CVE-2013-0389

2013-01-1600:00:00

ubuntu.com

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:S/C:N/I:N/A:C

0.003 Low

EPSS

Percentile

68.7%

JSON

Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66
and earlier, and 5.5.28 and earlier, allows remote authenticated users to
affect availability via unknown vectors related to Server Optimizer.

Bugs

<https://launchpad.net/bugs/1100264>

Notes

Author	Note
jdstrand	mysql-cluster-7.0 not supported per Ubuntu Server team As of 2012/01/09, Oracle no longer supports MySQL 5.0. Unfortunately, because of upstream update and commit policies it is not possible to backport patches from later releases. Ubuntu is regrettably unable to support MySQL 5.0 and users are encouraged to upgrade to Ubuntu 10.04 LTS or later.

OSVersionArchitecturePackageVersionFilename
ubuntu11.10noarchmysql-5.1< 5.1.67-0ubuntu0.11.10.1UNKNOWN
ubuntu12.04noarchmysql-5.5< 5.5.29-0ubuntu0.12.04.1UNKNOWN
ubuntu12.10noarchmysql-5.5< 5.5.29-0ubuntu0.12.10.1UNKNOWN
ubuntu10.04noarchmysql-dfsg-5.1< 5.1.67-0ubuntu0.10.04.1UNKNOWN

OS	Version	Architecture	Package	Version	Filename
ubuntu	11.10	noarch	mysql-5.1	< 5.1.67-0ubuntu0.11.10.1	UNKNOWN
ubuntu	12.04	noarch	mysql-5.5	< 5.5.29-0ubuntu0.12.04.1	UNKNOWN
ubuntu	12.10	noarch	mysql-5.5	< 5.5.29-0ubuntu0.12.10.1	UNKNOWN
ubuntu	10.04	noarch	mysql-dfsg-5.1	< 5.1.67-0ubuntu0.10.04.1	UNKNOWN