This script is Copyright (C) 2014 Tenable Network Security, Inc.
The remote database server is affected by multiple vulnerabilities.
The version of MariaDB 5.5 installed on the remote host is a version
prior to 5.5.32. It is, therefore, potentially affected by the
following vulnerabilities :
- Errors exist related to the following subcomponents :
Audit Log, Data Manipulation Language, Full Text Search,
GIS, Server Optimizer, Server Parser and
Server Replication. (CVE-2013-1861, CVE-2013-3783,
CVE-2013-3793, CVE-2013-3802, CVE-2013-3804,
- Errors exist in the files 'sql/item_func.cc',
'sql/sql_table.cc', 'sql/table.cc' and
'storage/innobase/mem/mem0mem.c' that could allow
denial of service attacks. (OSVDB 97781, 97782, 97783,
97785, 97787, 97790, 97792, 97793, 97794, 97796, 97798,
- Errors exist in the functions or methods 'CONVERT_TZ
'setup_ref_array' and 'st_select_lex::nest_last_join'
that could allow denial of service attacks. (OSVDB
97784, 97786, 97788, 97795, 97797, 97799)
- A buffer overflow error exists in the file
'sql/opt_range.cc' in the function
'QUICK_GROUP_MIN_MAX_SELECT::next_min' that could allow
denial of service attacks and possibly arbitrary code
execution (OSVDB 97789)
- An unspecified issue exists in the file 'dbug/dbug.c'
in the macro 'str_to_buf' that has an unspecified
impact. (OSVDB 97791)
See also :
Upgrade to MariaDB 5.5.32 or later.
Risk factor :
High / CVSS Base Score : 8.5
CVSS Temporal Score : 7.4
Public Exploit Available : true
Nessus Plugin ID: 72373 ()
Bugtraq ID: 5851161210612446124961260612646127262085
CVE ID: CVE-2013-1861CVE-2013-3783CVE-2013-3793CVE-2013-3802CVE-2013-3804CVE-2013-3809CVE-2013-3812
The cookie settings on this website are set to 'allow all cookies' to give you the very best website experience. If you continue without changing these settings, you consent to this - but if you want, you can opt out of all cookies by clicking below.