CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:L/Au:S/C:N/I:N/A:C
AI Score
Confidence
High
EPSS
Percentile
82.9%
Check the version of mariadb
# SPDX-FileCopyrightText: 2014 Greenbone AG
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only
if(description)
{
script_oid("1.3.6.1.4.1.25623.1.0.882083");
script_version("2023-07-10T08:07:43+0000");
script_tag(name:"last_modification", value:"2023-07-10 08:07:43 +0000 (Mon, 10 Jul 2023)");
script_tag(name:"creation_date", value:"2014-11-18 06:38:11 +0100 (Tue, 18 Nov 2014)");
script_cve_id("CVE-2014-2494", "CVE-2014-4207", "CVE-2014-4243", "CVE-2014-4258",
"CVE-2014-4260", "CVE-2014-4274", "CVE-2014-4287", "CVE-2014-6463",
"CVE-2014-6464", "CVE-2014-6469", "CVE-2014-6484", "CVE-2014-6505",
"CVE-2014-6507", "CVE-2014-6520", "CVE-2014-6530", "CVE-2014-6551",
"CVE-2014-6555", "CVE-2014-6559");
script_tag(name:"cvss_base", value:"6.8");
script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:S/C:N/I:N/A:C");
script_name("CentOS Update for mariadb CESA-2014:1861 centos7");
script_tag(name:"summary", value:"Check the version of mariadb");
script_tag(name:"vuldetect", value:"Checks if a vulnerable version is present on the target host.");
script_tag(name:"insight", value:"MariaDB is a multi-user, multi-threaded SQL
database server that is binary compatible with MySQL.
This update fixes several vulnerabilities in the MariaDB database server.
Information about these flaws can be found on the Oracle Critical Patch
Update Advisory page, listed in the References section. (CVE-2014-2494,
CVE-2014-4207, CVE-2014-4243, CVE-2014-4258, CVE-2014-4260, CVE-2014-4287,
CVE-2014-4274, CVE-2014-6463, CVE-2014-6464, CVE-2014-6469, CVE-2014-6484,
CVE-2014-6505, CVE-2014-6507, CVE-2014-6520, CVE-2014-6530, CVE-2014-6551,
CVE-2014-6555, CVE-2014-6559)
These updated packages upgrade MariaDB to version 5.5.40. Refer to the
MariaDB Release Notes listed in the References section for a complete list
of changes.
All MariaDB users should upgrade to these updated packages, which correct
these issues. After installing this update, the MariaDB server daemon
(mysqld) will be restarted automatically.");
script_tag(name:"affected", value:"mariadb on CentOS 7");
script_tag(name:"solution", value:"Please install the updated packages.");
script_tag(name:"qod_type", value:"package");
script_tag(name:"solution_type", value:"VendorFix");
script_xref(name:"CESA", value:"2014:1861");
script_xref(name:"URL", value:"http://lists.centos.org/pipermail/centos-announce/2014-November/020761.html");
script_category(ACT_GATHER_INFO);
script_copyright("Copyright (C) 2014 Greenbone AG");
script_family("CentOS Local Security Checks");
script_dependencies("gather-package-list.nasl");
script_mandatory_keys("ssh/login/centos", "ssh/login/rpms", re:"ssh/login/release=CentOS7");
exit(0);
}
include("revisions-lib.inc");
include("pkg-lib-rpm.inc");
release = rpm_get_ssh_release();
if(!release)
exit(0);
res = "";
if(release == "CentOS7")
{
if ((res = isrpmvuln(pkg:"mariadb", rpm:"mariadb~5.5.40~1.el7_0", rls:"CentOS7")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"mariadb-bench", rpm:"mariadb-bench~5.5.40~1.el7_0", rls:"CentOS7")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"mariadb-devel", rpm:"mariadb-devel~5.5.40~1.el7_0", rls:"CentOS7")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"mariadb-embedded", rpm:"mariadb-embedded~5.5.40~1.el7_0", rls:"CentOS7")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"mariadb-embedded-devel", rpm:"mariadb-embedded-devel~5.5.40~1.el7_0", rls:"CentOS7")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"mariadb-libs", rpm:"mariadb-libs~5.5.40~1.el7_0", rls:"CentOS7")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"mariadb-server", rpm:"mariadb-server~5.5.40~1.el7_0", rls:"CentOS7")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"mariadb-test", rpm:"mariadb-test~5.5.40~1.el7_0", rls:"CentOS7")) != NULL)
{
security_message(data:res);
exit(0);
}
if (__pkg_match) exit(99);
exit(0);
}