[FREEBSD:E3445736-FD01-11E7-AC58-B499BAEBFEAF] MySQL -- multiple vulnerabilities
Severity
High
Affected Packages
10
CVEs
20
Oracle reports:
Not all vulnerabilities are relevant for all flavors/versions of the
servers and clients
Vulnerability allows low privileged attacker with network access
via multiple protocols to compromise MySQL Server. Successful attacks
of this vulnerability can result in unauthorized ability to cause a
hang or frequently repeatable crash (complete DOS) of MySQL Server.
GIS: CVE-2018-2573, DDL CVE-2018-2622, Optimizer: CVE-2018-2640,
CVE-2018-2665, CVE-2018-2668, Security:Privileges: CVE-2018-2703,
Partition: CVE-2018-2562.
Vulnerability allows high privileged attacker with network access
via multiple protocols to compromise MySQL Server. Successful attacks
of this vulnerability can result in unauthorized ability to cause a
hang or frequently repeatable crash (complete DOS) of MySQL Server.
InnoDB: CVE-2018-2565, CVE-2018-2612 DML: CVE-2018-2576,
CVE-2018-2646, Stored Procedure: CVE-2018-2583, Performance Schema:
CVE-2018-2590, Partition: CVE-2018-2591, Optimizer: CVE-2018-2600,
CVE-2018-2667, Security:Privileges: CVE-2018-2696, Replication:
CVE-2018-2647.
Vulnerability allows a low or high privileged attacker with network
access via multiple protocols to compromise MySQL Server with
unauthorized creation, deletion, modification or access to data/
critical data. InnoDB: CVE-2018-2612, Performance Schema:
CVE-2018-2645, Replication: CVE-2018-2647, Partition: CVE-2018-2562.
Package | Affected Version |
---|---|
pkg:freebsd/percona57-server | < 5.7.21 |
pkg:freebsd/percona56-server | < 5.6.39 |
pkg:freebsd/percona55-server | < 5.5.59 |
pkg:freebsd/mysql57-server | < 5.7.21 |
pkg:freebsd/mysql56-server | < 5.6.39 |
pkg:freebsd/mysql55-server | < 5.5.59 |
pkg:freebsd/mariadb55-server | < 5.5.59 |
pkg:freebsd/mariadb102-server | < 10.2.13 |
pkg:freebsd/mariadb101-server | < 10.1.31 |
pkg:freebsd/mariadb100-server | < 10.0.34 |
- ID
- FREEBSD:E3445736-FD01-11E7-AC58-B499BAEBFEAF
- Severity
- high
- Severity from
- CVE-2018-2696
- URL
- http://vuxml.freebsd.org/freebsd/e3445736-fd01-11e7-ac58-b499baebfeaf.html
- Published
-
2017-01-18T00:00:00
(7 years ago) - Modified
-
2018-01-19T00:00:00
(6 years ago) - Rights
- FreeBSD VuXML Security Team
- Other Advisories
-
- ALAS-2018-969
- ALAS2-2018-1078
- ALPINE:CVE-2018-2562
- ALPINE:CVE-2018-2612
- ALPINE:CVE-2018-2622
- ALPINE:CVE-2018-2640
- ALPINE:CVE-2018-2665
- ALPINE:CVE-2018-2668
- DSA-4091-1
- DSA-4341-1
- ELSA-2018-2439
- FEDORA-2018-00647ae0d5
- FEDORA-2018-02c0e3725e
- FEDORA-2018-394bf4fb5a
- FEDORA-2018-83bbd0c22f
- FEDORA-2018-d553b29a30
- GLSA-201802-04
- RHSA-2018:2439
- SSA:2018-032-01
- SUSE-SU-2018:0422-1
- SUSE-SU-2018:0697-1
- SUSE-SU-2018:0698-1
- SUSE-SU-2018:1853-1
- USN-3537-1
- USN-3537-2
Source | # ID | Name | URL |
---|---|---|---|
FreeBSD VuXML | http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html#AppendixMSQL | ||
FreeBSD VuXML | https://mariadb.com/kb/en/library/mariadb-5559-release-notes/ |
Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
---|---|---|---|---|---|---|---|
Affected | pkg:freebsd/percona57-server | percona57-server | < 5.7.21 | ||||
Affected | pkg:freebsd/percona56-server | percona56-server | < 5.6.39 | ||||
Affected | pkg:freebsd/percona55-server | percona55-server | < 5.5.59 | ||||
Affected | pkg:freebsd/mysql57-server | mysql57-server | < 5.7.21 | ||||
Affected | pkg:freebsd/mysql56-server | mysql56-server | < 5.6.39 | ||||
Affected | pkg:freebsd/mysql55-server | mysql55-server | < 5.5.59 | ||||
Affected | pkg:freebsd/mariadb55-server | mariadb55-server | < 5.5.59 | ||||
Affected | pkg:freebsd/mariadb102-server | mariadb102-server | < 10.2.13 | ||||
Affected | pkg:freebsd/mariadb101-server | mariadb101-server | < 10.1.31 | ||||
Affected | pkg:freebsd/mariadb100-server | mariadb100-server | < 10.0.34 |
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |