5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
0.892 High
EPSS
Percentile
98.8%
The version of MySQL running on the remote host is version 5.5.x prior to 5.5.42 or version 5.6.x prior to 5.6.23. It is, therefore, potentially affected by multiple denial of service vulnerabilities :
A NULL pointer dereference flaw exists when the SSLv3 option isn’t enabled and an SSLv3 ClientHello is received. This allows a remote attacker, using an unexpected handshake, to crash the daemon, resulting in a denial of service. (CVE-2014-3569)
Additionally, there are unspecified flaws in the following MySQL subcomponents that allow a denial of service by an authenticated, remote attacker :
#
# (C) Tenable Network Security, Inc.
#
include("compat.inc");
if (description)
{
script_id(82799);
script_version("1.8");
script_cvs_date("Date: 2018/11/15 20:50:21");
script_cve_id(
"CVE-2014-3569",
"CVE-2015-0405",
"CVE-2015-0423",
"CVE-2015-0433",
"CVE-2015-0438",
"CVE-2015-0439",
"CVE-2015-0441",
"CVE-2015-2566",
"CVE-2015-2568",
"CVE-2015-2573"
);
script_bugtraq_id(
71934,
74073,
74078,
74085,
74089,
74091,
74098,
74103,
74110,
74126
);
script_name(english:"MySQL 5.5.x < 5.5.42 / 5.6.x < 5.6.23 Multiple DoS Vulnerabilities (April 2015 CPU)");
script_summary(english:"Checks the version of MySQL server.");
script_set_attribute(attribute:"synopsis", value:
"The remote database server is affected by multiple denial of service
vulnerabilities.");
script_set_attribute(attribute:"description", value:
"The version of MySQL running on the remote host is version 5.5.x
prior to 5.5.42 or version 5.6.x prior to 5.6.23. It is, therefore,
potentially affected by multiple denial of service vulnerabilities :
- A NULL pointer dereference flaw exists when the SSLv3
option isn't enabled and an SSLv3 ClientHello is
received. This allows a remote attacker, using an
unexpected handshake, to crash the daemon, resulting in
a denial of service. (CVE-2014-3569)
- Additionally, there are unspecified flaws in the
following MySQL subcomponents that allow a denial of
service by an authenticated, remote attacker :
- XA (CVE-2015-0405)
- Optimizer (CVE-2015-0423)
- InnoDB : DML (CVE-2015-0433)
- Partition (CVE-2015-0438)
- InnoDB (CVE-2015-0439)
- Security : Encryption (CVE-2015-0441)
- DML (CVE-2015-2566)
- Security : Privileges (CVE-2015-2568)
- DDL (CVE-2015-2573)");
# https://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html#AppendixMSQL
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?915d056a");
script_set_attribute(attribute:"solution", value:
"Upgrade to MySQL version 5.5.42 / 5.6.23 or later as referenced in the
Oracle April 2015 Critical Patch Update advisory.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"exploit_available", value:"false");
script_set_attribute(attribute:"vuln_publication_date", value:"2014/10/16");
script_set_attribute(attribute:"patch_publication_date", value:"2015/04/14");
script_set_attribute(attribute:"plugin_publication_date", value:"2015/04/15");
script_set_attribute(attribute:"potential_vulnerability", value:"true");
script_set_attribute(attribute:"plugin_type", value:"remote");
script_set_attribute(attribute:"cpe", value:"cpe:/a:oracle:mysql");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Databases");
script_copyright(english:"This script is Copyright (C) 2015-2018 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("mysql_version.nasl", "mysql_login.nasl");
script_require_keys("Settings/ParanoidReport");
script_require_ports("Services/mysql", 3306);
exit(0);
}
include("mysql_version.inc");
mysql_check_version(fixed:make_list('5.5.42', '5.6.23'), severity:SECURITY_WARNING);
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3569
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0405
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0423
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0433
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0438
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0439
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0441
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2566
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2568
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2573
www.nessus.org/u?915d056a