Search 211766 CVE descriptions
and 97459 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:
Category:Red Hat Local Security Checks
Title:RedHat Update for mariadb RHSA-2015:1665-01
Summary:The remote host is missing an update for the 'mariadb'; package(s) announced via the referenced advisory.
The remote host is missing an update for the 'mariadb'
package(s) announced via the referenced advisory.

Vulnerability Insight:
MariaDB is a multi-user, multi-threaded SQL database server that is binary
compatible with MySQL.

It was found that the MySQL client library permitted but did not require
a client to use SSL/TLS when establishing a secure connection to a MySQL
server using the '--ssl' option. A man-in-the-middle attacker
could use this flaw to strip the SSL/TLS protection from a connection
between a client and a server. (CVE-2015-3152)

This update fixes several vulnerabilities in the MariaDB database server.
Information about these flaws can be found on the Oracle Critical Patch
Update Advisory page, listed in the References section. (CVE-2015-0501,
CVE-2015-2568, CVE-2015-0499, CVE-2015-2571, CVE-2015-0433, CVE-2015-0441,
CVE-2015-0505, CVE-2015-2573, CVE-2015-2582, CVE-2015-2620, CVE-2015-2643,
CVE-2015-2648, CVE-2015-4737, CVE-2015-4752, CVE-2015-4757)

These updated packages upgrade MariaDB to version 5.5.44. Refer to the
MariaDB Release Notes listed in the References section for a complete list
of changes.

All MariaDB users should upgrade to these updated packages, which correct
these issues. After installing this update, the MariaDB server daemon
(mysqld) will be restarted automatically.

Affected Software/OS:
mariadb on Red Hat Enterprise Linux Server (v. 7)

Please Install the Updated Packages.

CVSS Score:

CVSS Vector:

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2015-0433
Debian Security Information: DSA-3229 (Google Search)
Debian Security Information: DSA-3311 (Google Search)
RedHat Security Advisories: RHSA-2015:1628
RedHat Security Advisories: RHSA-2015:1629
RedHat Security Advisories: RHSA-2015:1647
RedHat Security Advisories: RHSA-2015:1665
SuSE Security Announcement: SUSE-SU-2015:0946 (Google Search)
Common Vulnerability Exposure (CVE) ID: CVE-2015-0441
Common Vulnerability Exposure (CVE) ID: CVE-2015-0499
Common Vulnerability Exposure (CVE) ID: CVE-2015-0501
Common Vulnerability Exposure (CVE) ID: CVE-2015-0505
BugTraq ID: 74112
Common Vulnerability Exposure (CVE) ID: CVE-2015-2568
BugTraq ID: 74073
Common Vulnerability Exposure (CVE) ID: CVE-2015-2571
BugTraq ID: 74095
Common Vulnerability Exposure (CVE) ID: CVE-2015-2573
BugTraq ID: 74078
Common Vulnerability Exposure (CVE) ID: CVE-2015-2582
BugTraq ID: 75751
Debian Security Information: DSA-3308 (Google Search)
RedHat Security Advisories: RHSA-2015:1630
RedHat Security Advisories: RHSA-2015:1646
SuSE Security Announcement: openSUSE-SU-2015:1629 (Google Search)
Common Vulnerability Exposure (CVE) ID: CVE-2015-2620
BugTraq ID: 75837
Common Vulnerability Exposure (CVE) ID: CVE-2015-2643
BugTraq ID: 75830
Common Vulnerability Exposure (CVE) ID: CVE-2015-2648
BugTraq ID: 75822
Common Vulnerability Exposure (CVE) ID: CVE-2015-3152
BugTraq ID: 74398
Bugtraq: 20150429 [oCERT-2015-003] MySQL SSL/TLS downgrade (Google Search)
Common Vulnerability Exposure (CVE) ID: CVE-2015-4737
BugTraq ID: 75802
Common Vulnerability Exposure (CVE) ID: CVE-2015-4752
BugTraq ID: 75849
Common Vulnerability Exposure (CVE) ID: CVE-2015-4757
BugTraq ID: 75759
CopyrightCopyright (C) 2015 Greenbone Networks GmbH

This is only one of 97459 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.

© 1998-2021 E-Soft Inc. All rights reserved.