Ubuntu.comUB:CVE-2013-1492CVE-2013-1492
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
EPSS
Percentile
90.4%
Buffer overflow in yaSSL, as used in MySQL 5.1.x before 5.1.68 and 5.5.x
before 5.5.30, has unspecified impact and attack vectors, a different
vulnerability than CVE-2012-0553.
Notes
| Author | Note |
|---|---|
| jdstrand | mysql-cluster-7.0 not supported per Ubuntu Server team As of 2012/01/09, Oracle no longer supports MySQL 5.0. Unfortunately, because of upstream update and commit policies it is not possible to backport patches from later releases. Ubuntu is regrettably unable to support MySQL 5.0 and users are encouraged to upgrade to Ubuntu 10.04 LTS or later. |
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| ubuntu | 11.10 | noarch | mysql-5.1 | < 5.1.69-0ubuntu0.11.10.1 | UNKNOWN |
| ubuntu | 12.04 | noarch | mysql-5.5 | < 5.5.31-0ubuntu0.12.04.1 | UNKNOWN |
| ubuntu | 12.10 | noarch | mysql-5.5 | < 5.5.31-0ubuntu0.12.10.1 | UNKNOWN |
| ubuntu | 13.04 | noarch | mysql-5.5 | < 5.5.31-0ubuntu0.13.04.1 | UNKNOWN |
| ubuntu | 10.04 | noarch | mysql-dfsg-5.1 | < 5.1.69-0ubuntu0.10.04.1 | UNKNOWN |
References
dev.mysql.com/doc/relnotes/mysql/5.1/en/news-5-1-68.html
dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-30.html
secunia.com/advisories/52445
blogs.oracle.com/sunsecurity/entry/cve_2013_1492_buffer_overflow
launchpad.net/bugs/cve/CVE-2013-1492
nvd.nist.gov/vuln/detail/CVE-2013-1492
security-tracker.debian.org/tracker/CVE-2013-1492
ubuntu.com/security/notices/USN-1807-1
ubuntu.com/security/notices/USN-1807-2
www.cve.org/CVERecord?id=CVE-2013-1492
Related
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
EPSS
Percentile
90.4%