Test ID:	1.3.6.1.4.1.25623.1.0.844684
Category:	Ubuntu Local Security Checks
Title:	Ubuntu: Security Advisory (USN-4603-1)
Summary:	The remote host is missing an update for the 'mariadb-10.1, mariadb-10.3' package(s) announced via the USN-4603-1 advisory.
Description:	Summary: The remote host is missing an update for the 'mariadb-10.1, mariadb-10.3' package(s) announced via the USN-4603-1 advisory. Vulnerability Insight: It was discovered that MariaDB didn't properly validate the content of a packet received from a server. A remote attacker could use this vulnerability to sent a specially crafted file to cause a denial of service. (CVE-2020-13249) It was discovered that MariaDB has other security issues. An attacker can cause a hang or frequently repeatable crash (denial of service). (CVE-2020-15180, CVE-2020-2752, CVE-2020-2760, CVE-2020-2812, CVE-2020-2814) In addition to security fixes, the updated packages contain bug fixes, new features, and possibly incompatible changes. Affected Software/OS: 'mariadb-10.1, mariadb-10.3' package(s) on Ubuntu 18.04, Ubuntu 20.04. Solution: Please install the updated package(s). CVSS Score: 6.8 CVSS Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2020-13249 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UW2ED32VEUHXFN2J3YQE27JIBV4SC2PI/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X4X2BMF3EILMTXGOZDTPYS3KT5VWLA2P/ https://github.com/mariadb-corporation/mariadb-connector-c/commit/2759b87d72926b7c9b5426437a7c8dd15ff57945 https://github.com/mariadb-corporation/mariadb-connector-c/compare/v3.1.7...v3.1.8 SuSE Security Announcement: openSUSE-SU-2020:0738 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00064.html SuSE Security Announcement: openSUSE-SU-2020:0870 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00054.html Common Vulnerability Exposure (CVE) ID: CVE-2020-15180 Debian Security Information: DSA-4776 (Google Search) https://www.debian.org/security/2020/dsa-4776 https://security.gentoo.org/glsa/202011-14 https://bugzilla.redhat.com/show_bug.cgi?id=1894919 https://lists.debian.org/debian-lts-announce/2020/10/msg00021.html Common Vulnerability Exposure (CVE) ID: CVE-2020-2752 https://security.gentoo.org/glsa/202012-08 https://security.gentoo.org/glsa/202105-27 https://www.oracle.com/security-alerts/cpuapr2020.html Common Vulnerability Exposure (CVE) ID: CVE-2020-2760 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SDGBQYS3A36S4CAZPV5YROHYXYZR6LAH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TSVLI36TYRTPQGCS24VZQUXCUFOUW4VQ/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/77REFDB7DE4WNKQIRGZTF53RFBQOXQLC/ https://usn.ubuntu.com/4350-1/ Common Vulnerability Exposure (CVE) ID: CVE-2020-2812 Common Vulnerability Exposure (CVE) ID: CVE-2020-2814
Copyright	Copyright (C) 2020 Greenbone AG

This is only one of 146377 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.