English | Deutsch | Español
 
Home ▼
Home About Us Contact Us Privacy Partner Programs Testimonials In Press Mailing Lists Abuse Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
Security
Audits ▼
Home Dedicated audits Advanced audits Standard audits Recurring audits No Risk audits Desktop audits Basic audit Security Seal FAQ Price/Feature Summary Order New Tests All Tests Confidentiality Vulnerability search Run Audit Scheduler IP Permissions Audit Configuration Editor Scan Queue Reminder Notification Schedule Seal Reports Reports Style Editor
Managed
DNS ▼
About Order FAQ Acceptable Use Policy Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password
Network
Monitor ▼
Enterprise Package Advanced Package Standard Package Free Trial FAQ Price/Feature Summary Order/Renew Examples
Configure/Status Alert Profiles
Research
Reports ▼
Home FAQ Glossary Archive
 Login/Register 
 
 Vulnerability   
Search   		     Search 324607 CVE descriptions
and 145615 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.120161
Category:Amazon Linux Local Security Checks
Title:Amazon Linux: Security Advisory (ALAS-2014-298)
Summary:The remote host is missing an update for the 'mysql51' package(s) announced via the ALAS-2014-298 advisory.
Description:Summary:
The remote host is missing an update for the 'mysql51' package(s) announced via the ALAS-2014-298 advisory.

Vulnerability Insight:
This update fixes several vulnerabilities in the MySQL database server. (CVE-2014-0386, CVE-2014-0393, CVE-2014-0401, CVE-2014-0402, CVE-2014-0412, CVE-2014-0437, CVE-2013-5908)

A buffer overflow flaw was found in the way the MySQL command line client tool (mysql) processed excessively long version strings. If a user connected to a malicious MySQL server via the mysql client, the server could use this flaw to crash the mysql client or, potentially, execute arbitrary code as the user running the mysql client. (CVE-2014-0001)

Affected Software/OS:
'mysql51' package(s) on Amazon Linux.

Solution:
Please install the updated package(s).

CVSS Score:
7.5

CVSS Vector:
AV:N/AC:L/Au:N/C:P/I:P/A:P

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2013-5908
BugTraq ID: 64758
http://www.securityfocus.com/bid/64758
BugTraq ID: 64896
http://www.securityfocus.com/bid/64896
Debian Security Information: DSA-2845 (Google Search)
http://www.debian.org/security/2014/dsa-2845
Debian Security Information: DSA-2848 (Google Search)
http://www.debian.org/security/2014/dsa-2848
http://security.gentoo.org/glsa/glsa-201409-04.xml
http://osvdb.org/102078
RedHat Security Advisories: RHSA-2014:0164
http://rhn.redhat.com/errata/RHSA-2014-0164.html
RedHat Security Advisories: RHSA-2014:0173
http://rhn.redhat.com/errata/RHSA-2014-0173.html
RedHat Security Advisories: RHSA-2014:0186
http://rhn.redhat.com/errata/RHSA-2014-0186.html
RedHat Security Advisories: RHSA-2014:0189
http://rhn.redhat.com/errata/RHSA-2014-0189.html
http://secunia.com/advisories/56491
http://secunia.com/advisories/56541
http://secunia.com/advisories/56580
http://ubuntu.com/usn/usn-2086-1
XForce ISS Database: oracle-cpujan2014-cve20135908(90389)
https://exchange.xforce.ibmcloud.com/vulnerabilities/90389
Common Vulnerability Exposure (CVE) ID: CVE-2014-0001
102713
http://osvdb.org/102713
102714
http://www.osvdb.org/102714
1029708
http://www.securitytracker.com/id/1029708
52161
http://secunia.com/advisories/52161
65298
http://www.securityfocus.com/bid/65298
GLSA-201409-04
MDVSA-2014:029
http://www.mandriva.com/security/advisories?name=MDVSA-2014:029
RHSA-2014:0164
RHSA-2014:0173
RHSA-2014:0186
RHSA-2014:0189
http://bazaar.launchpad.net/~maria-captains/maria/5.5/revision/2502.565.64
https://bugzilla.redhat.com/show_bug.cgi?id=1054592
https://mariadb.com/kb/en/mariadb-5535-changelog/
mysql-cve20140001-bo(90901)
https://exchange.xforce.ibmcloud.com/vulnerabilities/90901
Common Vulnerability Exposure (CVE) ID: CVE-2014-0386
BugTraq ID: 64904
http://www.securityfocus.com/bid/64904
http://osvdb.org/102069
XForce ISS Database: oracle-cpujan2014-cve20140386(90380)
https://exchange.xforce.ibmcloud.com/vulnerabilities/90380
Common Vulnerability Exposure (CVE) ID: CVE-2014-0393
BugTraq ID: 64877
http://www.securityfocus.com/bid/64877
http://osvdb.org/102075
XForce ISS Database: oracle-cpujan2014-cve20140393(90386)
https://exchange.xforce.ibmcloud.com/vulnerabilities/90386
Common Vulnerability Exposure (CVE) ID: CVE-2014-0401
BugTraq ID: 64898
http://www.securityfocus.com/bid/64898
http://osvdb.org/102071
XForce ISS Database: oracle-cpujan2014-cve20140401(90382)
https://exchange.xforce.ibmcloud.com/vulnerabilities/90382
Common Vulnerability Exposure (CVE) ID: CVE-2014-0402
BugTraq ID: 64908
http://www.securityfocus.com/bid/64908
http://osvdb.org/102068
XForce ISS Database: oracle-cpujan2014-cve20140402(90379)
https://exchange.xforce.ibmcloud.com/vulnerabilities/90379
Common Vulnerability Exposure (CVE) ID: CVE-2014-0412
BugTraq ID: 64880
http://www.securityfocus.com/bid/64880
http://osvdb.org/102067
XForce ISS Database: oracle-cpujan2014-cve20140412(90378)
https://exchange.xforce.ibmcloud.com/vulnerabilities/90378
Common Vulnerability Exposure (CVE) ID: CVE-2014-0437
BugTraq ID: 64849
http://www.securityfocus.com/bid/64849
http://osvdb.org/102074
XForce ISS Database: oracle-cpujan2014-cve20140437(90385)
https://exchange.xforce.ibmcloud.com/vulnerabilities/90385
CopyrightCopyright (C) 2015 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.



© 1998-2025 E-Soft Inc. All rights reserved.