CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
EPSS
Percentile
83.3%
According to the versions of the mariadb packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :
Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier, 5.6.32 and earlier, and 5.7.14 and earlier allows remote authenticated users to affect availability via vectors related to Server:
Optimizer.(CVE-2016-3492)
Unspecified vulnerability in Oracle MySQL 5.5.50 and earlier, 5.6.31 and earlier, and 5.7.13 and earlier allows remote authenticated users to affect availability via vectors related to DML.(CVE-2016-5612)
Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier, 5.6.32 and earlier, and 5.7.14 and earlier allows local users to affect confidentiality, integrity, and availability via vectors related to Server: MyISAM.(CVE-2016-5616i1/4%0
Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier allows remote authenticated users to affect availability via vectors related to DML.i1/4^CVE-2016-5624i1/4%0
Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier, 5.6.32 and earlier, and 5.7.14 and earlier allows remote authenticated users to affect availability via vectors related to GIS.i1/4^CVE-2016-5626i1/4%0
Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier, 5.6.32 and earlier, and 5.7.14 and earlier allows remote administrators to affect availability via vectors related to Server:
Federated.i1/4^CVE-2016-5629i1/4%0
Oracle MySQL through 5.5.52, 5.6.x through 5.6.33, and 5.7.x through 5.7.15 MariaDB before 5.5.51, 10.0.x before 10.0.27, and 10.1.x before 10.1.17 and Percona Server before 5.5.51-38.1, 5.6.x before 5.6.32-78.0, and 5.7.x before 5.7.14-7 allow local users to create arbitrary configurations and bypass certain protection mechanisms by setting general_log_file to a my.cnf configuration. NOTE: this can be leveraged to execute arbitrary code with root privileges by setting malloc_lib.i1/4^CVE-2016-6662i1/4%0
A race condition was found in the way MySQL performed MyISAM engine table repair. A database user with shell access to the server running mysqld could use this flaw to change permissions of arbitrary files writable by the mysql system user.i1/4^CVE-2016-6663i1/4%0
Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier, 5.6.32 and earlier, and 5.7.14 and earlier allows remote authenticated users to affect availability via vectors related to Server:
Types.i1/4^CVE-2016-8283i1/4%0
Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
include('deprecated_nasl_level.inc');
include('compat.inc');
if (description)
{
script_id(99824);
script_version("1.15");
script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/06");
script_cve_id(
"CVE-2016-3492",
"CVE-2016-5612",
"CVE-2016-5616",
"CVE-2016-5624",
"CVE-2016-5626",
"CVE-2016-5629",
"CVE-2016-6662",
"CVE-2016-6663",
"CVE-2016-8283"
);
script_name(english:"EulerOS 2.0 SP1 : mariadb (EulerOS-SA-2016-1062)");
script_summary(english:"Checks the rpm output for the updated packages.");
script_set_attribute(attribute:"synopsis", value:
"The remote EulerOS host is missing multiple security updates.");
script_set_attribute(attribute:"description", value:
"According to the versions of the mariadb packages installed, the
EulerOS installation on the remote host is affected by the following
vulnerabilities :
- Unspecified vulnerability in Oracle MySQL 5.5.51 and
earlier, 5.6.32 and earlier, and 5.7.14 and earlier
allows remote authenticated users to affect
availability via vectors related to Server:
Optimizer.(CVE-2016-3492)
- Unspecified vulnerability in Oracle MySQL 5.5.50 and
earlier, 5.6.31 and earlier, and 5.7.13 and earlier
allows remote authenticated users to affect
availability via vectors related to DML.(CVE-2016-5612)
- Unspecified vulnerability in Oracle MySQL 5.5.51 and
earlier, 5.6.32 and earlier, and 5.7.14 and earlier
allows local users to affect confidentiality,
integrity, and availability via vectors related to
Server: MyISAM.(CVE-2016-5616i1/4%0
- Unspecified vulnerability in Oracle MySQL 5.5.51 and
earlier allows remote authenticated users to affect
availability via vectors related to
DML.i1/4^CVE-2016-5624i1/4%0
- Unspecified vulnerability in Oracle MySQL 5.5.51 and
earlier, 5.6.32 and earlier, and 5.7.14 and earlier
allows remote authenticated users to affect
availability via vectors related to
GIS.i1/4^CVE-2016-5626i1/4%0
- Unspecified vulnerability in Oracle MySQL 5.5.51 and
earlier, 5.6.32 and earlier, and 5.7.14 and earlier
allows remote administrators to affect availability via
vectors related to Server:
Federated.i1/4^CVE-2016-5629i1/4%0
- Oracle MySQL through 5.5.52, 5.6.x through 5.6.33, and
5.7.x through 5.7.15 MariaDB before 5.5.51, 10.0.x
before 10.0.27, and 10.1.x before 10.1.17 and Percona
Server before 5.5.51-38.1, 5.6.x before 5.6.32-78.0,
and 5.7.x before 5.7.14-7 allow local users to create
arbitrary configurations and bypass certain protection
mechanisms by setting general_log_file to a my.cnf
configuration. NOTE: this can be leveraged to execute
arbitrary code with root privileges by setting
malloc_lib.i1/4^CVE-2016-6662i1/4%0
- A race condition was found in the way MySQL performed
MyISAM engine table repair. A database user with shell
access to the server running mysqld could use this flaw
to change permissions of arbitrary files writable by
the mysql system user.i1/4^CVE-2016-6663i1/4%0
- Unspecified vulnerability in Oracle MySQL 5.5.51 and
earlier, 5.6.32 and earlier, and 5.7.14 and earlier
allows remote authenticated users to affect
availability via vectors related to Server:
Types.i1/4^CVE-2016-8283i1/4%0
Note that Tenable Network Security has extracted the preceding
description block directly from the EulerOS security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues.");
# https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2016-1062
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?a6d2a717");
script_set_attribute(attribute:"solution", value:
"Update the affected mariadb packages.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H");
script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:O/RC:C");
script_set_attribute(attribute:"patch_publication_date", value:"2016/11/03");
script_set_attribute(attribute:"plugin_publication_date", value:"2017/05/01");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:mariadb");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:mariadb-bench");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:mariadb-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:mariadb-embedded");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:mariadb-libs");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:mariadb-server");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:mariadb-test");
script_set_attribute(attribute:"cpe", value:"cpe:/o:huawei:euleros:2.0");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Huawei Local Security Checks");
script_copyright(english:"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/EulerOS/release", "Host/EulerOS/rpm-list", "Host/EulerOS/sp");
script_exclude_keys("Host/EulerOS/uvp_version");
exit(0);
}
include("audit.inc");
include("global_settings.inc");
include("rpm.inc");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/EulerOS/release");
if (isnull(release) || release !~ "^EulerOS") audit(AUDIT_OS_NOT, "EulerOS");
if (release !~ "^EulerOS release 2\.0(\D|$)") audit(AUDIT_OS_NOT, "EulerOS 2.0");
sp = get_kb_item("Host/EulerOS/sp");
if (isnull(sp) || sp !~ "^(1)$") audit(AUDIT_OS_NOT, "EulerOS 2.0 SP1");
uvp = get_kb_item("Host/EulerOS/uvp_version");
if (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, "EulerOS 2.0 SP1", "EulerOS UVP " + uvp);
if (!get_kb_item("Host/EulerOS/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "aarch64" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "EulerOS", cpu);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_ARCH_NOT, "i686 / x86_64", cpu);
flag = 0;
pkgs = ["mariadb-5.5.52-1",
"mariadb-bench-5.5.52-1",
"mariadb-devel-5.5.52-1",
"mariadb-embedded-5.5.52-1",
"mariadb-libs-5.5.52-1",
"mariadb-server-5.5.52-1",
"mariadb-test-5.5.52-1"];
foreach (pkg in pkgs)
if (rpm_check(release:"EulerOS-2.0", sp:"1", reference:pkg)) flag++;
if (flag)
{
security_report_v4(
port : 0,
severity : SECURITY_HOLE,
extra : rpm_report_get()
);
exit(0);
}
else
{
tested = pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, "mariadb");
}
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3492
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5612
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5616
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5624
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5626
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5629
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6662
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6663
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8283
www.nessus.org/u?a6d2a717
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
EPSS
Percentile
83.3%