Lucene search

K
nessusTenable9618.PRM
HistorySep 30, 2016 - 12:00 a.m.

Oracle MySQL 5.7.x < 5.7.15 Multiple Vulnerabilities

2016-09-3000:00:00
Tenable
www.tenable.com
15

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:S/C:N/I:N/A:C

CVSS3

7

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS

0.003

Percentile

71.5%

The version of MySQL installed on the remote host is version 5.7.x prior to 5.7.15 and is affected by multiple issues :

  • A flaw exists related to the way β€˜REPAIR TABLE’ uses temporary files. This may allow an authenticated attacker to gain elevated privileges.
  • A flaw exists in InnoDB that is triggered during the handling of an operation that dropped and created a full-text search table. This may allow an authenticated attacker to trigger an assertion and cause a denial of service.
  • A flaw exists in InnoDB that is triggered when accessing full-text search auxiliary tables while dropping the indexed table. This may allow an authenticated attacker to trigger an assertion and cause a denial of service.
  • An overflow condition exists that is triggered as certain input is not properly validated when handling long integer values in β€˜MEDIUMINT’ columns. This may allow an authenticated attacker to cause a buffer overflow, resulting in a denial of service or potentially allowing the execution of arbitrary code.
  • A flaw exists in the β€˜validate_password’ plugin that is triggered as rejected passwords are logged in plaintext on the error log. This may allow a local attacker to gain access to passwords that did not meet the password policy, but may potentially be very close to the password ultimately chosen and accepted.
  • A flaw exists in InnoDB that is triggered during the handling of an β€˜ALTER TABLE … ENCRYPTION=Y, ALGORITHM=COPY’ operation on a table residing in the system tablespace. This may allow an authenticated attacker to crash the server.
  • An unspecified flaw exists related to the Optimizer subcomponent. This may allow an authenticated remote attacker to cause a denial of service. No further details have been provided by the vendor. (CVE-2016-3492)
  • An unspecified flaw exists related to the InnoDB subcomponent. This may allow an authenticated remote attacker to cause a denial of service. No further details have been provided by the vendor. (CVE-2016-5507)
  • An unspecified flaw exists related to the MyISAM subcomponent. This may allow a local attacker to gain elevated privileges. No further details have been provided by the vendor. (CVE-2016-5616)
  • An unspecified flaw exists related to the Error Handling subcomponent. This may allow a local attacker to gain elevated privileges. No further details have been provided by the vendor. (CVE-2016-5617)
  • An unspecified flaw exists related to the Packaging subcomponent. This may allow a local attacker to gain elevated privileges. No further details have been provided by the vendor. (CVE-2016-5625)
  • An unspecified flaw exists related to the GIS subcomponent. This may allow an authenticated remote attacker to cause a denial of service. No further details have been provided by the vendor. (CVE-2016-5626)
  • An unspecified flaw exists related to the Federated subcomponent. This may allow an authenticated remote attacker to cause a denial of service. No further details have been provided by the vendor. (CVE-2016-5629)
  • An unspecified flaw exists related to the Optimizer subcomponent. This may allow an authenticated remote attacker to cause a denial of service. No further details have been provided by the vendor. (2016-5632)
  • An unspecified flaw exists related to the Types subcomponent. This may allow an authenticated remote attacker to cause a denial of service. No further details have been provided by the vendor. (CVE-2016-8283)
  • An unspecified flaw exists related to the Security: Privileges subcomponent. This may allow an authenticated remote attacker to disclose potentially sensitive information. No further details have been provided by the vendor. (CVE-2016-8286)
Binary data 9618.prm

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:S/C:N/I:N/A:C

CVSS3

7

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS

0.003

Percentile

71.5%