How to Buy
This script is Copyright (C) 2014-2016 Tenable Network Security, Inc.
The remote database server is affected by multiple vulnerabilities.
The version of MariaDB 5.5 running on the remote host is a version
prior to 5.5.32. It is, therefore, potentially affected by the
following vulnerabilities :
- Errors exist related to the following subcomponents :
Audit Log, Data Manipulation Language, Full Text Search,
GIS, Server Optimizer, Server Parser and
Server Replication. (CVE-2013-1861, CVE-2013-3783,
CVE-2013-3793, CVE-2013-3802, CVE-2013-3804,
- Errors exist in the files 'sql/item_func.cc',
'sql/sql_table.cc', 'sql/table.cc' and
'storage/innobase/mem/mem0mem.c' that could allow
denial of service attacks. (VulnDB 97781, 97782, 97783,
97785, 97787, 97790, 97792, 97793, 97794, 97796, 97798,
- Errors exist in the functions or methods 'CONVERT_TZ
'setup_ref_array' and 'st_select_lex::nest_last_join'
that could allow denial of service attacks. (VulnDB
97784, 97786, 97788, 97795, 97797, 97799)
- A buffer overflow error exists in the file
'sql/opt_range.cc' in the function
'QUICK_GROUP_MIN_MAX_SELECT::next_min' that could allow
denial of service attacks and possibly arbitrary code
execution (VulnDB 97789)
- An unspecified issue exists in the file 'dbug/dbug.c'
in the macro 'str_to_buf' that has an unspecified
impact. (VulnDB 97791)
See also :
Upgrade to MariaDB version 5.5.32 or later.
Risk factor :
High / CVSS Base Score : 8.5
CVSS Temporal Score : 7.4
Public Exploit Available : true
Nessus Plugin ID: 72373 ()
Bugtraq ID: 5851161210612446124961260612646127262085
CVE ID: CVE-2013-1861CVE-2013-3783CVE-2013-3793CVE-2013-3802CVE-2013-3804CVE-2013-3809CVE-2013-3812
Get Nessus Professional to scan unlimited IPs, run compliance checks & more
The cookie settings on this website are set to 'allow all cookies' to give you the very best website experience. If you continue without changing these settings, you consent to this - but if you want, you can opt out of all cookies by clicking below.