Lucene search
Copyright (C) 2021 Greenbone Networks GmbHOPENVAS:1361412562310117741HistoryOct 22, 2021 - 12:00 a.m.
Oracle MySQL Server <= 5.7.35 / 8.0 <= 8.0.26 Security Update (cpuoct2021) - Windows
2021-10-2200:00:00
Copyright (C) 2021 Greenbone Networks GmbH
plugins.openvas.org
14
vulnerability
mysql
oracle
security update
windows
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
CVSS3
9.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
7
Confidence
Low
EPSS
0.068
Percentile
93.9%
Oracle MySQL Server is prone to multiple vulnerabilities.
# Copyright (C) 2021 Greenbone Networks GmbH
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-or-later
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 2
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
CPE = "cpe:/a:oracle:mysql";
if (description)
{
script_oid("1.3.6.1.4.1.25623.1.0.117741");
script_version("2021-10-23T08:58:44+0000");
script_tag(name:"last_modification", value:"2021-10-23 08:58:44 +0000 (Sat, 23 Oct 2021)");
script_tag(name:"creation_date", value:"2021-10-22 07:55:48 +0000 (Fri, 22 Oct 2021)");
script_tag(name:"cvss_base", value:"7.5");
script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:P/I:P/A:P");
script_tag(name:"severity_vector", value:"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H");
script_tag(name:"severity_origin", value:"NVD");
script_tag(name:"severity_date", value:"2021-08-31 16:37:00 +0000 (Tue, 31 Aug 2021)");
# The patch for CVE-2021-22926 also addresses CVE-2021-22922, CVE-2021-22923, CVE-2021-22924, CVE-2021-22925, CVE-2021-22945, CVE-2021-22946 and CVE-2021-22947.
# The patch for CVE-2021-3711 also addresses CVE-2021-3712.
script_cve_id("CVE-2021-3711", "CVE-2021-22926", "CVE-2021-35604", "CVE-2021-35624", "CVE-2021-22922",
"CVE-2021-22923", "CVE-2021-22924", "CVE-2021-22925", "CVE-2021-22945", "CVE-2021-22946",
"CVE-2021-22947", "CVE-2021-3712");
script_tag(name:"qod_type", value:"remote_banner");
script_tag(name:"solution_type", value:"VendorFix");
script_name("Oracle MySQL Server <= 5.7.35 / 8.0 <= 8.0.26 Security Update (cpuoct2021) - Windows");
script_category(ACT_GATHER_INFO);
script_copyright("Copyright (C) 2021 Greenbone Networks GmbH");
script_family("Databases");
script_dependencies("mysql_version.nasl", "os_detection.nasl");
script_mandatory_keys("oracle/mysql/detected", "Host/runs_windows");
script_tag(name:"summary", value:"Oracle MySQL Server is prone to multiple vulnerabilities.");
script_tag(name:"vuldetect", value:"Checks if a vulnerable version is present on the target host.");
script_tag(name:"affected", value:"Oracle MySQL Server version 5.7.35 and prior and 8.0 through 8.0.26.");
script_tag(name:"solution", value:"Update to version 5.7.36, 8.0.27 or later.");
script_xref(name:"URL", value:"https://www.oracle.com/security-alerts/cpuoct2021.html#AppendixMSQL");
script_xref(name:"Advisory-ID", value:"cpuoct2021");
exit(0);
}
include("host_details.inc");
include("version_func.inc");
if (isnull(port = get_app_port(cpe: CPE)))
exit(0);
if (!infos = get_app_version_and_location(cpe: CPE, port: port, exit_no_version: TRUE))
exit(0);
version = infos["version"];
location = infos["location"];
if (version_is_less_equal(version: version, test_version: "5.7.35")) {
report = report_fixed_ver(installed_version: version, fixed_version: "5.7.36", install_path: location);
security_message(port: port, data: report);
exit(0);
}
else if (version_in_range(version: version, test_version: "8.0", test_version2: "8.0.26")) {
report = report_fixed_ver(installed_version: version, fixed_version: "8.0.27", install_path: location);
security_message(port: port, data: report);
exit(0);
}
exit(99);Related
openvas
openvas
Oracle MySQL Server <= 5.7.35 / 8.0 <= 8.0.26 Security Update (cpuoct2021) - Linux
2021-10-22 00:00:00
Fedora: Security Advisory for curl (FEDORA-2021-c5584b92d4)
2021-09-22 00:00:00
Huawei EulerOS: Security Advisory for curl (EulerOS-SA-2021-2769)
2021-11-17 00:00:00
fedora
fedora
[SECURITY] Fedora 34 Update: curl-7.76.1-12.fc34
2021-09-21 15:33:29
[SECURITY] Fedora 33 Update: curl-7.71.1-11.fc33
2021-10-02 01:10:15
[SECURITY] Fedora 33 Update: curl-7.71.1-10.fc33
2021-08-07 01:14:48
nessus
nessus
EulerOS Virtualization 2.9.0 : curl (EulerOS-SA-2021-2769)
2021-11-17 00:00:00
EulerOS 2.0 SP9 : curl (EulerOS-SA-2021-2707)
2021-11-11 00:00:00
EulerOS Virtualization 2.9.1 : curl (EulerOS-SA-2021-2751)
2021-11-17 00:00:00
slackware
slackware
[slackware-security] curl
2021-07-21 18:22:03
[slackware-security] curl
2021-09-16 03:11:12
suse
suse
Security update for curl (moderate)
2021-07-24 00:00:00
Security update for curl (moderate)
2021-07-21 00:00:00
Security update for curl (moderate)
2021-10-18 00:00:00
photon
photon
Moderate Photon OS Security Update - PHSA-2021-0069
2021-07-25 00:00:00
Moderate Photon OS Security Update - PHSA-2021-0273
2021-07-24 00:00:00
Moderate Photon OS Security Update - PHSA-2021-4.0-0069
2021-07-25 00:00:00
mageia
mageia
Updated curl packages fix security vulnerabilities
2021-07-27 23:21:53
Updated curl packages fix security vulnerability
2021-09-23 07:49:29
Updated mysql-connector-c++ packages fix security vulnerability
2022-01-25 15:13:11
ibm
ibm
redhat
redhat
(RHSA-2021:3582) Moderate: curl security update
2021-09-21 07:12:18
(RHSA-2022:1354) Moderate: rh-dotnet31-curl security update
2022-04-13 13:42:42
(RHSA-2021:3903) Moderate: curl security update
2021-10-19 06:26:14
oraclelinux
oraclelinux
curl security update
2021-09-21 00:00:00
curl security update
2021-11-02 00:00:00
almalinux
almalinux
Moderate: curl security update
2021-09-21 07:12:18
Moderate: curl security update
2021-11-02 07:49:01
archlinux
archlinux
[ASA-202107-59] curl: multiple issues
2021-07-21 00:00:00
amazon
amazon
rocky
rocky
curl security update
2021-09-21 07:12:18
curl security update
2021-11-02 07:49:01
ubuntu
ubuntu
curl vulnerabilities
2021-09-21 00:00:00
curl vulnerabilities
2021-09-15 00:00:00
MySQL vulnerabilities
2021-10-25 00:00:00
osv
osv
Moderate: curl security update
2021-09-21 07:12:18
curl vulnerabilities
2021-09-21 11:34:54
curl vulnerabilities
2021-09-15 11:11:13
cloudfoundry
cloudfoundry
USN-5079-1: curl vulnerabilities | Cloud Foundry
2021-10-28 00:00:00
freebsd
freebsd
cURL -- Multiple vulnerabilities
2021-09-15 00:00:00
cURL -- Multiple vulnerabilities
2021-07-21 00:00:00
OpenSSL -- multiple vulnerabilities
2021-08-24 00:00:00
debian
debian
[SECURITY] [DLA 2773-1] curl security update
2021-09-30 21:58:49
[SECURITY] [DSA 4963-1] openssl security update
2021-08-24 15:16:08
thn
thn
QNAP Working on Patches for OpenSSL Flaws Affecting its NAS Devices
2021-09-01 07:11:00
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
CVSS3
9.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
7
Confidence
Low
EPSS
0.068
Percentile
93.9%
Related for OPENVAS:1361412562310117741