Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.OPENSUSE-2012-273.NASL
HistoryJun 13, 2014 - 12:00 a.m.

openSUSE Security Update : mysql-community-server (openSUSE-2012-273)

2014-06-1300:00:00
This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
17

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:S/C:N/I:N/A:C

0.017 Low

EPSS

Percentile

88.1%

JSON

mysql update to version 5.5.23 fixes several security issues and bugs.
Please refer to the following upstream announcements for details :

#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from openSUSE Security Update openSUSE-2012-273.
#
# The text description of this plugin is (C) SUSE LLC.
#

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(74623);
  script_version("1.6");
  script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/19");

  script_cve_id("CVE-2011-2262", "CVE-2012-0075", "CVE-2012-0112", "CVE-2012-0113", "CVE-2012-0114", "CVE-2012-0115", "CVE-2012-0116", "CVE-2012-0117", "CVE-2012-0118", "CVE-2012-0119", "CVE-2012-0120", "CVE-2012-0484", "CVE-2012-0485", "CVE-2012-0486", "CVE-2012-0487", "CVE-2012-0488", "CVE-2012-0489", "CVE-2012-0490", "CVE-2012-0491", "CVE-2012-0492", "CVE-2012-0493", "CVE-2012-0494", "CVE-2012-0495", "CVE-2012-0496", "CVE-2012-0583", "CVE-2012-1688", "CVE-2012-1690", "CVE-2012-1696", "CVE-2012-1697", "CVE-2012-1703");

  script_name(english:"openSUSE Security Update : mysql-community-server (openSUSE-2012-273)");
  script_summary(english:"Check for the openSUSE-2012-273 patch");

  script_set_attribute(
    attribute:"synopsis", 
    value:"The remote openSUSE host is missing a security update."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"mysql update to version 5.5.23 fixes several security issues and bugs.
Please refer to the following upstream announcements for details :

  - http://dev.mysql.com/doc/refman/5.5/en/news-5-5-16.html

  - http://dev.mysql.com/doc/refman/5.5/en/news-5-5-17.html

  - http://dev.mysql.com/doc/refman/5.5/en/news-5-5-18.html

  - http://dev.mysql.com/doc/refman/5.5/en/news-5-5-19.html

  - http://dev.mysql.com/doc/refman/5.5/en/news-5-5-20.html

  - http://dev.mysql.com/doc/refman/5.5/en/news-5-5-21.html

  - http://dev.mysql.com/doc/refman/5.5/en/news-5-5-22.html

  - http://dev.mysql.com/doc/refman/5.5/en/news-5-5-23.html"
  );
  # http://dev.mysql.com/doc/refman/5.5/en/news-5-5-16.html
  script_set_attribute(
    attribute:"see_also",
    value:"https://dev.mysql.com/doc/refman/5.5/en/news-5-5-16.html"
  );
  # http://dev.mysql.com/doc/refman/5.5/en/news-5-5-17.html
  script_set_attribute(
    attribute:"see_also",
    value:"https://dev.mysql.com/doc/refman/5.5/en/news-5-5-17.html"
  );
  # http://dev.mysql.com/doc/refman/5.5/en/news-5-5-18.html
  script_set_attribute(
    attribute:"see_also",
    value:"https://dev.mysql.com/doc/refman/5.5/en/news-5-5-18.html"
  );
  # http://dev.mysql.com/doc/refman/5.5/en/news-5-5-19.html
  script_set_attribute(
    attribute:"see_also",
    value:"https://dev.mysql.com/doc/refman/5.5/en/news-5-5-19.html"
  );
  # http://dev.mysql.com/doc/refman/5.5/en/news-5-5-20.html
  script_set_attribute(
    attribute:"see_also",
    value:"https://dev.mysql.com/doc/refman/5.5/en/news-5-5-20.html"
  );
  # http://dev.mysql.com/doc/refman/5.5/en/news-5-5-21.html
  script_set_attribute(
    attribute:"see_also",
    value:"https://dev.mysql.com/doc/refman/5.5/en/news-5-5-21.html"
  );
  # http://dev.mysql.com/doc/refman/5.5/en/news-5-5-22.html
  script_set_attribute(
    attribute:"see_also",
    value:"https://dev.mysql.com/doc/refman/5.5/en/news-5-5-22.html"
  );
  # http://dev.mysql.com/doc/refman/5.5/en/news-5-5-23.html
  script_set_attribute(
    attribute:"see_also",
    value:"https://dev.mysql.com/doc/refman/5.5/en/news-5-5-23.html"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.novell.com/show_bug.cgi?id=734436"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.novell.com/show_bug.cgi?id=742272"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.novell.com/show_bug.cgi?id=758460"
  );
  script_set_attribute(
    attribute:"solution", 
    value:"Update the affected mysql-community-server packages."
  );
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:S/C:N/I:N/A:C");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libmysqlclient-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libmysqlclient-devel-32bit");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libmysqlclient18");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libmysqlclient18-32bit");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libmysqlclient18-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libmysqlclient18-debuginfo-32bit");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libmysqlclient_r18");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libmysqlclient_r18-32bit");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libmysqld-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libmysqld18");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libmysqld18-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mysql-community-server");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mysql-community-server-bench");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mysql-community-server-bench-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mysql-community-server-client");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mysql-community-server-client-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mysql-community-server-debug");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mysql-community-server-debug-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mysql-community-server-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mysql-community-server-debugsource");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mysql-community-server-test");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mysql-community-server-test-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mysql-community-server-tools");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mysql-community-server-tools-debuginfo");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:12.1");

  script_set_attribute(attribute:"vuln_publication_date", value:"2012/01/18");
  script_set_attribute(attribute:"patch_publication_date", value:"2012/05/08");
  script_set_attribute(attribute:"plugin_publication_date", value:"2014/06/13");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.");
  script_family(english:"SuSE Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("rpm.inc");

if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/SuSE/release");
if (isnull(release) || release =~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "openSUSE");
if (release !~ "^(SUSE12\.1)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "12.1", release);
if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

ourarch = get_kb_item("Host/cpu");
if (!ourarch) audit(AUDIT_UNKNOWN_ARCH);
if (ourarch !~ "^(i586|i686|x86_64)$") audit(AUDIT_ARCH_NOT, "i586 / i686 / x86_64", ourarch);

flag = 0;

if ( rpm_check(release:"SUSE12.1", reference:"libmysqlclient-devel-5.5.23-3.6.1") ) flag++;
if ( rpm_check(release:"SUSE12.1", reference:"libmysqlclient18-5.5.23-3.6.1") ) flag++;
if ( rpm_check(release:"SUSE12.1", reference:"libmysqlclient18-debuginfo-5.5.23-3.6.1") ) flag++;
if ( rpm_check(release:"SUSE12.1", reference:"libmysqlclient_r18-5.5.23-3.6.1") ) flag++;
if ( rpm_check(release:"SUSE12.1", reference:"libmysqld-devel-5.5.23-3.6.1") ) flag++;
if ( rpm_check(release:"SUSE12.1", reference:"libmysqld18-5.5.23-3.6.1") ) flag++;
if ( rpm_check(release:"SUSE12.1", reference:"libmysqld18-debuginfo-5.5.23-3.6.1") ) flag++;
if ( rpm_check(release:"SUSE12.1", reference:"mysql-community-server-5.5.23-3.6.1") ) flag++;
if ( rpm_check(release:"SUSE12.1", reference:"mysql-community-server-bench-5.5.23-3.6.1") ) flag++;
if ( rpm_check(release:"SUSE12.1", reference:"mysql-community-server-bench-debuginfo-5.5.23-3.6.1") ) flag++;
if ( rpm_check(release:"SUSE12.1", reference:"mysql-community-server-client-5.5.23-3.6.1") ) flag++;
if ( rpm_check(release:"SUSE12.1", reference:"mysql-community-server-client-debuginfo-5.5.23-3.6.1") ) flag++;
if ( rpm_check(release:"SUSE12.1", reference:"mysql-community-server-debug-5.5.23-3.6.1") ) flag++;
if ( rpm_check(release:"SUSE12.1", reference:"mysql-community-server-debug-debuginfo-5.5.23-3.6.1") ) flag++;
if ( rpm_check(release:"SUSE12.1", reference:"mysql-community-server-debuginfo-5.5.23-3.6.1") ) flag++;
if ( rpm_check(release:"SUSE12.1", reference:"mysql-community-server-debugsource-5.5.23-3.6.1") ) flag++;
if ( rpm_check(release:"SUSE12.1", reference:"mysql-community-server-test-5.5.23-3.6.1") ) flag++;
if ( rpm_check(release:"SUSE12.1", reference:"mysql-community-server-test-debuginfo-5.5.23-3.6.1") ) flag++;
if ( rpm_check(release:"SUSE12.1", reference:"mysql-community-server-tools-5.5.23-3.6.1") ) flag++;
if ( rpm_check(release:"SUSE12.1", reference:"mysql-community-server-tools-debuginfo-5.5.23-3.6.1") ) flag++;
if ( rpm_check(release:"SUSE12.1", cpu:"x86_64", reference:"libmysqlclient-devel-32bit-5.5.23-3.6.1") ) flag++;
if ( rpm_check(release:"SUSE12.1", cpu:"x86_64", reference:"libmysqlclient18-32bit-5.5.23-3.6.1") ) flag++;
if ( rpm_check(release:"SUSE12.1", cpu:"x86_64", reference:"libmysqlclient18-debuginfo-32bit-5.5.23-3.6.1") ) flag++;
if ( rpm_check(release:"SUSE12.1", cpu:"x86_64", reference:"libmysqlclient_r18-32bit-5.5.23-3.6.1") ) flag++;

if (flag)
{
  if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());
  else security_warning(0);
  exit(0);
}
else
{
  tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, "libmysqlclient-devel-32bit / libmysqlclient-devel / etc");
}
VendorProductVersionCPE
novellopensuselibmysqlclient-develp-cpe:/a:novell:opensuse:libmysqlclient-devel
novellopensuselibmysqlclient-devel-32bitp-cpe:/a:novell:opensuse:libmysqlclient-devel-32bit
novellopensuselibmysqlclient18p-cpe:/a:novell:opensuse:libmysqlclient18
novellopensuselibmysqlclient18-32bitp-cpe:/a:novell:opensuse:libmysqlclient18-32bit
novellopensuselibmysqlclient18-debuginfop-cpe:/a:novell:opensuse:libmysqlclient18-debuginfo
novellopensuselibmysqlclient18-debuginfo-32bitp-cpe:/a:novell:opensuse:libmysqlclient18-debuginfo-32bit
novellopensuselibmysqlclient_r18p-cpe:/a:novell:opensuse:libmysqlclient_r18
novellopensuselibmysqlclient_r18-32bitp-cpe:/a:novell:opensuse:libmysqlclient_r18-32bit
novellopensuselibmysqld-develp-cpe:/a:novell:opensuse:libmysqld-devel
novellopensuselibmysqld18p-cpe:/a:novell:opensuse:libmysqld18
Rows per page:
1-10 of 251

References

Related

nessus 29
fedora 2
openvas 33
f5 2
cve 24
prion 23
cvelist 22
ubuntucve 23
nvd 23
centos 2
redhat 2
amazon 2
debian 2
oraclelinux 2
ubuntu 1
veracode 3
suse 1
gentoo 1
securityvulns 1
oracle 1
nessus
nessus
MySQL 5.5 < 5.5.20 Multiple Vulnerabilities
2012-01-19 00:00:00
Fedora 15 : mysql-5.5.20-1.fc15 (2012-0987)
2012-02-13 00:00:00
Fedora 16 : mysql-5.5.20-1.fc16 (2012-0972)
2012-02-09 00:00:00
fedora
fedora
[SECURITY] Fedora 16 Update: mysql-5.5.20-1.fc16
2012-02-08 22:53:23
[SECURITY] Fedora 15 Update: mysql-5.5.20-1.fc15
2012-02-12 22:51:41
openvas
openvas
Fedora Update for mysql FEDORA-2012-0972
2012-04-02 00:00:00
Fedora Update for mysql FEDORA-2012-0987
2012-02-13 00:00:00
Fedora Update for mysql FEDORA-2012-0987
2012-02-13 00:00:00
f5
f5
SOL14410 - Multiple MySQL vulnerabilities
2013-05-14 00:00:00
K14410 : Multiple MySQL vulnerabilities
2013-09-17 00:00:00
cve
cve
CVE-2012-0117
2012-01-18 22:55:06
CVE-2012-0495
2012-01-18 22:55:07
CVE-2012-0491
2012-01-18 22:55:07
prion
prion
Design/Logic Flaw
2012-01-18 22:55:00
Design/Logic Flaw
2012-01-18 22:55:00
Design/Logic Flaw
2012-01-18 22:55:00
cvelist
cvelist
CVE-2012-0488
2012-01-18 22:00:00
CVE-2012-0486
2012-01-18 22:00:00
CVE-2012-0495
2012-01-18 22:00:00
ubuntucve
ubuntucve
CVE-2012-0493
2012-01-18 00:00:00
CVE-2012-0489
2012-01-18 00:00:00
CVE-2012-0486
2012-01-18 00:00:00
nvd
nvd
CVE-2012-0486
2012-01-18 22:55:07
CVE-2012-0495
2012-01-18 22:55:07
CVE-2012-0117
2012-01-18 22:55:06
centos
centos
mysql security update
2012-02-08 21:54:27
mysql security update
2012-02-14 03:09:41
redhat
redhat
(RHSA-2012:0105) Important: mysql security update
2012-02-08 00:00:00
(RHSA-2012:0127) Moderate: mysql security update
2012-02-13 00:00:00
amazon
amazon
Important: mysql
2012-02-15 17:18:00
Important: mysql51
2012-11-20 06:26:00
debian
debian
[SECURITY] [DSA 2429-1] mysql-5.1 security update
2012-03-07 20:44:22
[SECURITY] [DSA 2496-1] mysql-5.1 security update
2012-06-18 20:37:59
oraclelinux
oraclelinux
mysql security update
2012-02-08 00:00:00
mysql security update
2012-02-13 00:00:00
ubuntu
ubuntu
MySQL vulnerabilities
2012-03-12 00:00:00
veracode
veracode
Denial Of Service (DoS)
2019-05-02 04:40:59
Denial Of Service (DoS)
2020-04-10 01:11:45
Information Disclosure
2020-04-10 01:09:43
suse
suse
Security update for MySQL (important)
2012-08-13 19:08:39
gentoo
gentoo
MySQL: Multiple vulnerabilities
2013-08-29 00:00:00
securityvulns
securityvulns
Oracle / Sun / People Soft / MySQL applications multiple security vulnerabilities
2012-03-10 00:00:00
oracle
oracle
Oracle Critical Patch Update - January 2012
2012-01-17 00:00:00

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:S/C:N/I:N/A:C

0.017 Low

EPSS

Percentile

88.1%

JSON
Related for OPENSUSE-2012-273.NASL
nessus29fedora2openvas33f52cve24prion23cvelist22ubuntucve23nvd23centos2redhat2amazon2debian2oraclelinux2ubuntu1veracode3suse1gentoo1securityvulns1oracle1