
ibm
ibm
Security Bulletin: Security vulnerabilities have been identified in Oracle MySQL shipped with IBM Tivoli Network Manager IP Edition (Oracle Advisory - April 2015)
2018-06-17 15:01:46
slackware
slackware
[slackware-security] mysql
2015-05-12 07:24:16
[slackware-security] mariadb
2015-05-12 07:24:00
osv
osv
mysql-5.5 - security update
2015-04-19 00:00:00
mariadb-10.0 - security update
2015-07-20 00:00:00
mysql-5.5 packages as an option announcement
2015-12-16 00:00:00
debian
debian
[SECURITY] [DSA 3229-1] mysql-5.5 security update
2015-04-19 06:02:46
[SECURITY] [DSA 3229-1] mysql-5.5 security update
2015-04-19 06:02:46
[SECURITY] [DSA 3311-1] mariadb-10.0 security update
2015-07-20 05:25:41
ubuntu
ubuntu
MySQL vulnerabilities
2015-04-21 00:00:00
suse
suse
Security update for MySQL (important)
2015-05-26 15:04:53
Security update for mariadb (important)
2015-07-21 16:08:23
Security update for MariaDB (important)
2015-07-09 17:08:05
securityvulns
securityvulns
[SECURITY] [DSA 3311-1] mariadb-10.0 security update
2015-07-20 00:00:00
Oracle / Sun / PeopleSoft / MySQL multiple security vulnerabilities
2015-04-17 00:00:00
mageia
mageia
Updated mariadb packages fix security vulnerabilities
2015-05-06 18:16:01
archlinux
archlinux
mariadb: denial of service
2015-05-08 00:00:00
veracode
veracode
Denial Of Service (DoS)
2019-05-02 05:17:52
Denial Of Service (DoS)
2019-05-02 05:17:52
Denial Of Service (DoS)
2019-05-02 05:17:52
redhat
redhat
(RHSA-2015:1665) Moderate: mariadb security update
2015-08-24 00:00:00
(RHSA-2015:1629) Moderate: mysql55-mysql security update
2015-08-17 00:00:00
(RHSA-2015:1647) Moderate: mariadb55-mariadb security update
2015-08-20 00:00:00
nvd
nvd
CVE-2015-0508
2015-04-16 16:59:56
CVE-2015-0506
2015-04-16 16:59:54
CVE-2015-2567
2015-04-16 17:00:01
cvelist
cvelist
CVE-2015-0506
2015-04-16 16:00:00
CVE-2015-0508
2015-04-16 16:00:00
CVE-2015-2567
2015-04-16 16:00:00
prion
prion
Design/Logic Flaw
2015-04-16 16:59:00
Design/Logic Flaw
2015-04-16 16:59:00
Design/Logic Flaw
2015-04-16 17:00:00
cve
cve
CVE-2015-0508
2015-04-16 16:59:56
CVE-2015-0506
2015-04-16 16:59:54
CVE-2015-2567
2015-04-16 17:00:01
ubuntucve
ubuntucve
CVE-2015-0506
2015-04-16 00:00:00
CVE-2015-0508
2015-04-16 00:00:00
CVE-2015-2567
2015-04-16 00:00:00
oraclelinux
oraclelinux
mariadb security update
2015-08-24 00:00:00
mysql55-mysql security update
2015-08-17 00:00:00
centos
centos
mariadb security update
2015-08-25 16:08:22
mysql55 security update
2015-08-17 15:20:46
openssl
openssl
Vulnerability in OpenSSL CVE-2014-3569
2014-10-21 00:00:00
mariadbunix
mariadbunix
CVE-2015-2571
2015-04-16 17:00:00
CVE-2015-0501
2015-04-16 16:59:00
CVE-2015-2573
2015-04-16 17:00:00
checkpoint_advisories
checkpoint_advisories
OpenSSL ssl23_get_client_hello Function Denial of Service (CVE-2014-3569)
2015-01-12 00:00:00
oracle
oracle
Oracle Critical Patch Update - April 2015
2015-04-14 00:00:00

5.7 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

MULTIPLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:M/Au:M/C:N/I:N/A:C

5.8 Medium

AI Score

Confidence

Low

0.892 High

EPSS

Percentile

98.8%

JSON
Related for KLA10553
openvas28gentoo1f52nessus28ibm1slackware2osv3debian4ubuntu1suse3securityvulns2mageia1archlinux1veracode12redhat4nvd18cvelist19prion18cve19ubuntucve19oraclelinux2centos2openssl1mariadbunix6checkpoint_advisories1oracle1