Test ID:	1.3.6.1.4.1.25623.1.1.10.2016.0371
Category:	Mageia Linux Local Security Checks
Title:	Mageia: Security Advisory (MGASA-2016-0371)
Summary:	The remote host is missing an update for the 'mariadb' package(s) announced via the MGASA-2016-0371 advisory.
Description:	Summary: The remote host is missing an update for the 'mariadb' package(s) announced via the MGASA-2016-0371 advisory. Vulnerability Insight: A race condition was found in the way MariaDB performed MyISAM engine table repair. A database user with shell access to the server running mysqld could use this flaw to change permissions of arbitrary files writable by the mysql system user (CVE-2016-6663). This update fixes several vulnerabilities in the MariaDB database server. Information about these flaws can be found on the Oracle Critical Patch Update Advisory page, listed in the References section (CVE-2016-3492, CVE-2016-5584, CVE-2016-5616, CVE-2016-5624, CVE-2016-5626, CVE-2016-5629, CVE-2016-7440, CVE-2016-8283). Affected Software/OS: 'mariadb' package(s) on Mageia 5. Solution: Please install the updated package(s). CVSS Score: 6.8 CVSS Vector: AV:N/AC:L/Au:S/C:N/I:N/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2016-3492 BugTraq ID: 93650 http://www.securityfocus.com/bid/93650 https://security.gentoo.org/glsa/201701-01 RedHat Security Advisories: RHSA-2016:2130 http://rhn.redhat.com/errata/RHSA-2016-2130.html RedHat Security Advisories: RHSA-2016:2131 http://rhn.redhat.com/errata/RHSA-2016-2131.html RedHat Security Advisories: RHSA-2016:2595 http://rhn.redhat.com/errata/RHSA-2016-2595.html RedHat Security Advisories: RHSA-2016:2749 http://rhn.redhat.com/errata/RHSA-2016-2749.html RedHat Security Advisories: RHSA-2016:2927 http://rhn.redhat.com/errata/RHSA-2016-2927.html RedHat Security Advisories: RHSA-2016:2928 http://rhn.redhat.com/errata/RHSA-2016-2928.html http://www.securitytracker.com/id/1037050 Common Vulnerability Exposure (CVE) ID: CVE-2016-5584 BugTraq ID: 93735 http://www.securityfocus.com/bid/93735 Debian Security Information: DSA-3706 (Google Search) http://www.debian.org/security/2016/dsa-3706 Common Vulnerability Exposure (CVE) ID: CVE-2016-5616 Common Vulnerability Exposure (CVE) ID: CVE-2016-5624 BugTraq ID: 93635 http://www.securityfocus.com/bid/93635 Common Vulnerability Exposure (CVE) ID: CVE-2016-5626 BugTraq ID: 93638 http://www.securityfocus.com/bid/93638 Common Vulnerability Exposure (CVE) ID: CVE-2016-5629 BugTraq ID: 93668 http://www.securityfocus.com/bid/93668 Common Vulnerability Exposure (CVE) ID: CVE-2016-6663 BugTraq ID: 92911 http://www.securityfocus.com/bid/92911 BugTraq ID: 93614 http://www.securityfocus.com/bid/93614 https://www.exploit-db.com/exploits/40678/ http://seclists.org/fulldisclosure/2016/Nov/4 https://legalhackers.com/advisories/MySQL-Maria-Percona-PrivEscRace-CVE-2016-6663-5616-Exploit.html http://www.openwall.com/lists/oss-security/2016/10/25/4 RedHat Security Advisories: RHSA-2017:0184 http://rhn.redhat.com/errata/RHSA-2017-0184.html Common Vulnerability Exposure (CVE) ID: CVE-2016-7440 BugTraq ID: 93659 http://www.securityfocus.com/bid/93659 Common Vulnerability Exposure (CVE) ID: CVE-2016-8283 BugTraq ID: 93737 http://www.securityfocus.com/bid/93737
Copyright	Copyright (C) 2022 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.