Lucene search

[email protected]NVD:CVE-2014-0001

HistoryJan 31, 2014 - 11:55 p.m.

CVE-2014-0001

2014-01-3123:55:04

CWE-119

[email protected]

web.nvd.nist.gov

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.1 High

AI Score

Confidence

Low

0.952 High

EPSS

Percentile

99.4%

JSON

Buffer overflow in client/mysql.cc in Oracle MySQL and MariaDB before 5.5.35 allows remote database servers to cause a denial of service (crash) and possibly execute arbitrary code via a long server version string.

Affected configurations

NVD

Node

mariadbmariadbRange≤5.5.34

Node

redhatenterprise_linuxMatch5

redhatenterprise_linuxMatch5client_workstation

redhatenterprise_linuxMatch5server

redhatenterprise_linuxMatch6.0

redhatenterprise_linux_desktopMatch5.0

redhatenterprise_linux_desktopMatch6.0

redhatenterprise_linux_serverMatch6.0

redhatenterprise_linux_workstationMatch6.0

Node

oraclemysqlMatch5.5.0

oraclemysqlMatch5.5.1

oraclemysqlMatch5.5.2

oraclemysqlMatch5.5.3

oraclemysqlMatch5.5.4

oraclemysqlMatch5.5.5

oraclemysqlMatch5.5.6

oraclemysqlMatch5.5.7

oraclemysqlMatch5.5.9

oraclemysqlMatch5.5.10

oraclemysqlMatch5.5.11

oraclemysqlMatch5.5.12

oraclemysqlMatch5.5.13

oraclemysqlMatch5.5.14

oraclemysqlMatch5.5.15

oraclemysqlMatch5.5.16

oraclemysqlMatch5.5.17

oraclemysqlMatch5.5.18

oraclemysqlMatch5.5.19

oraclemysqlMatch5.5.20

oraclemysqlMatch5.5.21

oraclemysqlMatch5.5.22

oraclemysqlMatch5.5.23

oraclemysqlMatch5.5.24

oraclemysqlMatch5.5.25

oraclemysqlMatch5.5.25a

oraclemysqlMatch5.5.26

oraclemysqlMatch5.5.27

oraclemysqlMatch5.5.28

oraclemysqlMatch5.5.29

oraclemysqlMatch5.5.30

oraclemysqlMatch5.5.31

oraclemysqlMatch5.5.32

oraclemysqlMatch5.5.33

oraclemysqlMatch5.5.34

oraclemysqlMatch5.5.35

oraclemysqlMatch5.5.36

Node

oraclemysqlMatch5.6.0

oraclemysqlMatch5.6.1

oraclemysqlMatch5.6.2

oraclemysqlMatch5.6.3

oraclemysqlMatch5.6.4

oraclemysqlMatch5.6.5

oraclemysqlMatch5.6.6

oraclemysqlMatch5.6.7

oraclemysqlMatch5.6.8

oraclemysqlMatch5.6.9

oraclemysqlMatch5.6.10

oraclemysqlMatch5.6.11

oraclemysqlMatch5.6.12

oraclemysqlMatch5.6.13

oraclemysqlMatch5.6.14

oraclemysqlMatch5.6.15

oraclemysqlMatch5.6.16

References

bazaar.launchpad.net/~maria-captains/maria/5.5/revision/2502.565.64

osvdb.org/102713

rhn.redhat.com/errata/RHSA-2014-0164.html

rhn.redhat.com/errata/RHSA-2014-0173.html

rhn.redhat.com/errata/RHSA-2014-0186.html

rhn.redhat.com/errata/RHSA-2014-0189.html

secunia.com/advisories/52161

security.gentoo.org/glsa/glsa-201409-04.xml

www.mandriva.com/security/advisories?name=MDVSA-2014:029

www.osvdb.org/102714

www.securityfocus.com/bid/65298

www.securitytracker.com/id/1029708

bugzilla.redhat.com/show_bug.cgi?id=1054592

exchange.xforce.ibmcloud.com/vulnerabilities/90901

mariadb.com/kb/en/mariadb-5535-changelog/

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.1 High

AI Score

Confidence

Low

0.952 High

EPSS

Percentile

99.4%

JSON

Related for NVD:CVE-2014-0001

nessus22 openvas35 cve1 slackware1 ubuntucve1 checkpoint_advisories1 prion1 cvelist1 debian3 osv2 veracode7 centos4 oraclelinux2 amazon1 redhat4 fedora8 ubuntu1 suse1 gentoo1 oracle1